in' ],
> onlyif => "/bin/grep '^SELINUX=enforcing' /etc/sysconfig/selinux
> 2>/dev/null",
> logoutput => true,
> }
As an alternative to the exec method, you might want to look into using the
augeas type instead. It's capable of readin
+
| [foo]|
+--+
1 row in set (0.02 sec)
Beyond that, I have no idea what other impacts the trailing space would cause
within puppet.
For what it's worth, postgresql doesn't display this behavior.
--
Frank Sweetser fs at wpi.edu | For every proble
class motd {
$ascii = generate('/bin/sh', '-c', "/bin/echo OS:
$operatingsystem )
Is this a direct cut and paste? Because if so, you're missing a closing double
quote here.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WP
ll of those exec types by using
the file type, set to create links or directories. Check out the type reference
page if you're not familiar with those options.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant,
contents?
check out the augeas type, it should let you do exactly what you're looking for.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8
On 3/2/2011 7:42 PM, Randall Hansen wrote:
On Mar 2, 2011, at 3:51 PM, Frank Sweetser wrote:
In this scenario, it would be far more useful to simply use LDAP to verify
usernames and passwords, and then consult internal records to assign a list
of roles.
This is a great use case, Frank. What
passwords, and then consult internal
records to assign a list of roles.
Not that I've pounded my head against products that didn't support this kind of
split, or anything.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer |
local rpm database or a copy of
the original rpm. for a little extra, you can pgp sign your rpm files too.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257
/getsebool: SELinux is
disabled
The simplest way would probably be to make that chunk of the manifest
conditional on the selinux facts:
[r...@jms ~]# facter -p | grep sel
selinux => true
selinux_enforced => false
selinux_mode => targeted
selinux_policyversion => 21
--
Frank Sweetser
double
quotes before the nice command isn't helping any =)
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
--
url = "http://srv2-puppet:3000/#{SETTINGS
> [:rrd_report_url]}/#{host.name}" -%>
That's not a valid url - you're attempting to point it at a hostname of
'srv2-puppet' on a port of '3000'. Try taking the bold tags out.
--
Frank Sweetser fs at wpi.edu | For eve
or nginx might be generating an error message. Try
pointing a web browser at https://:8140 and see if you get
anything helpful.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerp
entry and set purge => true.
Is there any way I can get similar functionality with the augeas type?
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 12
that architecture stuff keys off of facter, right? How hard
would it be to serialize the output of 'facter -p' and feed it to the puppet
run that does the core of the testing work?
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Enginee
r, which would break everything.
I'm fairly certain that yum is considered a core package on CentOS, so you
should be able to rely on it being there. Besides, if yum isn't installed,
how do you expect to install it?
That said, if you still want your manifest to reflect yum, adding
Frank Sweetser wrote:
> Purging out the client state did indeed fix the glitch on one of the
> problematic systems. I made a copy of /var/lib/puppet from when the
> problem was occurring, and have another system still generating the
> problem, so let me know if you want any of it
generating the problem, so let me
know if you want any of it gathered up for debugging purposes.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174
,
owner => root,
group => root, mode => 644,
content => "130.215.144.33
130.215.32.18
130.215.39.18
",
require => Package[ntp]
}
}
--
Frank Sweetser fs at wpi.edu | For every problem, there is
re having
> the same trouble. Code's at http://gist.github.com/74566, and also
> pasted below for convenience.
This would look great added to the puppet wiki =)
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, e
;
> Is there a preferred/recommended way to ensure that Facter, when called
> by Puppet as a service, sees particular envvars?
The files in /etc/profile.d are, as you found out, only loaded for interactive
login sessions. I'd recommend putting those lines directly into
/etc/sys
evelopment truism: It's *always*
> easier to start from scratch, it's just not not always better.
Starting is easy; finishing is harder.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, an
SELinux blocking anything, so this bug can bite
you even if you have SELinux enabled in permissive mode.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong
WEBrick: Address already in use - bind(2)
That error message means that something else is already listening on that
port. You can use the command (as root)
lsof -i -P
to see what processes are listening on what ports.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solutio
one who hits the same problem, it turns out that I
was running into http://projects.reductivelabs.com/issues/1963
Once I fixed that, everything else started working fine.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple,
ieve
After that, it just sits there.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E3
't any denial messages logged, and
also tried it with SELinux set to permissive, and nothing changed.
Anyone have any suggestions for anything else for me to try?
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant,
r runs without waiting for the
next scheduled run.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC
--~--~-~--~---
tutorial page on the puppet website, it's got complete docs on what
you're looking for.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken
GPG fingerprint = 6174 1257 129E 0D21
run, so if it fails and i re-run
> puppet, all files would be deployed.
I don't see anything obviously responsible for creating /var/app/$serviceName
there. Assuming that the package installation creates it, you need to use
before/requires statements to tell pu
David Dyer-Bennet wrote:
>
> On Thu, February 12, 2009 10:34, Frank Sweetser wrote:
>> David Dyer-Bennet wrote:
>>> Darned thing is suddenly failing. We had a reboot last night, and I
>>> changed a couple of files today too, so either one could somehow be
>&g
ce of this file in
turn confused the selinux code of the file type.
So, in short, try deleting /selinux/enable and see if that fixes things.
--
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Menck
ironments let you use a single puppetmaster. Each
environment has a totally separate manifest, so you can have conflicting
versions of classes existing in different environments. You would have each
environment fed by a different branch of your manifest. At that point, you
can apply existing deve
Arnau Bria wrote:
> On Tue, 03 Feb 2009 09:22:20 -0500
> Frank Sweetser wrote:
>
>>> So the file changes after first start.
>>> If I keep the first line (createUser one), everytime puppet runs
>>> will notice that file has changed and will redo this step.
>
Arnau Bria wrote:
> On Tue, 03 Feb 2009 07:25:38 -0500
> Frank Sweetser wrote:
>
>
>> It's hard to say for certain, since you didn't actually post what the
>> errors are, but I see a couple issues here.
>
> Ups, sorry, the error is that the f
restart of the service.
In order to do that, you should use either the notify or subscribe options.
So instead, you might try replacing that exec with a file type something like
so:
file { "/var/net-snmp/snmpd.conf":
ensure => present,
owner => "root",
group => &q
something like this:
package { "vim-purge":
name => "vim",
ensure => absent
}
package { "vim":
name => "vim-nox",
ensure => installed,
require => Package["vim-purge"]
}
The require should make sure that it uninstalls the vim pack
ut I'm open to anything at this point --
> suggestions welcome!
Are you by any chance using storeconfigs and mysql? If so, make sure you're
using the mysql gem connector, rather than the very simple one that ships with
rails.
http://reductivelabs.com/trac/puppet/wiki/UsingStoredConf
37 matches
Mail list logo
