Bryan Kearney wrote:
> David Lutterkort wrote:
>
>> On Mon, 2008-09-08 at 10:49 -0400, Bryan Kearney wrote:
>>
>>> David Lutterkort wrote:
>>>
>>>> Yeah, Augeas should be able to tell the caller whether changes were made
>>>> or not, so that the plugin can suppress spurious reports. This could be
>>>> done in a number of ways:
>>>>
>>>> 1. Indicated through the return value of individual calls like
>>>> aug_set, aug_insert etc.
>>>> 2. Through the return value of aug_save
>>>> 3. Through some metadata entries underneath /augeas
>>>>
>>>> Bryan, what would be the easiest for you to integrate into the plugin ?
>>>> Actually, option (1) won't really help you in the scenario of 'rm /path;
>>>> set /path value' since it will always look like a change, even if there
>>>> is none in the end.
>>>>
>>> I almost need a "dry run" model. Currently, puppet seems to follow a
>>> model for each property of "Get the current value, if different, execute
>>> the code to sync it up". So, (I think) I would need to be able to
>>> execute the code to see if I need to execute it :(
>>>
>> True .. unless you want to implement the logic to see if a change to the
>> tree actually changes the underlying file yourself ;)
>>
>> If you want to know at the tree-level if anything changed, you can query
>> that with aug_get beforehand, but that's not really what the user is
>> interested in. If they give you the commands
>>
>> rm /foo
>> set /foo/bar 1
>> set /foo/JarJar Binks
>>
>> each of the commands will make a change to the tree, even if the net
>> result is no change to the underlying file. That's the situation I was
>> wondering about with the 3 options above; you'd really want to report a
>> change only when the underlying file is actually changed. And there's no
>> way to know that until you actually go to save the file.
>>
>
>
> I will keep digging, but I think the model now is the "Do you need
> tochange it, ok change it". I do not think the puppet model supports: "
> Do you need to change it, Change it, Did you change it?". To fit in into
> the former, I would need to be able to open up augeas during the "Do you
> need to change it" step, and then query augeas prior to save to see if
> it has resulted in a change. So.. I think I would need item 3.
>
> -- bk
>
>
I have just started using the augeas module with puppet and i am happy
so far but was hit with this issue.
Has there been any resolution to this?
This example demonstrates this issue well I think;
I started with this:
augeas { "sshd_HostbasedAuthentication":
context => "/files/etc/ssh/sshd_config",
changes => [ "set HostbasedAuthentication yes",
"set IgnoreUserKnownHosts yes",
"set IgnoreRhosts yes"
],
require => Package["openssh-server"],
notify => Service["sshd"]
}
I ended up having to do it this way because the sshd was restart each
and every run with the previous example:
augeas { "sshd_HostbasedAuthentication":
context => "/files/etc/ssh/sshd_config",
changes => "set HostbasedAuthentication yes",
onlyif => "get HostbasedAuthentication != yes",
require => Package["openssh-server"],
notify => Service["sshd"];
"sshd_IgnoreUserKnownHosts":
context => "/files/etc/ssh/sshd_config",
changes => "set IgnoreUserKnownHosts yes",
onlyif => "get IgnoreUserKnownHosts != yes",
require => Package["openssh-server"],
notify => Service["sshd"];
"sshd_IgnoreRhosts":
context => "/files/etc/ssh/sshd_config",
changes => "set IgnoreRhosts yes",
onlyif => "get IgnoreRhosts != yes",
require => Package["openssh-server"],
notify => Service["sshd"];
}
Ben
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
