Issue #791 has been updated by John Bollinger.
Jo Rhett wrote: > So we just observed that LDAP groups can be not seen as long as a month > later, if puppet was used to modify nsswitch.conf and hasn't restarted since > then. I don't know about the mid-run re-exec, but I think it should be > simple for puppet to make sure it rereads nsswitch.conf (or re-execs) when it > starts a run... Per the manual for nsswitch.conf (5): "Within each process that uses nsswitch.conf, the entire file is read once; if the file is later changed, the process will continue to use the old configuration." Thus it is *not* simple to make Puppet reread nsswitch.conf. In fact, it's impossible. I would expect that if you run the Puppet agent periodically via cron, instead of as its own daemon, then each run will re-read nsswitch.conf. ---------------------------------------- Bug #791: Users and groups created mid-transaction are not found https://projects.puppetlabs.com/issues/791#change-63869 Author: Marcin Owsiany Status: Accepted Priority: Normal Assignee: Category: user Target version: Affected Puppet version: 0.24.4 Keywords: Branch: I recently noticed the following: <pre> Aug 23 18:09:35 extdns03 puppetdr987: [ID 702911 daemon.error] (//extdns03/common_foglight/foglight_agents_setup/Exec[/opt/foglight/script/setup.sh]) Failed to call refresh on Exec[/opt/foglight/script/setup.sh]: Invalid user: foglight </pre> While I'm reasonably sure that the user did exist at that point. So after long and painful debugging I did the following: <pre> extdns01# RUBYLIB=. irb irb(main):001:0> require 'puppet' => true irb(main):002:0> Puppet::Util.uid('boom') => nil [ Now, in a different window, ran "adduser boom" ] irb(main):003:0> Puppet::Util.uid('boom') => nil irb(main):004:0> </pre> I guess puppet should flush the uid/gid cache on any user/group operation, or possibly even every time. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
