Re: [Puppet Users] Override a file{} directive - is it possible?
On 20.08.2012, at 23:08, Sean Carolan wrote:
It's not really the cleanest-looking thing, but the easiest option for
your particular case is to wrap the file resource in an if statement
like this:
if (! $::security_limits_disabled) {
file { '/etc/security/limits.conf':
...
}
}
Thanks, this is just what I was looking for.
One last question, is it possible to do this:
class profile::server::java {
$security_limits_disabled = true
}
and then simply include that class on my target node? I tried to do
this but the file is still getting overwritten...
In this case you need to add the scope to the variable used in the if clause:
if ( ! $profile::server::java::security_limits_disabled) { -
add class name as scope
hth,
Martin
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Error 400 on SERVER: Could not autoload active_record: uninitialized constant ActiveRecord
Thx,this really helps me ,but I wonder why storeconfig setting will cause the error ? 在 2011年12月22日星期四UTC+8上午3时53分55秒,Joehillen写道: Ok, I solved the issue. It took some doing because apparently puppet doesn't work with the newest version of activerecord. http://projects.puppetlabs.com/issues/867 Here are the steps that ended up working: apt-get install rubygems gem install activerecord --version 3.0.11 apt-get install libmysqlclient15-dev gem install mysql I had to disable async_storeconfig because stomp gave an error and I had never used it before: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not write * to queue: undefined method `publish' for #Stomp::Client:0x7f86042f8280 Instance::#Puppet::Resource::Catalog:0x7f8604546618 client : #Puppet::Util::Queue::Stomp:0x7f860447b080 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zmMWfOpsodcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Error 400 on SERVER: Could not autoload active_record: uninitialized constant ActiveRecord
Storeconfigs use activerecord as an ORM. -Sama On Tue, Aug 21, 2012 at 7:30 AM, NewpTone yux...@gmail.com wrote: Thx,this really helps me ,but I wonder why storeconfig setting will cause the error ? 在 2011年12月22日星期四UTC+8上午3时53分55秒,Joehillen写道: Ok, I solved the issue. It took some doing because apparently puppet doesn't work with the newest version of activerecord. http://projects.puppetlabs.**com/issues/867http://projects.puppetlabs.com/issues/867 Here are the steps that ended up working: apt-get install rubygems gem install activerecord --version 3.0.11 apt-get install libmysqlclient15-dev gem install mysql I had to disable async_storeconfig because stomp gave an error and I had never used it before: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not write * to queue: undefined method `publish' for #Stomp::Client:**0x7f86042f8280 Instance::#Puppet::Resource::**Catalog:0x7f8604546618 client : #Puppet::Util::Queue::Stomp:**0x7f860447b080 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/zmMWfOpsodcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] plugin sync and different platforms
Yes, the confine system should work well for this situation. -Jeff On Mon, Aug 20, 2012 at 6:54 PM, James A. Peltier jpelt...@sfu.ca wrote: -- -- On Monday, August 20, 2012, James A. Peltier wrote: Hi All, I'm trying to write some plugins that should only be sync'd if they're for a specific platform. For example, in our environment we're supporting Solaris, Ubuntu, Fedora, CentOS and Mac OS X. We've developed some OS X plugins and some Solaris plugins but we've noticed that our Linux hosts have imported our OS X plugins and now throw errors each time the agent is started Plugins are always synced, regardless of platform. What types of plugins are you developing? The best way to deal with this is to deactivate the provider or fact on systems that don't support the behavior. -Jeff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. We've developed a set of plugins for managing Macs entirely via puppet. The providers are available here https://github.com/dayglojesus/x_types We're also making extensive use of already available modules. How do I go about deactivating providers and facts specific to platforms? -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices http://blogs.sfu.ca/people/jpeltier Success is to be measured not so much by the position that one has reached in life but as by the obstacles they have overcome. - Booker T. Washington -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. Never mind. I suspect that you're referring to the confine :operatingsystem = :darwin or the likes -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices http://blogs.sfu.ca/people/jpeltier Success is to be measured not so much by the position that one has reached in life but as by the obstacles they have overcome. - Booker T. Washington -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Installing Java software on Windows using Puppet
A path type/provider would be great, since the need is so common. For example, 7Zip has an MSI, but to use the command line tools you have to edit PATH. Also, since facter prepends the Puppet dirs to PATH, every time I update PATH from $::path it adds another copy of the Puppet dirs, and quickly fills up the entire variable with Puppet stuff. I don't actually understand why you do that anyway. If you can point me to the source where it happens I can hack it out myself for now. On Monday, August 20, 2012 5:01:50 PM UTC-5, Josh Cooper wrote: Hi Jeff, On Mon, Aug 20, 2012 at 11:43 AM, Jeff Sussna j...@ingineering.itjavascript: wrote: OK, I got registry::value working by commenting out the calls to validate_re. I will file a ticket for that. The registry module has a dependency on the stdlib module. When installing the module on a unix puppet master, the dependency will be resolved automatically (stdlib module will be downloaded if necessary). And since the running the module tool on Windows is not currently supported (in large part because of the tar.gz format, see [1]), you'll have to manually download the stdlib module to your Windows box. Unfortunately, though, the Windows gotchas continue. If you manually edit PATH in the System control panel, the new value shows up the next time you open a new cmd window. If, however, you edit it in the registry, the change doesn't show up until you reboot the machine. I've verified this behavior in XP and Server 2003. I found this post: http://mnaoumov.wordpress.com/2012/07/24/powershell-add-directory-to-environment-path-variable/ Broadcast to all windows that the environment has changed. I also discovered an inconvenience with the puppet registry module. registry::value calls registry_value, which appends the value to the key to create a namevar. That means you can't edit PATH within a module that has a dependency on another module that edits path; if you do, you get a duplicate declaration error. Really we should have a type provider for managing the system path. I've filed this as https://projects.puppetlabs.com/issues/16048 Josh [1] http://projects.puppetlabs.com/issues/11276 -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/WEbLZfE_r30J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Dynamic Lookup of facter variable.
On Mon, Aug 20, 2012 at 9:50 PM, Tim Mooney tim.moo...@ndsu.edu wrote: In regard to: Re: [Puppet Users] Dynamic Lookup of facter variable., Nigel...: Facts were supposed to be able to be referenced as $factname without throwing the deprecation warning in your release, it's been fixed in later versions. Are you saying that we do *not* need to reference facts as $::factname in all our classes, not even in preparation for puppet 3.x? What if we *are* referencing them that way, now? There's no harm in going that extra mile and being explicit that you're looking at a top scope variable fact, rather than a local variable of the same name, so you can continue to reference them as $::factname if you would like to do so. Requiring that wasn't an original goal, as it was deemed too high a cost for the most common case to force that rather ugly syntax on everyone. It was a bug in the deprecation warning code. Does that help? It does help, thank you. It's one of those things that I wish I had known before I spent hours changing our modules in preparation for what I thought was going to be a requirement for puppet 3.x, but better late than never. :-) I appreciate the clarity you've provided on this. Tim I do apologize for us messing up the deprecation warning. It's caused a lot of unnecessary churn for everyone, and it's frustrating for everyone involved :( -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Dynamic Lookup of facter variable.
In regard to: Re: [Puppet Users] Dynamic Lookup of facter variable., Nigel...: It's one of those things that I wish I had known before I spent hours changing our modules in preparation for what I thought was going to be a requirement for puppet 3.x, but better late than never. :-) I appreciate the clarity you've provided on this. I do apologize for us messing up the deprecation warning. It's caused a lot of unnecessary churn for everyone, and it's frustrating for everyone involved :( puppet's a moving target, and I think that most people that follow the list understand that this kind of thing is going to happen on occasion, especially when a major release is in the works. I certainly do. The trick is going to be stamping out places where you must top-scope facts may have already crept into documentation or people's puppet idioms. Tim -- Tim Mooney tim.moo...@ndsu.edu Enterprise Computing Infrastructure 701-231-1076 (Voice) Room 242-J6, IACC Building 701-231-8541 (Fax) North Dakota State University, Fargo, ND 58105-5164 -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] erb template test if value in array
In an .erb template, I want to test if a value is in an array (and if yes do something). I thought the way to do it might me something like: % if @testservers.include? @fqdn % environment = test % else % environment = production % end % However that blows up complaining that .include is an undefined function. Our version of puppet is 2.6.16 on the client and 2.7.12 on the puppetmaster. Can anyone help? -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/1SMg1cuLUiIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] package handling in puppet?
I'm starting to feel like, maybe, I have a fundamentally flawed concept of
how puppet is intended to be used. (new to puppet. setting up initial
puppet environment. blah blah)
so, I've got most of the pieces worked out, but I've hit a major roadblock
with the way packages are handled in puppet. (according to my limited
understanding of puppet, that is) The problem starts with the fact that
including the following in two different classes:
package { 'perl': ensure = installed }
causes this error:
Duplicate definition: Package[perl] is already defined
This is pretty unfortunate, but we can try to work around it by doing this:
package { 'test-perl': ensure = installed, alias = 'perl' }
which gives us this error:
Parameter alias failed: test-perl can not create alias perl: object
already exists
Ok, can't even get around it like that. I've found two ways around this so
far, both are kinda gross, so I'm starting to wonder if I'm working against
some prime directive of puppet.
One pretty kludgey way around it is to wrap each package definition in a
class and then just include the classes where I want the packages
defined. I mean, I can write a perl script to generate a class for each
package that is in my packaging system and just do it this way, but it just
feels like I'm cheating, and I have no idea what kind of overhead that
would put on puppet.
Another, less gross, way to do it is to do something like this:
if !defined(Package['perl']) {
package { 'perl':
ensure = installed,
}
}
This is kinda what I expected ensure = installed to mean. The big
problem with this method is that it's so verbose that to do this for every
package I want to include would make it somewhat difficult to see which
packages I was including in a class if I had more than a few. I can fix a
bit of the bulkiness by reformatting the expression, but it's still pretty
verbose. The obvious answer to this mess is a defined type, and yet, using
a simple defined type brings us full circle to collisions again. lol
(yes, I can create a defined type that avoids the collision, but then the
invocation starts to get pretty verbose again, and really, it just starts
to feel like I'm not doing any of this the right way)
We also stumbled across the Singleton puppet module, which does almost kind
of exactly what we want, except it has a dependency on hiera. We haven't
really decided whether to use hiera or not. Efforts to rip the hiera
dependencies out of Singleton and also getting it to run even with hiera
installed have both failed. I'll probably keep looking into modifying the
ruby code to behave in some useful manner for us, but for now, I'm running
out of good options.
So...what am I doing wrong? Does the puppet philosophy not really allow
for maintaining package lists in classes? Do people pretty much define
classes down at the host level to get around this limitation? Does
everyone use some external DB or something to track which classes require
which packages and just manually avoid the collision problem? Is there
some magic syntax that I just haven't found yet? Am I just totally on the
wrong track?
To describe what I'm trying to accomplish, I have a baseline class which
defines things I want everywhere and I want to be able to define classes
like mail_server, web_server, samba_server, etc, and then just
include whichever of those classes on a box I need to define the machine's
configuration. I think I've figured out how to do every piece of this
except the packages. I saved this until last, because, honestly, I never
imagined that it was going to work this way. sigh
thanks for any help,
Michael
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/7ia1AlfYsXMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] package handling in puppet?
On Aug 21, 2012, at 9:05 AM, lamour wrote:
I'm starting to feel like, maybe, I have a fundamentally flawed concept of
how puppet is intended to be used. (new to puppet. setting up initial
puppet environment. blah blah)
so, I've got most of the pieces worked out, but I've hit a major roadblock
with the way packages are handled in puppet. (according to my limited
understanding of puppet, that is) The problem starts with the fact that
including the following in two different classes:
package { 'perl': ensure = installed }
causes this error:
Duplicate definition: Package[perl] is already defined
This is pretty unfortunate, but we can try to work around it by doing this:
package { 'test-perl': ensure = installed, alias = 'perl' }
which gives us this error:
Parameter alias failed: test-perl can not create alias perl: object
already exists
Ok, can't even get around it like that. I've found two ways around this so
far, both are kinda gross, so I'm starting to wonder if I'm working against
some prime directive of puppet.
if you have packages that are pre-requisites for more than one other package,
create a separate class and include the class where desired. Done.
One pretty kludgey way around it is to wrap each package definition in a
class and then just include the classes where I want the packages defined.
I mean, I can write a perl script to generate a class for each package that
is in my packaging system and just do it this way, but it just feels like I'm
cheating, and I have no idea what kind of overhead that would put on puppet.
Another, less gross, way to do it is to do something like this:
if !defined(Package['perl']) {
package { 'perl':
ensure = installed,
}
}
This is kinda what I expected ensure = installed to mean. The big problem
with this method is that it's so verbose that to do this for every package I
want to include would make it somewhat difficult to see which packages I was
including in a class if I had more than a few. I can fix a bit of the
bulkiness by reformatting the expression, but it's still pretty verbose. The
obvious answer to this mess is a defined type, and yet, using a simple
defined type brings us full circle to collisions again. lol (yes, I can
create a defined type that avoids the collision, but then the invocation
starts to get pretty verbose again, and really, it just starts to feel like
I'm not doing any of this the right way)
We also stumbled across the Singleton puppet module, which does almost kind
of exactly what we want, except it has a dependency on hiera. We haven't
really decided whether to use hiera or not. Efforts to rip the hiera
dependencies out of Singleton and also getting it to run even with hiera
installed have both failed. I'll probably keep looking into modifying the
ruby code to behave in some useful manner for us, but for now, I'm running
out of good options.
So...what am I doing wrong? Does the puppet philosophy not really allow for
maintaining package lists in classes? Do people pretty much define classes
down at the host level to get around this limitation? Does everyone use some
external DB or something to track which classes require which packages and
just manually avoid the collision problem? Is there some magic syntax that I
just haven't found yet? Am I just totally on the wrong track?
To describe what I'm trying to accomplish, I have a baseline class which
defines things I want everywhere and I want to be able to define classes like
mail_server, web_server, samba_server, etc, and then just include
whichever of those classes on a box I need to define the machine's
configuration. I think I've figured out how to do every piece of this except
the packages. I saved this until last, because, honestly, I never imagined
that it was going to work this way. sigh
Hiera will be part and parcel of puppet 3 so you would be better off designing
to live with it rather than try to force life without it long term.
I'm sort of suspicious that you are trying to use Singleton as a means to avoid
a full implementation of puppet. It seems that trying to shortcut understanding
of puppet leads to frustration.
Craig
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] don't push out facter-1.6.11 without testing ; causes puppetd hang
Ugh, the only code changes between 1.6.10 and 1.6.11 are /proc related changes for selinux detection. https://github.com/puppetlabs/facter/commit/a836764790be14acc276ab039080316f65b2 So this is somehow tickling the buggy select() behaviour. Will spend more time on tracking this down today; could anyone with affected systems please ping me (eric0) on irc? -=Eric On Monday, August 20, 2012 2:58:16 PM UTC-7, Jo wrote: Lots of people have logged information in ticket #10418 http://projects.puppetlabs.com/issues/10418 I don't have much time to track this today, but our environment is fairly bone-stock CentOS 5.6, Ruby 1.8.7, Puppet 1.7.18. The only custom facts come from puppetlabs-stdlib. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/hhgbXIJkzqkJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Installing Java software on Windows using Puppet
After trying out http://mnaoumov.wordpress.com/2012/07/24/powershell-add-directory-to-environment-path-variable/ I realized it's smart enough to: 1. Read the old PATH value from the registry (thus getting around the facter path problem) 2. Only add the new dir if it's not already in PATH 3. Broadcast PATH change to new cmd prompts without reboot So now everything is working just as desired. I've written a a Puppet defined type that takes a zip file and the desired home directory and home env var name, does the unzip, sets the home env var,and adds home\bin to PATH. Using it to automate install of groovy, gradle, and so on. Really appreciate your help. Jeff -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/BNYc0LcORgoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Using Virtual Resource in custom resource type
Hi!
I am facing difficulties in using the virtual resource types in resorce
custom, I have a definition of user creation as shown below:
define add_user ( $email, $uid, $key, $groups ) {
$username = $title
user { $username:
comment= $email,
groups = $groups,
managehome = true,
home = /home/$username,
shell = /bin/bash,
uid= $uid
}
file { /home/$username/:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = [ user[$username] ]
}
file { /home/$username/.ssh:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = file[/home/$username/]
}
# now make sure that the ssh key authorized files is around
file { /home/$username/.ssh/authorized_keys:
ensure = present,
owner = $username,
group = $username,
mode= 600,
require = file[/home/$username/]
}
ssh_authorized_key{ ${username}:
ensure = present,
type= ssh-rsa,
user= $username,
key = $key,
}
}
And in my users manifests I declare this way:
@add_user { test:
email = user test,
uid = 1040,
groups = apache,
key =
B3NzaC1yc2EDAQfTRr6mUam1rIiwWhseaRP9M83L2NXFBMix4d7q1xkO/bMqCvvRPjzVzQNGhEJFn8Pjz2pr+QcK2c2yqceSTpbVoxM8Gg5/dXwKv+ct4qKjLVtSty8s/VW8g+kI3N5R9Xv1SG7exJdutKfEnoCGY4lXjrU11fvCZq5Zrc5,
}
and in my node i declare this way:
import custom_resource
import users_manifests
node server01.domain {
--
Douglas Brancaglion
Security Analist
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Virtual Resources with variables
Hi!
I am facing difficulties in using the virtual resource types in resorce
custom, I have a definition of user creation as shown below:
define add_user ( $email, $uid, $key, $groups ) {
$username = $title
user { $username:
comment= $email,
groups = $groups,
managehome = true,
home = /home/$username,
shell = /bin/bash,
uid= $uid
}
file { /home/$username/:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = [ user[$username] ]
}
file { /home/$username/.ssh:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = file[/home/$username/]
}
# now make sure that the ssh key authorized files is around
file { /home/$username/.ssh/authorized_keys:
ensure = present,
owner = $username,
group = $username,
mode= 600,
require = file[/home/$username/]
}
ssh_authorized_key{ ${username}:
ensure = present,
type= ssh-rsa,
user= $username,
key = $key,
}
}
And in my users manifests I declare this way:
@add_user { test:
email = user test,
uid = 1040,
groups = apache,
key =
B3NzaC1yc2EDAQfTRr6mUam1rIiwWhseaRP9M83L2NXFBMix4d7q1xkO/bMqCvvRPjzVzQNGhEJFn8Pjz2pr+QcK2c2yqceSTpbVoxM8Gg5/dXwKv+ct4qKjLVtSty8s/VW8g+kI3N5R9Xv1SG7exJdutKfEnoCGY4lXjrU11fvCZq5Zrc5,
}
and in my node i declare this way:
import custom_resource
import users_manifests
node server01.domain {
realize User[test]
}
but i receive that error message:
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Failed to realize virtual resources User[dbrancaglion]
Sorry duplicate message, my browser crashed!!
Can help me?
Tks!
--
Douglas Brancaglion
Security Analist
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Virtual Resources with variables
Realize add_user instead of user..
Sent from my galaxy tab
On Aug 22, 2012 3:01 AM, Douglas Brancaglion douglas.rea...@gmail.com
wrote:
realize }
On Aug 22, 2012 3:01 AM, Douglas Brancaglion douglas.rea...@gmail.com
wrote:
Hi!
I am facing difficulties in using the virtual resource types in resorce
custom, I have a definition of user creation as shown below:
define add_user ( $email, $uid, $key, $groups ) {
$username = $title
user { $username:
comment= $email,
groups = $groups,
managehome = true,
home = /home/$username,
shell = /bin/bash,
uid= $uid
}
file { /home/$username/:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = [ user[$username] ]
}
file { /home/$username/.ssh:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = file[/home/$username/]
}
# now make sure that the ssh key authorized files is around
file { /home/$username/.ssh/authorized_keys:
ensure = present,
owner = $username,
group = $username,
mode= 600,
require = file[/home/$username/]
}
ssh_authorized_key{ ${username}:
ensure = present,
type= ssh-rsa,
user= $username,
key = $key,
}
}
And in my users manifests I declare this way:
@add_user { test:
email = user test,
uid = 1040,
groups = apache,
key =
B3NzaC1yc2EDAQfTRr6mUam1rIiwWhseaRP9M83L2NXFBMix4d7q1xkO/bMqCvvRPjzVzQNGhEJFn8Pjz2pr+QcK2c2yqceSTpbVoxM8Gg5/dXwKv+ct4qKjLVtSty8s/VW8g+kI3N5R9Xv1SG7exJdutKfEnoCGY4lXjrU11fvCZq5Zrc5,
}
and in my node i declare this way:
import custom_resource
import users_manifests
node server01.domain {
realize User[test]
}
but i receive that error message:
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Failed to realize virtual resources User[dbrancaglion]
Sorry duplicate message, my browser crashed!!
Can help me?
Tks!
--
Douglas Brancaglion
Security Analist
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] package handling in puppet?
On Tuesday, August 21, 2012 1:22:24 PM UTC-4, Craig White wrote: if you have packages that are pre-requisites for more than one other package, create a separate class and include the class where desired. Done. Ok, I'm just making sure that I understand what you're saying. Are you saying that the proper way to handle packages in puppet is to manage the packages required by my classes with the built in package resource type and whenever puppet pitches errors because of a package collision, to add a class that wraps that package resource definition and then change the manifests to include the class instead of defining the package directly? I guess I must not understand what you mean, because that doesn't sound particularly desirable to me. Hiera will be part and parcel of puppet 3 so you would be better off designing to live with it rather than try to force life without it long term. Ok, this is good to know. I guess I'll read up more on it. Thanks. I'm sort of suspicious that you are trying to use Singleton as a means to avoid a full implementation of puppet. It seems that trying to shortcut understanding of puppet leads to frustration. I'm not sure what I said that led you to believe this is what I'm doing. I'm asking for advice as to what the correct way to handle this in puppet is. I laid out all the ways I've come up with to (try to) deal with my problem. What I don't know is why this isn't easier. It makes me feel like I'm doing it all wrong. And I'm not sure what you mean by full implementation. You mean, without hiera? Or is there something else fundamentally wrong with what I'm doing? Honestly, we've barely started with our implementation of puppet. In our test environment, we have working classes for a few services and have a loose framework in place that handles some of the thornier issues of our environment. We've read a lot of docs, added parser functions, added custom facter facts, added custom augeas lenses, etc. I've found simple, fairly elegant ways to deal with almost everything I've tried to do in puppet. I'm just feeling that maybe I'm missing the big picture or maybe, at least, A big picture. I'm not trying to work around anything. I'm just trying to figure out the best way to use puppet to manage my hosts in a way that is easy to understand, audit and maintain. I'm sorry that wasn't clear from my original post. I guess I feel that I'm starting to understand some of the knobs in puppet, but I maybe don't understand the plan. That's why I came here. I hoped someone here had a better understanding of the big picture (or a simple solution to my current problem). thanks for your help, Michael -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/hKuxYppzCYoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Virtual Resources with variables
Tks!
Work fine now.
Hugs,
2012/8/21 Walter Heck walterh...@gmail.com
Realize add_user instead of user..
Sent from my galaxy tab
On Aug 22, 2012 3:01 AM, Douglas Brancaglion douglas.rea...@gmail.com
wrote:
realize }
On Aug 22, 2012 3:01 AM, Douglas Brancaglion douglas.rea...@gmail.com
wrote:
Hi!
I am facing difficulties in using the virtual resource types in resorce
custom, I have a definition of user creation as shown below:
define add_user ( $email, $uid, $key, $groups ) {
$username = $title
user { $username:
comment= $email,
groups = $groups,
managehome = true,
home = /home/$username,
shell = /bin/bash,
uid= $uid
}
file { /home/$username/:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = [ user[$username] ]
}
file { /home/$username/.ssh:
ensure = directory,
owner = $username,
group = $username,
mode= 700,
require = file[/home/$username/]
}
# now make sure that the ssh key authorized files is around
file { /home/$username/.ssh/authorized_keys:
ensure = present,
owner = $username,
group = $username,
mode= 600,
require = file[/home/$username/]
}
ssh_authorized_key{ ${username}:
ensure = present,
type= ssh-rsa,
user= $username,
key = $key,
}
}
And in my users manifests I declare this way:
@add_user { test:
email = user test,
uid = 1040,
groups = apache,
key =
B3NzaC1yc2EDAQfTRr6mUam1rIiwWhseaRP9M83L2NXFBMix4d7q1xkO/bMqCvvRPjzVzQNGhEJFn8Pjz2pr+QcK2c2yqceSTpbVoxM8Gg5/dXwKv+ct4qKjLVtSty8s/VW8g+kI3N5R9Xv1SG7exJdutKfEnoCGY4lXjrU11fvCZq5Zrc5,
}
and in my node i declare this way:
import custom_resource
import users_manifests
node server01.domain {
realize User[test]
}
but i receive that error message:
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Failed to realize virtual resources User[dbrancaglion]
Sorry duplicate message, my browser crashed!!
Can help me?
Tks!
--
Douglas Brancaglion
Security Analist
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Douglas Brancaglion
Security Analist
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] package handling in puppet?
On 8/21/2012 9:05 AM, lamour wrote:
I'm starting to feel like, maybe, I have a fundamentally flawed concept
of how puppet is intended to be used. (new to puppet. setting up
initial puppet environment. blah blah)
so, I've got most of the pieces worked out, but I've hit a major
roadblock with the way packages are handled in puppet. (according to my
limited understanding of puppet, that is) The problem starts with the
fact that including the following in two different classes:
package { 'perl': ensure = installed }
causes this error:
Duplicate definition: Package[perl] is already defined
This is pretty unfortunate, but we can try to work around it by doing this:
package { 'test-perl': ensure = installed, alias = 'perl' }
which gives us this error:
Parameter alias failed: test-perl can not create alias perl: object
already exists
Ok, can't even get around it like that. I've found two ways around this
so far, both are kinda gross, so I'm starting to wonder if I'm working
against some prime directive of puppet.
What happens when you have two or more statements about the same
resource in conflict?
package { 'mysql': ensure = installed, }
package { 'mysql': ensure = 5.0.92, }
package { 'mysql': ensure = latest, }
Therefore you need to specify it once. You can do this a few different
ways.
class perl {
package { 'perl': ensure = installed }
}
class someclass {
include perl
file { 'somefile': content = 'stuff', require = Class['perl',}
}
or going in a different direction
class virtualpackages {
@package { 'perl': }
}
class someclass {
include perl
file { 'somefile': content = 'stuff', require = Package['perl',}
realize Package['perl']
}
Personally I find it simpler to use the first method for most complex
things and the later for one off packages that might be needed for
multiple things like mysql-client libs.
Ramin
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] The rewritten Puppet 2.7 language reference is live
Hi all, I've finished the all new Puppet 2.7 language reference. EXCITING! Well, exciting to me, at least. Table of contents: http://docs.puppetlabs.com/puppet/2.7/reference/ Visual index (for when you know what you're looking for but you don't know what it's called): http://docs.puppetlabs.com/puppet/2.7/reference/lang_visual_index.html And of course, use the navigation in the left sidebar to jump between pages. Our goal here is to nail down every detail of how the Puppet language works, then cut new versions along with major Puppet releases. We'll eventually be expanding this versioned document with non-language details -- we've been referring to this plan as the Puppet reference manual. Its purpose isn't to replace any of the guides or how-tos, but to lay down a just the facts baseline that lets you get in and out fast. Anyway, we hope you find it useful. Thanks for using Puppet. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/bDBvT082CjQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] List of every core fact is live
There's another brand new document today: A master list of every fact in Facter 1.6 core. We hope it's helpful! http://docs.puppetlabs.com/facter/1.6/core_facts.html This is a bit rough, and some of the facts are still undocumented, but it's got pretty much everything. Huge thanks to Ben Hughes for writing most of these descriptions as comments in the Facter source about a year ago. -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/XwMoHDGhJ54J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Install rubygem package in order to use with library
Hi
See inline:
On 21/08/2012, at 23:14, Sergey V. Arlashin sergey...@gmail.com wrote:
Hello!
I have a custom function which requires a ruby gem which I have in my
deb-repository.
If the package is installed beforehand manually the function works well. But
if I want to install the package with puppet I get the following error:
out: Could not autoload zabbix_host: no such file to load -- rubix at
/etc/puppet/modules/zabbix/manifests/init.pp:83 on node
Where is rubix declared? What's on line 83 of your init.pp?
the code looks like
package { 'librubix-puppet-ruby1.8':
ensure= installed
}
zabbix_host { ${::fqdn}:
ensure = present,
require = Package['librubix-puppet-ruby1.8']
}
So it seems Puppet tries to execute zabbix_host before having the package
librubix-puppet-ruby1.8 installed.
Is it possible to get the package librubix-puppet-ruby1.8 installed before
executing zabbix_host ?
Thank you.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/8b6QBCyfQuUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Puppet equivilent to adduser [user] [group]
Hi there. I am trying to add an existing user (set up by a package during installation) to a group set up by another package during its installation. So both the group and the user all ready exist. I want the group to be added as an ADDITIONAL group, not to replace the users originally assigned group. Is there a simple way of achieving this? Thanks David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/OPtGqvsZUEsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Puppet equivilent to adduser [user] [group]
You need to use the groups (not to be confused with group!) attribute to set a list of supplementary groups, and set the membership attribute to minimum. Docs here: http://docs.puppetlabs.com/references/latest/type.html#user On Tuesday, August 21, 2012 2:12:55 PM UTC-7, David Bell wrote: Hi there. I am trying to add an existing user (set up by a package during installation) to a group set up by another package during its installation. So both the group and the user all ready exist. I want the group to be added as an ADDITIONAL group, not to replace the users originally assigned group. Is there a simple way of achieving this? Thanks David -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/JXoUL6eRapsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Override a file{} directive - is it possible?
It's not really the cleanest-looking thing, but the easiest option for
your particular case is to wrap the file resource in an if statement
like this:
if (! $::security_limits_disabled) {
file { '/etc/security/limits.conf':
...
}
}
Super, thanks Martin!
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Scheduled_task + ad user
Stupid question: where is the source file for this hack?
On Monday, July 2, 2012 11:19:46 PM UTC-5, fpommier wrote:
Hi Josh,
Thank for your quick and good reply.
I remove and LocalAccount = True' at line 56 and 58.
It now work perfectly.
Thanks again.
Fred
Le lundi 2 juillet 2012 07:27:33 UTC-10, Josh Cooper a écrit :
Hi,
On Sat, Jun 30, 2012 at 4:30 PM, fpommier fpomm...@gmail.comjavascript:
wrote:
Hi,
When a want to use scheduled_task for create a windows task and when i
give a AD user, i have this message :
err: /Stage[main]/Mirnas/Scheduled_task[test]/ensure: change from absent
to present failed: Invalid user: DOMAIN\oper
My user domain and the password are correct.
I have the same error if i change DOMAIN\oper by
op...@domain.comjavascript:or DOMAIN/oper
With a local user, is working, but i need a AD user for my batch to
work.
Is it a bug , a limitation or i miss something ?
Thank for any help
scheduled_task { 'test':
ensure= present,
enabled = true,
command = 'C:\test\test.bat',
working_dir= 'C:\test',
user = 'DOMAIN\oper',
password = 'x',
trigger = {
schedule = daily,
start_date = '2012-06-26', # Defaults to 'today'
start_time = '09:05', # Must be specified
}
}
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/P1hXwgGE2CoJ.
To post to this group, send email to puppet...@googlegroups.comjavascript:
.
To unsubscribe from this group, send email to
puppet-users...@googlegroups.com javascript:.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
It is definitely a bug. I've filed this as
http://projects.puppetlabs.com/issues/15326. You can probably just
remove the `LocalAccount = True` condition from the WMI queries in
`Puppet::Util::ADSI#sid_for_account` at lines 56-58.
Josh
--
Josh Cooper
Developer, Puppet Labs
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/ily02pJOJqsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] package handling in puppet?
In regard to: [Puppet Users] package handling in puppet?, lamour said (at...:
I'm starting to feel like, maybe, I have a fundamentally flawed concept of
how puppet is intended to be used. (new to puppet. setting up initial
puppet environment. blah blah)
so, I've got most of the pieces worked out, but I've hit a major roadblock
with the way packages are handled in puppet. (according to my limited
understanding of puppet, that is) The problem starts with the fact that
including the following in two different classes:
package { 'perl': ensure = installed }
There are several ways to deal with this.
I know perl is probably a general example of the problem, but at least
in that case, it's fairly rare that you need to specify the interpreter
directly. If you're making good use of packages, what you probably
instead want is something like
package { 'perl-Net-SMTP-SSL':
ensure = installed,
require = Yumrepo['your-local-repo-name-or-maybe-epel'],
}
In other words, specify your package { whatever: } so that it asks
for the highest level requirement, and just let the packaging system
pull in the dependencies. A properly packaged perl module should
automatically cause perl to be installed.
Let's say you have an unpackaged script (hint: consider packaging it!)
that relies on just the core perl modules and doesn't have any external
module dependency that you can key on, so keying on some higher level
dependency isn't going to work.
Now you're back to the cases you were considering.
For the first case:
causes this error:
Duplicate definition: Package[perl] is already defined
This is pretty unfortunate, but we can try to work around it by doing this:
package { 'test-perl': ensure = installed, alias = 'perl' }
*Definitely* do not do this. There might be other places where this
kind of chicanery is appropriate, but it's not a good idea here.
One pretty kludgey way around it is to wrap each package definition in a
class and then just include the classes where I want the packages
defined.
That's the way we do it for packages where we've run into this issue, but
remember again that you generally don't need to do this for every package,
you just need to do it for cases where you can identify a package that
must be installed *but* isn't going to be pulled in automatically by your
package management system via a dependency from some *other* package
you're requiring.
I mean, I can write a perl script to generate a class for each
package that is in my packaging system and just do it this way, but it just
feels like I'm cheating, and I have no idea what kind of overhead that
would put on puppet.
I wouldn't recommend that. Generate only the classes that you need, and
consider subclasses too. For example, we do have a few cases where
non-packaged scripts written by e.g. a dba require something like perl's
Foo::Bar module. We have a class for perl and subsclasses for stuff like
perl::foo::bar. We only need to
include perl::foo::bar
and that has the
package { 'perl-Foo-Bar':
ensure = installed,
}
*and* the actual OS package has the proper dependency to get pulled
in if needed.
Another, less gross, way to do it is to do something like this:
if !defined(Package['perl']) {
package { 'perl':
ensure = installed,
}
}
I would instead do something more like
file { 'your-unpackaged-perl-script-here.pl':
ensure = file,
owner = 'whomever',
group = 'ditto',
mode= '0whatever-whatever-whatever',
require = Package['perl'],
source = 'puppet:///module_name/script-source-here.pl',
}
This is kinda what I expected ensure = installed to mean. The big
problem with this method is that it's so verbose that to do this for every
package I want to include would make it somewhat difficult to see which
packages I was including in a class if I had more than a few.
So do
class your_class {
include your_class::packages
# other stuff here.
}
and split your packages into the your_class::packages class.
We also stumbled across the Singleton puppet module, which does almost kind
of exactly what we want, except it has a dependency on hiera. We haven't
really decided whether to use hiera or not. Efforts to rip the hiera
dependencies out of Singleton and also getting it to run even with hiera
installed have both failed. I'll probably keep looking into modifying the
ruby code to behave in some useful manner for us, but for now, I'm running
out of good options.
Don't rip out hiera, it will be part of puppet 3.x. I'm not familiar with
the Singleton module, but I wouldn't think you would need to resort to
external modules for something that's pretty fundamental to the problem
domain.
Another option that some have used in this situation is virtual resources
for packages, e.g.
class all_packages {
@package { 'perl': }
@package { 'perl-Foo-Bar': }
}
and
class your_class
[Puppet Users] Announce: Puppet 2.7.19 Available
Puppet 2.7.19 is a maintenance release candidate for Puppet in the 2.7.x series. It includes many bug fixes, including Windows improvements, Upstart service provider fixes, and several others. Downloads are available at: * Source https://downloads.puppetlabs.com/puppet/puppet-2.7.19.tar.gz Windows package is available at https://downloads.puppetlabs.com/windows/puppet-2.7.19.msi RPMs are available at https://yum.puppetlabs.com/el or /fedora Debs are available at https://apt.puppetlabs.com Mac package is available at https://downloads.puppetlabs.com/mac/puppet-2.7.19.dmg See the Verifying Puppet Download section at: https://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Please report feedback via the Puppet Labs Redmine site, using an affected puppet version of 2.7.19: http://projects.puppetlabs.com/projects/puppet/ This release contains contributions from Andrew Parker, Dustin J. Mitchell, Patrick Carlisle, Nick Lewis, Jakob Holy, R. Tyler Croy, Michael Stahnke, Josh Cooper, Moses Mendoza, Will Hopper, nfagerlund, Daniel Pittman, Ken Barber, Dominic Cleal, Stefan Shulte, Dominic Maraglia, Matthaus Litteken, Jeff McCune, Franz Pletz, Andy Sykes, and codec. This release does not address (#15561) regarding slashes in certnames. This remains a known issue. ## Puppet 2.7.19 Release Notes ## Ruby 1.9.3 has a different error when `require` fails. The text of the error message when load fails has changed, resulting in the test failing. This adapts that to catch the different versions, allowing this to pass in all cases. (#15291) Add Vendor tag to Puppet spec file Previously the spec file had no Vendor tag, which left it undefined. This commit adds a Vendor tag that references the _host_vendor macro, so that it can be easily set to 'Puppet Labs' internally and customized by users easily. The Vendor tag makes it easier for users to tell where the package came from. Add packaging support for fedora 17 This commit modifies the puppet.spec file to use the ruby vendorlib instead of sitelib if building for fedora 17, which ships with ruby 1.9. Mostly borrowed from the official Fedora 17 package. (#15471) Fix setting mode of last_run_summary The writlock function didn't work with setting the mode on the last_run_summary file. This backports some of the work in commit 7d8fd144949f21eff924602c2a6b7f130f1c0b69. Specifically, the changes from using writelock to replace_file for saving the summary file. This builds on top of the backport of getting replace_file to work on windows. (#15471) Ensure non-root can read report summary The security fix for locking down the last_run_report, which contains sensitive information, also locked down the last_run_summary, which does not contain sensitive information. Unfortunately this file is often used by monitoring systems so that they can track puppet runs. Since the agent runs as root and the monitoring systems do not, this caused the summary to become unreadable by the monitoring systems. This commit returns the summary to being world readable which undoes part of the change done in fd44bf5e6d0d360f6a493d663b653c121fa83c3f Use Win32 API atomic replace in `replace_file` The changes to enable Windows support in `replace_file` were not actually complete, and it didn't work when the file didn't exist - because of limitations of the emulation done on our side, rather than anything else. Windows has a bunch of quirks, and Ruby doesn't actually abstract over the underlying platform a great deal. We can use the Windows API ReplaceFile, and MoveFileEx, to achieve the desired behaviour though. This adds even more conditional code inside the `replace_file` method to handle multiple platforms - but it really isn't very clean. Better to get this working now, then refactor, though. (#11868) Use `Installer` automation interface to query package state Previously, Puppet recorded MSI packages it had installed in a YAML file. However, if the file was deleted or the system modified, e.g. Add/Remove Programs, then Puppet did not know the package state had changed. Also, if the name of the package did not change across versions, e.g. VMware Tools, then puppet would report the package as insync even though the installed version could be different than the one pointed to by the source parameter. Also, `msiexec.exe` returns non-zero exit codes when either the package requests a reboot (194), the system requires a reboot (3010), e.g. due to a locked file, or the system initiates a reboot (1641). This would cause puppet to think the install failed, and it would try to reinstall the packge the next time it ran (since the YAML file didn't get updated). This commit changes the msi package provider to use the `Installer` Automation (COM) interface to query the state
Re: [Puppet Users] Scheduled_task + ad user
Hi Jeff,
It should be lib/puppet/util/adsi.rb
Also please add yourself as a watcher to the ticket.
Josh
On Aug 21, 2012, at 3:18 PM, Jeff Sussna j...@ingineering.it wrote:
Stupid question: where is the source file for this hack?
On Monday, July 2, 2012 11:19:46 PM UTC-5, fpommier wrote:
Hi Josh,
Thank for your quick and good reply.
I remove and LocalAccount = True' at line 56 and 58.
It now work perfectly.
Thanks again.
Fred
Le lundi 2 juillet 2012 07:27:33 UTC-10, Josh Cooper a écrit :
Hi,
On Sat, Jun 30, 2012 at 4:30 PM, fpommier fpomm...@gmail.com wrote:
Hi,
When a want to use scheduled_task for create a windows task and when i give
a AD user, i have this message :
err: /Stage[main]/Mirnas/Scheduled_task[test]/ensure: change from absent to
present failed: Invalid user: DOMAIN\oper
My user domain and the password are correct.
I have the same error if i change DOMAIN\oper by op...@domain.com or
DOMAIN/oper
With a local user, is working, but i need a AD user for my batch to work.
Is it a bug , a limitation or i miss something ?
Thank for any help
scheduled_task { 'test':
ensure= present,
enabled = true,
command = 'C:\test\test.bat',
working_dir= 'C:\test',
user = 'DOMAIN\oper',
password = 'x',
trigger = {
schedule = daily,
start_date = '2012-06-26', # Defaults to 'today'
start_time = '09:05', # Must be specified
}
}
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/P1hXwgGE2CoJ.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
It is definitely a bug. I've filed this as
http://projects.puppetlabs.com/issues/15326. You can probably just remove the
`LocalAccount = True` condition from the WMI queries in
`Puppet::Util::ADSI#sid_for_account` at lines 56-58.
Josh
--
Josh Cooper
Developer, Puppet Labs
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/ily02pJOJqsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Hiera to hash
I know I did this once before but can't find docs on how to do it again.
I have this in a yaml file:
pvdisks:
ec2_pvdisks_m1.small:
disks: /dev/xvdb1
enabled: yes
Loading it with hiera.
Manifest has:
$testkey = hiera('pvdisks')
notice (TESTKEY=$testkey[ec2_pvdisks_m1.small])
This is printing
TESTKEY=ec2_pvdisks_m1.smalldisks/dev/xvdb1enabledtrue['ec2_pvdisks_m1.small']
which obviously is the data picked into a string.
Doug.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
