Issue #16248 has been updated by Peter Meier.
I'm not sure if this is a good idea. In my opinion puppet should behave with --noop exactly the way it would without, except applying any changes. Furthermore, there are other problems that can come up if you run --noop as a user, but actually intend to test what it would behave like if you run it as root, as reading content of files to compare them that are only readable by root. This would also fail as a unprivileged user, but wouldn't as root. Why should it be different for an exec resource? While I see that this fixes your problem of testing, I'm questioning whether it is a good idea at all to test your manifests as a unprivileged user, as many other problems might come up as well. ---------------------------------------- Bug #16248: `puppet apply --noop` fails on exec resource with user attribute if not root https://projects.puppetlabs.com/issues/16248#change-70558 Author: Kristian Glass Status: Unreviewed Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: Branch: Context: I'm using `puppet apply --noop` as a Puppet testing "middle ground"; more thorough than `puppet parser validate`, quicker start than writing full rspec/similar tests. Understandably, `puppet apply` should and does object *without* `--noop` - "Parameter user failed: Only root can execute commands as other users", however I'm not convinced this should be enforced when using `--noop`, the main use-case for which seems to be testing, where it probably wouldn't be run as root. It's a trivial patch to 'fix' (attached) - am I on the right track with my interpretation of `--noop`? $ git diff diff --git a/lib/puppet/type/exec.rb b/lib/puppet/type/exec.rb index 34bb47a..e9ad536 100755 --- a/lib/puppet/type/exec.rb +++ b/lib/puppet/type/exec.rb @@ -161,7 +161,9 @@ module Puppet # Most validation is handled by the SUIDManager class. validate do |user| - self.fail "Only root can execute commands as other users" unless Puppet.features.root? + unless Puppet[:noop] + self.fail "Only root can execute commands as other users" unless Puppet.features.root? + end self.fail "Unable to execute commands as other users on Windows" if Puppet.features.microsoft_windows? end end -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
