from:"AJ"

[Puppet Users] Up and running with puppet

2011-08-31 Thread AJ

I am just getting started with Puppet, went through the install on a
SuSE Linux (11.1) system.
I wanted to use the web console but run into this error:
"Ruby on Rails application could not be started"
"Permission denied - /opt/puppet/share/puppet-dashboard/config/
database.yml"

I've checked the permissions on this yml, changed it to 777 for good
measure but still can't seem to get rid of this error. I was wondering
if somebody who's had more experience with puppet or Ruby on Rails
could help throw some light on the topic.

thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: known modules repositories

2008-09-09 Thread AJ


Thanks for updating the page.

The Koumbit one doesn't work for me..

Regards,

AJ

On 10/09/2008, at 3:48 AM, The Anarcat <[EMAIL PROTECTED]> wrote:

> So it seems a few people have developped a good few modules on their
> own, something I clumsily complained about earlier...
>
> Now I always have a hard time finding those repositories before  
> starting
> to write my own module. So I took the liberty of going back into my  
> mail
> archive and add the ones I know about to the PuppetModules page in the
> wiki:
>
> http://reductivelabs.com/trac/puppet/wiki/PuppetModules#module-collections
>
> I hope this is not a problem for the people linked in there...
>
> I also hope people that publish their own module repositories can  
> add to
> that list we don't start from scratch every time. ;)
>
> Thank you for your attention,
>
> A.
>
> PS: it seems i'm having problems receiving mail from this list. Google
> says I'm subscribed to it, but I haven't received any mail from it  
> since
> the migration from madstop. I hope this email gets through...
>
> -- 
> In god we trust, others pay cash.
>- Richard Desjardins, Miami

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: How long for changes to be pushed out?

2008-09-17 Thread Aj


You'll definitely be wanting to setup reporting, even just the log  
type to get your clients puppet logs back on the master.

On 18/09/2008, at 7:31 AM, josh <[EMAIL PROTECTED]> wrote:

>
> With almost 700 nodes this isn't an option.  The whole point of
> installing puppet in the first place was to not have to do this.
>
> And like I said, if I run puppetd manually on each box it gets the
> files, runs the scripts, etc. etc.
>
> Also due to inconsistencies in the syslog config on these boxes, not
> all of them have puppet logging to syslog the right way.Maybe I
> will just configure puppet to log to a file locally on the box instead
> of via syslog and see if I can get some more insight that way.
>
> Josh
>
>
> On Sep 17, 12:23 pm, chalex <[EMAIL PROTECTED]> wrote:
>> I would do something like an ssh for loop that looked for the log
>> entries from the clients to see what they're doing:
>>
>> for i in $NODES
>> ssh $i grep puppetd /var/log/messages
>> etc
>>
>> On Sep 17, 9:48 am, josh <[EMAIL PROTECTED]> wrote:
>>
>>> I should have mentioned, I'm running four mongrel instances  
>>> fronted by
>>> Apache/2.2.8 on the puppetmaster server for serving the clients.
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Multiple Service[named] resources not conflicting ??

2008-09-22 Thread Aj


You'll want to have one inherit the parent (named) and use the overide  
syntax on the resources.

class named::hpc inherits named {
   Service['named'] { enabled => false }
}

Regards,

Aj

On 23/09/2008, at 3:25 AM, "Chad Huneycutt" <[EMAIL PROTECTED]>  
wrote:

>
> Are you actually including both "named" and "hpc::named" on a single
> host?  If not, then there will not be a conflict.
>
> - Chad
>
> On Wed, Sep 17, 2008 at 12:41 PM, Evan Hisey <[EMAIL PROTECTED]> wrote:
>>
>> As understand puppet I should not be able to have two service[named]
>> entries in the same compiled manifest. To me this means the following
>> should not work:
>>
>> In module named/manifest/init.pp I have:
>> class named{
>>   package{"bind":
>>   ensure => present,
>>   }
>>   service{"named":
>>   ensure => running,
>>   enable => true,
>>   hasstatus => true,
>>   hasrestart => true,
>>   }
>>
>> }
>>
>> And then in in module hpc/manifest/init.pp I have:
>> class hpc::named{
>>   include named
>>   service{"named":
>>   ensure => running,
>>   }
>>   file{"named.conf.cluster":
>>   path => "/etc/named.conf",
>>   source=> "puppet:///hpc/named.conf",
>>   notify => Service["named"],
>>}
>> }
>>
>> I randomly tried this expecting it to explode, while waiting for a
>> reply to notifying resources across modules, as I need HPC
>> File["named.conf.cluster"] to tell Service[named] to reload. I am  
>> very
>> suprised this is working. can some explain why to me.
>>
>> Evan
>>
>>>
>>
>
>
>
> -- 
> Chad M. Huneycutt
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Puppetmaster and clients running really slow

2008-10-10 Thread Aj


Are you using Webrick? If so, use Mongrel!

There's a wiki page on it (UsingMongrel iirc). I'd recommend nginx as  
your proxy loadbalancer.

On 11/10/2008, at 12:3 AM, "Kenneth Holter" <[EMAIL PROTECTED]>  
wrote:

>
> Hello list.
>
>
> We're running puppet version 0.24.4, and are having trouble with  
> puppetmaster running really slow. The puppetmaster has been running  
> fine until about a couple of day ago, and for no apparent reason it  
> just lost performance. I've also noticed that the puppet daemon on  
> many of our clients a dying. Both master and clients run very slow,  
> but I'm not sure if the client runs slow because of the master.
>
> The symptoms I've seen are that running puppet on a client often  
> takes a very long time (one of the nodes used close to 800 seconds  
> to run the config), or even times out. Once in a while, however,  
> things seems back to normal, and the run is executed in a few  
> seconds. On the server side the time between "Compiled configuration  
> for ..." messages takes a very long time (often several minutes), in  
> contrast to normal operations where configurations get compiled  
> quite frequently.
>
> What puzzles me is that there are no signs of resource starvation on  
> the server - we have low CPU and memory utilization. So there  
> shouldn't be, as far as I can see, any hardware limitations causing  
> puppetmaster to run slow.
>
> I don't have the exact number of active puppet nodes, but it should  
> be well under 100 nodes.
>
> Other than that, I can mention that "storeconfig" is set to "true"  
> in puppet.conf.
>
> And another question/observation: I started a client run more than  
> five minutes ago by issuing "puppet --server puppetmaster --test",  
> and it is either running very slow or something has crashed. The  
> last message on the screen is "notice: Starting catalogue run", and  
> it's been like that since I started the run. Is this a symptom of a  
> problem at the client side, or at the master side? I mean, when I  
> get to the message just mentions, I'd think that the puppetmaster  
> has done it's part, and now it's up to the client to execute. So  
> maybe this indicates that there is something wrong at the client  
> side also?
>
>
> Anyways, any tip on how to figure this out will be very appreciated,  
> as we're quite dependent on puppet in our daily work.
>
>
> Regards,
> Kenneth Holter
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: The puppet equivalent of mkdir -p

2008-10-11 Thread Aj

That's correct - if you have parent directories in your manifest,  
puppet will have child files/folders autorequire the parent(s).

The file { [ '/foo', '/foo/bar' ]: } syntax is currently the best way  
to achieve this, although with a Parser function you could split a  
full path into an array of resources to be managed, to cut down on  
typing/repetition.

I recall Paul Lathrop was working on upwards recursion a while back..  
There's a ticket open with some details in Redmine.

Regards,

AJ

On 12/10/2008, at 4:47 AM, Peter Meier <[EMAIL PROTECTED]> wrote:

>
> Hi
>
>>> file {["$basedir", "$basedir/src", "$basedir/src/my",
>>> "$basedir/src/my/dir", "$basedir/src/my/dir/path" ]:  #Just pass the
>>> file resource an array of files.
>>>mode => 0755,
>>>owner => jeff,
>>>group => jeff,
>>>ensure => directory,
>>>recurse => true
>>> }
>>
>> Because resources do not have implicit ordering, you might run into
>> dependency problems with this example.
>>
>> If you're not lucky enough, Puppet might try to create
>> "$basedir/src/my/dir/path" before "$basedir".
>
>
> no. afair puppet manages ordering within fileresources automagically.
>
> greets pete
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Removing a user from a group

2008-10-12 Thread Aj


Check the type ref, there is a membership => param that'll do this.

On 13/10/2008, at 4:03 PM, "Brian Mathis" <[EMAIL PROTECTED]>  
wrote:

>
> How does one remove a user from a group?
>
> An example would be that I have user "joe" defined like this:
>@user { "joe":
>ensure => present,
>uid=> 1001,
>managehome => true,
>shell  => "/bin/bash",
>groups  => [ 'user', 'wheel' ],
>}
>
> and later on I decide that he should no longer be in group "wheel".
> If I remove the 'wheel' definition from the groups list, puppet does
> not remove the user from the group.  Is there another way to specify
> that the user should be explicitly removed?
>
> Thanks.
>
> lsbdistdescription => CentOS release 5.2 (Final)
> lsbdistid => CentOS
> lsbdistrelease => 5.2
> puppetversion => 0.24.4
> rubysitedir => /usr/lib/ruby/site_ruby/1.8
> rubyversion => 1.8.5
> facterversion => 1.3.8
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: *nix stats + RRDtool + AJAX = YaketyStats

2008-10-14 Thread Aj


Interesting, thanks. How does it scale compared to say Munin?

On 15/10/2008, at 8:42 AM, Mark Plaksin <[EMAIL PROTECTED]>  
wrote:

>
> Thanks to Luke for giving us permission to send our super-rad press
> release to his list!
>
> Since our system was written with sysadmins in mind we thought you
> Puppeteers might like to know about it.
>
> --- 
> --- 
> --- 
> -
> Athens, GA (Oct. 14, 2008)
>
> Announcing the WORLD-WIDE release of YaketyStats, a new tool for
> gathering and graphing statistics about your UNIX/Linux systems.
>
> It has an intuitive, AJAX-powered web interface for graphing
> data. Graphs are built on the fly, can contain stats from multiple
> systems and include "Google Maps"-like dragging.
>
> YaketyStats is easy to install, maintain, and extend and is free Open
> Source software licensed under the GPLv2. YaketyStats supports Firefox
> and is built on Perl, PHP, and RRDtool.
>
> If you're tired of having to micro-manage your existing stats system
> or
> you don't have one, you should check out the YaketyStats website and
> demo video at yaketystats.org
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Have a good workaround for network service on Fedora?

2008-10-17 Thread Aj


Not really valid for the network/networking (debian) service - there  
is no daemon, unless you count dhcpcd / networkmanager & friends.

As to the original question, I ship a modified version of the init  
scripts for Ubuntu to do some $(ip link) parsing, also one-count pings  
to the default gateway. Assuming that these are valid metrics in your  
environment - link  up, can ping gateway.

On 18/10/2008, at 9:21 AM, Russell Jackson <[EMAIL PROTECTED]> wrote:

>
> Bryan Kearney wrote:
>> Has anyone solved status checking for the network service on fedora?
>> Since it always returns success, using 'hastatus => true' does not  
>> work.
>> We have some recipes that always cause the network service to restart
>> even when it does not need to.
>>
>
> Override 'pattern'. The daemon's name often doesn't match the  
> service name, and the
> default pattern sometimes also matches more than it should out of  
> the process list (e.g.
> the service name is a substring of another process' name).
>
> For example, the autofs service:
>
> service { "autofs":
>ensure=> stopped,
>enable=> false,
>hasstatus => false,
>pattern   => "\bautomount\b",
> }
>
> The '\b' matches word boundaries which forces it to match the entire  
> word rather than any
> substring. While not strictly necessary in this example, I included  
> it for completeness.
>
> -- 
> Russell A. Jackson <[EMAIL PROTECTED]>
> Network Analyst
> California State University, Bakersfield
>
> He that would govern others, first should be the master of himself.
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: RHEL4 = Use "yum"

2008-10-28 Thread Aj


If I understand ya, you probably want:

Package { provider => 'yum' }

To set the defaults for all packages.

On 29/10/2008, at 8:37 AM, "Tiago Cruz" <[EMAIL PROTECTED]>  
wrote:

> Hello guys,
>
> I would like to configure my puppet to use "yum" instead  
> "up2date" (default RHEL4).
>
> How can I do this? :)
>
> Thanks!
>
> -- 
> Tiago Cruz
> Linux User #282636
> Mandriva Conectiva PRO Certified Linux Instructor
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: How to duplicate the 'parameter absent' behavior of user

2008-11-03 Thread Aj


Can't undef only be used with the inheritance syntax?

The closest we have to initializing to undefined is an empty string  
('') - you can compare this quite easily in .6  - check the language  
tut - but you need to do a case/selector for comparism pre-.6

E.g.;
case $uid {
   '': {
 user { '..':
   other_params => whatever
 }
   }
   default: {
 user { '..':
   uid => $uid
 }
   }
}

On 4/11/2008, at 2:47 PM, "Paul Lathrop" <[EMAIL PROTECTED]> wrote:

>
> You want uid => undef
>
> --Paul
>
> On Mon, Nov 3, 2008 at 11:44 AM, Tim Harper <[EMAIL PROTECTED]>  
> wrote:
>>
>> I have a define that acts as a convenience wrapper around the user
>> type and a few other things.
>>
>> With the 'user' type, if don't pass the uid parameter, it will  
>> default
>> to let the system auto-assign it.  However, passing uid => null,
>> false, -1, etc all try and set a specific uid, which is obviously  
>> wrong.
>>
>> Am I up a creek without a paddle :)?  Anybody have any idea how to do
>> this?
>>
>> Here's what I have so far (it sucks, but it's the best I could do to
>> work around):
>>
>> define normal_user ( $ensure = present, $comment = "Puppet created
>> user", $groups = [], $default_password = false, $key_type = "ssh- 
>> rsa",
>> $key_name = "puppet-installed-key", $key = false, $uid = false,  
>> $gid =
>> false) {
>>  # how do you pass in a variable as undefined???
>>  if $uid {
>>user { $title:
>>  ensure => $ensure,
>>  comment=> $comment,
>>  home   => "/home/$title",
>>  managehome => true,
>>  groups => $groups,
>>  gid=> $gid,
>>  uid=> $uid
>>}
>>  } else {
>>user { $title:
>>  ensure => $ensure,
>>  comment=> $comment,
>>  home   => "/home/$title",
>>  managehome => true,
>>  groups => $groups,
>>}
>>  }
>>  if $key {
>>ssh_authorized_key { $title: ensure => $ensure, type =>
>> $key_type, user => $title, name => $key_name, key => $key }
>>  }
>>  if $default_password {
>>default_password { $title: password => $default_password }
>>  }
>> }
>>
>>
>>
>> Thanks!
>>
>> Tim
>>
>>>
>>
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Reference array values

2008-11-04 Thread Aj


It's not a bug - $name is only set by defines.

On 5/11/2008, at 4:23 AM, Marcin Owsiany <[EMAIL PROTECTED]> wrote:

>
> On Tue, Nov 04, 2008 at 04:01:06PM +0100, Thomas Bellman wrote:
>>
>> Marcin Owsiany wrote:
>>
>>> On Tue, Nov 04, 2008 at 06:03:24AM -0800, Jeff wrote:
 How do I reference the values of the array in this block:

 notify { ["bin", "etc", "lib", "man", "src", "tmp", "var"] :
  message => "jeff: $name"
 }

 i.e., what do I use in place of "$name"?
>>>
>>> As far as I know, foo { [a, b, c]: } is purely a syntactic  
>>> shortcut for:
>>> foo { a: } foo { b: } foo { c: }
>>>
>>> In other words, there are actually 7 different resources in your  
>>> example.
>>
>> But, what he wants to do is to avoid having to repeat all the  
>> "bin", "etc",
>> and so on; he doesn't want to write:
>>
>> notify {
>>"bin": message => "jeff: bin";
>>"etc": message => "jeff: etc";
>>"lib": message => "jeff: lib";
>> }
>
> Oh, I thought that Jeff's example did do that, but he wanted:
> message => "jeff: bin etc lib man ..."
>
> Now I tested this and can see that $name gets expanded to an empty
> string in his example, which I think is a bug.
>
> -- 
> Marcin Owsiany <[EMAIL PROTECTED]>  http://marcin.owsiany.pl/
> GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4  
> 1216
>
> "Every program in development at MIT expands until it can read mail."
>  --  
> Unknown
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: How to duplicate the 'parameter absent' behavior of user

2008-11-04 Thread Aj


As my reply soriginally tated, undef is part of the override syntax  
and as such is only valid in an inherited, overridden resource. I.e.;  
not a bug.

Perhaps a feature request, although I personally believe that empty  
string assignment is sufficient.

On 5/11/2008 at 8:44 AM, Tim Harper <[EMAIL PROTECTED]> wrote:

>
>>> You want uid => undef
>>>
>>> --Paul
>>
>
>
> Thanks Paul - this is the lead I needed to get to at least a work
> around.
>
> Given:
>
> === EXHIBIT A ===
> define user_test() {
>   user { $title:
> ensure => present,
> uid=> undef
>   }
> }
>
> node "server" {
>   user_test { 'boogy': }
> }
>
> === EXHIBIT B ===
> define user_test(uid = undef) {
>   user { $title:
> ensure => present,
> uid=> $uid
>   }
> }
>
> node "server" {
>   user_test { 'boogy': }
> }
>
> === EXHIBIT C ===
> define user_test(uid = undef) {
>   user { $title:
> ensure => present,
> uid=> $uid ? { undef => undef, default => $uid }
>   }
> }
>
> node "server" {
>   user_test { 'boogy': }
> }
>
> === EXHIBIT D ===
> define user_test(uid = false) {
>   user { $title:
> ensure => present,
> uid=> $uid ? { false => undef, default => $uid }
>   }
> }
>
> node "server" {
>   user_test { 'boogy': }
> }
> === END EXHIBITS ===
>
>
>
>
> === OUTPUT FROM EXHIBIT B ===
> puppetd --test
> info: Caching catalog at /var/puppet/state/localconfig.yaml
> notice: Starting catalog run
> err: //Node[server]/User_test[boogy]/User[boogy]/uid: change from 511
> to  failed: Could not set uid on user[boogy]: Execution of '/usr/sbin/
> usermod -u  boogy' returned 4: usermod: uid 0 is not unique
>
> notice: Finished catalog run in 5.80 seconds
> === END OUTPUT ===
>
>
>
> Results:
>
> EXHIBIT A: works (except I can't specify uid, naturally)
> EXHIBIT B: fails (see OUTPUT FROM EXHIBIT B)
> EXHIBIT C: fails (similar to OUTPUT FROM EXHIBIT B)
> EXHIBIT D: works!
>
> So, apparently you can't assign undef to a variable. I'm thinking this
> is a bug.  Thoughts, anyone?
>
> Thanks,
>
> Tim
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: use of arrays with templates

2008-11-05 Thread Aj


search my.domain.tld
<% nameserver.each do |n| %>
nameserver <%= n %>
<% end %>

On 6/11/2008, at 7:52 AM, tek-ops <[EMAIL PROTECTED]> wrote:

>
> no one has dealt with this before?
>
> On Nov 3, 4:39 pm, tek-ops <[EMAIL PROTECTED]> wrote:
>> I appear that this will only work if the array is declared in the
>> manifest.
>>
>> I'm attempting to make resolv.conf a template in which I can specify
>> by node which array of name servers to use.  which looks like this:
>> $nameserver = [ "1.2.3.4", "1.2.3.5"]
>>
>> This works fine if it's declared in the manifest, however if declare
>> in the nodes.pp if merely concatenates the two name servers' IPs
>> together .  Is there a different syntax to use in the nodes.pp file?
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: wildcards in file type?

2008-11-06 Thread Aj


This notification will only fire if the managed parameters for the  
directory are out of sync, e.g. Owner/group/modes/file type (link,  
file).

Subscribe also implies require, FYI =)

On 7/11/2008, at 8:38 AM, joe <[EMAIL PROTECTED]> wrote:

>
> It's a defined file resource without a source parameter.  Here is the
> syntax:
>
> file { "/opt/management/dns/zones":
>owner => "root",
>group => "root",
>mode => "644",
>ensure => directory,
>recurse => true }
>
> Then there is a service resource that subscribes to that file:
>
> service { "named":
>enable => true,
>ensure => running,
>require => File["/etc/named.conf"],
>require => File["/opt/dns/management/zones"],
>require => Package["bind"],
>subscribe => File["/etc/named.conf"],
>subscribe => File["/opt/management/dns/zones"] }
>
> But the service never restarts when files in that directory change. I
> would think it's because I'm not sourcing those files, but I'm not
> sure.
>
> On Nov 6, 12:37 pm, "Evan Hisey" <[EMAIL PROTECTED]> wrote:
>> On Wed, Nov 5, 2008 at 6:19 PM, joe <[EMAIL PROTECTED]> wrote:
>>
>>> I'm having a similar issue that that wiki entry does not directly
>>> address.
>>
>>> I'm trying to do a subscribe on a file definition that is a  
>>> directory.
>>
>>> I have ensure => directory and recurse => true.
>>
>>> I do not use puppet to source the files (they are on nfs shared to  
>>> all
>>> servers that use them).
>>
>>> Puppet will not restart a service subscribed to this file  
>>> definition.
>>> It does not seem to look at whether the files in the directory have
>>> changed.
>>
>>> How do others make such a scenario work?
>>
>>> Thanks
>>
>> Is puppet actually managing the directory? Unless puppet manages the
>> directory it can't know to handle a restart.
>>
>> Evan
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: wildcards in file type?

2008-11-06 Thread Aj


No, there is no way.

On 7/11/2008, at 1:01 PM, joe <[EMAIL PROTECTED]> wrote:

>
> I just added the require after subscribe alone didn't work.
>
> I thought that if I specified the directory with recurse => true, it
> would monitor all the files in the directory as well.
>
> Is there a way to have puppet monitor files it isn't sourcing?
>
> On Nov 6, 3:41 pm, Aj <[EMAIL PROTECTED]> wrote:
>> This notification will only fire if the managed parameters for the
>> directory are out of sync, e.g. Owner/group/modes/file type (link,
>> file).
>>
>> Subscribe also implies require, FYI =)
>>
>> On 7/11/2008, at 8:38 AM, joe <[EMAIL PROTECTED]> wrote:
>>
>>
>>
>>> It's a defined file resource without a source parameter.  Here is  
>>> the
>>> syntax:
>>
>>> file { "/opt/management/dns/zones":
>>>owner => "root",
>>>group => "root",
>>>mode => "644",
>>>ensure => directory,
>>>recurse => true }
>>
>>> Then there is a service resource that subscribes to that file:
>>
>>> service { "named":
>>>enable => true,
>>>ensure => running,
>>>require => File["/etc/named.conf"],
>>>require => File["/opt/dns/management/zones"],
>>>require => Package["bind"],
>>>subscribe => File["/etc/named.conf"],
>>>subscribe => File["/opt/management/dns/zones"] }
>>
>>> But the service never restarts when files in that directory  
>>> change. I
>>> would think it's because I'm not sourcing those files, but I'm not
>>> sure.
>>
>>> On Nov 6, 12:37 pm, "Evan Hisey" <[EMAIL PROTECTED]> wrote:
>>>> On Wed, Nov 5, 2008 at 6:19 PM, joe <[EMAIL PROTECTED]> wrote:
>>
>>>>> I'm having a similar issue that that wiki entry does not directly
>>>>> address.
>>
>>>>> I'm trying to do a subscribe on a file definition that is a
>>>>> directory.
>>
>>>>> I have ensure => directory and recurse => true.
>>
>>>>> I do not use puppet to source the files (they are on nfs shared to
>>>>> all
>>>>> servers that use them).
>>
>>>>> Puppet will not restart a service subscribed to this file
>>>>> definition.
>>>>> It does not seem to look at whether the files in the directory  
>>>>> have
>>>>> changed.
>>
>>>>> How do others make such a scenario work?
>>
>>>>> Thanks
>>
>>>> Is puppet actually managing the directory? Unless puppet manages  
>>>> the
>>>> directory it can't know to handle a restart.
>>
>>>> Evan
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: puppetmasterd taking a lot of memory

2008-11-14 Thread Aj


I've noticed a significant drop in memory usage since disabling  
storeconfigs (and thus, rails 'n stuff). Previously I'd have to  
crontab restart the masters.

On 15/11/2008, at 9:51 AM, Loobster <[EMAIL PROTECTED]> wrote:

>
> I installed the blastware packages and then used gary's CSWpuppet
> (0.24.4) package from http://www.garylaw.net/packages/
>
> I'm seeing puppetmasterd using a lot of memory (850MB+).
>
> It seems that ruby might have a memory leak from the forum posts I'm
> reading.
>
> Is there a known resolution to this or should a self compile specific
> versions on my own?
>
> Thanks,
> Karl
>
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: deleting users secondary groups

2008-11-18 Thread Aj


You'll want to use the membership parameter to achieve this, check the  
type ref.

Regards,

Aj

On 18/11/2008, at 9:57 PM, Arnau Bria <[EMAIL PROTECTED]> wrote:

>
> On Mon, 17 Nov 2008 17:24:27 -0600
> Luke Kanies wrote:
> Hi Luke,
>
>>> Is delete / recreate the only solution?
>>
>> What do you mean?
>
> # id arnaubria
> uid=63003(arnaubria) gid=31401(grid) groups=31401(grid)
> user { "arnaubria":
>ensure=> present,
>gid   => "31401",
>home  => "/nfs/pic.es/user/a/arnaubria",
>name  => arnaubria,
>provider  => useradd,
>uid   => "63003",
> }
>
> Now I add:
>   groups=> [ "paco" ]
>
> # id arnaubria
> uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco)
>
> Which is correct.
>
> Now I remove groups "paco", so my user will belong to only grid group
> again:
>
> # id arnaubria
> uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco)
>
> Wrong.
>
> So, do I have to delete my user and recreate again??
>
>
> TIA,
> Arnau
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: disable client runs

2008-11-19 Thread Aj


--no-client (puppetd --help)

On 20/11/2008, at 8:23 AM, "Casey Deccio" <[EMAIL PROTECTED]> wrote:

> What is the appropriate client setting for runinterval to allow me  
> to disable client runs?  I would like to have the puppetd daemon  
> running but only have it check in when triggered by another node.
>
> Casey
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: best practice for keeping keeping puppet up to date?

2008-11-19 Thread Aj


Backport via prevu into a local repository - I recommend reprepro for  
managing a repo, as it has a plethora of documentation. Micah and Thom  
have been doing a great job keeping the debian QA up to date with  
puppet (packages.qa.debian.org)

Regards,

Aj

On 20/11/2008, at 12:14 PM, Paul Holbrook <[EMAIL PROTECTED]>  
wrote:

>
> I'm planning to use Puppet to manage a rollout of Ubuntu 8.10
> workstations.
>
> Ubuntu 8.10 comes with an Puppet 0.24.4 package.  There's a newer one
> in testing, but they still aren't up to 0.24.6.   Not surprisingly,
> even something like Testing is going to lag behind the latest stable
> Puppet release.
>
> Thus, my question: what's the best practice on keeping puppet itself
> up to date?  The real issue is obviously the clients; I know about the
> advice to update the server first, but you do that once.
>
> The options I've read about are ..
>
> * Build my own packages.  (I could learn how to do this, but for right
> now, I really wanted to concentrate on Puppet..)
> * Use Puppet to somehow use Ruby gems to install update Puppet clients
> * build Puppet from source, but then I'm not sure how you keep this up
> to date on client machines.
>
> I'm sure this is a common problem, so I'm just wondering how others
> have done it.
>
> -- Paul
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: usage of '+>' ?

2008-11-26 Thread Aj


That behavior was added in .6

Regards,

AJ

On 26/11/2008, at 9:31 PM, Udo Waechter <[EMAIL PROTECTED] 
osnabrueck.de> wrote:

>
> Oh, sorry:
>
> - puppetmaster is 0.24.5 (Debian etch)
> - puppet clients are 0.24.5 (debian), and 0.24.4 (ubuntu hardy)
>
> Bye,
> udo.
>
> Paul Lathrop wrote:
>> Udo,
>>
>> What version of Puppet are you running?
>>
>> --Paul
>>
>> On Tue, Nov 25, 2008 at 12:57 PM, udo waechter
>> <[EMAIL PROTECTED]> wrote:
>>> According to:
>>> http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial
>>> one can use the  '+>' operator to add additional  values to a  
>>> parameter.
>>>
>>> In which cases does this actually work?
>>> When i try to add the user www-data to the ssl-cert group:
>>>
>>> user{"www-data":
>>> groups +> "ssl-cert",
>>> }
>>>
>>> this does not work (.. Syntax error at '+>'; expected '}' at...).   
>>> All
>>> examples in the docs add only other types to the 'require'  
>>> parameters of
>>> types via this operator. Could it be that it does not work for all
>>> parameters?
>>>
>>> Or does the user-type do the "adding the user to the group" thing  
>>> by itself?
>>>
>>> Thanks,
>>> udo.
>>> --
>>> :: udo waechter - [EMAIL PROTECTED] :: N 52º16'30.5" E 8º3'10.1"
>>> :: genuine input for your ears: http://auriculabovinari.de
>>> ::  your eyes: http://ezag.zoide.net
>>> ::  your brain: http://zoide.net
>>>
>>>
>>>
>>>
>>>
>>
>>>
>>
>
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: usage of '+>' ?

2008-11-26 Thread Aj


That behaviour is used in resource overrides (inheritance)

Given:

class x {
   user { test: groups => blah }
}

Additional values can be added in an override class.

class y inherits x {
   User['test'] { groups +> blah2 }
}

Regards,

AJ

On 26/11/2008, at 10:05 PM, Udo Waechter <[EMAIL PROTECTED] 
osnabrueck.de> wrote:

>
> Ouch,
> Documentation (
> http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial ) says its:
>
> "It is also possible (since version 0.23.1) to add values to resource
> parameters using the +> operator:"
>
> I am pretty sure, that I saw this sentence around for a while  
> (definetly
> longer than .6), I just did not try it out.
>
> Are the docs wrong?
> udo.
>
> Aj wrote:
>> That behavior was added in .6
>>
>> Regards,
>>
>> AJ
>>
>> On 26/11/2008, at 9:31 PM, Udo Waechter <[EMAIL PROTECTED]
>> osnabrueck.de> wrote:
>>
>>> Oh, sorry:
>>>
>>> - puppetmaster is 0.24.5 (Debian etch)
>>> - puppet clients are 0.24.5 (debian), and 0.24.4 (ubuntu hardy)
>>>
>>> Bye,
>>> udo.
>>>
>>> Paul Lathrop wrote:
>>>> Udo,
>>>>
>>>> What version of Puppet are you running?
>>>>
>>>> --Paul
>>>>
>>>> On Tue, Nov 25, 2008 at 12:57 PM, udo waechter
>>>> <[EMAIL PROTECTED]> wrote:
>>>>> According to:
>>>>> http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial
>>>>> one can use the  '+>' operator to add additional  values to a
>>>>> parameter.
>>>>>
>>>>> In which cases does this actually work?
>>>>> When i try to add the user www-data to the ssl-cert group:
>>>>>
>>>>> user{"www-data":
>>>>>groups +> "ssl-cert",
>>>>> }
>>>>>
>>>>> this does not work (.. Syntax error at '+>'; expected '}' at...).
>>>>> All
>>>>> examples in the docs add only other types to the 'require'
>>>>> parameters of
>>>>> types via this operator. Could it be that it does not work for all
>>>>> parameters?
>>>>>
>>>>> Or does the user-type do the "adding the user to the group" thing
>>>>> by itself?
>>>>>
>>>>> Thanks,
>>>>> udo.
>>>>> --
>>>>> :: udo waechter - [EMAIL PROTECTED] :: N 52º16'30.5" E 8º3'10.1"
>>>>> :: genuine input for your ears: http://auriculabovinari.de
>>>>> ::  your eyes: http://ezag.zoide.net
>>>>> ::  your brain: http://zoide.net
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>
>>>
>>
>
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Problem starting puppetmasterd with --servertype=mongrel

2009-01-04 Thread Aj


The Mongrel gem.

Regards,

AJ

On 5/01/2009, at 8:05 AM, windowsrefund  wrote:

>
> Does anyone know what I'm missing?
>
> Starting puppetmaster: /usr/lib/site_ruby/1.8/rubygems/
> custom_require.rb:27:in `gem_original_require': no such file to load
> -- mongrel (MissingSourceFile)
>from /usr/lib/site_ruby/1.8/rubygems/custom_require.rb:27:in
> `require'
>from /usr/lib64/ruby/gems/1.8/gems/activesupport-2.0.2/lib/
> active_support/dependencies.rb:496:in `require'
>from /usr/lib64/ruby/gems/1.8/gems/activesupport-2.0.2/lib/
> active_support/dependencies.rb:342:in `new_constants_in'
>from /usr/lib64/ruby/gems/1.8/gems/activesupport-2.0.2/lib/
> active_support/dependencies.rb:496:in `require'
>from /usr/lib/site_ruby/1.8/puppet/network/http_server/
> mongrel.rb:30
>from /usr/lib/site_ruby/1.8/rubygems/custom_require.rb:27:in
> `gem_original_require'
>from /usr/lib/site_ruby/1.8/rubygems/custom_require.rb:27:in
> `require'
>from /usr/lib64/ruby/gems/1.8/gems/activesupport-2.0.2/lib/
> active_support/dependencies.rb:496:in `require'
>from /usr/lib64/ruby/gems/1.8/gems/activesupport-2.0.2/lib/
> active_support/dependencies.rb:342:in `new_constants_in'
>from /usr/lib64/ruby/gems/1.8/gems/activesupport-2.0.2/lib/
> active_support/dependencies.rb:496:in `require'
>from /usr/sbin/puppetmasterd:240
>
> >

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Timeout after stored state

2008-09-07 Thread AJ Christensen

So, I'm currently scratching my noodle regarding the following unhelpful
stack trace from `puppetd -t --no-noop --trace --debug`:
debug: //File[/var/lib/puppet/modules]: Autorequiring User[root]
debug:
//Node[gatekeeper]/monitoring/munin::client/munin::plugins::linux/munin::plugins::interfaces/Munin::Plugin[if_err_eth1]/File[/etc/munin/plugins/if_err_eth1]:
Autorequiring File[/etc/munin/plugins]
debug:
//Node[gatekeeper]/monitoring/munin::client/munin::plugins::linux/Munin::Plugin[df]/File[/etc/munin/plugin-conf.d/df.conf]:
Autorequiring File[/etc/munin/plugin-conf.d]
debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
policy ruby1.8-dev'
debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
policy git-core'
debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
policy build-essential'
debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
policy puppet'
debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
policy libmysqlclient15-dev'
debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
policy linux-headers-server'
debug: Calling fileserver.describe
debug: Storing state
debug: Stored state in 0.03 seconds
/usr/lib/ruby/1.8/timeout.rb:54:in `open': execution expired
(Timeout::Error)
from /usr/lib/ruby/1.8/net/http.rb:560:in `connect'
from /usr/lib/ruby/1.8/timeout.rb:56:in `timeout'
from /usr/lib/ruby/1.8/timeout.rb:76:in `timeout'
from /usr/lib/ruby/1.8/net/http.rb:560:in `connect'
from /usr/lib/ruby/1.8/net/http.rb:553:in `do_start'
from /usr/lib/ruby/1.8/net/http.rb:542:in `start'
from /usr/lib/ruby/1.8/net/http.rb:1035:in `request'
from /usr/lib/ruby/1.8/net/http.rb:992:in `post2'
 ... 38 levels...
from /usr/lib/ruby/1.8/puppet/network/client/master.rb:254:in `run'
from /usr/lib/ruby/1.8/sync.rb:230:in `synchronize'
from /usr/lib/ruby/1.8/puppet/network/client/master.rb:236:in `run'
from /usr/sbin/puppetd:417


Any ideas?

Regards,

AJ

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Timeout after stored state

2008-09-07 Thread AJ Christensen

Nay just me being an idiot.
Thought I had removed this post - guess it can't magically suck it back out
of everyones mailbox.

The problem was:

source => "puppet://ubuntu/path/to/file";

as opposed to:

source => "puppet:///ubuntu/path/to/file";

Must have sent my original email before coffee ;)

Regards,

AJ

2008/9/8 Adam Jacob <[EMAIL PROTECTED]>

> Perhaps an overloaded puppet master?
>
> The stack trace is showing that your client can't reach the puppet master
> via http..
>
> Adam
>
>
> On Sun, Sep 7, 2008 at 7:05 PM, AJ Christensen <[EMAIL PROTECTED]> wrote:
>
>> So, I'm currently scratching my noodle regarding the following unhelpful
>> stack trace from `puppetd -t --no-noop --trace --debug`:
>> debug: //File[/var/lib/puppet/modules]: Autorequiring User[root]
>> debug:
>> //Node[gatekeeper]/monitoring/munin::client/munin::plugins::linux/munin::plugins::interfaces/Munin::Plugin[if_err_eth1]/File[/etc/munin/plugins/if_err_eth1]:
>> Autorequiring File[/etc/munin/plugins]
>> debug:
>> //Node[gatekeeper]/monitoring/munin::client/munin::plugins::linux/Munin::Plugin[df]/File[/etc/munin/plugin-conf.d/df.conf]:
>> Autorequiring File[/etc/munin/plugin-conf.d]
>> debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
>> policy ruby1.8-dev'
>> debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
>> policy git-core'
>> debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
>> policy build-essential'
>> debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
>> policy puppet'
>> debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
>> policy libmysqlclient15-dev'
>> debug: Puppet::Type::Package::ProviderApt: Executing '/usr/bin/apt-cache
>> policy linux-headers-server'
>> debug: Calling fileserver.describe
>> debug: Storing state
>> debug: Stored state in 0.03 seconds
>> /usr/lib/ruby/1.8/timeout.rb:54:in `open': execution expired
>> (Timeout::Error)
>> from /usr/lib/ruby/1.8/net/http.rb:560:in `connect'
>> from /usr/lib/ruby/1.8/timeout.rb:56:in `timeout'
>> from /usr/lib/ruby/1.8/timeout.rb:76:in `timeout'
>> from /usr/lib/ruby/1.8/net/http.rb:560:in `connect'
>> from /usr/lib/ruby/1.8/net/http.rb:553:in `do_start'
>> from /usr/lib/ruby/1.8/net/http.rb:542:in `start'
>> from /usr/lib/ruby/1.8/net/http.rb:1035:in `request'
>>     from /usr/lib/ruby/1.8/net/http.rb:992:in `post2'
>>  ... 38 levels...
>> from /usr/lib/ruby/1.8/puppet/network/client/master.rb:254:in
>> `run'
>> from /usr/lib/ruby/1.8/sync.rb:230:in `synchronize'
>> from /usr/lib/ruby/1.8/puppet/network/client/master.rb:236:in
>> `run'
>> from /usr/sbin/puppetd:417
>>
>>
>> Any ideas?
>>
>> Regards,
>>
>> AJ
>>
>>
>>
>
>
> --
> HJK Solutions - We Launch Startups - http://www.hjksolutions.com
> Adam Jacob, Senior Partner
> T: (206) 508-4759 E: [EMAIL PROTECTED]
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: README example

2008-09-08 Thread AJ Christensen

That repo (git://oppermannen.com/modules/git.git/)
<http://oppermannen.com/modules/git.git/>doesn't
work for me either, Git 1.5.6.GIT
Regards,

AJ

2008/9/9 Blake Barnett <[EMAIL PROTECTED]>

>
> You are most likely using a version of Git that is too far out of sync
> with the repository.  1.5.x is usually required now.
>
> -Blake
>
> On Sep 8, 2008, at 10:03 AM, Kenton Brede wrote:
>
> >
> > I tried it both ways, results are the same.
> > Thanks,
> > Kent
> >
> > 2008/9/8 Andrew Shafer <[EMAIL PROTECTED]>:
> >> It might be hosed, but try removing the trailing /.  I only have
> >> email for
> >> the moment or I would confirm.
> >>
> >> On Mon, Sep 8, 2008 at 10:59 AM, Kenton Brede <[EMAIL PROTECTED]>
> >> wrote:
> >>>
> >>> 2008/9/8 Andrew Shafer <[EMAIL PROTECTED]>:
> >>>> git clone name-of-repo is the easiest way to set it up
> >>>>
> >>>> try:
> >>>> git clone git://oppermannen.com/modules/git.git/
> >>>>
> >>>> git checkout switches between branches and git pull updates the
> >>>> local
> >>>> repo
> >>>
> >>> I knew I should have mentioned all that I tried in my first
> >>> message but I
> >>> wanted
> >>> to be brief :)  "git clone" was actually one of the first things I
> >>> tried.  This is what I get:
> >>>
> >>> $  git clone git://oppermannen.com/modules/git.git/
> >>> Initialized empty Git repository in /usr/local/src/git/.git/
> >>> fatal: no matching remote head
> >>> fetch-pack from 'git://oppermannen.com/modules/git.git/' failed.
> >>>
> >>> Given the git command reports "empty" or "not a git repository" I
> >>> made
> >>> the assumption
> >>> the repo was hosed.
> >>>
> >>> If anyone has the README from the git module and would like to
> >>> share,
> >>> I would appreciate it.
> >>> Thanks,
> >>> Kent
> >>>
> >>>
> >>
> >>
> >>>
> >>
> >
> > >
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Managing SSH keys

2008-09-11 Thread AJ Christensen

You'll need to generate keys for distribution, automating this somehow by
calling out to ssh-keygen I presume.
Regards,

AJ

2008/9/12 Kenneth Holter <[EMAIL PROTECTED]>

>
> I've gotten Puppet to distribute server A's public SSH key on some of the
> nodes in the network. For password-less login to work, the nodes' host key
> must be saved on server A.
>
> Is there a security reason for not automating this process (if possible),
> i.e. automating the process of retreiving the nodes' host key and importing
> them into server A's know hosts file? And is there a way to get puppet to do
> this using the built in types of version 0.24.4 (I know there is a sshkey
> type, but I'm not quite sure how this works)?
>
>
> Regards,
> Kenneth Holter
>
> On 9/11/08, Francois Deppierraz <[EMAIL PROTECTED]> wrote:
>>
>>
>> Kenneth Holter wrote:
>>
>> > But does this resource type manage the distribution of SSH public keys
>> > for setup of password-less login? If so, could you please provide a
>> > sample code for distributing the SSH public key for a server A?
>>
>> No, the sshkey type only manages host key (ie. /etc/ssh/ssh_known_hosts).
>>
>> You can use ssh_authorized_key available since puppet 0.24.5 to do what
>> you want.
>>
>> Example:
>>
>> ssh_authorized_key{"[EMAIL PROTECTED] on root":
>> ensure => present,
>> type   => "rsa",
>> key=> "A...",
>> user   => "root",
>> }
>>
>> By the way, you still need a way to generate the SSH key private key
>> beforehand.
>>
>> François
>> >>
>>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Using git to manage puppet manifests.

2008-09-18 Thread AJ Christensen

I use a rake task:
desc "Install your manifests"
task :install => [ :update, :test ] do
  sh %{git push}
  sh %{ssh #{MASTER} 'cd /etc/puppet; sudo git pull'}
end

2008/9/19 Leah <[EMAIL PROTECTED]>

>
> I've set up puppet and had it running, but never bothered to set up an
> version control.  I've decided it is time to get it all in version
> control as the system is about to become production and I need to keep
> track of who is changing things and what is being changed.
>
> I am looking at storing all my configs in Git as that seems to be the
> version control of choice here and it's time I learned it.  I was
> wondering what other people do to automatically update their puppet
> server with the latest version from git.  I was looking at using some
> sort of git hook, but I'm not sure how to implement it efficiently and
> securely with a shared repository on another server.  I went looking
> on the wiki, but could only find information about doing this with
> subversion.
>
> Any examples of what others are doing would be appreciated so I can
> figure out the best approach.
>
> Thanks,
>
> Leah
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: external node trouble

2008-09-28 Thread AJ Christensen

Sorry, forgot to chuck this in there:
irb(main):003:0> classes = [ "baseserver", "stg2server" ]
=> ["baseserver", "stg2server"]
irb(main):004:0> yaml_obj = YAML::dump(classes)
=> "--- \n- baseserver\n- stg2server\n"
irb(main):005:0> ruby_obj = YAML::load(yaml_obj)
=> ["baseserver", "stg2server"]
irb(main):006:0> classes == ruby_obj
=> true

2008/9/29 AJ Christensen <[EMAIL PROTECTED]>

> [EMAIL PROTECTED] /tmp$ irb -ryaml
> irb(main):001:0> classes = [ "baseserver", "stg2server" ]
> => ["baseserver", "stg2server"]
> irb(main):002:0> puts classes.to_yaml
> ---
> - baseserver
> - stg2server
> => nil
>
> AFAIK, Puppet uses YAML.load / YAML.dump for object manipulation.
>
> "claseses: [baseserver, stg2server]" is not a valid yaml array
> representation?
>
> 2008/9/29 Daniel Pittman <[EMAIL PROTECTED]>
>
>
>> "Andrew Shafer" <[EMAIL PROTECTED]> writes:
>> > On Tue, Sep 23, 2008 at 12:01 PM, heise <[EMAIL PROTECTED]> wrote:
>> >
>> > I'm trying to get puppet to function with external nodes, i've got a
>> > script that spits out yaml in the following for my test case
>> "classes:
>> > [baseserver, stg2server] " , from this i get the error of "couldn
>> not
>> > retrieve catalog: could not find default node or by name with
>> 'heise-
>> > laptop' on node heise-laptop" is there something i'm missing in my
>> > yaml , is there something more my external node classifer needs to
>> > return other than the yaml and an exit code of 0 ?
>> >
>>
>> > The yaml output is not formated properly for puppet. It should look more
>> like this:
>> > classes:
>> >   - baseserver
>> >   - stg2server
>> >
>> > http://reductivelabs.com/trac/puppet/wiki/ExternalNodes
>>
>> Does puppet have a hand-rolled YAML parser incompatible with the
>> specification?  Those two reflect *exactly* the same content: the key
>> 'classes' associated with an array of two values.
>>
>> There should be absolutely *zero* different between the in-memory
>> representations of those two YAML declarations.
>>
>> Regards,
>> Daniel
>>
>> >>
>>
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: external node trouble

2008-09-28 Thread AJ Christensen

[EMAIL PROTECTED] /tmp$ irb -ryaml
irb(main):001:0> classes = [ "baseserver", "stg2server" ]
=> ["baseserver", "stg2server"]
irb(main):002:0> puts classes.to_yaml
---
- baseserver
- stg2server
=> nil

AFAIK, Puppet uses YAML.load / YAML.dump for object manipulation.

"claseses: [baseserver, stg2server]" is not a valid yaml array
representation?

2008/9/29 Daniel Pittman <[EMAIL PROTECTED]>

>
> "Andrew Shafer" <[EMAIL PROTECTED]> writes:
> > On Tue, Sep 23, 2008 at 12:01 PM, heise <[EMAIL PROTECTED]> wrote:
> >
> > I'm trying to get puppet to function with external nodes, i've got a
> > script that spits out yaml in the following for my test case
> "classes:
> > [baseserver, stg2server] " , from this i get the error of "couldn not
> > retrieve catalog: could not find default node or by name with 'heise-
> > laptop' on node heise-laptop" is there something i'm missing in my
> > yaml , is there something more my external node classifer needs to
> > return other than the yaml and an exit code of 0 ?
> >
>
> > The yaml output is not formated properly for puppet. It should look more
> like this:
> > classes:
> >   - baseserver
> >   - stg2server
> >
> > http://reductivelabs.com/trac/puppet/wiki/ExternalNodes
>
> Does puppet have a hand-rolled YAML parser incompatible with the
> specification?  Those two reflect *exactly* the same content: the key
> 'classes' associated with an array of two values.
>
> There should be absolutely *zero* different between the in-memory
> representations of those two YAML declarations.
>
> Regards,
> Daniel
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: something wrong with puppet client or Server

2008-09-30 Thread AJ Christensen

Best. Non-idempotent. Exec. Ever.
unless => "/bin/grep 'my line' /etc/vfstab" in your exec{}.

Regards,

AJ

2008/10/1 Andrew Shafer <[EMAIL PROTECTED]>

> Exec is not going to be idempotent unless you add the logic.
>
> You told Puppet to run that script every time, which adds the line.
>
>
> On Tue, Sep 30, 2008 at 3:46 PM, Peter Meier <[EMAIL PROTECTED]>wrote:
>
>>
>> Hi
>>
>> > I dont understand if once it is already added line in /etc/fstab why
>> > it is adding every time
>>
>> because you have never defined how it knows then it's added.
>> this is the expected behaviour of puppet.
>>
>> greets pete
>>
>>
>>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Could not request certificate: Certificate does not match private key

2008-11-19 Thread AJ Christensen

Make --server (client) match --certname (master)
Regards,

AJ

2008/11/20 sprock <[EMAIL PROTECTED]>

>
> hello,
>
> I've just added a new client to an existing configuration but cannot
> get it recognised.  Both client and server are running 0.24.5,
> installed on gentoo linux using portage.
>
> This is what I dis:
>
> Server:
> /etc/init.d/puppetmaster start
>  * Starting
> puppetmaster ...
> [ ok ]
>
> Client:
>
> puppetd --test
> warning: peer certificate won't be verified in this SSL session
> notice: Did not receive certificate
> notice: Set to run 'one time'; exiting with no certificate
>
> Server:
>
> puppetca --generate client.here.there
> Generating certificate for client.here.there
>
> Client:
> puppetd --waitforcert 60 --test
> warning: peer certificate won't be verified in this SSL session
> err: Could not request certificate: Certificate retrieval failed:
> Certificate request does not match existing certificate; run 'puppetca
> --clean moonstone.esd.mun.ca'.
>
> Server:
>
> puppetca --list
> client.here.there
> server puppet # puppetca --sign client.here.there
> Signed client.here.there
>
> Client:
>
> puppetd --waitforcert 60 --test
> warning: peer certificate won't be verified in this SSL session
> err: Could not request certificate: Certificate does not match private
> key.  Try 'puppetca --clean client.here.there' on the server.
>
> I've tried doing as suggested (several times) but the error persists.
>
> Thanks for any help.
>
> Roger
>
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: inherit and override?

2009-01-06 Thread AJ Christensen


class x inherits y {
Resource["name"] {
parameter => "newvalue"
}
}

http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial#id6

Regards,

AJ


On 7/01/09 3:18 PM, "Ben Beuchler"  wrote:

> 
> I'm fairly certain I encountered the preferred pattern for inheriting
> from a class for the specific purpose of disabling it.  I can't seem
> to find it anymore.  Any pointers?
> 
> A specific example would be our ldapauth module.  The main class
> installs a few packages and files in order to activate LDAP auth.
> This class is be included by default in all nodes.  I would like to
> have an ldapauth::disabled that can be added to a node to prevent
> realization of this class.
> 
> Thanks!
> 
> -Ben
> 
> > 



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: some ideas for facts

2009-01-08 Thread AJ Christensen


How about check_puppet.rb in ext/ ? This one runs on the clients =)

Regards,

AJ


On 9/01/09 3:16 AM, "Helmut Lichtenberg" 
wrote:

> 
> James Turnbull schrieb am 07. Jan 2009 um 22:03:03 CET:
>> windowsrefund wrote:
>>> I've got a check defined in nagios that allows me to determine if a
>>> puppet client has not updated itself in awhile
>>> 
>>> /usr/lib/nagios/plugins/check_file_age -f /var/lib/puppet/state/
>>> state.yaml -w 3600 -c 4000
>> 
>> Have you seen the puppetlast script?  It's in the ext/ directory of the
>> Puppet package.  That might be useful too.
> 
> This script runs only on the puppetmaster (at least for Debian Lenny, it's
> part of the puppetmaster-package) and it displays a list of hosts and when the
> last run was.
> 
> I would also prefer a by-host check like the OP. Is anything wrong with the
> proposed check_file_age?
> 
> Helmut



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What is an "external node tool"

2009-01-19 Thread AJ Christensen


An external node tool provides classes and parameters (variables) for  
nodes.

It's a cool way of getting data from external sources onto your nodes.

iClassify - https://wiki.hjksolutions.com/display/IC/Home

Regards,

AJ

On 20/01/2009, at 3:53 PM, kevin wrote:

>
> I've been a bit confused by this terminology:  What exactly is such a
> tool?  What purpose does it serve?  Are there any examples?
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: What is an "external node tool"

2009-01-19 Thread AJ Christensen


Woops, forgot this page too:

http://reductivelabs.com/trac/puppet/wiki/ExternalNodes

Has an example script which spits out some YAML.

Regards,

AJ

On 20/01/2009, at 3:53 PM, kevin wrote:

>
> I've been a bit confused by this terminology:  What exactly is such a
> tool?  What purpose does it serve?  Are there any examples?
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Solaris SSL error

2009-02-12 Thread AJ Christensen


Is there any particular reason you're copying the certificates and  
whatnot by hand instead of using the built in mechanisms?

Regards,

AJ

On 13/02/2009, at 11:12 AM, chakkerz wrote:

>
> i've copied the ca.pem from the master to the client. Now i'm back to
> the familar:
>
> r...@puppetsun:/var/lib/puppet/ssl# /opt/csw/bin/puppetd -vt
> info: Retrieving plugins
> warning: Certificate validation failed; consider using the certname
> configuration option
> err: /File[/var/lib/puppet/lib]: Failed to generate additional
> resources during transaction: Certificates were not trusted:
> certificate verify failed
> warning: Certificate validation failed; consider using the certname
> configuration option
> err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of
> resource: Certificates were not trusted: certificate verify failed
> Could not describe /plugins: Certificates were not trusted:
> certificate verify failed
> err: Could not retrieve catalog: private method `chomp' called for
> nil:NilClass
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: directory creation - difference in operation between RHEL5 and Solaris

2009-02-24 Thread AJ Christensen


You probably wanna use ensure => directory, as it implies present, and  
ensure present will make a file IIRC

On 25/02/2009, at 6:27 PM, chakkerz wrote:

>
> The following code,
>file
>{ "/var/log/sysinfo":
>owner  => root,
>group  => root,
>mode   => 755,
>ensure => [ present, directory ],
>}
>
> on RHEL5 generates a directory:
> [r...@puppetks4 ~]# uname -a ; ls -ld /var/log/sysinfo
> Linux puppetks4.its.uq.edu.au 2.6.18-128.el5 #1 SMP Wed Dec 17
> 11:41:38 EST 2008 x86_64 x86_64 x86_64 GNU/Linux
> drwxr-xr-x 2 root root 4096 Feb 18 09:04 /var/log/sysinfo
>
> using
> [r...@puppetks4 ~]# rpm -q puppet
> puppet-0.24.7-4.el5
>
> while on OpenSolaris generates a file:
> r...@puppetsun:/# uname -a ; ls -l /var/log/sysinfo
> SunOS puppetsun 5.11 snv_101b i86pc i386 i86pc Solaris
> -rwxr-xr-x 1 root root 0 2009-02-13 17:57 /var/log/sysinfo
>
> using
> r...@puppetsun:/# pkginfo -l CSWpuppet
>   PKGINST:  CSWpuppet
>  NAME:  puppet - a system configuration tool
>  CATEGORY:  application,system
>  ARCH:  all
>   VERSION:  0.24.7,REV=2009.01.10
>   BASEDIR:  /
>VENDOR:  http://reductivelabs.com/projects/puppet packaged for CSW
> by Gary Law and Mark Phillips
>PSTAMP:  zone6120090110180023
>  INSTDATE:  Dec 29 1986 04:18
> EMAIL:  g...@blastwave.org
>STATUS:  completely installed
> FILES:  524 installed pathnames
>  12 shared pathnames
>  95 directories
> 419 executables
>3713 blocks used (approx)
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: problem changing group membership for linux users

2009-03-01 Thread AJ Christensen


I believe you can only use git:// through an HTTP proxy when it  
supports the CONNECT method.

It may be possible to clone via HTTP, but push operations are only  
possible over HTTP to DAV.

Regards,

AJ


On 2/03/2009, at 7:10 PM, Sebastian Krueger wrote:

>
> Hi everyone,
>
> so I'm trying to do a checkout from the git repository as James said
> that the problem may already be resolved in a later version.
>
> However, I can't seem to get git to go through the corporate http  
> proxy server.
>
> I do the following:
>
> http_proxy=http://foo:1234 git clone git://reductivelabs.com/puppet
>
> And then it just sits there and times out eventually.
>
> Do any of you guys use git through a proxy and could share their  
> configuration?
>
> Regards, Sebastian.
>
>
> On Mon, Mar 2, 2009 at 6:50 PM, Sebastian Krueger  > wrote:
>>
>> Hi Nick,
>>
>> I've added in the membership => inclusive part but it's still  
>> trying to reassign the groupmembership all the time.
>>
>> Regards, Sebastian.
>>
>> On Mon, Mar 2, 2009 at 10:39 PM,  wrote:
>>>
>>> On Mon, 02 Mar 2009 03:46:55 -, Sebastian Krueger
>>>  wrote:
>>>
>>>> Hi list,
>>>>
>>>> I want the ensure that the eaiadmin user is always a member of  
>>>> the users
>>>> group. I use the following configuration:
>>>>
>>>> class baseusers {
>>>> include virt_groups, virt_users
>>>>
>>>> realize(
>>>> Group["eaiadmin"],
>>>> Group["users"]
>>>> )
>>>>
>>>> realize(
>>>> User["eaiadmin"]
>>>> )
>>>>
>>>> }
>>>>
>>>> class virt_users {
>>>> @user { "eaiadmin":
>>>> gid=> "30",
>>>> ensure => present,
>>>> groups => [ "users" ]
>>>> }
>>>> }
>>>>
>>>> class virt_groups {
>>>> @group { "eaiadmin":
>>>> gid => "30",
>>>> ensure  => present
>>>> }
>>>> @group { "users":
>>>> gid => "100",
>>>> ensure  => present
>>>> }
>>>> }
>>>
>>> Hi Sebastian,
>>> I think u must try to add "membership => inclusive" in @user for  
>>> more
>>> "stability". Btw what is u puppet version, cuz as i see "groups" are
>>> version sensitive.
>>> And look here http://reductivelabs.com/trac/puppet/wiki/TypeReference#id312
>>>
>>>>>
>>
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Using Augeas type to update sshd_config's AllowGroups

2009-03-04 Thread AJ Christensen


Hi David,

Not sure if you looked at it, but I'm one of the developers of Chef;  
an alternate ruby-based configuration management / systems integration  
framework.

What work is involved in getting a functional Augeas resource? I'm not  
sure we want to expose the level of functionality of Augeas entirely,  
but perhaps expose it through limited resources, that is unless we can  
lock it down a little. There are ruby bindings, yes?

Regards,

AJ

On 4/03/2009, at 5:55 PM, David Lutterkort wrote:

>
> On Wed, 2009-03-04 at 12:46 +1100, Avi Miller wrote:
>> Hi David,
>>
>> David Lutterkort wrote:
>>> Yeah, that's what that means. Here's a dirty trick to check multiple
>>> conditions:
>>
>> Your assistance so far has been awesome. If I had more time to  
>> play, I'm
>> sure I could solve this in time, but I'm being hammered by the  
>> security
>> teams and I need to get a solution onto our servers as soon as  
>> possible.
>>
>> I'm trying to check/change /etc/pam.d/system-auth
>>
>> The initial (default set) lines look like this:
>>
>> passwordrequisite pam_cracklib.so try_first_pass retry=3
>> passwordsufficientpam_unix.so md5 shadow nullok  
>> try_first_pass
>> use_authtok
>>
>> I want to change them to this (result set):
>>
>> passwordrequisite pam_cracklib.so retry=3 lcredit=1 ucredit=1
>> dcredit=1 ocredit=1
>> passwordsufficientpam_unix.so md5 shadow try_first_pass
>> use_authtok remember=7
>>
>> Essentially, I need to check if the lines match the result set and if
>> not, to make the change. I'm happily able to make the proper changes,
>> using the following (using the first line as an example):
>>
>> changes => [ "rm *[module='pam_cracklib.so'][type='password']/ 
>> argument",
>> "set *[module='pam_cracklib.so'][type='password']/argument[1]  
>> retry=3",
>> "set *[module='pam_cracklib.so'][type='password']/argument[2]  
>> lcredit=1",
>> "set *[module='pam_cracklib.so'][type='password']/argument[3]  
>> ucredit=1",
>> "set *[module='pam_cracklib.so'][type='password']/argument[4]  
>> dcredit=1",
>> "set *[module='pam_cracklib.so'][type='password']/argument[5]  
>> ocredit=1"],
>>
>> But I'm really struggling with the onlyif line to check that all the
>> arguments are in place, the correct value and there are no extras.  
>> I'm
>> able to test individual argument values and the overall count, but I
>> seem unable to build a full match that checks everything at once,  
>> i.e.
>> checks each of the first five argument values and ensures that  
>> there are
>> only 5 arguments total.
>
> If you don't mind an unnecessary change the first time you run your
> Augeas resource on a system, you don't need the onlyif - unnecessary
> here means that system-auth might be changed simply because there's
> different amounts of spaces between the current file and what Augeas
> would generate based on your tree changes.
>
> Augeas will not actually change the file if it stays byte-for-byte
> identical, even if you made changes to the tree (e.g. change the value
> of a node to something new, then back to the old thing)
>
> Depending on the version of the Augeas plugin you have, puppet _might_
> report changes even though none were necessary (or made) - Bryan might
> be able to shed some light on the state of reporting in the Augeas  
> type
> in 0.24.7 vs the latest in git.
>
> David
>
>
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Using Augeas type to update sshd_config's AllowGroups

2009-03-04 Thread AJ Christensen

No.

Regards,

AJ

On 5/03/2009, at 12:18 AM, paul matthews wrote:

> I could be out of line in saying this but rather than developing an  
> alternate to Puppet, would your efforts not be better served  
> producing something that is complementary. The puppet equivalent of 
> http://nagiosexchange.org 
> , springs to mind. As I understand it there is a need for a  
> repository for modules for parts of puppet which are non-core.  
> Nagiosexchange is a viable venture in its own right and the two co- 
> exist as mutually beneficial partners. At least I think that's the  
> case.
>
> Gaining knowledge from this group, to work on something which can  
> only be considered as a rival, seems somehow not quite right
>
> Paul
>
> 2009/3/4 AJ Christensen 
>
> Hi David,
>
> Not sure if you looked at it, but I'm one of the developers of Chef;
> an alternate ruby-based configuration management / systems integration
> framework.
>
> What work is involved in getting a functional Augeas resource? I'm not
> sure we want to expose the level of functionality of Augeas entirely,
> but perhaps expose it through limited resources, that is unless we can
> lock it down a little. There are ruby bindings, yes?
>
> Regards,
>
> AJ
>
> On 4/03/2009, at 5:55 PM, David Lutterkort wrote:
>
> >
> > On Wed, 2009-03-04 at 12:46 +1100, Avi Miller wrote:
> >> Hi David,
> >>
> >> David Lutterkort wrote:
> >>> Yeah, that's what that means. Here's a dirty trick to check  
> multiple
> >>> conditions:
> >>
> >> Your assistance so far has been awesome. If I had more time to
> >> play, I'm
> >> sure I could solve this in time, but I'm being hammered by the
> >> security
> >> teams and I need to get a solution onto our servers as soon as
> >> possible.
> >>
> >> I'm trying to check/change /etc/pam.d/system-auth
> >>
> >> The initial (default set) lines look like this:
> >>
> >> passwordrequisite pam_cracklib.so try_first_pass retry=3
> >> passwordsufficientpam_unix.so md5 shadow nullok
> >> try_first_pass
> >> use_authtok
> >>
> >> I want to change them to this (result set):
> >>
> >> passwordrequisite pam_cracklib.so retry=3 lcredit=1  
> ucredit=1
> >> dcredit=1 ocredit=1
> >> passwordsufficientpam_unix.so md5 shadow try_first_pass
> >> use_authtok remember=7
> >>
> >> Essentially, I need to check if the lines match the result set  
> and if
> >> not, to make the change. I'm happily able to make the proper  
> changes,
> >> using the following (using the first line as an example):
> >>
> >> changes => [ "rm *[module='pam_cracklib.so'][type='password']/
> >> argument",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[1]
> >> retry=3",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[2]
> >> lcredit=1",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[3]
> >> ucredit=1",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[4]
> >> dcredit=1",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[5]
> >> ocredit=1"],
> >>
> >> But I'm really struggling with the onlyif line to check that all  
> the
> >> arguments are in place, the correct value and there are no extras.
> >> I'm
> >> able to test individual argument values and the overall count,  
> but I
> >> seem unable to build a full match that checks everything at once,
> >> i.e.
> >> checks each of the first five argument values and ensures that
> >> there are
> >> only 5 arguments total.
> >
> > If you don't mind an unnecessary change the first time you run your
> > Augeas resource on a system, you don't need the onlyif - unnecessary
> > here means that system-auth might be changed simply because there's
> > different amounts of spaces between the current file and what Augeas
> > would generate based on your tree changes.
> >
> > Augeas will not actually change the file if it stays byte-for-byte
> > identical, even if you made changes to the tree (e.g. change the  
> value
> > of a node to something new, then back to the old thing)
> >
> > Depending on the version of the Augeas plugin you have, puppet  
> _might_
> > report changes even though none were necessary (or made) - Bryan  
> might
> > be able to shed some light on the state of reporting in the Augeas
> > type
> > in 0.24.7 vs the latest in git.
> >
> > David
> >
> >
> >
> > >
>
>
>
>
>
>
> -- 
> Paul Matthews
> --
>
> >


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

[Puppet Users] Re: Using Augeas type to update sshd_config's AllowGroups

2009-03-04 Thread AJ Christensen

To clarify; if you're upset by my behavior - this was meant to be an  
off-list reply. I apologies if I've offended anyones sensibilities.

Puppet tends to gather some of the smartest minds around architecture.

Regards,

AJ

On 5/03/2009, at 12:18 AM, paul matthews wrote:

> I could be out of line in saying this but rather than developing an  
> alternate to Puppet, would your efforts not be better served  
> producing something that is complementary. The puppet equivalent of 
> http://nagiosexchange.org 
> , springs to mind. As I understand it there is a need for a  
> repository for modules for parts of puppet which are non-core.  
> Nagiosexchange is a viable venture in its own right and the two co- 
> exist as mutually beneficial partners. At least I think that's the  
> case.
>
> Gaining knowledge from this group, to work on something which can  
> only be considered as a rival, seems somehow not quite right
>
> Paul
>
> 2009/3/4 AJ Christensen 
>
> Hi David,
>
> Not sure if you looked at it, but I'm one of the developers of Chef;
> an alternate ruby-based configuration management / systems integration
> framework.
>
> What work is involved in getting a functional Augeas resource? I'm not
> sure we want to expose the level of functionality of Augeas entirely,
> but perhaps expose it through limited resources, that is unless we can
> lock it down a little. There are ruby bindings, yes?
>
> Regards,
>
> AJ
>
> On 4/03/2009, at 5:55 PM, David Lutterkort wrote:
>
> >
> > On Wed, 2009-03-04 at 12:46 +1100, Avi Miller wrote:
> >> Hi David,
> >>
> >> David Lutterkort wrote:
> >>> Yeah, that's what that means. Here's a dirty trick to check  
> multiple
> >>> conditions:
> >>
> >> Your assistance so far has been awesome. If I had more time to
> >> play, I'm
> >> sure I could solve this in time, but I'm being hammered by the
> >> security
> >> teams and I need to get a solution onto our servers as soon as
> >> possible.
> >>
> >> I'm trying to check/change /etc/pam.d/system-auth
> >>
> >> The initial (default set) lines look like this:
> >>
> >> passwordrequisite pam_cracklib.so try_first_pass retry=3
> >> passwordsufficientpam_unix.so md5 shadow nullok
> >> try_first_pass
> >> use_authtok
> >>
> >> I want to change them to this (result set):
> >>
> >> passwordrequisite pam_cracklib.so retry=3 lcredit=1  
> ucredit=1
> >> dcredit=1 ocredit=1
> >> passwordsufficientpam_unix.so md5 shadow try_first_pass
> >> use_authtok remember=7
> >>
> >> Essentially, I need to check if the lines match the result set  
> and if
> >> not, to make the change. I'm happily able to make the proper  
> changes,
> >> using the following (using the first line as an example):
> >>
> >> changes => [ "rm *[module='pam_cracklib.so'][type='password']/
> >> argument",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[1]
> >> retry=3",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[2]
> >> lcredit=1",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[3]
> >> ucredit=1",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[4]
> >> dcredit=1",
> >> "set *[module='pam_cracklib.so'][type='password']/argument[5]
> >> ocredit=1"],
> >>
> >> But I'm really struggling with the onlyif line to check that all  
> the
> >> arguments are in place, the correct value and there are no extras.
> >> I'm
> >> able to test individual argument values and the overall count,  
> but I
> >> seem unable to build a full match that checks everything at once,
> >> i.e.
> >> checks each of the first five argument values and ensures that
> >> there are
> >> only 5 arguments total.
> >
> > If you don't mind an unnecessary change the first time you run your
> > Augeas resource on a system, you don't need the onlyif - unnecessary
> > here means that system-auth might be changed simply because there's
> > different amounts of spaces between the current file and what Augeas
> > would generate based on your tree changes.
> >
> > Augeas will not actually change

[Puppet Users] Announce: puppet-client-tools (PuppetDB CLI) 1.0.1 is available!

2016-06-28 Thread AJ Roetker

puppet-client-tools 1.0.1 (PuppetDB CLI) - 2016-06-28

Installation

Please see the PuppetDB documentation
 for
installation and usage instructions.

Fixes

   - Requests that result in an error response from PuppetDB no longer
   print "no error found" after printing the error.
   - Fixed the incompatibility of puppet-client-tools with puppet-agent 1.5.


Contributors

Andrew Roetker and Wyatt Alt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAL56sGkRw6z7cEx0vtmhZM0hXed0Zjy4Rxa6xoQCqct777NJrw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Problems with new PE 2016.4 install

2016-11-03 Thread AJ Johnson

Hi Jonathan -

Can you run facter -p (interested in what mountpoints is) and `mount`, and 
paste the output.

Also can you run:

puppet apply -e 'notify { "${::mountpoints}": }; notify { 
"${::mountpoints["/"]}": }'


Thanks,


-aj

On Thursday, November 3, 2016 at 2:52:35 AM UTC-7, Jonathan Gazeley wrote:
>
> Hi folks, 
>
> I've been running open-source Puppet 3.x for years but this week I'm 
> dabbling with a new installation of PE 2016.4. I installed from the 
> pointy-clicky installer and so far the PE server only has itself in the 
> inventory, but is failing to do a puppet run. It bails with this error: 
>
> Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource 
> Statement, Evaluation Error: Error while evaluating a Method call, 'dig' 
> parameter 'data' expects a Collection value, got String at 
> /opt/puppetlabs/puppet/modules/puppet_enterprise/manifests/master/puppetserver.pp:673:42
>  
>
> on node puppet4-prod.resnet.bris.ac.uk 
>
> I think that manifest is something that came with PE and not something 
> I've installed, so I've no idea where to start. Any ideas? 
>
> Thanks, 
> Jonathan 
>
> -- 
> Jonathan Gazeley 
> Senior Systems Administrator 
> IT Services 
> University of Bristol 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ea15755d-5e67-4333-96f4-870d239287a7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] [announce] The PuppetDB module master branch (5.x) gets breaking changes

2015-05-21 Thread AJ Roetker

The upcoming release of the PuppetDB module, `puppetlabs-puppetdb`, will be
getting some breaking changes to prepare for the release of `PuppetDB
3.0.0`.

 We will be creating a`stable` branch in the module's Github repo that will
function as the module's `4.x` branch.  **Any configuration currently
pointing at the
`puppetlabs-puppetdb` master branch should move to this new stable branch.**

The master branch will be released as version `5.0.0` of the module and
will be backwards compatible with `PuppetDB 2.x`. The breaking changes are
default configuration parameters which will need to be changed in order for
the module to work with `PuppetDB 2.x`.

Let us know if you have any questions,
-The PuppetDB Team

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAL56sG%3Dmidawo_0z3%2BWexgJT-gzYHLZ3hnTjuLjjGpxyy9%3Dk%3DQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] [ANN] "puppetlabs-puppetdb" module v5.0.0 released

2015-07-09 Thread AJ Roetker

“puppetlabs-puppetdb” v5.0.0 has been released!

https://github.com/puppetlabs/puppetlabs-puppetdb/blob/5.0.0/CHANGELOG

v5.0.0 - 2015/07/09

This is a major release to provide default support for PuppetDB 3.0.0, so

lots of changes have been introduced. Ensure you read the upgrade guide

provided in the README

before upgrading to this release. Also see the

PuppetDB 3.0.0 release notes
for more
information on the latest changes for

PuppetDB.

Detailed changes:

* Packaging paths by default favor the PDB 3.0.0 AIO paths now.

* Added legacy handling for old terminus & service versions (see upgrade
guide

in README

for details)

* PDB 3.0.0 introduces new pathing for the API requests, so all the defaults

for this module are switched to use that now.

* Support for Puppet 4 added.

* manage_pg_repo is now on by default when using the puppetlabs/postgresql
module,

as PDB 3.0.0 supports only 9.4. This enables the use of the upstream PGDG

PostgreSQL repos for all distros to obtain a working version of 9.4. The

option can be disabled if required.
* Default ssl-host is now 0.0.0.0

Cheers,
The PuppetDB Team

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAL56sG%3Df_dXkLWEJqwR0a9DBJ8heFZ7QaKUrVe8NtFd3CHJEvQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Announce: PuppetDB 3.0.2 is available!

2015-08-04 Thread AJ Roetker

PuppetDB 3.0.2 - August 4, 2015

PuppetDB 3.0.2 Downloads

Available in native package format as part of Puppet Collection 1 (PC1).
More information on the PC1 repositories is available here:
http://bit.ly/1HQJDNb

Binary tarball: http://downloads.puppetlabs.com/puppetdb/

Source: http://github.com/puppetlabs/puppetdb

Please report feedback via the Puppet Labs tickets site, using an affected
PuppetDB version of 3.0.2: https://tickets.puppetlabs.com/browse/PDB

Documentation: http://docs.puppetlabs.com/puppetdb/3.0/

Puppet module: http://forge.puppetlabs.com/puppetlabs/puppetdb

PuppetDB 3.0.2 Release Notes

PuppetDB 3.0.2 is a bugfix release to address performance issues with the
aggregate-event-count and fact-paths endpoints as well as memory starvation
involving structured-facts.

Previously PuppetDB cached prepared statements for SQL queries. This
caused memory starvation involving structured-facts where large
structured-facts would create a new prepared statement object for each
update. The large objects would accumulate in the cache due to the non-zero
cache size. This release addresses this issue in two ways, by disabling the
cache and changing the structured-facts update queries to be more
efficient. (https://tickets.puppetlabs.com/browse/PDB-1721)

Given a large number of nodes and reports, consumers of the
aggregate-event-counts endpoint were experiencing slow response times.
These performance issues have have been addressed in this release. One
notable outcome from these fixes is that the endpoint no longer requires a
query parameter. (https://tickets.puppetlabs.com/browse/PDB-1809)

Some PuppetDB tables were never analyzed by the autovacuum analyzer
which led to performance issues with the fact-paths endpoint. This release
adds code to perform the analyze whenever PuppetDB schema are updated. (
https://tickets.puppetlabs.com/browse/PDB-1812)

This release fixes an issue where the `max-frame-size` parameter was
being ignored by consumers of the command queue, causing large commands to
produce stacktraces in the PuppetDB log. (
https://tickets.puppetlabs.com/browse/PDB-1812)

Contributors
---

Andrew Roetker, Jorie Tappa, Ken Barber, Melissa Stone, Nick Fagerlund, Rob
Browning, Russell Mull, Wyatt Alt

Cheers,
PuppetDB Team

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAL56sG%3DLqGiCeosbF6yYzvUn4vxy6G1UPqT0eh5wVVKo-G1Xpg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Announce: puppet-client-tools (PuppetDB CLI) 1.0.0 is available!

2016-04-07 Thread AJ Roetker

puppet-client-tools 1.0.0 (PuppetDB CLI) - 2016-04-07

Summary

Today we released the initial release of puppet-client-tools which for
includes subcommands for querying and administering PuppetDB.

The PuppetDB CLI is intended to facilitate friendlier interactions with the
PuppetDB API.

The PuppetDB CLI accepts a configuration file with SSL credentials and the
url for your PuppetDB server so you can issue queries to PuppetDB on your
own machine without needing to type long curl invocations.

We intend to use the PuppetDB CLI to provide human readable output formats
and helpful hints for interacting with the API more generally.

Installation

Please see the PuppetDB documentation
 for
installation and usage instructions.

Features

   - New implementations of our puppetdb import and puppetdb export tools
   for faster startup. The commands are now Puppet subcommands puppet-db
   import and puppet-db export respectively.
   - A puppet-query subcommand for querying PuppetDB with PQL or AST
   queries.


Contributors

Andrew Roetker, Rob Browning, Ryan Senior, and Wyatt Alt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAL56sGkK237%2BHyArQ5Y150E93qzf49xz5WhPwH8D8Oiahtyh4g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Announce: puppet-client-tools (PuppetDB CLI) 1.0.0 is available!

2016-04-07 Thread AJ Roetker

On Thu, Apr 7, 2016 at 5:20 PM, AJ Roetker 
wrote:

> puppet-client-tools 1.0.0 (PuppetDB CLI) - 2016-04-07
> <https://github.com/puppetlabs/puppetdb-cli/blob/stable/CHANGELOG.md#summary>
> Summary
>
> Today we released the initial release of puppet-client-tools which for
> includes subcommands for querying and administering PuppetDB.
>
> The PuppetDB CLI is intended to facilitate friendlier interactions with
> the PuppetDB API.
>
> The PuppetDB CLI accepts a configuration file with SSL credentials and the
> url for your PuppetDB server so you can issue queries to PuppetDB on your
> own machine without needing to type long curl invocations.
>
> We intend to use the PuppetDB CLI to provide human readable output formats
> and helpful hints for interacting with the API more generally.
>
> <https://github.com/puppetlabs/puppetdb-cli/blob/stable/CHANGELOG.md#installation>
> Installation
>
> Please see the PuppetDB documentation
> <https://docs.puppetlabs.com/puppetdb/master/pdb_client_tools.html> for
> installation and usage instructions.
>
This link is broken, here is the real link
<https://docs.puppet.com/puppetdb/4.0/pdb_client_tools.html> and here is a
link to the puppetdb-cli repository
<https://github.com/puppetlabs/puppetdb-cli>.

>
> <https://github.com/puppetlabs/puppetdb-cli/blob/stable/CHANGELOG.md#features>
> Features
>
>- New implementations of our puppetdb import and puppetdb export tools
>for faster startup. The commands are now Puppet subcommands puppet-db
>import and puppet-db export respectively.
>- A puppet-query subcommand for querying PuppetDB with PQL or AST
>queries.
>
>
> <https://github.com/puppetlabs/puppetdb-cli/blob/stable/CHANGELOG.md#contributors>
> Contributors
>
> Andrew Roetker, Rob Browning, Ryan Senior, and Wyatt Alt.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAL56sGnYfvGa%3DUjz8RUaZ82PJPcL2%2BB0ZDiS%3Dxy5SpbeOp%3DBKg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Puppet for password management

2008-10-03 Thread AJ Christensen (Fujin)


I wrote a parser func that relies on mkpasswd on the master ages ago:
http://pastie.org/pastes/222996

## mkpasswd("password", "12345678")
# needs an 8-char salt *always*
module Puppet::Parser::Functions
  newfunction(:mkpasswd, :type => :rvalue) do |args|
%x{/usr/bin/mkpasswd -H MD5 #{args[0]} #{args[1]}}.chomp
  end
end

## usage [plain_text]
$pw = mkpasswd("test", "12345678")
notify { $pw: }

## output [plain_text]
notice: //Node[junglist]/Notify[$1$12345678$oEitTZYQtRHfNGmsFvTBA/]/
message: is absent, should be $1$12345678$oEitTZYQtRHfNGmsFvTBA/

On Oct 4, 4:41 am, Mike Pountney <[EMAIL PROTECTED]> wrote:
> On 2 Oct 2008, at 18:01, Geoff Newell wrote:
>
> > I'm working on a turnkey Linux system where the post build config is  
> > handled with puppet.
> > One of the unique constraints with a turnkey system is that  
> > passwords are essentially set at build time and then stay fixed for  
> > the life of the product.
> > I was wondering if anyone had used puppet to manage user passwords?
> > The 'user' type supports an encrypted hash, but ideally I need the  
> > facility of passing in a plaintext password, md5 hash it and then  
> > have puppet idempotently check it's been set.
>
> You can do this via shelling out via generate() on the puppetmaster:
>
> $salt = 'dqwdqaom'
> $password = 'mycleartextpassword'
>
> $md5_password = generate('/bin/sh', '-c', "/usr/bin/mkpasswd -H md5 -S  
> $salt '$passwd' | tr -d '\n'")
>
> Ugly, but it works.
>
> The pretty way of doing this would be to create a custom function.  
> We're intending on doing this, but it's not there yet.
>
> Cheers,
>
> Mike
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~--~~~~--~~--~--~---

50 matches

Mail list logo