After working with unix for years, we noticed it is difficult to get a very uniform approach to unix management.
Often different Linux distributions share very little, configuration is different every time. Worst, some good unix tools (like cron, syslog, etc) can be used in a distributed environment, but are very difficult to configure, very user unfriendly and so on.
OpenPKG is a very clever stuff, because enable you to install multiple copies of the same software with minimal effort.
CFEngine is “an automated suite of programs for configuring and maintaining Unix-like computers.”
One of the strong ideas, is the cfengine ability to “self-repair” configuration, which brings with it the idea of “live” system.
On the FAQ we also read:
Cfengine does not inflict a model on you like most other tools for configuration. But it does inflict a security principle on you. Computers running cfengine never have to give up their autonomy to be part of a configuration collective. Pushing information to cfengine is strictly disallowed. Most users agree that this has kept cfengine users secure over the years.
Looking at “Automating UNIX and Linux Administration” you can find a deep description of these tools.
An older tool is kanif.