On Thursday, May 1, 2014 9:06:52 AM UTC-5, Peter Bukowinski wrote:
>
> On May 1, 2014, at 9:29 AM, contactp...@gmail.com <javascript:> wrote:
>
> > Hi,
> >
> > I am using puppet enterprise 3.x . I have a manifest used to install and
> manage custom application on my client node.
> > Part of manifest is :-
> >
> > file { 'app_config':
> > ensure => directory,
> > mode => 0644,
> > path => '/etc/cmas/app_config',
> > source => 'puppet:///modules/cmas/app_config',
> > recurse => true,
> > }
> >
> > file { 'config.xml':
> > audit => "content",
> > path => '/etc/cmas/app_config/config.xml',
> > }
> >
> > I want if file config.xml is changed, it should get back to old one from
> source in next puppet run.
> > is it possible to do it ?
>
> This is the default behavior of puppet, but by telling puppet to audit the
> config.xml file, you are preventing it from managing that file's content.
Not exactly. Only unmanaged resource properties can be audited, but
enabling auditing on a property that was eligible for it in the first place
(because it was unmanaged) doesn't prevent Puppet from doing what it wasn't
going to do anyway. Going the other way, disabling auditing on a property
that was eligible for auditing in the first place does not in itself make
that property managed.
Puppet's normal behavior is to leave unmanaged resource properties alone.
It sounds like the OP may be hoping to get Puppet to revert content changes
based on a record of the last content it saw, rather than managing the
content to a state asserted by the master. The latter is Puppet's behavior
when managing file content via File's 'content' property or 'source'
parameter. The former is not among Puppet's features.
> As a result, the first file resource that recursively puts the app_config
> directory in place will actually *skip* creating the config.xml file.
> You'll get a notice like this:
>
>
Puppet may skip creating the file, yes, because an explicit File resource
is honored *instead of* any implicit File resource arising from a recursive
File resource, and because no 'ensure' parameter is specified in the
explicit declaration of File[/etc/cmas/app_config/config.xml]. Puppet
might also create it as an empty, normal file; I don't recall at the moment
which. That's not directly related to auditing the file content.
> Notice: /Stage[main]/cmas/File[/etc/cmas/app_config/config.xml]/content:
> audit change: newly-recorded value absent
>
> If you want puppet to manage the content of that file and revert any
> changes, you'll need to stop auditing it.
>
>
Well, yes, because only unmanaged properties can be audited. But in
addition to turning off auditing of the content, it is also necessary to
specify an appropriate 'content' or 'source' parameter if the File's
content is to be managed.
And as for auditing changes in a more general sense, Puppet will log when
it changes the file content, and, if desired, the 'show_diff' parameter can
be used to make it log the exact changes it makes. Those will also make it
into the agent's if reporting is enabled.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0d305318-8711-4367-b5cb-9d479e43ebe9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
