Thanks for the tip Patrick. It worked fine except that without
hasrestart =>true, it was using stop/start but I wanted to restart.
-tak
On May 21, 4:40 pm, Patrick <kc7...@gmail.com> wrote:
> On May 21, 2010, at 11:23 AM, takrishnan wrote:
>
>
>
> > Hi,
>
> > I have this in my sshdconfig module's init.pp but the service is not
> > getting restarted even though at first connect the file sshd_config is
> > getting modified with the Banner entry. Can someone please help?
>
> > class sshdconfig {
> > file {
> > "/etc/ssh/sshd_config":
> > path => "/etc/ssh/sshd_config",
> > owner => root,
> > group => root,
> > mode => 600,
> > notify => 'Service[sshd]'
> > }
> > Exec { path => "/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/
> > bin" }
>
> > exec { "/bin/echo 'Banner /etc/motd' >> /etc/ssh/sshd_config":
> > unless => "grep 'Banner /etc/motd' /etc/ssh/sshd_config 2>/dev/
> > null" }
>
> > service
> > { sshd:
> > ensure => running,
> > subscribe => File["/etc/ssh/sshd_config"],
> > hasrestart => true,
> > hasstatus => true,
> > restart => "/etc/init.d/sshd restart",
> > status => "/etc/init.d/sshd status"
> > }
> > }
>
> You have two problems.
>
> The easy answer is that sshd is only subscribed to the file resource. That
> means it will only restart the service when the file resource changes it.
> You can fix it by adding the exec to subscribe like this.
>
> subscribe => [ File["/etc/ssh/sshd_config"], Exec["ssh_banner"] ]
>
> Then set "ssh_banner" as an alias in the exec statement.
>
> The file resource doesn't actually do anything except set the permissions.
> Also, using notify and subscribe is redundant. Unless you really want that
> to force the permissions to be that, it's easer to just remove the file
> resource completely. Then do this:
>
> class sshdconfig {
>
> Exec { path => "/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/
> bin" }
>
> exec { "/bin/echo 'Banner /etc/motd' >> /etc/ssh/sshd_config":
> alias => "ssh_banner",
> unless => "grep 'Banner /etc/motd' /etc/ssh/sshd_config
> 2>/dev/null"
> }
>
> service
> { sshd:
> ensure => running,
> subscribe => Exec["ssh_banner"],
>
> #These four lines are probably redundant. The defaults
> should be fine.
> #It also shouldn't hurt anything.
> hasrestart => true,
> hasstatus => true,
> restart => "/etc/init.d/sshd restart",
> status => "/etc/init.d/sshd status"
> }
>
> }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group
> athttp://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
