Issue #16121 has been reported by Chris Henry.
----------------------------------------
Bug #16121: Cron user change results in duplicate entries on target user
https://projects.puppetlabs.com/issues/16121
Author: Chris Henry
Status: Unreviewed
Priority: Normal
Assignee:
Category: cron
Target version:
Affected Puppet version:
Keywords:
Branch:
Running puppetmaster 2.7.13 and puppetd 2.7.13 on Centos6
We have a puppet module that installs some scripts and creates a cronjob to
pickup gzip'd logs and upload them to s3. I mistakenly created the cron job as
the user 'www-data' initially - but later found out that the supervisord daemon
logs as 'root' - so I changed the user of a puppet cronjob from 'www-data' ->
'root'.
On a puppetd run the client successfully detects the change and returns a
notice that it is changing users for the cron job - but the end result is that
the cron job is not removed for the www-data user and a duplicate job is create
on the root users crontab.
I didn't notice this for about a day but when I looked I saw that there were
many duplicate entries in the root users crontab for this job - presumably one
for each puppetd run.
The only crontab jobs on this server are managed by puppet - no manual edits or
jobs have ever been created
As you can see in the output below every client run results in the cronjob
still existing for the www-data user and another entry being generated in the
root users crontab:
<pre>
client puppetd run:
[user@HOSTNAME ~]$ date
Sat Aug 25 07:52:20 UTC 2012
[user@HOSTNAME ~]$ sudo puppetd -t
info: Caching catalog for HOSTNAME
info: Applying configuration version '1345880642'
notice:
/Stage[main]/S3_logrotate::Supervisord/Cron[s3_logger_supervisord]/user: user
changed 'www-data' to 'root'
notice:
/Stage[main]/S3_logrotate::Supervisord/Cron[s3_logger_supervisord]/target:
target changed 'www-data' to 'root'
notice: Finished catalog run in 31.34 seconds
[user@HOSTNAME ~]$
---------------
'www-data' crontab after run:
[user@HOSTNAME ~]$ date
Sat Aug 25 07:53:36 UTC 2012
[user@HOSTNAME ~]$ sudo -u www-data crontab -l
# HEADER: This file was autogenerated at Fri Aug 24 20:09:06 +0000 2012 by
puppet.
# HEADER: While it can still be managed manually, it is definitely not
recommended.
# HEADER: Note particularly that the comments starting with 'Puppet Name' should
# HEADER: not be deleted, as doing so could cause duplicate cron jobs.
# Puppet Name: s3_logger_crond
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/crond -l /var/has/log/s3_logrotate/HOSTNAME_crond -s
secret_key_here -k key_here
# Puppet Name: s3_logger_nginx
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/nginx -l /var/has/log/s3_logrotate/HOSTNAME_nginx -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_api
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/data/log/api -l /var/has/log/s3_logrotate/HOSTNAME_api -s 'secret_key_here' -k
'key_here'
[user@HOSTNAME ~]$
------------------
'root' crontab after run:
[user@HOSTNAME ~]$ date
Sat Aug 25 07:54:15 UTC 2012
[user@HOSTNAME ~]$ sudo -u root crontab -l
# HEADER: This file was autogenerated at Sat Aug 25 07:53:08 +0000 2012 by
puppet.
# HEADER: While it can still be managed manually, it is definitely not
recommended.
# HEADER: Note particularly that the comments starting with 'Puppet Name' should
# HEADER: not be deleted, as doing so could cause duplicate cron jobs.
# Puppet Name: puppet_clientbucket_cleanup
15 1 * * * /usr/bin/find /var/lib/puppet/clientbucket/ -type f -mtime +14 -exec
rm {} \;
# Puppet Name: s3_logger_php-fpm_cleanup
35 23 * * * /bin/find /var/has/log/s3_logrotate -name 'HOSTNAME_php-fpm.*'
-mtime +7 -exec rm {} \;
# Puppet Name: s3_logger_nginx_cleanup
35 23 * * * /bin/find /var/has/log/s3_logrotate -name 'HOSTNAME_nginx.*' -mtime
+7 -exec rm {} \;
# Puppet Name: s3_logger_crond_cleanup
35 23 * * * /bin/find /var/has/log/s3_logrotate -name 'HOSTNAME_crond.*' -mtime
+7 -exec rm {} \;
# Puppet Name: s3_logger_supervisord_cleanup
35 23 * * * /bin/find /var/has/log/s3_logrotate -name 'HOSTNAME_supervisord.*'
-mtime +7 -exec rm {} \;
# Puppet Name: s3_logger_api_cleanup
35 23 * * * /bin/find /var/has/log/s3_logrotate -name 'HOSTNAME_api.*' -mtime
+7 -exec rm {} \;
# Puppet Name: s3_logger_php-fpm
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/php-fpm -l /var/has/log/s3_logrotate/HOSTNAME_php-fpm -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
# Puppet Name: s3_logger_supervisord
40 23 * * * /var/has/s3_logrotate/bin/s3_logrotate.py -b bucket_name -p
/var/has/log/supervisord -l /var/has/log/s3_logrotate/HOSTNAME_supervisord -s
'secret_key_here' -k 'key_here'
[user@HOSTNAME ~]$
------------------
manifest:
class s3_logrotate::supervisord ($secret, $key,
$bucket,$path='/var/has/log/supervisord') {
include s3_logrotate
Cron {
require => Class["s3_logrotate"]
}
cron {
"s3_logger_supervisord":
command => "/var/has/s3_logrotate/bin/s3_logrotate.py -b $bucket
-p $path -l /var/has/log/s3_logrotate/${hostname}_supervisord -s '${secret}' -k
'${key}'",
user => root, # this used to be www-data but supervisord logs
as root
minute => 40,
hour => 23;
"s3_logger_supervisord_cleanup":
command => "/bin/find /var/has/log/s3_logrotate -name
'${hostname}_supervisord.*' -mtime +7 -exec rm {} \\;",
user => root,
minute => 35,
hour => 23;
}
}
</pre>
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
