Re: [Puppet Users] File paths must be fully qualified
yes, I tried in the same way, here is my manifest;
filesever.conf:
--
[SLESSUDO]
path /etc/puppet/modules/sudo/files/
allow *.mydomain.com
-
$sourcepath = $operatingsystem ? {
AIX => "/etc/puppet/sudo/files/sudoers",
default => "puppet:///SLESSUDO/sudoers",
}
file {"$sourcepath":
owner => $owner,
group => $group,
mode => $mode,
source => $sourcepath,
#require => Package["sudo"],
}
this is the err:
err: Could not run Puppet configuration client: Parameter path failed:
File paths must be fully qualified, not 'puppet:/SLES_SUDO/sudoers' at
/etc/puppet/manifests/:
Am 03.03.2010 13:17, schrieb Haris Farooque:
I was using Puppet 0.24.8 and now upgrade the puppet server and client
both to 0.25.4 (on 1 machine i.e. server and client), but i am facing
some problems. While testing, some of the configs which were/are
running fine on older version generates error here;
for instance,
i have defined the FileSource path in '/etc/puppet/fileserver.conf'
[myFileSrc]
path /etc/puppet/modules/repo/files/
allow *.mydomain.com
but when i run puppet cleint it gives me following err;
*err: Could not run Puppet configuration client: Parameter path
failed: File paths must be fully qualified, not
'puppet:/myFileSrc**/' at /etc/puppet/manifests/:158
*whats wrong here? *
*--
Haris Farooque --
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
M. Haris Farooque
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] File paths must be fully qualified
On Fri, Mar 5, 2010 at 5:13 PM, Haris Farooque wrote: > yes, I tried in the same way, here is my manifest; > > err: Could not run Puppet configuration client: Parameter path failed: File > paths must be fully qualified, not 'puppet:/SLES_SUDO/sudoers' at */ > etc/puppet/manifests/*: > > it should be puppet://SLES_SUDO/... -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] File paths must be fully qualified
sorry, I assu,e SLES_SUDO is not your servername, so in this case it should be: puppet:///SLES_SUDO/.. On Fri, Mar 5, 2010 at 5:29 PM, Ohad Levy wrote: > > > On Fri, Mar 5, 2010 at 5:13 PM, Haris Farooque wrote: > >> yes, I tried in the same way, here is my manifest; >> >> err: Could not run Puppet configuration client: Parameter path failed: >> File paths must be fully qualified, not 'puppet:/SLES_SUDO/sudoers' at */ >> etc/puppet/manifests/*: >> >> it should be puppet://SLES_SUDO/... > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] File paths must be fully qualified
$sourcepath = $operatingsystem ? {
AIX => "/etc/puppet/sudo/files/sudoers",
default => "puppet:///SLESSUDO/sudoers",
}
file {"$sourcepath":
you set sourcepath as the targeted path of the file, this won't work
and I assume it is also not what you like to do.
cheers pete
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Issues with reporting to foreman under puppet-server 0.25.4 (installed from Epel)
I've had a thought about this overnight (my brain seems to work better when I'm asleep!) Is there a newer version of the foreman.rb report intended for use with puppetmaster 0.25.x? I know the config.ru changed for the RACK application, I'm wondering if I need to make further changes. Thanks, M. On 4 March 2010 21:33, Matthew Macdonald-Wallace wrote: > Yup, it's definitely there and it's definitely got the right name. > > :( > > M > > On 4 March 2010 21:09, Andrew Dickson wrote: >> are you sure foreman-report.rb is in your lib directory and named >> "foreman.rb"? This caught me, but I think you would see error >> messages about not being able to find a report named foreman. If you >> copied it into a version specific location, and then updated your >> puppet gem to a new version, puppet might not be able to find the >> report. >> >> -drew >> >> On Thu, Mar 4, 2010 at 6:09 AM, Matthew Macdonald-Wallace >> wrote: >>> Hi all, >>> >>> After troubleshooting my foreman installation on the Foreman mailing >>> list (thanks Ohad!) I've come to the conclusion that the reason why >>> reports aren't being generated is that since I upgraded puppet master >>> from 0.24.x to 0.25.4, the "foreman" report is not running correctly >>> (if at all!). >>> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 0.24.8 RPM (0.25.4 client not backwards compatible)
+1 for this. I also like just taking the base repo and then just create your own custom one with packages you approve. It's pretty easy to do with createrepo. Matt On 4 March 2010 20:36, Pete Emerson wrote: > I'd also recommend (based on previous shooting myself in the foot) > that all of your servers talk to your own internal yum repo if > possible, and not directly to EPEL. Mirror EPEL if you want, but pull > in updates in some process that lets you review them before putting > them into your internal repo. This might help minimise surprises like > this. I don't think there's a great way for the EPEL folks to know > that for puppet going from 0.24.8 to 0.25 is a big deal, but for some > other app going from version 0.x.y to version 0.z is a very minor > deal. > > Pete > > On Thu, Mar 4, 2010 at 12:24 PM, Matthew Macdonald-Wallace > wrote: > > On 4 March 2010 20:19, James Turnbull wrote: > >>> I am concerned that Epel jumped a major version that enforced so many > >>> major changes, but I guess that's our fault for trusting that things > >>> would stay the same! :P > >>> > >> > >> I'll let the EPEL guys respond here but they only increment releases > >> after extensive testing. > > > > Yeah, please don't misunderstand me, I'm not blaming EPEL on this one > > at all. We should have checked that we were pinned to a version on > > Puppet that we knew worked. > > > > Another one to add to the "Somebody else should learn from my mistakes" > list! :D > > > > M. > > > > -- > > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Issues with reporting to foreman under puppet-server 0.25.4 (installed from Epel)
On 5 March 2010 10:11, Matthew Macdonald-Wallace wrote:
> I've had a thought about this overnight (my brain seems to work better
> when I'm asleep!)
>
> Is there a newer version of the foreman.rb report intended for use
> with puppetmaster 0.25.x?
>
> I know the config.ru changed for the RACK application, I'm wondering
> if I need to make further changes.
Are you running Foreman 0.1.3? My foreman.rb on a x86_64 box is in :-
/usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb
And consists of:-
$foreman_url="http://your.foreman.url";
require 'puppet'
require 'net/http'
require 'uri'
Puppet::Reports.register_report(:foreman) do
Puppet.settings.use(:reporting)
desc "Sends reports directly to Foreman"
def process
begin
Net::HTTP.post_form(URI.parse("#{$foreman_url}/reports/create?format=yml"),
{'report'=> to_yaml})
rescue Exception => e
raise Puppet::Error, "Could not send report to Foreman: #{e}"
end
end
end
/etc/puppet/puppet.conf
[puppetmasterd]
reports=log, foreman
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Dependency cycles, please help.
Hi,
I'm having trouble writing a recipe to handle apache/passenger.
First, here is my apache2 class, found here :
http://www.reductivelabs.com/trac/puppet/wiki/Recipes/DebianApache2Recipe
-
$apache2_sites = "/etc/apache2/sites"
$apache2_mods = "/etc/apache2/mods"
class apache2 {
[...]
define module ( $ensure = 'present' ) {
case $ensure {
'present' : {
exec { "/usr/sbin/a2enmod $name":
unless => "/bin/readlink
${apache2_mods}-enabled/${name}.load",
notify => Exec["force-reload-apache2"]
}
}
'absent': {
exec { "/usr/sbin/a2dismod $name":
onlyif => "/bin/readlink
${apache2_mods}-enabled/${name}.load",
notify => Exec["force-reload-apache2"]
}
}
default: { err ( "Unknown ensure value: '$ensure'" ) }
}
}
[...]
}
-
And then, my passenger class :
-
define passenger::install($version) {
package {
[
"build-essential",
"apache2-prefork-dev",
"libapr1-dev",
"libaprutil1-dev"
]:
ensure => installed
}
package { passenger:
ensure => $version,
provider => gem,
require => [Class['gems'], Class['ruby'], Class['apache2']]
}
exec { passenger-install:
command => "/usr/bin/yes \"\" |
/usr/bin/passenger-install-apache2-module",
creates =>
"/usr/lib/ruby/gems/1.8/gems/passenger-$version/ext/apache2/mod_passenger.so",
require => Package['passenger']
}
}
define passenger::enable($version) {
passenger::install { passenger: version => $version }
file { passenger-load:
path => "/etc/apache2/mods-available/passenger.load",
content => "LoadModule passenger_module
/usr/lib/ruby/gems/1.8/gems/passenger-$version/ext/apache2/mod_passenger.so\n",
mode => 644,
require => Exec['passenger-install'],
}
file { passenger-conf:
path => "/etc/apache2/mods-available/passenger.conf",
content => template("passenger/passenger.conf.erb"),
mode => 644,
require => Exec['passenger-install'],
}
apache2::module { passenger:
ensure => present,
require => [File['passenger-conf'], File['passenger-load']]
}
}
-
When my client node runs that, I get the following error :
Could not apply complete catalog: Found dependency cycles in the following
relationships: Exec[/usr/sbin/a2enmod passenger] =>
Exec[force-reload-apache2], Package[passenger] => Exec[passenger-install],
Exec[passenger-install] => File[passenger-conf], File[passenger-conf] =>
Exec[/usr/sbin/a2enmod passenger], File[passenger-load] =>
Exec[/usr/sbin/a2enmod passenger], Exec[passenger-install] =>
File[passenger-load], Exec[force-reload-apache2] => Package[passenger]
I'm sure I am missing something here, but it's been a few hours now. So, I'd
be very grateful if someone could point me in the right direction...
Thanks,
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Issues with reporting to foreman under puppet-server 0.25.4 (installed from Epel)
Um, yeah, so that's completely different to what I've got... :(
I'll get a copy of that script and install it now.
On 5 March 2010 10:38, Matt wrote:
> On 5 March 2010 10:11, Matthew Macdonald-Wallace
> wrote:
>>
>> I've had a thought about this overnight (my brain seems to work better
>> when I'm asleep!)
>>
>> Is there a newer version of the foreman.rb report intended for use
>> with puppetmaster 0.25.x?
>>
>> I know the config.ru changed for the RACK application, I'm wondering
>> if I need to make further changes.
>
> Are you running Foreman 0.1.3? My foreman.rb on a x86_64 box is in :-
> /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb
> And consists of:-
> $foreman_url="http://your.foreman.url";
> require 'puppet'
> require 'net/http'
> require 'uri'
> Puppet::Reports.register_report(:foreman) do
> Puppet.settings.use(:reporting)
> desc "Sends reports directly to Foreman"
> def process
> begin
>
> Net::HTTP.post_form(URI.parse("#{$foreman_url}/reports/create?format=yml"),
> {'report'=> to_yaml})
> rescue Exception => e
> raise Puppet::Error, "Could not send report to Foreman: #{e}"
> end
> end
> end
>
> /etc/puppet/puppet.conf
> [puppetmasterd]
> reports=log, foreman
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Issues with reporting to foreman under puppet-server 0.25.4 (installed from Epel)
Matt actually has the older version (the diff between them is SSL support).
can you check your puppet master logs? does it say something like processing
report for foreman ?
does your clients have the report=true option?
Ohad
On Fri, Mar 5, 2010 at 7:53 PM, Matthew Macdonald-Wallace <
mattmacw...@gmail.com> wrote:
> Um, yeah, so that's completely different to what I've got... :(
>
> I'll get a copy of that script and install it now.
>
> On 5 March 2010 10:38, Matt wrote:
> > On 5 March 2010 10:11, Matthew Macdonald-Wallace
> > wrote:
> >>
> >> I've had a thought about this overnight (my brain seems to work better
> >> when I'm asleep!)
> >>
> >> Is there a newer version of the foreman.rb report intended for use
> >> with puppetmaster 0.25.x?
> >>
> >> I know the config.ru changed for the RACK application, I'm wondering
> >> if I need to make further changes.
> >
> > Are you running Foreman 0.1.3? My foreman.rb on a x86_64 box is in :-
> > /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb
> > And consists of:-
> > $foreman_url="http://your.foreman.url";
> > require 'puppet'
> > require 'net/http'
> > require 'uri'
> > Puppet::Reports.register_report(:foreman) do
> > Puppet.settings.use(:reporting)
> > desc "Sends reports directly to Foreman"
> > def process
> > begin
> >
> >
> Net::HTTP.post_form(URI.parse("#{$foreman_url}/reports/create?format=yml"),
> > {'report'=> to_yaml})
> > rescue Exception => e
> > raise Puppet::Error, "Could not send report to Foreman: #{e}"
> > end
> > end
> > end
> >
> > /etc/puppet/puppet.conf
> > [puppetmasterd]
> > reports=log, foreman
> >
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com
> .
> > For more options, visit this group at
> > http://groups.google.com/group/puppet-users?hl=en.
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] syntax
But they don't seem to work IN A TEMPLATE On Fri, Mar 5, 2010 at 1:16 AM, Peter Meier wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > So can someone point to working regex template example? > > First answer of Ohad to your question: > > > you might want to try regexp, e.g. > > > > <% if fqdn =~ /^something/ -%> > > > irb(main):001:0> "" =~ /^aa/ > => 0 > irb(main):002:0> "" =~ /^ab/ > => nil > > =~ returns the first location of the occurence of the pattern or nil if > none is found. if nil in ruby will never be evaluated. > > cheers pete > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkuQr9sACgkQbwltcAfKi39wRgCeJtTVbOFcRC4I3TWQFm2YTWOk > mskAni20CwM2zvqarbhyKcQNC9cznNAL > =mAAm > -END PGP SIGNATURE- > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] ssh authorized keys fails
Can someone tell me what's wrong here? Or should I reopen #2487,
http://projects.reductivelabs.com/issues/2487 ?
I have this config:
===
class devusers {
dev_user { "ben":
uid => 510,
keytype => "ssh-rsa",
keyname => "b...@7.106.cp",
key => "blahblah"
}
dev_user { "yuri":
uid => 503,
keytype => "ssh-rsa",
key => "blahblah"
keyname => "y...@devhost2.dev.cp"
}
}
define dev_user($uid,$keyname,$key,$keytype) {
user { $name:
ensure => present,
uid => $uid,
gid => $name,
groups => "devs",
managehome => true,
}
group { $name:
gid => $uid,
ensure => present
}
# puppet bug :(
# ssh_authorized_key { $keyname:
#type => $keytype,
#key => $key,
#user => $uid,
#ensure => present,
#require => User[$name]
# }
}
===
Running this config is fine, users are created. When I uncomment the
authorized_keys bit, puppetd execution fails entirely:
[r...@devhost2 manifests]# puppetd --no-daemonize -od
debug: Failed to load library 'selinux' for feature 'selinux'
.
.
.
debug: //devusers/Dev_user[yuri]/
ssh_authorized_key[y...@devhost2.dev.cp]: Changing ensure
debug: //devusers/Dev_user[yuri]/
ssh_authorized_key[y...@devhost2.dev.cp]: 1 change(s)
debug: The required user is not yet present on the system
debug: The required user is not yet present on the system
notice: //devusers/Dev_user[yuri]/
ssh_authorized_key[y...@devhost2.dev.cp]/ensure: created
debug: The required user is not yet present on the system
err: Got an uncaught exception of type ArgumentError: user 503 doesn't
exist
debug: Storing state
debug: Stored state in 0.08 seconds
notice: Finished catalog run in 2.35 seconds
Curiously, the key file is actually created. But I have to leave this
disabled and not just live with error messages, as the exception ends
further processing by puppetd.
Thanks for any help,
Ben
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] syntax
Maybe the dash in -%> is the problem, I was tunnel visioned on the regex part. On Fri, Mar 5, 2010 at 6:58 AM, Len Rugen wrote: > But they don't seem to work IN A TEMPLATE > > On Fri, Mar 5, 2010 at 1:16 AM, Peter Meier wrote: > >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> > So can someone point to working regex template example? >> >> First answer of Ohad to your question: >> >> > you might want to try regexp, e.g. >> > >> > <% if fqdn =~ /^something/ -%> >> >> >> irb(main):001:0> "" =~ /^aa/ >> => 0 >> irb(main):002:0> "" =~ /^ab/ >> => nil >> >> =~ returns the first location of the occurence of the pattern or nil if >> none is found. if nil in ruby will never be evaluated. >> >> cheers pete >> -BEGIN PGP SIGNATURE- >> Version: GnuPG v1.4.9 (GNU/Linux) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >> >> iEYEARECAAYFAkuQr9sACgkQbwltcAfKi39wRgCeJtTVbOFcRC4I3TWQFm2YTWOk >> mskAni20CwM2zvqarbhyKcQNC9cznNAL >> =mAAm >> -END PGP SIGNATURE- >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Dependency cycles, please help.
2010/3/5 Julien Cornuwel
> Hi,
>
> I'm having trouble writing a recipe to handle apache/passenger.
> [...]
> When my client node runs that, I get the following error :
>
> Could not apply complete catalog: Found dependency cycles in the following
> relationships: Exec[/usr/sbin/a2enmod passenger] =>
> Exec[force-reload-apache2], Package[passenger] => Exec[passenger-install],
> Exec[passenger-install] => File[passenger-conf], File[passenger-conf] =>
> Exec[/usr/sbin/a2enmod passenger], File[passenger-load] =>
> Exec[/usr/sbin/a2enmod passenger], Exec[passenger-install] =>
> File[passenger-load], Exec[force-reload-apache2] => Package[passenger]
>
Found it ! The error was here :
package { passenger:
ensure => $version,
provider => gem,
require => [Class['gems'], Class['ruby'], Class['apache2']]
}
The passenger package should require the apache2 package. Not the whole
class...
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] ssh authorized keys fails
Zitat von Ben Lavender : Can someone tell me what's wrong here? Or should I reopen #2487, http://projects.reductivelabs.com/issues/2487 ? [...] . . debug: //devusers/Dev_user[yuri]/ ssh_authorized_key[y...@devhost2.dev.cp]: Changing ensure debug: //devusers/Dev_user[yuri]/ ssh_authorized_key[y...@devhost2.dev.cp]: 1 change(s) debug: The required user is not yet present on the system debug: The required user is not yet present on the system notice: //devusers/Dev_user[yuri]/ ssh_authorized_key[y...@devhost2.dev.cp]/ensure: created debug: The required user is not yet present on the system err: Got an uncaught exception of type ArgumentError: user 503 doesn't exist debug: Storing state debug: Stored state in 0.08 seconds notice: Finished catalog run in 2.35 seconds Curiously, the key file is actually created. But I have to leave this disabled and not just live with error messages, as the exception ends further processing by puppetd. which version are you running? cheers pete -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: ssh authorized keys fails
*slap forehead* This is on 0.25.4, the latest gem as of ~2 weeks ago. Thanks, Ben On Mar 5, 2:18 pm, Peter Meier wrote: > Zitat von Ben Lavender : > > > > > Can someone tell me what's wrong here? Or should I reopen #2487, > >http://projects.reductivelabs.com/issues/2487? > > [...] > > . > > . > > debug: //devusers/Dev_user[yuri]/ > > ssh_authorized_key[y...@devhost2.dev.cp]: Changing ensure > > debug: //devusers/Dev_user[yuri]/ > > ssh_authorized_key[y...@devhost2.dev.cp]: 1 change(s) > > debug: The required user is not yet present on the system > > debug: The required user is not yet present on the system > > notice: //devusers/Dev_user[yuri]/ > > ssh_authorized_key[y...@devhost2.dev.cp]/ensure: created > > debug: The required user is not yet present on the system > > err: Got an uncaught exception of type ArgumentError: user 503 doesn't > > exist > > debug: Storing state > > debug: Stored state in 0.08 seconds > > notice: Finished catalog run in 2.35 seconds > > > Curiously, the key file is actually created. But I have to leave this > > disabled and not just live with error messages, as the exception ends > > further processing by puppetd. > > which version are you running? > > cheers pete -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] exec -> creates question
The method you suggest is how we were first going to do a "one time script",
but then we saw the "creates" parameter.
What is the Creates parameter for then? Is it just redundant to [unless =>
"test -e MYFILE"]
---
Thanks,
Allan Marcus
505-667-5666
On Mar 4, 2010, at 2:36 PM, Steven VanDevender wrote:
> Pete Emerson writes:
>> If you don't care about the contents of the file, just whether it's
>> there or not:
>>
>> unless => "/usr/bin/file MYFILE"
>>
>> or
>>
>> unless => "/usr/bin/stat MYFILE"
>>
>> or
>>
>> unless => "/bin/ls MYFILE"
>>
>> should all be pretty lightweight
>
> Actually, if all "unless" looks at is the return code of the command I
> would probably go with
>
> unless => "test -e MYFILE"
>
> If you use "test" you could also do more sophisticated things like
> require the presence of a real file with "-f" and combine other tests for
> permissions or ownership.
>
>> On Thu, Mar 4, 2010 at 12:06 PM, Patrick wrote:
>>>
>>> On Mar 4, 2010, at 7:29 AM, Allan Marcus wrote:
>>>
A file that this command creates. If this
parameter is provided, then the command will only be run
if the specified file does not exist::
exec { \"tar xf /my/tar/file.tar\":
cwd => \"/var/tmp\",
creates => \"/var/tmp/myfile\",
path => [\"/usr/bin\", \"/usr/sbin\"]
}
Is there a way to set the content of this file (/var/tmp/myfile) using
some additional parameter in the above syntax?
>>>
>>> This isn't the "right" way to do it, and you may have performance issues
>>> depending on the size of the file, but you can always combine grep with
>>> unless.
>>>
>>> If you want to re-extract the file if the file doesn't contain "testString"
>>> this should work.
>>>
>>> exec { "tar xf /my/tar/file.tar":
>>>cwd => "/var/tmp",
>>>creates => "/var/tmp/myfile",
>>>path => ["/usr/bin", "/usr/sbin"],
>>>unless => "grep testString myfile",
>>> }
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To post to this group, send email to puppet-us...@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> puppet-users+unsubscr...@googlegroups.com.
>>> For more options, visit this group at
>>> http://groups.google.com/group/puppet-users?hl=en.
>>>
>>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] exec -> creates question
On Mar 5, 2010, at 8:46 AM, Allan Marcus wrote:
> The method you suggest is how we were first going to do a "one time script",
> but then we saw the "creates" parameter.
>
> What is the Creates parameter for then? Is it just redundant to [unless =>
> "test -e MYFILE"]
>
> ---
>
Mostly, it's just a nicer syntax. Also, make sure that the command won't hose
you computer if run twice. It's always possible that the puppet run will stop
before the file is created.
>
>
>
> On Mar 4, 2010, at 2:36 PM, Steven VanDevender wrote:
>
>> Pete Emerson writes:
>>> If you don't care about the contents of the file, just whether it's
>>> there or not:
>>>
>>> unless => "/usr/bin/file MYFILE"
>>>
>>> or
>>>
>>> unless => "/usr/bin/stat MYFILE"
>>>
>>> or
>>>
>>> unless => "/bin/ls MYFILE"
>>>
>>> should all be pretty lightweight
>>
>> Actually, if all "unless" looks at is the return code of the command I
>> would probably go with
>>
>> unless => "test -e MYFILE"
>>
>> If you use "test" you could also do more sophisticated things like
>> require the presence of a real file with "-f" and combine other tests for
>> permissions or ownership.
>>
>>> On Thu, Mar 4, 2010 at 12:06 PM, Patrick wrote:
On Mar 4, 2010, at 7:29 AM, Allan Marcus wrote:
> A file that this command creates. If this
> parameter is provided, then the command will only be run
> if the specified file does not exist::
>
> exec { \"tar xf /my/tar/file.tar\":
> cwd => \"/var/tmp\",
> creates => \"/var/tmp/myfile\",
> path => [\"/usr/bin\", \"/usr/sbin\"]
> }
>
>
> Is there a way to set the content of this file (/var/tmp/myfile) using
> some additional parameter in the above syntax?
This isn't the "right" way to do it, and you may have performance issues
depending on the size of the file, but you can always combine grep with
unless.
If you want to re-extract the file if the file doesn't contain
"testString" this should work.
exec { "tar xf /my/tar/file.tar":
cwd => "/var/tmp",
creates => "/var/tmp/myfile",
path => ["/usr/bin", "/usr/sbin"],
unless => "grep testString myfile",
}
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Puppet Users" group.
>>> To post to this group, send email to puppet-us...@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> puppet-users+unsubscr...@googlegroups.com.
>>> For more options, visit this group at
>>> http://groups.google.com/group/puppet-users?hl=en.
>>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-us...@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: variable containing applied classes?
I see your point...after looking at the classes.txt file it does have a lot more than what I want. I'm in particular looking for classes that affect app deployment/management for the engineers so they can easily see what is under puppet control...they don't need to need to see the myriad of OS level classes that are applied. As the classes are defined via a mysql database (external node lookup script), I think the best way will be to use that same database somehow via another script run from the local host. I already call such a script to update the database with 'last puppet run' so this shouldn't be too much of an issue. thanks - jeff On Mar 4, 11:24 pm, Peter Meier wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > I'm looking for an easy way to include the list of applied classes on > > a host in something like /etc/motd. using an .erb template would do > > the trick if I an array exists that has all the classes in it? > > Hopefully it's available? > > you find a list of the applied class on each host in > /var/lib/puppet/state/classes.txt . > > However I'm not sure if this is the right approach, as for example for > my environment on a moderate host I apply around 180 classes. This will > happen very fast if you structure your code properly into modules and > use inheritance to deal with os-specific things. > > I assume what you like to do is to display to a user logging into the > machine, what is managed on this host, right? So maybe you should get > this informaton out of something else than classes, as classes might > only represent a small part of a bigger thing that is managed. I don't > know how you decide in your manifests what to manage on a host, however > you might want to collect this information from there. > > cheers pete > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla -http://enigmail.mozdev.org > > iEYEARECAAYFAkuQsawACgkQbwltcAfKi38jOwCaA9Dl7K4d1QDw/fI1QM9qsBmo > UtcAnRW+rS2dp8nv6e4HXi/zcDrDOMYT > =82bO > -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] About autosigning and the FAQ entry
Hello!
The FAQ contains an entry about autosigning:
http://reductivelabs.com/trac/puppet/wiki/FrequentlyAskedQuestions#why-shouldn-t-i-use-autosign-for-all-my-clients
It says:
> The certificate itself is stored, so two nodes could not connect with
the same CN
I tried this (using 0.25.4), and actually, that doesn't seem to be
correct. I was able to run puppetd on two different nodes, each with the
option "--fqdn alice.mydomain.com", with autosigning enabled for
"*.mydomain.com" on the server. Both nodes requested to get their
individual certificates signed, and both were signed without complains.
The CA doesn't care about already signed certificates with the same CN.
And yes, after this, both nodes were treated as if they were
"alice.mydomain.com".
More from the FAQ:
> The problem lies in the fact that the puppetmaster does not make a 1-1
mapping between a > node and the first certificate it saw for it, and
hence multiple certificates can map to > the same node, for example:"
Yep, that seems to be true. But the following example is unnecessary
complicated. It says:
> * alice.mydomain.com connects, gets node alice { } definition.
> * bob.mydomain.com connects with CN alice.bob.mydomain.com,
>and also matches node alice { } definition. "
This led my to believe that specifying the nodes in my manifests using
fully qualified names could help, but it does not, since
"bob.mydomain.com" can simple pretend to be "alice.mydomain.com" as
well.
Are there any plans to improve security for autosigning, i.e. to
prevent re-signing a certificate for a CN (or node) that already has a
signed certificate?
Best Regards,
Claus
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] puppet.conf problem after upgrading
I have been running puppet v0.24.5 installed via a debian package on Ubuntu. I am trying to upgrade to 0.25.4 installed via rubygem. Now when I try to run it I get the following error: (Puppet::Error)puppet.conf:[main]ings.rb:1028:in `parse_file': Could not match line [main] from /usr/lib/ruby/1.8/puppet/util/settings.rb:991:in `each' from /usr/lib/ruby/1.8/puppet/util/settings.rb:991:in `parse_file' from /usr/lib/ruby/1.8/puppet/util/settings.rb:337:in `parse' from /usr/lib/ruby/1.8/puppet.rb:177:in `parse_config' from /usr/sbin/puppetd:274 The puppet conf is the same as the one I was using previously without issue. Any ideas as to what might be going on here? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] syntax
On Thu, Mar 4, 2010 at 5:43 PM, Peter Meier wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>>> Well, it workes in erb test, but not when puppet runs:
>>>
>>> undefined method `start_with?' for via puppet
>>>
>>> erb -x -T '-' test.erb | ruby -c says Syntax OK
>>
>> I thought 'start_with" was a ruby 1.9 thing only? And "starts_with" is
>> a Rails-ism ?
>
> exactly.
No, don't think so:
~ $ irb
>> RUBY_VERSION
=> "1.8.7"
>> "foo".start_with?("fo")
=> true
>> ^D~ $
[ this is on Snow Leopard, mind, ] I'm not sure how much of Ruby you can
use in ERB templates, but I'd have thought if a language feature works
on irb, it'll work in templates run on that machine.
Templates are expanded on the puppetmaster, right?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet 0.24.8 RPM (0.25.4 client not backwards compatible)
On Thu, Mar 4, 2010 at 7:27 PM, Douglas Garstang wrote: > Does anyone know where I can get the puppet 0.24.8 RPM? We had been > getting it from the public EPEL Repo, but it looks like they just > decided to upgrade the version in their repository to 0.25.4. We run a local mirror of EPEL, and we haven't upgraded yet. I've scped the RPMs up to: http://files.hellooperator.net/puppet/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
