Hello fellow puppet masters,
We currently use winbind to allow our admins to log onto our Linux servers
with their Windows AD accounts. Every now and then, a comms issue will
drop AD out from under the server, which causes winbind to stop checking
AD. The service is still technically running though, so puppet thinks
everything is fine. I can run a "getent passwd <username>" to verify that
winbind is or isn't working.
So I wanted to utilize that check and have my winbind service entry to
subscribe to this exec:
service{ 'winbind':
enable => true,
ensure => running,
subcribe => Exec['check-winbind'];
}
exec{ 'check-winbind':
path => ['/usr/bin','/sbin','/bin'],
command => ['getent passwd user | grep -c user'],
}
So when the command failed, that would trigger puppet to restart the
service. But when the check would return 0 (because it couldn't find user
in AD), puppet gives me the following:
Service[winbind]: Dependency Exec[check-winbind] has failures: true
Service[winbind]: Skipping because of failed dependencies
Not what I wanted to see... though I do understand why it is saying it
(just not how to change it). So what I ended up doing was turning the
command into an "unless" statement, and set the "command" to be "service
winbind restart", and remove the subscribe statement form my winbind
service entry. Now, this works... but it just seems silly to me to have to
restart the service via an exec statement when I am already monitoring the
winbind service.
Any ideas on how to simplify this and get it back to my original goal of
subscribing the service to this check? Thanks!
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/zuisMOF45xUJ.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
