[Puppet Users] Re: remove vc/1, vc/2, etc. lines from /etc/securetty using augeas

2016-04-08 Thread KC 
It works! Thank you David!!!

On Friday, April 8, 2016 at 11:37:38 AM UTC-7, David Lutterkort wrote:
>
> Hi Kris,
>
> On Thursday, April 7, 2016 at 4:21:44 PM UTC-7, KC wrote:
>>
>>
>> rm /files/etc/securetty/*[.='vc/1'] works for one line
>> but
>> rm /files/etc/securetty/*[.='vc/*'] doesn't appear to iterate for the 
>> other vc lines.
>>
>> Any suggestions?
>>
>
> The trick is that you need to tell Augeas that you want to match a glob; 
> in your second example, Augeas will look for nodes that have literally 
> 'vc/*' in it. This should work:
>
>  rm /files/etc/securetty/*[. =~ glob('vc/*') ]
>
> David
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7fa9dc08-f9c7-4498-8fcc-bb9cf9b3e1e9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] When usion puppet docker_platform with vagrant virtualbox the docker container is not started and after restart the docker daemon is not started

2016-04-08 Thread 'Torsten Kleiber' via Puppet Users 
Have changed now back to puppet-docker_platform a restrict to docker 1.9. 
Now all works fine.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e0800b1b-57e1-44c8-882f-30fc2a15a376%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Types auto generator

2016-04-08 Thread Christoph Andreas Torlinsky 
thanks

c

On Thursday, 7 April 2016 14:46:23 UTC+1, Trevor Vaughan wrote:
>
> Hi,
>
> It's not a generator, but this should get you started with an 
> understandable example framework 
> https://forge.puppet.com/onyxpoint/learning_custom_types.
>
> It doesn't cover 100% of the functionality but it will allow you to create 
> an understandable and maintainable Type and Provider.
>
> Thanks,
>
> Trevor
>
> On Thu, Apr 7, 2016 at 4:15 AM, Christoph Andreas Torlinsky <
> chri...@nuagenetworks.net > wrote:
>
>> Hello there, i'm looking for a puppet types generator tool / toolkit as 
>> we have an API (Restful interface) and spec files that we would like
>> to convert to puppet types for some use. If anyone has any tips, that is 
>> most welcomed. 
>>
>> many thanks, 
>>
>> c
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/d714b52a-c7f7-4104-ba1a-cb697a893d0a%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> -- 
> Trevor Vaughan
> Vice President, Onyx Point, Inc
> (410) 541-6699
>
> -- This account not approved for unencrypted proprietary information --
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/edd2a9ae-5992-4dfe-8eab-5dc7d7a4b875%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: remove vc/1, vc/2, etc. lines from /etc/securetty using augeas

2016-04-08 Thread David Lutterkort 
Hi Kris,

On Thursday, April 7, 2016 at 4:21:44 PM UTC-7, KC wrote:
>
>
> rm /files/etc/securetty/*[.='vc/1'] works for one line
> but
> rm /files/etc/securetty/*[.='vc/*'] doesn't appear to iterate for the 
> other vc lines.
>
> Any suggestions?
>

The trick is that you need to tell Augeas that you want to match a glob; in 
your second example, Augeas will look for nodes that have literally 'vc/*' 
in it. This should work:

 rm /files/etc/securetty/*[. =~ glob('vc/*') ]

David

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f3e7676f-f958-41f2-96cb-38d29f4474b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] PE Puppet Server startup error - .git removed

2016-04-08 Thread mike r 
Hi all, trying to startup my PE 4.2 server, its complaining about a .git 
missing from puppet-code


from puppetserver.conf



2016-04-08 13:53:34,273 INFO  [main] [o.e.j.u.log] Logging initialized 
@13448ms
2016-04-08 13:53:36,189 INFO  [main] [p.t.s.w.jetty9-service] Initializing 
web server(s).
2016-04-08 13:53:36,288 INFO  [main] [p.t.s.s.status-service] Registering 
status callback function for pe-puppet-profiler service
2016-04-08 13:53:36,293 INFO  [main] [p.s.j.jruby-puppet-service] 
Initializing the JRuby service
2016-04-08 13:53:36,349 INFO  [main] [p.t.s.s.status-service] Registering 
status callback function for pe-jruby-metrics service
2016-04-08 13:53:36,388 INFO  [main] [p.s.p.puppet-admin-service] Starting 
Puppet Admin web app
2016-04-08 13:53:50,415 INFO  [clojure-agent-send-pool-0] [puppet-server] 
Puppet Puppet settings initialized; run mode: master
2016-04-08 13:53:51,344 INFO  [clojure-agent-send-pool-0] 
[p.s.j.jruby-puppet-agents] Finished creating JRubyPuppet instance 1 of 1
2016-04-08 13:53:51,357 INFO  [main] [p.s.c.puppet-server-config-core] Not 
overriding webserver settings with values from core Puppet
2016-04-08 13:53:51,358 INFO  [main] [p.e.s.f.file-sync-client-service] 
Initializing file sync client service
2016-04-08 13:53:51,372 INFO  [main] [p.e.s.f.file-sync-client-service] 
Registering file sync client HTTP API
2016-04-08 13:53:51,373 INFO  [main] [p.t.s.s.status-service] Registering 
status callback function for file-sync-client-service service
*2016-04-08 13:53:53,260 ERROR [main] [p.t.internal] Error during service 
init!!!*
*clojure.lang.ExceptionInfo: throw+: {:type 
":puppetlabs.enterprise.file-sync-errors/submodule-error", :repo-name 
"puppet-code", :repo-path 
"/opt/puppetlabs/server/data/puppetserver/filesync/client/puppet-code.git", 
:submodule-path "environments/production", :live-dir 
"/etc/puppetlabs/code", :message "Submodule environments/production of 
repository puppet-code has had its .git file removed. Please delete all of 
the files (including hidden files) in the live directory at 
/etc/puppetlabs/code and perform another commit on the storage server to 
restore the contents of the live directory to the correct state."}*
at 
puppetlabs.enterprise.services.file_sync_client.file_sync_client_core$eval17850$dirty_submodules__17851$fn__17852$fn__17853.invoke(file_sync_client_core.clj:676)
 
~[na:na]
at clojure.core.protocols$fn__6086.invoke(protocols.clj:143) 
~[puppet-server-release.jar:na]
at clojure.core.protocols$fn__6057$G__6052__6066.invoke(protocols.clj:19) 
~[puppet-server-release.jar:na]
at clojure.core.protocols$seq_reduce.invoke(protocols.clj:31) 
~[puppet-server-release.jar:na]
at clojure.core.protocols$fn__6080.invoke(protocols.clj:48) 
~[puppet-server-release.jar:na]


My modulepath has a git repo where I track all my changes to a repo on 
github,

[root@puppetmaster3 code]# pwd
/etc/puppetlabs/code
[root@puppetmaster3 code]# ls -a
.  ..  environments * .git*  .gitmodules  hieradata  hiera.yaml
[root@puppetmaster3 code]# 


puppet-code.git is also there, 
/opt/puppetlabs/server/data/puppetserver/filesync/client
[root@puppetmaster3 client]# ls -a
.  ..  puppet-code  puppet-code.git
[root@puppetmaster3 client]# 

Why is it asking me to delete my /etc/puppetlabs/code directory?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1f5542d0-7900-4e0e-b0d3-71df041c15e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] March in Modules

2016-04-08 Thread David Schmitt 
Dear *,

Here is a short summary of what happened in and around the Puppet Labs'
modules in March.

Releases of Supported Modules

   -

   puppetlabs/dsc  1.0.1: First
   supported release of the dsc module! Manage Windows PowerShell DSC (Desired
   State Configuration) resources within a puppet run. Performance
   improvements, added EmbeddedInstance Classes, update to new upstream
   definitions, updated reboot handling.
   -

   puppetlabs/azure  1.0.2:
   Improved error messages, removed too restrictive name length validation,
   updated docs, support hocon 1.0.1, improve test infrastructure.
   -

   puppetlabs/aws  1.4.0: ELB
   instance sets can now be modified, added ssl_certificate_id for ELBs, even
   more ELB improvements around edge-cases during usage, fix annoying issue
   managing multiple regions at once (GH#260), fix parsing of
   puppetlabs_aws_configuration.ini, improvements to VPC default choices.
   -

   puppetlabs/mysql  3.7.0: Too
   many improvements to list. Check out the Changelog
   !
   -

   puppetlabs/inifile  1.5.0:
   The long-awaited show_diff parameter for diffing the complete file on
   changes (or can also just show the md5 sums). Now cleans up harder when
   removing entries.
   -

   puppetlabs/puppet_agent
    1.1.0: Add a number
   of OS support features and a considerable amount of compatibility and bug
   fixes: SLES 10/11, Solaris 10, AIX, OSX 10.9, offline Windows added. See
   the Changelog
    for details.

Blueshift Releases

There were a number of module releases as part of Project Blueshift
:

   -

   puppetlabs/docker_ucp 
   0.1.1: set up a Docker UCP
   
   controller and join nodes to it.
   -

   puppetlabs/apk  0.1.0: Allows
   for managing system packages with Puppet on Alpine Linux, using the APK
   package manager. Once installed the module works like all other package
   providers.
   -

   puppetlabs/rkt  0.1.0: Installs
   and manages the rkt  container runtime
   and associated tools.
   -

   puppetlabs/rancher  0.1.0:
   Install the Rancher  server and accompanying agents
   on supported operating systems.
   -

   garethr/kubernetes  0.3.0:
   Added an experimental Puppet command (puppet kubernetes convert) which
   converts standard Kubernetes YAML files into Puppet code

Other Releases

   -

   puppetlabs/puppetdb 
   5.1.2: minor bugfix release
   -

   puppetlabs/puppetserver_gem
    0.2.0: adds the
   ability to use install & uninstall options as in the parent provider.
   -

   puppetlabs/hocon  0.9.4:
   bugfixes around changing and adding arrays, handle the case of the base
   library not being installed.
   -

   puppetlabs/mongodb  0.13.0:
   manage mongodb 3.x, mongodb_version fact, handle PID file, SSL support, add
   $maxconns, add SuSE. A host of minor bugfixes.

Notable happenings

   -

   The puppetforge  got a facelift for our new
   name and brand art.
   -

   puppetlabs/strings 
   0.4.0: A Puppet Face and plugin built on the YARD Documentation Tool
    and the Puppet 4 Parser. It is uses YARD and the
   Puppet Parser to generate HTML documentation about Puppet code and Puppet
   extensions written in Ruby. There are already some examples
    out there, showing the
   possibilities.
   -

   rspec-puppet  2.4.0: supports
   testing exported resources in the same way that normal resources in the
   catalog are tested. Access them in your examples using exported_resources.
   See "Testing Exported Resources
   " in
   the README for examples. Please note that this release fixed interop with
   puppetlabs_spec_helper so that setting STRICT_VARIABLES to “yes” now
   actually runs your specs under a correctly configured puppet, leading to
   unexpected - but correct - breakage in unit tests.
   -

   r10k

[Puppet Users] Re: Problem changing user password on Windows

2016-04-08 Thread Douglas Teixeira 
Thanks for the detailed answer, John! I appreciate that.

What I meant was that Puppet is changing the password even though the 
password is already as specified.

Also, I agree that it is best to change the password every time than to 
make some kind of check (for instance, trying to log in as the specified 
user, as you said) because such check may present more security and 
performance problems than simply resetting the password even though it is 
already the correct one.

Again, I appreciate your help.

Douglas

On Friday, April 8, 2016 at 10:32:02 AM UTC-3, jcbollinger wrote:
>
>
>
> On Thursday, April 7, 2016 at 4:24:13 PM UTC-5, Douglas Teixeira wrote:
>>
>> Hi everyone,
>>
>> We have been using Puppet to manage Windows workstations at work and it 
>> has been able to manage most of our machines' configurations smoothly. 
>> However, I stumbled upon a problem when trying to reset the password for a 
>> local user. The problem is that Puppet is resetting the password every time 
>> it runs. Is there a way to avoid that?
>>
>
>
> Do you mean that Puppet is performing a password change even though the 
> password is already as specified, or that Puppet having already changed the 
> password once and the user having subsequently changed to something else, 
> Puppet changes the password back to the one specified in the manifest?
>
>  
>
>>
>> The manifest I am writing is very simple, and this problem occurrs even 
>> when I try to specify the password in plain-text inside the manifest 
>> (actually, from what I read Puppet isn't able to reset Windows passwords 
>> using a hash yet). The manifest I am writing looks like this:
>>
>> user { 'Administrator':
>> ensure => 'present',
>> password => 'newpassword'
>> }
>>
>> Do you guys have any idea about what may be causing Puppet to reset the 
>> password every time it is executed?
>>
>>
>
> Yes.  Two things, linked to the two alternative interpretations of your 
> problem statement:
>
>1. At a fundamental level, declarations in a Puppet manifest express 
>the desired state of one or more resources on the target system.  With 
> only 
>one minor caveat, on every run Puppet attempts to ensure that every 
>resource referenced in the catalog it is applying is in a state consistent 
>with that described in the catalog.  In particular, if there is a User 
>resource with its password property set, then Puppet will attempt on 
>every run to ensure that the specified user has the specified password.
>2. As you remarked, Puppet can manage Windows passwords only as 
>cleartext.  This is because Windows itself provides no other way to do so. 
>  
>There is no way to directly examine or set any encrypted or hashed form of 
>a user password.  If you see Puppet setting the password to the same value 
>it already has, that's because Puppet can't tell whether it needs to set 
>the password or not.  The only way it could make that determination is to 
>attempt to authenticate as the specified user, with the specified 
> password. 
>I'm not positive that Puppet does not, in fact, do that, but myself, I 
>certainly wouldn't want it to do.
>
> So it boils down to two things: (1) what you think your manifest means may 
> be different from what it actually does mean, and (2) limitations of 
> Windows.
>
>
> John
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9a3179fd-bfb0-4934-a9d3-bcd0d659348c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Problem changing user password on Windows

2016-04-08 Thread jcbollinger 


On Thursday, April 7, 2016 at 4:24:13 PM UTC-5, Douglas Teixeira wrote:
>
> Hi everyone,
>
> We have been using Puppet to manage Windows workstations at work and it 
> has been able to manage most of our machines' configurations smoothly. 
> However, I stumbled upon a problem when trying to reset the password for a 
> local user. The problem is that Puppet is resetting the password every time 
> it runs. Is there a way to avoid that?
>


Do you mean that Puppet is performing a password change even though the 
password is already as specified, or that Puppet having already changed the 
password once and the user having subsequently changed to something else, 
Puppet changes the password back to the one specified in the manifest?

 

>
> The manifest I am writing is very simple, and this problem occurrs even 
> when I try to specify the password in plain-text inside the manifest 
> (actually, from what I read Puppet isn't able to reset Windows passwords 
> using a hash yet). The manifest I am writing looks like this:
>
> user { 'Administrator':
> ensure => 'present',
> password => 'newpassword'
> }
>
> Do you guys have any idea about what may be causing Puppet to reset the 
> password every time it is executed?
>
>

Yes.  Two things, linked to the two alternative interpretations of your 
problem statement:

   1. At a fundamental level, declarations in a Puppet manifest express the 
   desired state of one or more resources on the target system.  With only one 
   minor caveat, on every run Puppet attempts to ensure that every resource 
   referenced in the catalog it is applying is in a state consistent with that 
   described in the catalog.  In particular, if there is a User resource 
   with its password property set, then Puppet will attempt on every run to 
   ensure that the specified user has the specified password.
   2. As you remarked, Puppet can manage Windows passwords only as 
   cleartext.  This is because Windows itself provides no other way to do so.  
   There is no way to directly examine or set any encrypted or hashed form of 
   a user password.  If you see Puppet setting the password to the same value 
   it already has, that's because Puppet can't tell whether it needs to set 
   the password or not.  The only way it could make that determination is to 
   attempt to authenticate as the specified user, with the specified password. 
   I'm not positive that Puppet does not, in fact, do that, but myself, I 
   certainly wouldn't want it to do.

So it boils down to two things: (1) what you think your manifest means may 
be different from what it actually does mean, and (2) limitations of 
Windows.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/15477b42-c4da-4d92-b363-268809b743ec%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.