[Puppet - Bug #3835] (Unreviewed) Recursively absent directories don't remove the files inside the directory

redmine Fri, 21 May 2010 05:54:09 -0700

Issue #3835 has been reported by Yaakov M. Nemoy.

----------------------------------------
Bug #3835: Recursively absent directories don't remove the files inside the 
directory
http://projects.puppetlabs.com/issues/3835


Author: Yaakov M. Nemoy
Status: Unreviewed
Priority: Normal
Assigned to: 
Category: 
Target version: 
Affected version: 0.25.4
Keywords: 
Branch: 


In our puppet configuration, we have a recursive directory defined that can be 
present or absent based on whether the owning service is active on the system. 
When the module is set to be enabled, the config below works quite ok, the 
appropriate files are copied over. When the module is disabled, the expected 
behavior is that the directory and its contents would be removed. If the 
directory was present, it would be removed, and there would be a single 
notification about it. The actual results are that the directory is indeed 
removed, but as seen below, we receive rather strange error messages from what 
would be the contents of the directory were it set to be present. Since puppetd 
is set to rerun itself every half hour, this clutters up our logs, and is noisy 
enough to obscure any actual errors or changes.

I find it particularly strange that these file resources are being set to 
'file' when they should inherit the attribute of the recursive directory file 
resource.

    define module($enable = false) {
        case $name {
            "mod_security": {
                file { "/etc/httpd/modsecurity.d/":
                    # apparently puppet 0.25.4 fails at recursive absentness, 
so this is the hack
                    # modsecurity isn't enabled anyways, so we just make the 
stuff present, and ignore it
                    # sorry for the mess -ymn
                    ensure => $enable ? {
                        true => directory,
                        false => absent
                    },
                    # ensure => directory,
                    source => [
                               
"puppet://$server/files/private/webserver/modsecurity.d/",
                               
"puppet://$server/files/webserver/modsecurity.d/",
                               "puppet://$server/webserver/modsecurity.d/"
                               ],
                    recurse => true,
                    purge => true,
                    ignore => ".*", # prevents .svn from being copied over
                    force => true,
                    notify => Service["httpd"]
                }
            }
        }

When the module is set to disable, we get the following output:

    Fri May 21 14:45:53 +0200 2010 Puppet (notice): Starting Puppet client 
version 0.25.4
    Fri May 21 14:45:53 +0200 2010 Puppet (warning): Fact syncing is deprecated 
as of 0.25 -- use 'pluginsync' instead
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf]/ensure (err): 
change from absent to file failed: Could not set file on ensure: No such file 
or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf.puppettmp_7206
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_20_protocol_violations.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_20_protocol_violations.conf.puppettmp_416
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf.puppettmp_5560
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_23_request_limits.conf]/ensure 
(err): change from absent to file failed: Could not set file on ensure: No such 
file or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_23_request_limits.conf.puppettmp_4204
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_30_http_policy.conf]/ensure 
(err): change from absent to file failed: Could not set file on ensure: No such 
file or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_30_http_policy.conf.puppettmp_3195
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_35_bad_robots.conf]/ensure 
(err): change from absent to file failed: Could not set file on ensure: No such 
file or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_35_bad_robots.conf.puppettmp_4953
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_40_generic_attacks.conf]/ensure 
(err): change from absent to file failed: Could not set file on ensure: No such 
file or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_40_generic_attacks.conf.puppettmp_7767
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_45_trojans.conf]/ensure (err): 
change from absent to file failed: Could not set file on ensure: No such file 
or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_45_trojans.conf.puppettmp_4240
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf]/ensure (err): 
change from absent to file failed: Could not set file on ensure: No such file 
or directory - 
/etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf.puppettmp_4554
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules]/ensure (err): change from absent 
to directory failed: Cannot create /etc/httpd/modsecurity.d/optional_rules; 
parent directory /etc/httpd/modsecurity.d does not exist
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_20_protocol_violations.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_20_protocol_violations.conf.puppettmp_3799
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_21_protocol_anomalies.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_21_protocol_anomalies.conf.puppettmp_4912
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_40_generic_attacks.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_40_generic_attacks.conf.puppettmp_6569
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_42_comment_spam.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_42_comment_spam.conf.puppettmp_142
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_42_tight_security.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_42_tight_security.conf.puppettmp_3758
    Fri May 21 14:46:07 +0200 2010 
/File[/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_55_marketing.conf]/ensure
 (err): change from absent to file failed: Could not set file on ensure: No 
such file or directory - 
/etc/httpd/modsecurity.d/optional_rules/modsecurity_crs_55_marketing.conf.puppettmp_9563
    Fri May 21 14:46:11 +0200 2010 Puppet (warning): Value of 
'preferred_serialization_format' (pson) is invalid for report, using default 
(marshal)
    Fri May 21 14:46:11 +0200 2010 Puppet (notice): Finished catalog run in 
9.54 seconds



-- 
You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here: 
http://projects.puppetlabs.com/my/account

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/puppet-bugs?hl=en.

[Puppet - Bug #3835] (Unreviewed) Recursively absent directories don't remove the files inside the directory

Reply via email to