[Puppet Users] Re: How to use definitions with common resources?

Thu, 16 Apr 2009 00:24:32 -0700 

philipp.hanselm...@gmail.com (puppet) writes:

> Replace this line:
> >          $download_dir      = '/root/tmp'
> with:
> 
>        #NOTE: generate is executed on the puppetmaster.
>         $download_dir = generate("/usr/bin/env","bash",'-c',"/bin/
> mktemp")
> 
> With this every time your definition get used it will choose an random
> folder in your /tmp.

Thanks. The idea is good, but it doesn't quite work.

1. The script unfortunately contains account information
   user/passwords for the application's initial installation. Hence
   /root/tmp is better as only root users can access this directory.

2. As this is a "package" and the version may need to change the
   installer is actually called each time puppet is invoked to check
   if the version installed is the right version and to perform the
   upgrade if needed. (The script knows how to install/upgrade and
   check the current installed version.) So downloading into a random
   temp directory doesn't help. In fact I deliberately don't remove
   the script after installation as it will be called by puppet 30
   minutes later in the next run. I could split the "check version"
   and "install script" parts into 2 but then I have 2 things to
   manage rather than 1, so I don't see this as a win. Normally the
   package manager is generic so it doesn't matter if it's code is
   kept on the client all the time. It's used for multiple packages so
   that's fine. With custom installers of course this is not true.

I've not seen others mention this sort of issue or show how they solve
it on this list so perhaps I'm not doing things the puppet way?

In any case thanks for the suggestion. If the downloaded install
package is removed after installation then it's better to use a random
location. Adjusting the umask appropriately will also ensure that
other users are not able to access the file's contents.

Simon

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to