On Jun 17, 2010, at 11:04 AM, John Martin wrote:
> I have done some further experimenting and found things even more perplexing.
> The rule is now just adding the new values that I need. The rule is:
>
> augeas { "dkim-postfix-settings":
> require => Package["postfix"],
> context => "/files/etc/postfix/main.cf",
> changes => [
> "set smtpd_milters inet:localhost:20209",
> "set non_smtpd_milters inet:localhost:20209",
> "ins #comment before smtpd_milters",
> "set #comment[.=''] 'Settings for implementation of
> DKIM'",
> ],
> onlyif => "match smtpd_milters size == 0"
> }
This mostly looks fine to me. The solution to the problem is lower down.
Here's some unasked for advice that has almost nothing to do with the problem.
I would break this up into two statements like this:
augeas { "first":
require => ...,
context => ...,
changes => [
"set smtpd_milters inet:localhost:20209",
"set non_smtpd_milters inet:localhost:20209",
]
#No onlyif
}
augeas { "second":
require => Augeas["first"],
context => ...,
changes => [
"ins #comment before smtpd_milters",
"set #comment[.=''] 'Settings for implementation of DKIM'",
]
onlyif => #Test if comment exists
}
This means that if the settings change in value, augeas will set them back.
> When I run 'puppetd -t' on the client, sometimes it adds the lines into the
> main.cf configuration file and on subsequent runs it removes it. It is not
> consistent. I do not understand why it would remove the values.
>
> Also when I run puppetd with the --debug switch I see the following:
>
> debug: Augeas[dkim-postfix-settings](provider=augeas): Opening augeas with
> root /, lens path , flags 0
> debug: Augeas[dkim-postfix-settings](provider=augeas): Augeas version 0.7.1
> is installed
> debug: Augeas[dkim-postfix-settings](provider=augeas): Will attempt to save
> and only run if files changed
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'set'
> with params ["/files/etc/postfix/main.cf/smtpd_milters",
> "inet:localhost:20209"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'set'
> with params ["/files/etc/postfix/main.cf/non_smtpd_milters",
> "inet:localhost:20209"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'ins'
> with params ["#comment", "before", "/files/etc/postfix/main.cf/smtpd_milters"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'set'
> with params ["/files/etc/postfix/main.cf/#comment[.='']", "Settings for
> implementation of DKIM"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): Files changed, should
> execute
> debug: Augeas[dkim-postfix-settings](provider=augeas): Closed the augeas
> connection
> debug: //dkim/Augeas[dkim-postfix-settings]: Changing returns
> debug: //dkim/Augeas[dkim-postfix-settings]: 1 change(s)
> debug: Augeas[dkim-postfix-settings](provider=augeas): Opening augeas with
> root /, lens path , flags 0
> debug: Augeas[dkim-postfix-settings](provider=augeas): Augeas version 0.7.1
> is installed
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'set'
> with params ["/files/etc/postfix/main.cf/smtpd_milters",
> "inet:localhost:20209"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'set'
> with params ["/files/etc/postfix/main.cf/non_smtpd_milters",
> "inet:localhost:20209"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'ins'
> with params ["#comment", "before", "/files/etc/postfix/main.cf/smtpd_milters"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): sending command 'set'
> with params ["/files/etc/postfix/main.cf/#comment[.='']", "Settings for
> implementation of DKIM"]
> debug: Augeas[dkim-postfix-settings](provider=augeas): Closed the augeas
> connection
> notice: //dkim/Augeas[dkim-postfix-settings]/returns: executed successfully
>
> I'm not sure why it is running the commands twice. Please note when it does
> the two sets of instructions it does add the contents to the main.cf file.
> When it doesn't, it removes the contents. Here is the output when puppet
> removes the contents:
>
> debug: //liferay_system/File[/etc/postfix/main.cf]/content: Executing 'diff
> -u /etc/postfix/main.cf /tmp/puppet-diffing.10996.0'
> --- /etc/postfix/main.cf 2010-06-17 14:00:52.000000000 -0400
> +++ /tmp/puppet-diffing.10996.0 2010-06-17 14:01:15.000000000 -0400
> @@ -673,6 +673,3 @@
> smtp_sasl_security_options = noplaintext
> smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,
> reject_unauth_destination
> mailbox_size_limit = 256000000
> -# Settings for implementation of DKIM
> -smtpd_milters = inet:localhost:20209
> -non_smtpd_milters = inet:localhost:20209
> debug: //liferay_system/File[/etc/postfix/main.cf]: Changing checksum,content
> debug: //liferay_system/File[/etc/postfix/main.cf]: 2 change(s)
> debug: //liferay_system/File[/etc/postfix/main.cf]/checksum: Replacing
> /etc/postfix/main.cf checksum {md5}61bcd19c95a29f17071c87c23b84579d with
> {md5}5df8a259e6eaf620fe70d6d4f30442e1
> notice: //liferay_system/File[/etc/postfix/main.cf]/checksum: checksum
> changed '{md5}61bcd19c95a29f17071c87c23b84579d' to
> '{md5}5df8a259e6eaf620fe70d6d4f30442e1'
If I'm reading this bit right, you are managing main.cf with File and Augeas.
This means that when ever File runs, it wipes out your Augeas changes.
(Technically, File isn't being run, but I don't remember the right terminology.)
If I'm right, putting "require => File["/etc/postfix/main.cf"] in your first
augeas statement will fix the problem with a nasty hack. Because Augeas will
always run second, the changes will always be removed and then remade during
each run.
The real solution is to do one of these:
A) Make the changes to the file on the server and dump Augeas.
B) Tell puppet to only push the file if it doesn't exist. I don't remember how
to do this. I think you might be able to by setting checksum in the file
resource to null or undef.
> info: //liferay_system/File[/etc/postfix/main.cf]: Filebucketed
> /etc/postfix/main.cf to puppet with sum 5df8a259e6eaf620fe70d6d4f30442e1
> debug: //liferay_system/File[/etc/postfix/main.cf]/checksum: Replacing
> /etc/postfix/main.cf checksum {md5}5df8a259e6eaf620fe70d6d4f30442e1 with
> {md5}61bcd19c95a29f17071c87c23b84579d
> notice: //liferay_system/File[/etc/postfix/main.cf]/content: content changed
> '{md5}5df8a259e6eaf620fe70d6d4f30442e1' to 'unknown checksum'
>
> Any help would surely be appreciated.
>
> Thanks,
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
