On Thursday, April 24, 2014 8:33:03 AM UTC-5, Paul Tötterman wrote:
>
> Hi,
>
> I'm managing workstations using puppet, and I was wondering if there's a
> better way to do this:
>
> $dir = inline_template('<%=ENV["HOME"]%>')
>
> define customizable_file($source=undef,$template=undef,$replacemd5='') {
>> $tmplname = $template ? {
>> undef => "$name.common",
>> default => "$template",
>> }
>> file { "$tmplname":
>> source => $source,
>> }
>> exec { "cp $tmplname $name":
>> onlyif => "test ! -e $name -o \"$(md5sum $name|cut -d' ' -f1)\"
>> = \"$replacemd5\"",
>> path => ['/bin', '/usr/bin'],
>> require => File["$tmplname"],
>> }
>> }
>> customizable_file { "$dir/foo-$::hostname":
>> source => 'file:///etc/motd',
>> template => "$dir/foo-common",
>> replacemd5 => 'e43e23c6d9a376bedd1ae405be4fdf97',
>> }
>
>
> What I want to achieve is a file that is managed by puppet, but if the
> user touches it, puppet stops touching the file. Normal file resource with
> replace doesn't cut it in this case. replacemd5 should be set to the md5
> sum of the previous version of the file. I'd really like to see a custom
> type for this, that would handle templating some nice way, or at least
> allow one to specify more that one md5sum of previous versions. Obviously
> this doesn't work well for files that change often.
>
> So, is there a better way?
>
As stated, your problem is intractable. There is no reliable way to
discern between the user leaving the file untouched and him modifying the
file and then modifying it back. If you want to allow for multiple
versions that you are willing update, then you also cannot discern between
the user having an untouched version and the user modifying the file to
match a different, historical version.
The closest you can come is what you are actually implementing, which is to
restrict management to one or more specific versions of the file, as
opposed to restricting by whether the user has modified it. If that's
sufficient for you, however, then there is at least one alternative
implementation that I can think of: leave a reference copy of the original,
Puppet-provided version on the client. Instead of tracking possibly-many
MD5s, just compare the current file to its reference copy to determine
whether it's OK to update. Something like this, maybe:
$dir = inline_template('<%=ENV["HOME"]%>')
define customizable_file(
$source=undef,
$reference=undef,
) {
# The default reference file name is formed by prepending '.' and
# appending '.ref' to the file name portion of the target path.
$ref_name = $reference ? {
undef => regsubst($name,'^(.*)/([^/]+)$', '\1/.\2.ref')
default => $reference,
}
# This temp file could go anywhere and have any name:
$tmp_name = "${ref_name}.tmp"
file { $tmp_name:
source => $source,
# ... ownership, mode, etc. if desired ...
}
exec { "update customizable file $name":
command => "cp -p $tmp_name $name && mv $tmp_name $ref_name",
path => ['/bin', '/usr/bin'],
onlyif => "test ! -e $name || cmp -s $name $ref_name",
require => File[$tmp_name],
provider => 'shell'
}
}
customizable_file { "$dir/foo-$::hostname":
source => 'file:///etc/motd',
reference => "$dir/foo-common"
}
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/4c7b7651-e726-4b84-9053-ef1bf154b245%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
