On Wed, Nov 20, 2013 at 3:09 PM, Felix Frank < [email protected]> wrote:
> Hi, > > I've been looking at the redmine ticket in [1], which basically asks for > the ability to purge crontab entries from *all* users' crontabs. As is, > puppet will purge only from such crontab files that contain entries that > are explicitly managed. > > I can understand the desire, but it seems like a very dangerous thing, maybe making it available but not immediately present would be a good way of doing it? We have the resources type that could be extended or there could be another crontab type created to purge. I'm not certain about either of these, but thought I'd chime in with those suggestions :) > There is a similar request for ssh_authorized_keys, which is just about > at the top of the highly voted issues (see [2]). > > For crontab, I cobbled together a patch (see [1]), but I'm loath to go > so far as to add tests and open a pull request, because I'm not sure > that the idea of changing the crontab provider in this way is sound. The > approach is simply to add each account found in /etc/passwd to the > target list of the provider. > > For the purge=>true use case, parsing all available crontabs honors the > principle of least surprise. In other cases though, the opposite may be > true (but then, I can't think of any examples off the top of my head). > Point in case, there are unit tests that break when applying the patch: > > 1) Puppet::Type::Cron::ProviderCrontab.instances on linux should be > empty if user has no crontab > 2) Puppet::Type::Cron::ProviderCrontab.instances on linux should be > empty if user is not present > > I'm not sure how vital it is to keep those around (i.e., what breaks > along with these assumptions?) > > A similar change can be made to the SSH key provider, which I briefly > considered, but that incurred a lot more breakage. Will revisit that > later, depending on where this discussion leads. > > Sorry for the long read and thanks in advance for any feedback. > > Cheers, > Felix > > [1] https://projects.puppetlabs.com/issues/11383 > [2] https://projects.puppetlabs.com/issues/1581 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-dev/528D412D.6090402%40Alumni.TU-Berlin.de > . > For more options, visit https://groups.google.com/groups/opt_out. > -- Andrew Parker [email protected] Freenode: zaphod42 Twitter: @aparker42 Software Developer *Join us at PuppetConf 2014, September 23-24 in San Francisco* -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/CANhgQXtRierZGv8cGJPPSthRhEAJACOVk6zzEKyg65%2BnCL%3Dy9A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
