On May 2, 2014, at 9:25 AM, jcbollinger <john.bollin...@stjude.org> wrote:
>
>
> On Thursday, May 1, 2014 9:06:52 AM UTC-5, Peter Bukowinski wrote:
> On May 1, 2014, at 9:29 AM, contactp...@gmail.com wrote:
>
> > Hi,
> >
> > I am using puppet enterprise 3.x . I have a manifest used to install and
> > manage custom application on my client node.
> > Part of manifest is :-
> >
> > file { 'app_config':
> > ensure => directory,
> > mode => 0644,
> > path => '/etc/cmas/app_config',
> > source => 'puppet:///modules/cmas/app_config',
> > recurse => true,
> > }
> >
> > file { 'config.xml':
> > audit => "content",
> > path => '/etc/cmas/app_config/config.xml',
> > }
> >
> > I want if file config.xml is changed, it should get back to old one from
> > source in next puppet run.
> > is it possible to do it ?
>
> This is the default behavior of puppet, but by telling puppet to audit the
> config.xml file, you are preventing it from managing that file's content.
>
>
> Not exactly. Only unmanaged resource properties can be audited, but enabling
> auditing on a property that was eligible for it in the first place (because
> it was unmanaged) doesn't prevent Puppet from doing what it wasn't going to
> do anyway. Going the other way, disabling auditing on a property that was
> eligible for auditing in the first place does not in itself make that
> property managed.
Thanks for clarifying and correcting my assumption. I'm slapping my forehead.
> Puppet's normal behavior is to leave unmanaged resource properties alone. It
> sounds like the OP may be hoping to get Puppet to revert content changes
> based on a record of the last content it saw, rather than managing the
> content to a state asserted by the master. The latter is Puppet's behavior
> when managing file content via File's 'content' property or 'source'
> parameter. The former is not among Puppet's features.
>
>
> As a result, the first file resource that recursively puts the app_config
> directory in place will actually *skip* creating the config.xml file. You'll
> get a notice like this:
>
>
>
> Puppet may skip creating the file, yes, because an explicit File resource is
> honored instead of any implicit File resource arising from a recursive File
> resource, and because no 'ensure' parameter is specified in the explicit
> declaration of File[/etc/cmas/app_config/config.xml]. Puppet might also
> create it as an empty, normal file; I don't recall at the moment which.
> That's not directly related to auditing the file content.
>
>
> Notice: /Stage[main]/cmas/File[/etc/cmas/app_config/config.xml]/content:
> audit change: newly-recorded value absent
>
> If you want puppet to manage the content of that file and revert any changes,
> you'll need to stop auditing it.
>
>
>
> Well, yes, because only unmanaged properties can be audited. But in addition
> to turning off auditing of the content, it is also necessary to specify an
> appropriate 'content' or 'source' parameter if the File's content is to be
> managed.
More forehead slapping.
> And as for auditing changes in a more general sense, Puppet will log when it
> changes the file content, and, if desired, the 'show_diff' parameter can be
> used to make it log the exact changes it makes. Those will also make it into
> the agent's if reporting is enabled.
>
>
> John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5487047E-0ABE-4A59-87A8-5F285B78CA26%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
