John, You bring up a good point and I wanted to ask this question anyways. To the best of my knowledge, functions run on the master and facts run on the node. If that is the case, it perplexes me that functions get sync'd to the node in the /var/lib/puppet/lib... directory. That is unless functions can then be used in a fact which is something that I have yet to test. Do you have any clarification?
Thanks, John On Jul 14, 9:27 am, jcbollinger <john.bollin...@stjude.org> wrote: > On Jul 14, 1:15 am, flex <frostyn...@gmail.com> wrote: > > > I wrote a custom fuction to read a root read-only file, it raised an > > Permission Denied error. > > During debug, i found this fuction seems to run as user puppet, it is this > > a feature or a bug? > > This is a feature. Puppet functions run in the master process, which > is intentionally unprivileged. Compare with other service daemons, > such as web or database servers, which also run without privilege. > > There are two main possibilities for how you can proceed: > > 1) If you really did want the function to run on the master then just > make the file readable by the Puppet user or group. If there's some > reason why that is unsatisfactory, then you'll need to tell us more > about what you're trying to do. > > 2) If you meant the function to be evaluated on the client then a > function is the wrong tool. Instead you want a custom fact, a custom > type or provider, or possibly an Exec. Any of these will be > evaluated / run by the Puppet agent (on the client), which normally > runs as root. > > John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
