On Friday, October 11, 2013 9:28:44 AM UTC-4, jcbollinger wrote: > > > > On Thursday, October 10, 2013 4:17:31 PM UTC-5, James Henderson wrote: >> >> Hello, >> >> I am the guy who Spencer is talking about. Since I am brand new to >> puppet, and puppet non-root is not well supported at this time, we have >> decided to go with a more script based option. >> > > > You should use what works best for you, of course, but like R.I., I'm not > sure what you mean by "not well supported". I'd estimate that Puppet > non-root is not widely *used*, but that's because many of the resources > that people want to manage cannot be modified by unprivileged users. > That's not a problem that Puppet (or any other system) can solve. > > What I mean by "not well supported": - installing puppet if you do not have root is a non-trivial exercise and isn't documented anywhere that I could find. In my case we could probably get the sys admins to install a version, but at my company it is definitely better to do things yourself. - most packages on puppetforge will not work out of the box as they do assume that you have root access - you need to write your puppet files in a special way in order to use them without root - when someone asked on ask.puppetlabs.com about this configuration, here is the answer they got: https://ask.puppetlabs.com/question/413/puppet-agent-running-as-unprivileged-user/ - this answer does not show that this is a typical and supported option, rather it is an option that you can make work if you write all of your manifests in a very particular way.
> > >> >> However I am very interested in the future of puppet and I am willing to >> provide input, testing and development help as time permits. >> >> > > How about starting by describing some of the features you think Puppet > should have to support non-root use well? > > I am brand new to puppet, so I certainly don't know the best way to solve these issues. The basic problem is that puppet assumes that it is root and you need to specifically craft your manifests to know that fact. My wishlist would be: - clear documentation stating what is and what is not possible under this configuration - some method for puppet to run where it does not perform any ownership or user editing at all - a way to target puppet at a particular location of the filesystem rather than just root by default (maybe this exists already) John > > One point is that the usual "non-root puppet" configuration is actually simpler than the "puppet as root" configuration as far as user management goes. This simplicity is because from the context of the puppet install, there is only one user. So there is never a need to run chown on any puppet managed file or to sudo to any other user. Again, I am very new to puppet. I read some of the docs and went through the lessons. I googled the problems I was having (using puppet to deploy to a particular directory in a non-root context). After that, this is what I observe. Maybe some of my points reek of my lack of knowledge about puppet and I apologize for that. Thanks for your time, James -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
