[Puppet Users] Re: Announce: Facter 1.6.12-rc2 Available

[Eric Sorenson]

A special note for users affected by Puppet agent hanging with '--listen' -- 
please give this RC a try and let us know how it works for you. (#10819, 
#10418, etc)

Jo Rhett, Chip Schweiss, Drew Gibson, we would love to hear from you on this.

Thanks
-=Eric


On Aug 31, 2012, at 5:32 PM, Matthaus Owens wrote:

> Facter 1.6.12-rc2 is a maintenance release candidate in the 1.6.x
> branch with bug fixes.
> 
> Downloads are available at:
> * Source: https://downloads.puppetlabs.com/facter/facter-1.6.12-rc2.tar.gz
> 
> RPMs are available at https://yum.puppetlabs.com/el or /fedora
> 
> Rubygem available at http://rubygems.org/gems/facter or by using
> the --pre option to gem install.
> 
> Debs are available at https://apt.puppetlabs.com
> 
> Mac package is available at
> https://downloads.puppetlabs.com/mac/facter-1.6.12-rc2.dmg
> 
> See the Verifying Puppet Download section at:
> http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet#Verifying+Puppet+Downloads
> 
> Please report feedback via the Puppet Labs Redmine site, using a
> affected version of 1.6.12-rc2:
> http://projects.puppetlabs.com/projects/facter/
> 
> Release Notes at: https://projects.puppetlabs.com/projects/facter/wiki/Wiki
> 
> Facter 1.6.12-rc2 Highlights
> ==
> (#10819) Avoid reading from /proc/self/mounts in ruby
> 
>Reading from /proc/self/mounts in ruby can cause hangs in certain
> versions of
>the Linux kernel. The problem appears when a puppet agent is run
> with --listen,
>which hold open a socket, and then ruby reads from
> /proc/self/mounts. When this
>occurs ruby calls select on the open filehandles which triggers a bug in 
> the
>kernel that causes the select to hang forever.
> 
>This commit uses an exec of cat instead of ruby file reading
> operations, which
>avoids the ruby interpreter having to call select and trigger the bug.
> 
>It appears that only /proc/self/mounts has this problem. Other
> areas of /proc
>were tested and did not cause the error.
> 
> Facter 1.6.12-rc2 Changelog
> ===
> Andrew Parker (2):
>  c534126 (#10819) Avoid reading from /proc/self/mounts in ruby
>  398b111 (Maint) Extract common elements of selinux tests
> 
> Matthaus Litteken (1):
>  42bec60 Updating CHANGELOG and version.rb for 1.6.12-rc2
> 
> Moses Mendoza (2):
>  f6ae956 Merge branches '1.6rc' and '1.6.x' into 1.6.x
>  b95ea54 fix yum repo path in yaml file
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Developers" group.
> To post to this group, send email to puppet-...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-dev+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-dev?hl=en.
> 

Eric Sorenson - eric.soren...@puppetlabs.com
PuppetConf'12 - 27-28 Sep in SF - http://bit.ly/pcsig12

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: Facter 1.6.12-rc2 Available

[Matthaus Owens]

Facter 1.6.12-rc2 is a maintenance release candidate in the 1.6.x
branch with bug fixes.

Downloads are available at:
 * Source: https://downloads.puppetlabs.com/facter/facter-1.6.12-rc2.tar.gz

RPMs are available at https://yum.puppetlabs.com/el or /fedora

Rubygem available at http://rubygems.org/gems/facter or by using
the --pre option to gem install.

Debs are available at https://apt.puppetlabs.com

Mac package is available at
https://downloads.puppetlabs.com/mac/facter-1.6.12-rc2.dmg

See the Verifying Puppet Download section at:
 
http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet#Verifying+Puppet+Downloads

Please report feedback via the Puppet Labs Redmine site, using a
affected version of 1.6.12-rc2:
 http://projects.puppetlabs.com/projects/facter/

Release Notes at: https://projects.puppetlabs.com/projects/facter/wiki/Wiki

Facter 1.6.12-rc2 Highlights
==
(#10819) Avoid reading from /proc/self/mounts in ruby

Reading from /proc/self/mounts in ruby can cause hangs in certain
versions of
the Linux kernel. The problem appears when a puppet agent is run
with --listen,
which hold open a socket, and then ruby reads from
/proc/self/mounts. When this
occurs ruby calls select on the open filehandles which triggers a bug in the
kernel that causes the select to hang forever.

This commit uses an exec of cat instead of ruby file reading
operations, which
avoids the ruby interpreter having to call select and trigger the bug.

It appears that only /proc/self/mounts has this problem. Other
areas of /proc
were tested and did not cause the error.

Facter 1.6.12-rc2 Changelog
===
Andrew Parker (2):
  c534126 (#10819) Avoid reading from /proc/self/mounts in ruby
  398b111 (Maint) Extract common elements of selinux tests

Matthaus Litteken (1):
  42bec60 Updating CHANGELOG and version.rb for 1.6.12-rc2

Moses Mendoza (2):
  f6ae956 Merge branches '1.6rc' and '1.6.x' into 1.6.x
  b95ea54 fix yum repo path in yaml file

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[J.W. Boerma]

Vmware has their own repositories:
packages.vmware.com

greetz
JW
Op 31 aug. 2012 21:49 schreef "Jakov Sosic"  het volgende:

> On 08/31/2012 09:07 PM, Darin Perusich wrote:
>
>> OBS has them.
>>
>> https://build.opensuse.org/**package/show?package=open-vm-**
>> tools&project=Virtualization%**3AVMware
>>
>
> Yeah but those are not ESX tools...
>
>
> --
> Jakov Sosic
> www.srce.unizg.hr
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to puppet-users+unsubscribe@**
> googlegroups.com .
> For more options, visit this group at http://groups.google.com/**
> group/puppet-users?hl=en
> .
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[David Schmitt]

On 2012-08-31 15:38, Sandra Schlichting wrote:

Err, no. In a well-maintained environment, it should never be necessary
to manually approve a host key.


I would prefer that too.

Usually you should always distribute all host keys to all clients with
one of the common @@ssh_key Export/Collect patterns. That is totally
unrelated to authentication though.


Can it be done without introducing a database?

I would really like not introduce a database to my puppet master.


As John said, some kind of store'll be unavoidable. If you're concerned 
about performance, puppetdb seems the way to go. I've had awesome 
results compared to classic storeconfig.


If you're generally ill-disposed re RDBMS on your puppetmaster, you'll 
probably go best by generating all keys on the master and push the 
processed files from there to the nodes. For one site, I've whipped up 
that solution in a few hours, complete with puppet integration: a 
puppet/ruby function checks whether the key is already available or 
needs to be created, another function creates the know_hosts.


The downside of the second method is that you collect all your private 
keys on the puppet master. Not that that would make any difference in 
case of a break-in on your puppetmaster...



Best Regards, David

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Literal @ character in erb template

[Krzysztof Wilczynski]

Hi,

Works fine for me:

matti@acrux ~ $ cat > test.erb
*.notice;news.none;cron.none @loghost:514

<% if @hostname == "foo" %>
  # Provides UDP syslog reception
  $ModLoad imudp.so
  $UDPServerRun 514
<% end %>
matti@acrux ~ $ sed -i 's/foo/acrux/' test.erb
matti@acrux ~ $ cat | puppet apply
file { '/tmp/test.txt':
  content => template('/tmp/test.erb')
}
notice: /Stage[main]//File[/tmp/test.txt]/ensure: defined content as 
'{md5}c3230100f527db4f0fe50e200ed99fe9'
notice: Finished catalog run in 0.06 seconds
matti@acrux ~ $ cat /tmp/test.txt
*.notice;news.none;cron.none @loghost:514


  # Provides UDP syslog reception
  $ModLoad imudp.so
  $UDPServerRun 514
matti@acrux ~ $

KW

On Friday, August 31, 2012 6:40:26 PM UTC+1, banjer wrote:
>
> Thanks for the reply KW, but thats not quite what I was asking.  Heres the 
> relevant section of the template:
>
>
> *.notice;news.none;cron.none @loghost:514
>
> <% if @hostname == "foo" %>
>   # Provides UDP syslog reception
>   $ModLoad imudp.so
>   $UDPServerRun 514
> <% end %>
>
> So you can see it lives outside of a <%  %> block.
>
> This part: "*.notice;news.none;cron.none @loghost:514*" *should be a 
> literal string.  Its a standard rsyslog configuration.  "Loghost" is the 
> actual hostname of a host in our network that we send all of our servers' 
> syslogs to.  In other words, I don't want it to be evaluated as ERB code.  
> So how can I have puppet/the template engine ignore the '@' symbol and 
> treat it as a literal string?
>
>
>
>
> On Friday, August 31, 2012 11:21:08 AM UTC-4, Krzysztof Wilczynski wrote:
>>
>> Hi,
>>
>> I am not sure how your template looks like, or how do you render it, but 
>> try to avoid putting anything with @ into a <%= %> block. It should just 
>> work:
>>
>> matti@acrux ~ $ irb
>> >> require 'erb'
>> => true
>> >> host = 'localhost'
>> => "localhost"
>> >> p ERB.new('*.notice;news.none;cron.none @<%= host 
>> %>:514').result(binding)
>> "*.notice;news.none;cron.none @localhost:514"
>> => nil
>> >> @host = host.clone
>> => "localhost"
>> >> p ERB.new('*.notice;news.none;cron.none @<%= @host 
>> %>:514').result(binding)
>> "*.notice;news.none;cron.none @localhost:514"
>> => nil
>> >> 
>>
>> matti@acrux ~ $ cat | puppet apply --noop
>> notice inline_template('*.notice;news.none;cron.none @<%= @hostname 
>> %>:514')   notice: Scope(Class[main]): 
>> *.notice;news.none;cron.none @acrux:514
>> notice: Finished catalog run in 0.03 seconds
>> matti@acrux ~ $ 
>>
>> KW
>>
>> On Friday, 31 August 2012 15:09:17 UTC+1, banjer wrote:
>>>
>>> Hi,
>>> I have a template named rsyslog.conf.erb, and the puppet agents seem to 
>>> be choking on this:
>>>
>>> **.notice;news.none;cron.none @loghost:514*
>>>
>>>
>>> The agents report an error of ": bad URI(is not URI?): " followed by a 
>>> bunch of jargon.  I'm pretty sure its the literal '@' symbol that its 
>>> trying to evaluate as erb code.  How can I escape this @ symbol so its a 
>>> literal?  Thanks.
>>>
>>>
>>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/U6pC8D80PeQJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[Jakov Sosic]

On 08/31/2012 09:07 PM, Darin Perusich wrote:

OBS has them.

https://build.opensuse.org/package/show?package=open-vm-tools&project=Virtualization%3AVMware


Yeah but those are not ESX tools...


--
Jakov Sosic
www.srce.unizg.hr

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[Darin Perusich]

OBS has them.

https://build.opensuse.org/package/show?package=open-vm-tools&project=Virtualization%3AVMware

--
Later,
Darin


On Fri, Aug 31, 2012 at 2:54 PM, Jakov Sosic  wrote:
> Can you maybe provide SPEC files for those packages? I'm interested in
> maintaining ESX tools packages in my company but didn't have time to build
> RPM's nor did find any spec/srpms online...

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[Jakov Sosic]

On 08/31/2012 09:46 AM, ollies...@googlemail.com wrote:

Hello,
For the life of me I cannot get this to work. It's seemingly doable with
a single class but outside
params.pp:
class vmware::params {
   case $::lsbmajdistrelease {
 '4': {
   $packagelist = "[ 'vmware-tools-esx-kmods-smp',
'vmware-tools-esx-kmods-up' ]"
 }
 default: {
   $packagelist = 'vmware-tools-esx-kmods'
 }
   }
}
install.pp
   package { "$vmware::params::packagelist":
 ensure  => present,
   }


Can you maybe provide SPEC files for those packages? I'm interested in 
maintaining ESX tools packages in my company but didn't have time to 
build RPM's nor did find any spec/srpms online...





--
Jakov Sosic
www.srce.unizg.hr

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet file copy

[Josh Cooper]

On Fri, Aug 31, 2012 at 10:03 AM, Ramin K  wrote:
> On 8/31/2012 7:18 AM, Bai Shen wrote:

>> class solr {
>>  file { '/opt/apache-tomcat/conf/Catalina/localhost':
>>  source => 'puppet://modules/solr/solr.xml',

That should be puppet:///modules/solr/solr.xml

The way to think about puppet URI's is that the server host and port
have been omitted, so there are two slashes for puppet://, and the URI
path always has a leading slash, /modules/solr/solr.xml.

See http://docs.puppetlabs.com/guides/file_serving.html

-- 
Josh Cooper
Developer, Puppet Labs

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Literal @ character in erb template

[banjer]

Thanks for the reply KW, but thats not quite what I was asking.  Heres the 
relevant section of the template:


*.notice;news.none;cron.none @loghost:514

<% if @hostname == "foo" %>
  # Provides UDP syslog reception
  $ModLoad imudp.so
  $UDPServerRun 514
<% end %>

So you can see it lives outside of a <%  %> block.

This part: "*.notice;news.none;cron.none @loghost:514*" *should be a 
literal string.  Its a standard rsyslog configuration.  "Loghost" is the 
actual hostname of a host in our network that we send all of our servers' 
syslogs to.  In other words, I don't want it to be evaluated as ERB code.  
So how can I have puppet/the template engine ignore the '@' symbol and 
treat it as a literal string?




On Friday, August 31, 2012 11:21:08 AM UTC-4, Krzysztof Wilczynski wrote:
>
> Hi,
>
> I am not sure how your template looks like, or how do you render it, but 
> try to avoid putting anything with @ into a <%= %> block. It should just 
> work:
>
> matti@acrux ~ $ irb
> >> require 'erb'
> => true
> >> host = 'localhost'
> => "localhost"
> >> p ERB.new('*.notice;news.none;cron.none @<%= host 
> %>:514').result(binding)
> "*.notice;news.none;cron.none @localhost:514"
> => nil
> >> @host = host.clone
> => "localhost"
> >> p ERB.new('*.notice;news.none;cron.none @<%= @host 
> %>:514').result(binding)
> "*.notice;news.none;cron.none @localhost:514"
> => nil
> >> 
>
> matti@acrux ~ $ cat | puppet apply --noop
> notice inline_template('*.notice;news.none;cron.none @<%= @hostname 
> %>:514')   notice: Scope(Class[main]): 
> *.notice;news.none;cron.none @acrux:514
> notice: Finished catalog run in 0.03 seconds
> matti@acrux ~ $ 
>
> KW
>
> On Friday, 31 August 2012 15:09:17 UTC+1, banjer wrote:
>>
>> Hi,
>> I have a template named rsyslog.conf.erb, and the puppet agents seem to 
>> be choking on this:
>>
>> **.notice;news.none;cron.none @loghost:514*
>>
>>
>> The agents report an error of ": bad URI(is not URI?): " followed by a 
>> bunch of jargon.  I'm pretty sure its the literal '@' symbol that its 
>> trying to evaluate as erb code.  How can I escape this @ symbol so its a 
>> literal?  Thanks.
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/8e0XGAVVVeIJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet file copy

[Dick Davies]

isn't  /opt/apache-tomcat/conf/Catalina/localhost a directory?
You should still get output saying that on a puppet agent run though.

On 31 August 2012 15:18, Bai Shen  wrote:
> I'm trying to install solr using puppet.  I have a module installing tomcat.
> Now I'm trying to make another module that installs the solr files.
> However, it's not copying the file.  Any ideas what I'm doing wrong?
>
> init.pp:
> class solr {
> file { '/opt/apache-tomcat/conf/Catalina/localhost':
> source => 'puppet://modules/solr/solr.xml',
> owner => 'tomcat',
> group => 'tomcat',
> mode => '311',
> notify => Service['apache-tomcat'],
> require => Package['apache-tomcat'],
> }
> }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet file copy

[Ramin K]

On 8/31/2012 7:18 AM, Bai Shen wrote:

I'm trying to install solr using puppet.  I have a module installing
tomcat.  Now I'm trying to make another module that installs the solr
files.  However, it's not copying the file.  Any ideas what I'm doing wrong?

init.pp:
class solr {
 file { '/opt/apache-tomcat/conf/Catalina/localhost':
 source => 'puppet://modules/solr/solr.xml',
 owner => 'tomcat',
 group => 'tomcat',
 mode => '311',
 notify => Service['apache-tomcat'],
 require => Package['apache-tomcat'],
 }
}


You're missing ensure => present,

Ramin

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Trying to setup puppetdbquery on puppet-3.0.0-rc5

[Chris Price]

Chuck,

The cause of this issues is that we introduced our own HTTP connection 
wrapper in 3.0 (rather than using Net::HTTP directly).  This allows us to 
do a better job of centralizing the logic related to managing SSL setup and 
error handling.

Our Connection class provides a subset of the methods available on Ruby's 
HTTP class, and it looks like puppetdbquery is using one of the methods 
that don't currently exist in our new API.

The possible solutions would be to add the missing #start method to our new 
class, or to tweak puppetdbquery so that it doesn't rely on the #start 
method.  I'll ping the folks on our platform team and see what their 
thoughts are.

Thanks for the heads up!
Chris

On Thursday, August 30, 2012 6:04:27 AM UTC-7, Chuck wrote:
>
> I have puppetdbquery working on my puppet-2.7.16 puppet master but I am 
> getting an error when using it with puppet-3.0.0-rc5
>
> https://github.com/dalen/puppet-puppetdbquery
>
> This is the error I am getting:
>
>   err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
> undefined method `start' for 
> # 
>
> How would I go about finding the actual cause of this issue?
>
>
> Thanks,
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/cnmWN3qKeJYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Literal @ character in erb template

[Krzysztof Wilczynski]

Hi,

I am not sure how your template looks like, or how do you render it, but 
try to avoid putting anything with @ into a <%= %> block. It should just 
work:

matti@acrux ~ $ irb
>> require 'erb'
=> true
>> host = 'localhost'
=> "localhost"
>> p ERB.new('*.notice;news.none;cron.none @<%= host 
%>:514').result(binding)
"*.notice;news.none;cron.none @localhost:514"
=> nil
>> @host = host.clone
=> "localhost"
>> p ERB.new('*.notice;news.none;cron.none @<%= @host 
%>:514').result(binding)
"*.notice;news.none;cron.none @localhost:514"
=> nil
>> 

matti@acrux ~ $ cat | puppet apply --noop
notice inline_template('*.notice;news.none;cron.none @<%= @hostname 
%>:514')   notice: Scope(Class[main]): 
*.notice;news.none;cron.none @acrux:514
notice: Finished catalog run in 0.03 seconds
matti@acrux ~ $ 

KW

On Friday, 31 August 2012 15:09:17 UTC+1, banjer wrote:
>
> Hi,
> I have a template named rsyslog.conf.erb, and the puppet agents seem to be 
> choking on this:
>
> **.notice;news.none;cron.none @loghost:514*
>
>
> The agents report an error of ": bad URI(is not URI?): " followed by a 
> bunch of jargon.  I'm pretty sure its the literal '@' symbol that its 
> trying to evaluate as erb code.  How can I escape this @ symbol so its a 
> literal?  Thanks.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/wjllu71o0ZMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[Chad Huneycutt]

Sorry, Sandra, I started to add a comment at the bottom with usage,
but apparently I never saved it.  Although the script can do user keys
as well, this just addresses host keys.  I have a cron script that
generates the known hosts file as well:

0,10,20,30,40,50 * * * * /tr01/scripts/sshkeys.pl --genknownhosts

The script will either retrieve the key if it already exists, or
generate a new one if it doesn't.  $ccbp_realname is just the fqdn.

class ssh::server::rh {
  $rsahostkey = generate("$pm_scripts/sshkeys.pl", "--private",
"--rsa", "--host", "$ccbp_realname")
  $rsahostkeypub = generate("$pm_scripts/sshkeys.pl", "--rsa",
"--host", "$ccbp_realname")
  $dsahostkey = generate("$pm_scripts/sshkeys.pl", "--private",
"--dsa", "--host", "$ccbp_realname")
  $dsahostkeypub = generate("$pm_scripts/sshkeys.pl", "--dsa",
"--host", "$ccbp_realname")

  file { "/etc/ssh/ssh_host_rsa_key":
content => $rsahostkey,
mode => 0400, owner => root, group => root,
  }

  file { "/etc/ssh/ssh_host_rsa_key.pub":
content => $rsahostkeypub,
mode => 0444, owner => root, group => root,
  }

  file { "/etc/ssh/ssh_host_dsa_key":
content => $dsahostkey,
mode => 0400, owner => root, group => root,
  }

  file { "/etc/ssh/ssh_host_dsa_key.pub":
content => $dsahostkeypub,
mode => 0444, owner => root, group => root,
  }

}

On Fri, Aug 31, 2012 at 5:21 AM, Sandra Schlichting
 wrote:
> Hi Chad
>
>
>> Here is the script we use to do the same.  I am not proud of all the
>> locking stuff.  Not sure if it is necessary or not, but it works.
>> Just set $hostkeydir and $userkeydir for your environment, and it will
>> manage ssh host keys.  It will also do user keys, but I didn't put
>> examples of that in the gist.
>>
>> git://gist.github.com/3534504.git
>
>
> It looks very impressive, but I can't really figure out how to use it.
>
>  ~/ssh# ./sshkeys.pl --dsa --host=ttt.e.com --user=rrr --genknownhosts
> Unable to open lock file at ./sshkeys.pl line 239.
> ~/ssh# ./sshkeys.pl --dsa --host=ttt.e.com --user=rrr --genknownhosts
> --addauth
> Unknown option: addauth
>
> I have set
>
> our $hostkeydir = '/root/ssh/hostkeys';
> our $userkeydir = '/root/ssh/userkeys';
> our $known_hosts_copy = '/root/ssh/gen/ssh_known_hosts';
>
> If you could share the puppet module you use, it would be very helpful =)
>
> Hugs,
> Sandra
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/vR7zhEKP9FoJ.
>
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.



-- 
Chad M. Huneycutt

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet file copy

[Bai Shen]

I'm trying to install solr using puppet.  I have a module installing
tomcat.  Now I'm trying to make another module that installs the solr
files.  However, it's not copying the file.  Any ideas what I'm doing wrong?

init.pp:
class solr {
file { '/opt/apache-tomcat/conf/Catalina/localhost':
source => 'puppet://modules/solr/solr.xml',
owner => 'tomcat',
group => 'tomcat',
mode => '311',
notify => Service['apache-tomcat'],
require => Package['apache-tomcat'],
}
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[jcbollinger]

On Friday, August 31, 2012 8:38:03 AM UTC-5, Sandra Schlichting wrote:
>
> Err, no. In a well-maintained environment, it should never be necessary 
>> to manually approve a host key. 
>>
>
> I would prefer that too.
>  
>
>> Usually you should always distribute all host keys to all clients with 
>> one of the common @@ssh_key Export/Collect patterns. That is totally 
>> unrelated to authentication though. 
>>
>
> Can it be done without introducing a database?
>
> I would really like not introduce a database to my puppet master.
>  
>
 
It depends a bit on how you define "database".   Certainly you need some 
kind of data store on the master in which to record the keys you want to 
distribute.  To use exported resources for the job, that data store must be 
managed by a relational DBMS.
 
If you're willing to put a fair amount of effort into it, however, then you 
could likely work up something that recorded keys in an hiera-accessible 
data file, or even in a Puppet manifest file.  The Puppet code for *
distributing* the keys in this case wouldn't need to be much more 
complicated, but you'd have that whole custom  for managing the 
keys.
 
John
 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/R3tpZe_ivpYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Literal @ character in erb template

[banjer]

Hi,
I have a template named rsyslog.conf.erb, and the puppet agents seem to be 
choking on this:

**.notice;news.none;cron.none @loghost:514*


The agents report an error of ": bad URI(is not URI?): " followed by a 
bunch of jargon.  I'm pretty sure its the literal '@' symbol that its 
trying to evaluate as erb code.  How can I escape this @ symbol so its a 
literal?  Thanks.


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/sCbRpNM8LikJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[Sandra Schlichting]

>
> Err, no. In a well-maintained environment, it should never be necessary 
> to manually approve a host key. 
>

I would prefer that too.
 

> Usually you should always distribute all host keys to all clients with 
> one of the common @@ssh_key Export/Collect patterns. That is totally 
> unrelated to authentication though. 
>

Can it be done without introducing a database?

I would really like not introduce a database to my puppet master.


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/EPQL0gh8CPUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[David Schmitt]

On 31.08.2012 14:32, Sandra Schlichting wrote:

There's an sshauth module at

http://projects.reductivelabs.com/projects/puppet/wiki/Module_Ssh_Auth_Patterns



that I've used successfully on a 2.7.x puppetmaster.  It handles
public & private key generation and exchange, but doesn't handle
known_hosts.  It doesn't require a DB backend though; the keys are
stored on the puppetmaster and just pushed out to nodes that need
them.


That sounds exactly what I need =)

About known_hosts. So that just means I have to login the first time
myself, and answer "yes" to the fingerprint?


Err, no. In a well-maintained environment, it should never be necessary 
to manually approve a host key.


Usually you should always distribute all host keys to all clients with 
one of the common @@ssh_key Export/Collect patterns. That is totally 
unrelated to authentication though.



Regards, D

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Passenger Problems

[matonb]

>
> It turns out that for me at least this problem was caused by using the 
> directory /etc/puppet/rack/ as the document root.
> Creating the directory puppetmasterd and moving everything to down a level 
> to /etc/puppet/rack/puppetmasterd (paths updated in apache config of 
> course), everything then started working.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/JQ9P7-IaKhoJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[Sandra Schlichting]

>
> There's an sshauth module at 
>
> http://projects.reductivelabs.com/projects/puppet/wiki/Module_Ssh_Auth_Patterns
>  
> that I've used successfully on a 2.7.x puppetmaster.  It handles 
> public & private key generation and exchange, but doesn't handle 
> known_hosts.  It doesn't require a DB backend though; the keys are 
> stored on the puppetmaster and just pushed out to nodes that need 
> them. 
>

That sounds exactly what I need =)

About known_hosts. So that just means I have to login the first time 
myself, and answer "yes" to the fingerprint?
 

> There are a number of ssh related modules on the forge 
> (http://forge.puppetlabs.com/modules?q=ssh) but I've not used any of 
> them so can't comment on their usefulness or robustness. 
>

This one also looks good
https://github.com/ghoneycutt/puppet-ssh

Have you tried that one?

Hugs,
Sandra


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/iwbrzIeBIEsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[ollies...@googlemail.com]

On Friday, August 31, 2012 9:41:28 AM UTC+1, David Schmitt wrote: 
>
> D'oh. here're quotes too! Missed them on the first round. 
>
> D. 
>
 
Of course there is. Fixed it thanks. Coffee needed for me I think.
 
Cheers
Paul

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/e6G-VJBbWe8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Possible to copy ssh key from node A to node B?

[Sandra Schlichting]

Hi Chad

Here is the script we use to do the same.  I am not proud of all the 
> locking stuff.  Not sure if it is necessary or not, but it works. 
> Just set $hostkeydir and $userkeydir for your environment, and it will 
> manage ssh host keys.  It will also do user keys, but I didn't put 
> examples of that in the gist. 
>
> git://gist.github.com/3534504.git


It looks very impressive, but I can't really figure out how to use it.

 ~/ssh# ./sshkeys.pl --dsa --host=ttt.e.com --user=rrr --genknownhosts 
Unable to open lock file at ./sshkeys.pl line 239.
~/ssh# ./sshkeys.pl --dsa --host=ttt.e.com --user=rrr --genknownhosts 
--addauth
Unknown option: addauth

I have set

our $hostkeydir = '/root/ssh/hostkeys';
our $userkeydir = '/root/ssh/userkeys';
our $known_hosts_copy = '/root/ssh/gen/ssh_known_hosts';

If you could share the puppet module you use, it would be very helpful =)

Hugs,
Sandra

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/vR7zhEKP9FoJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[David Schmitt]

On 2012-08-31 10:26, ollies...@googlemail.com wrote:


On Friday, August 31, 2012 9:00:34 AM UTC+1, David Schmitt wrote:

On 2012-08-31 09:46, olli...@googlemail.com  wrote:
 > Hello,
 > For the life of me I cannot get this to work. It's seemingly
doable with
 > a single class but outside
 > params.pp:
 > class vmware::params {
 > case $::lsbmajdistrelease {
 > '4': {
 > $packagelist = "[ 'vmware-tools-esx-kmods-smp',
 > 'vmware-tools-esx-kmods-up' ]"



D'oh. here're quotes too! Missed them on the first round.

D.


 > }
 > default: {
 > $packagelist = 'vmware-tools-esx-kmods'
 > }
 > }
 > }
 > install.pp
 > package { "$vmware::params::packagelist":

Don't quote here. That converts the contents into a string.


D.

Thanks David, No matter what I try though it always seems to be passed
through as a string rather than the array.

--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/9VAY2vkfA7IJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.


--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple package install.

[ollies...@googlemail.com]

On Friday, August 31, 2012 9:00:34 AM UTC+1, David Schmitt wrote: 
>
> On 2012-08-31 09:46, olli...@googlemail.com  wrote: 
> > Hello, 
> > For the life of me I cannot get this to work. It's seemingly doable with 
> > a single class but outside 
> > params.pp: 
> > class vmware::params { 
> > case $::lsbmajdistrelease { 
> > '4': { 
> > $packagelist = "[ 'vmware-tools-esx-kmods-smp', 
> > 'vmware-tools-esx-kmods-up' ]" 
> > } 
> > default: { 
> > $packagelist = 'vmware-tools-esx-kmods' 
> > } 
> > } 
> > } 
> > install.pp 
> > package { "$vmware::params::packagelist": 
>
> Don't quote here. That converts the contents into a string. 
>
>
> D. 
>
Thanks David, No matter what I try though it always seems to be passed 
through as a string rather than the array.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/9VAY2vkfA7IJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Passenger Problems

[matonb]

I'm having trouble getting puppetmaster to use passenger, it appears to be 
releated SSL selfsigned certificates but I could be barking up the wrong 
tree...
 
Puppet Master is hosted on a CentOS 6.0 32bit machine
# yum list installed | grep puppet
facter.i3861:1.6.11-1.el6   
@puppetlabs-products
mcollective.noarch 2.0.0-1.el6  
@puppetlabs-products
mcollective-common.noarch  2.0.0-1.el6  
@puppetlabs-products
puppet.noarch  2.7.19-1.el6 
@puppetlabs-products
puppet-server.noarch   2.7.19-1.el6 
@puppetlabs-products
puppetlabs-release.noarch  6-5  
@/puppetlabs-release-6-5.noarch
# gem query --local
*** LOCAL GEMS ***
abstract (1.0.0)
actionmailer (3.0.15)
actionpack (3.0.15)
activemodel (3.0.15, 3.0.10)
activerecord (3.0.15, 3.0.10)
activeresource (3.0.15)
activesupport (3.0.15, 3.0.10)
acts_as_audited (2.0.0)
ancestry (1.2.5)
arel (2.0.10)
audited (3.0.0.rc1)
audited-activerecord (3.0.0.rc1)
builder (2.1.2)
bundler (1.0.15)
daemon_controller (1.0.0)
erubis (2.6.6)
fastthread (1.0.7)
has_many_polymorphs (3.0.0.beta1)
i18n (0.5.0)
jquery-rails (1.0.19)
json (1.6.6)
mail (2.3.3)
mime-types (1.18)
mysql (2.8.1)
net-ldap (0.3.1)
passenger (3.0.17)
polyglot (0.3.3)
rack (1.2.5)
rack-mount (0.6.14)
rack-test (0.5.7)
rails (3.0.15)
railties (3.0.15)
rake (0.9.2.2)
rdoc (3.12)
rest-client (1.6.7)
ruby2ruby (1.3.1)
ruby_parser (2.3.1)
safemode (1.0.1)
scoped_search (2.3.7)
sexp_processor (3.1.0)
stomp (1.1.8)
thor (0.14.6)
treetop (1.4.10)
tzinfo (0.3.33, 0.3.32)
uuidtools (2.1.1)
will_paginate (3.0.3)
 
/etc/httpd/conf.d/puppetmaster.conf
# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
# PassengerMaxRequests 1000
PassengerStatThrottleRate 120
RackAutoDetect Off
RailsAutoDetect Off

Listen 8140


  SSLEngine  on
#  SSLProtocol-ALL +SSLv3 +TLSv1
#  SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

  SSLCertificateFile  /var/lib/puppet/ssl/certs/puppet.pem
  SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/puppet.pem
  SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
  SSLCACertificateFile/var/lib/puppet/ssl/ca/ca_crt.pem
  # If Apache complains about invalid signatures on the CRL, you can try 
disabling
  # CRL checking by commenting the next line, but this is not recommended.
  SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
  SSLVerifyClient optional
  SSLVerifyDepth  1
  SSLOptions  +StdEnvVars

   # This header needs to be set if using a loadbalancer or proxy
#  RequestHeader unset X-Forwarded-For
  RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
  RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
  RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e


  DocumentRoot /etc/puppet/rack/public/
  RackBaseURI /
  
Options None
AllowOverride None
Order allow,deny
allow from all
  


 

/var/log/http/error_log:


[Fri Aug 31 08:54:40 2012] [notice] caught SIGTERM, shutting down
[Fri Aug 31 08:54:40 2012] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Aug 31 08:54:40 2012] [warn] Init: Session Cache is not configured 
[hint: SSLSessionCache]
[Fri Aug 31 08:54:40 2012] [notice] Digest: generating secret for digest 
authentication ...
[Fri Aug 31 08:54:40 2012] [notice] Digest: done
[Fri Aug 31 08:54:40 2012] [notice] Apache/2.2.15 (Unix) DAV/2 
mod_ssl/2.2.15 OpenSSL/1.0.0-fips Phusion_Passenger/3.0.17 configured -- 
resuming normal operations


/var/log/messages:


Aug 31 03:59:36 ip-10-226-242-145 puppet-agent[894]: 
(/File[/var/lib/puppet/lib]) Failed to generate additional resources using 
'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server 
certificate B: certificate verify failed: [self signed certificate in 
certificate chain for /CN=Puppet CA: puppet]
Aug 31 03:59:36 ip-10-226-242-145 puppet-agent[894]: 
(/File[/var/lib/puppet/lib]) Could not evaluate: SSL_connect returned=1 
errno=0 state=SSLv3 read server certificate B: certificate verify failed: 
[self signed certificate in certificate chain for /CN=Puppet CA: puppet] 
Could not retrieve file metadata for puppet://puppet/plugins: SSL_connect 
returned=1 errno=0 state=SSLv3 read server certificate B: certificate 
verify failed: [self signed certificate in certificate chain for /CN=Puppet 
CA: puppet]
Aug 31 03:59:38 ip-10-226-242-145 puppet-agent[894]: Could not retrieve 
catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read 
server certificate B: certificate verify failed: [self signed certificate 
in certificate chain for /CN=Puppet CA: puppet]
Aug 31 03:59:38 ip-10-226-242-145 puppet-agent[894]: Using cached catalog
Aug 31 03:59:38 ip-10-226-242-145 puppet-agent[894]: Could not retrieve 
catalog; skipping run
Aug 31 03:59:38 ip-10-226-242-145 puppet-agent[894]: Could not send r

Re: [Puppet Users] Multiple package install.

[David Schmitt]

On 2012-08-31 09:46, ollies...@googlemail.com wrote:

Hello,
For the life of me I cannot get this to work. It's seemingly doable with
a single class but outside
params.pp:
class vmware::params {
case $::lsbmajdistrelease {
'4': {
$packagelist = "[ 'vmware-tools-esx-kmods-smp',
'vmware-tools-esx-kmods-up' ]"
}
default: {
$packagelist = 'vmware-tools-esx-kmods'
}
}
}
install.pp
package { "$vmware::params::packagelist":


Don't quote here. That converts the contents into a string.


D.

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Multiple package install.

[ollies...@googlemail.com]

Hello,
 
For the life of me I cannot get this to work. It's seemingly doable with a 
single class but outside
 
params.pp:
class vmware::params {
  case $::lsbmajdistrelease {
'4': {
  $packagelist = "[ 'vmware-tools-esx-kmods-smp', 
'vmware-tools-esx-kmods-up' ]"
}
default: {
  $packagelist = 'vmware-tools-esx-kmods'
}
  }
}
install.pp
  package { "$vmware::params::packagelist":
ensure  => present,
  }
Which results in this:-
err: /Stage[main]/Vmware::Install/Package[['vmware-tools-esx-kmods-smp', 
'vmware-tools-esx-kmods-up']]/ensure: change from absent to present failed: 
Execution of '/usr/bin/yum -d 0 -e 0 -y install 
['vmware-tools-esx-kmods-smp', 'vmware-tools-esx-kmods-up']' returned 1: 
Traceback (most recent call last):
 
I have tried escaping this in all sorts of crazy ways but not having a good 
deal of luck.
 
Anyone have the right way to do this ?
 
Cheers
Paul
 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Y7KXBpD7spsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] using puppet augeas to add entry in /etc/syslog.conf

[Erik Dalén]

If you know some ruby coding you could make a type and provider using
either parsedfile or augeas like the augeasproviders:
https://github.com/domcleal/augeasproviders

You could possibly also use the file_line type from puppetlabs-stdlib.

On 28 August 2012 23:20, Clay  wrote:
> Hi ,
> I"m trying to add a entry in /etc/syslog.conf  using puppet augeas like this
> "  *.warning;mail.none;authpriv.none;cron.none@syslog_host"
> ,
>
> seems the way to do this with augeas is :
>
>augeas { "syslog_conf":
> lens=> "syslog.lns",
> incl => "/etc/syslog.conf",
> changes => [
> "ins entry after entry[last()]",
> "set entry[last()]/selector[1]/facility '*'",
> "set entry[last()]/selector[1]/level warning",
> "set entry[last()]/selector[2]/facility mail",
> "set entry[last()]/selector[2]/level none",
> "set entry[last()]/selector[3]/facility authpriv",
> "set entry[last()]/selector[3]/level none",
> "set entry[last()]/selector[4]/facility cron",
> "set entry[last()]/selector[4]/level none",
> "set entry[last()]/action/hostname syslog_host",
> ],
> onlyif => "match entry[hostname = 'syslog_host'] size == 0",
> }
>
> which is a lot of entries just for one line of  config file,  also augeas
> has some problem on Solaris 10 to parse /etc/syslog.conf ,
>
> it there a better way ?   I know could use file server or template, but I'm
> just trying to  add an entry to the existing syslog.conf file, rather than
> store them in puppet master.
> there's a  puppet module at https://github.com/mstrauss/puppet-editfile ,
> which I haven't tried yet.
>
> Is there a plan to add "editfile" feature to puppet , this is becoming
> rather frustrating .
>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/YqXFiwuWtxQJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.



-- 
Erik Dalén

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.