Russell Adams wrote:
> I run puppet via cron as my local user, for basic stuff. One of my
> favorites is an auto-cleaning temporary directory. I throw cruft in
> here, and I won't miss it after two weeks, and no more manual cleanup.
>
> For example, my ~/.puppet.pp:
>
> tidy { "/home/rladams/tmp":
> age => "2w"
> , backup => false
> , recurse => true
> , rmdirs => true
> , type => "mtime"
> }
>
> Crontab:
> 0 5 * * * /usr/bin/puppet --verbose /home/rladams/.puppet.pp >
> ~/.puppet.log 2>&1
>
> You can't do anything that requires root privs, but you can
> create/maintain directories, perms on files you own, operations, etc.
>
> Good luck!
puppetd runs as a non-root user:
geo...@chiraz-60:~/svk/puppet/trunk$ puppetd --test
info: Creating a new certificate request for
chiraz-60.trinity.unimelb.edu.au
info: Creating a new SSL key at
/home/geoffc/.puppet/ssl/private_keys/chiraz-60.trinity.unimelb.edu.au.pem
warning: peer certificate won't be verified in this SSL session
err: Could not request certificate: Certificate retrieval failed:
Certificate request does not match existing certificate; run 'puppetca
--clean chiraz-60.trinity.unimelb.edu.au'.
I imagine if you setup a ~/.puppet.conf with some settings that specify
to use a different SSL certificate, or to connect to a different puppet
master than what your root puppetd connects to, you would get past the
SSL problem I've got here, and start having a puppetd running with the
permissions of that user. Either that or you'd find a few other minor
issues to work around.
--
+-Geoff Crompton
+--Debian System Administrator
+---Trinity College
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
