Wouldn't have worked anyway, change "print" to "echo" and I forgot #!/
bin/bash... That's what I get for writing code from memory ;)
That's strange, I just put this in my Puppet server:
node 'puppetmaster' {
file { '/etc/shell_file':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/puppet/shell_file',
}
exec { '/etc/shell_file': require => File['/etc/shell_file'] }
}
[root@co1puppet01 live]# cat ../../modules/live/puppet/files/
shell_file
#!/bin/bash
export LAN=eth1
export WAN=eth0
CMD="tc filter add dev ${WAN} parent 1:0 prio 4 protocol ip u32 match
ip tos 0x880xff classid 1:12"
OUT=$($CMD)
RET=$?
echo "Command '$CMD' returned $RET" 2>&1 > /tmp/QoS.out
echo "Command '$CMD' output '$OUT'" 2>&1 >> /tmp/QoS.out
CMD="iptables -t mangle -A FORWARD -i ${LAN} -o ${WAN} -p udp --sport
2345 -j TOS --set-tos 0x28"
OUT=$($CMD)
RET=$?
echo "Command '$CMD' returned $RET" 2>&1 >> /tmp/QoS.out
echo "Command '$CMD' output '$OUT'" 2>&1 >> /tmp/QoS.out
CMD="iptables-save"
OUT=$($CMD)
RET=$?
echo "Command '$CMD' returned $RET" 2>&1 >> /tmp/QoS.out
echo "Command '$CMD' output '$OUT'" 2>&1 >> /tmp/QoS.out
[root@puppetmaster live]# puppetd --test
info: Caching catalog for puppetmaster
info: Applying configuration version '1308324915'
notice: /Stage[main]//Node[puppetmaster]/Exec[/etc/shell_file]/
returns: executed successfully
notice: Finished catalog run in 1.04 seconds
[root@puppetmaster]# cat /tmp/QoS.out
Command 'tc filter add dev eth0 parent 1:0 prio 4 protocol ip u32
match ip tos 0x880xff classid 1:12' returned 1
Command 'tc filter add dev eth0 parent 1:0 prio 4 protocol ip u32
match ip tos 0x880xff classid 1:12' output ''
Command 'iptables -t mangle -A FORWARD -i eth1 -o eth0 -p udp --sport
2345 -j TOS --set-tos 0x28' returned 2
Command 'iptables -t mangle -A FORWARD -i eth1 -o eth0 -p udp --sport
2345 -j TOS --set-tos 0x28' output ''
Command 'iptables-save' returned 0
Command 'iptables-save' output '# Generated by iptables-save v1.3.5 on
Fri Jun 17 15:48:48 2011
*mangle
:PREROUTING ACCEPT [3642:790381]
:INPUT ACCEPT [2591:636935]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2551:866979]
:POSTROUTING ACCEPT [2551:866979]
COMMIT
# Completed on Fri Jun 17 15:48:48 2011
# Generated by iptables-save v1.3.5 on Fri Jun 17 15:48:48 2011
*filter
:INPUT ACCEPT [2637:639987]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2588:875945]
COMMIT
# Completed on Fri Jun 17 15:48:48 2011'
I'm running out of ideas. You don't have noexec on /tmp do you? No,
you said you could run it as root... Anyone else?
On Jun 17, 4:31 pm, Annie Rana <annier...@gmail.com> wrote:
> Hi Luke,
>
> I replaced my shell script with the one you wrote. Same old error message
> appeared again 'change from notrun to 0 failed: /tmp/QoS/QoS.sh returned 1
> instead of o at /etc/puppet/manifests/site.pp'
> . Your script didn't generate any log at client machine. Now I am sure about
> one thing that there is no issue with the shell script itself. The exec
> command is having hiccup even before executing the shell. I even tried
> command paremeter in exec but no use. Do you know anyother way to execute
> bash shell in puppet?
>
> Thanks much,
>
> Annie
>
> On Fri, Jun 17, 2011 at 4:30 PM, Annie Rana <annier...@gmail.com> wrote:
> > Hi Luke,
>
> > I replaced my shell script with the one you wrote. Same old error message
> > appeared again 'change from notrun to 0 failed: /tmp/QoS/QoS.sh returned 1
> > instead of o at /etc/puppet/manifests/site.pp'. Your script didn't generated
> > any log at client machine. Now I am sure about one thing that there is no
> > issue with the shell script itself. The exec command is having hiccup even
> > before executing the shell. I even tried command paremeter in exec but no
> > use. Do you know anyother way to execute bash shell in puppet?
>
> > Thanks much,
>
> > Annie
>
> > On Fri, Jun 17, 2011 at 4:06 PM, Luke Bigum <luke.bi...@lmax.com> wrote:
>
> >> I'm out of ideas and I'd resort to hacking the script a bit to get
> >> some debugging output. Try just this in QoS.sh to try identify what's
> >> failing:
>
> >> export LAN=eth1
> >> export WAN=eth0
> >> CMD="tc filter add dev ${WAN} parent 1:0 prio 4 protocol ip u32 match
> >> ip tos 0x880xff classid 1:12"
> >> OUT=$($CMD) > /tmp/QoS.out 2>&1
> >> RET=$?
> >> print "Command $CMD returned $RET" >> /tmp/QoS.out 2>&1
> >> CMD="iptables -t mangle -A FORWARD -i ${LAN} -o ${WAN} -p udp --sport
> >> 2345 -j TOS --set-tos 0x28"
> >> OUT=$($CMD) >> /tmp/QoS.out 2>&1
> >> RET=$?
> >> print "Command $CMD returned $RET" >> /tmp/QoS.out 2>&1
> >> CMD="iptables-save"
> >> OUT=$($CMD) >> /tmp/QoS.out 2>&1
> >> RET=$?
> >> print "Command $CMD returned $RET" >> /tmp/QoS.out 2>&1
>
> >> Or something like that.
>
> >> On Jun 17, 4:01 pm, Annie Rana <annier...@gmail.com> wrote:
> >> > Thanks again Peter but sorry it didn't work out either.
>
> >> > On Fri, Jun 17, 2011 at 3:52 PM, Peter Bukowinski <pmb...@gmail.com>
> >> wrote:
> >> > > In your QoS.sh file, make sure to use explicit paths to executables,
> >> e.g:
>
> >> > > use '/sbin/iptables -blah …' NOT 'iptables -blah …'
>
> >> > > --
> >> > > Peter M. Bukowinski
> >> > > Systems Engineer
> >> > > Janelia Farm Research Campus, HHMI
>
> >> > > On Friday, June 17, 2011 at 10:44 AM, Annie Rana wrote:
>
> >> > > > Hi Luke,
> >> > > > What's your shell script expected to
> >> > > > do?
> >> > > > The shell script would generate Iptables rules
>
> >> > > > How do you know it didn't work?
> >> > > > I can check using ipatbles -L or iptables -t mangle -L commands
>
> >> > > > If you run it by hand in a root shell, does it work then?
> >> > > > Yes
>
> >> > > > If so,
> >> > > > there might be an environment problem when running from Puppet, like
> >> > > > $PATH or something. Try set the parameter "logoutput => true" in the
> >> > > > exec resource.
> >> > > > I did but no affect.
>
> >> > > > Thanks again, much appreciated your help and time.
> >> > > > On Fri, Jun 17, 2011 at 3:26 PM, Luke Bigum <luke.bi...@lmax.com
> >> (mailto:
> >> > > luke.bi...@lmax.com)> wrote:
> >> > > > > How do you know it didn't work? What's your shell script expected
> >> to
> >> > > > > do? If you run it by hand in a root shell, does it work then? If
> >> so,
> >> > > > > there might be an environment problem when running from Puppet,
> >> like
> >> > > > > $PATH or something. Try set the parameter "logoutput => true" in
> >> the
> >> > > > > exec resource.
>
> >> > > > > On Jun 17, 3:18 pm, Annie Rana <annier...@gmail.com (mailto:
> >> > > annier...@gmail.com)> wrote:
> >> > > > > > Thanks but it couldn't work though i got the message that shell
> >> > > script is
> >> > > > > > successfully executed.
>
> >> > > > > > On Fri, Jun 17, 2011 at 2:44 PM, Luke Bigum <
> >> luke.bi...@lmax.com(mailto:
> >> > > luke.bi...@lmax.com)> wrote:
> >> > > > > > > Annie,
>
> >> > > > > > >http://docs.puppetlabs.com/references/stable/type.html#exec
>
> >> > > > > > > By default the expected return code is probably zero, your
> >> script
> >> > > is
> >> > > > > > > returning 1. Whether this is correct or not I don't know, but
> >> you
> >> > > can
> >> > > > > > > tell puppet to expect a different return code:
>
> >> > > > > > > exec { '/etc/shell_file':
> >> > > > > > > require => File['/etc/shell_file'],
> >> > > > > > > returns => 1,
> >> > > > > > > }
>
> >> > > > > > > On Jun 17, 2:36 pm, Annie Rana <annier...@gmail.com (mailto:
> >> > > annier...@gmail.com)> wrote:
> >> > > > > > > > I apologize for posting wrong log messages, here is the
> >> correct
> >> > > log:
>
> >> > > > > > > > notice: Starting catalog run
> >> > > > > > > > notice: //File[/tmp/QoS/QoS.sh (http://QoS.sh)]/ensure:
> >> created
> >> > > > > > > > err: //Exec[/tmp/QoS/QoS.sh (http://QoS.sh)]/returns:
> >> change
> >> > > from notrun to 0 failed:
> >> > > > > > > > /tmp/QoS/QoS.sh (http://QoS.sh) returned 1 instead of 0 at
> >> > > > > > > /etc/puppet/manifests/site.pp:10
> >> > > > > > > > notice: Finished catalog run in 0.46 seconds
>
> >> > > > > > > > Any help please?
>
> >> > > > > > > > On Fri, Jun 17, 2011 at 2:09 PM, Annie Rana <
> >> annier...@gmail.com(mailto:
> >> > > annier...@gmail.com)> wrote:
> >> > > > > > > > > Hi Peter, thanks for your reply. I managed to copy the
> >> shell
> >> > > file
> >> > > > > > > puppet
> >> > > > > > > > > client using the file resource recipe you specified but
> >> exec is
> >> > > > > > > throwing an
> >> > > > > > > > > error, which is as follows:
>
> >> > > > > > > > > info: No classes to store
> >> > > > > > > > > info: Caching catalog at
> >> /var/lib/puppet/state/localconfig.yaml
> >> > > > > > > > > notice: Starting catalog run
> >> > > > > > > > > err: //File[/tmp/QoS/QoS.sh (http://QoS.sh)]/ensure:
> >> change
> >> > > from absent to file failed:
> >> > > > > > > > > Could not set file on ensure: No such file or directory -
> >> > > > > > > > > /tmp/QoS/QoS.sh.puppettmp at
> >> /etc/puppet/manifests/site.pp:7
> >> > > > > > > > > notice: //Exec[/tmp/QoS/QoS.sh (http://QoS.sh)]:
> >> Dependency
> >> > > file[/tmp/QoS/QoS.sh (http://QoS.sh)] has 1
> >> > > > > > > > > failures
> >> > > > > > > > > warning: //Exec[/tmp/QoS/QoS.sh (http://QoS.sh)]:
> >> Skipping
> >> > > because of failed
> >> > > > > > > dependencies
> >> > > > > > > > > notice: Finished catalog run in 0.38 seconds
>
> >> > > > > > > > > When I tried running the shell script manually using the
> >> > > following
> >> > > > > > > command
>
> >> > > > > > > > > '/tmp/QoS/QoS.sh (http://QoS.sh);echo$?'
>
> >> > > > > > > > > , it worked fine printing 0 at the end. Any help what is
> >> wrong
> >> > > with
> >> > > > > > > exec
> >> > > > > > > > > resource recipe?
>
> >> > > > > > > > > Thanks in advance for your time.
>
> >> > > > > > > > > Regards,
>
> >> > > > > > > > > A.
>
> >> > > > > > > > > On Thu, Jun 16, 2011 at 8:42 PM, Peter Bukowinski <
> >> > > pmb...@gmail.com (mailto:pmb...@gmail.com)
> >> > > > > > > > wrote:
>
> >> > > > > > > > > > It sounds like you haven't set up the puppet fileserver
> >> yet.
> >> > > Choose a
> >> > > > > > > > > > directory that will hold files you want to copy to
> >> clients. I
> >> > > use
> >> > > > > > > > > > /opt/files, so that's what is in my example. Create
> >> > > fileserver.conf in
> >> > > > > > > the
> >> > > > > > > > > > same directory as puppet.conf and add these lines:
>
> >> > > > > > > > > > [files]
> >> > > > > > > > > > path /opt/files
> >> > > > > > > > > > allow *.client.domain
>
> >> > > > > > > > > > Put your shell file in the path you specified. Now you
> >> just
> >> > > need to
> >> > > > > > > set up
> >> > > > > > > > > > a file and exec resource. Note the source item in the
> >> file
> >> > > resource
> >> > > > > > > and the
> >> > > > > > > > > > require item in exec.
>
> >> > > > > > > > > > file { '/etc/shell_file':
> >> > > > > > > > > > ensure => present,
> >> > > > > > > > > > owner => 'root',
> >> > > > > > > > > > group => 'root',
> >> > > > > > > > > > mode => '0755',
> >> > > > > > > > > > source => 'puppet://puppet/files/shell_file',
> >> > > > > > > > > > }
>
> >> > > > > > > > > > exec { '/etc/shell_file': require =>
> >> File['/etc/shell_file']
> >> > > }
>
> >> > > > > > > > > > --
> >> > > > > > > > > > Peter M. Bukowinski
> >> > > > > > > > > > Systems Engineer
> >> > > > > > > > > > Janelia Farm Research Campus, HHMI
>
> >> > > > > > > > > > On Thursday, June 16, 2011 at 3:17 PM, annierana wrote:
>
> >> > > > > > > > > > > Hi all, I am new to puppet. I need a sample recipe to
> >> > > write/copy a
> >> > > > > > > > > > > shell file on puppet client. The shell file exists on
> >> > > puppet server.
> >> > > > > > > > > > > Once the file is written, I also want to execute it. I
> >> have
> >> > > tried
> >> > > > > > > > > > > using file resource with ensure command to copy at
> >> /etc but
> >> > > > > > > permission
> >> > > > > > > > > > > was denied and moreover with a different directory
> >> path
> >> > > (\tmp) it
> >> > > > > > > just
> >> > > > > > > > > > > created an empty file. Can anyone please help?
>
> >> > > > > > > > > > > Regards,
>
> >> > > > > > > > > > > A.
>
> >> > > > > > > > > > > --
> >> > > > > > > > > > > You received this message because you are subscribed
> >> to the
> >> > > Google
> >> > > > > > > > > > Groups "Puppet Users" group.
> >> > > > > > > > > > > To post to this group, send email to
> >> > > puppet-users@googlegroups.com (mailto:puppet-users@googlegroups.com)
> >> > > > > > > (mailto:
> >> > > > > > > > > > puppet-users@googlegroups.com (mailto:
> >> > > puppet-users@googlegroups.com)).
> >> > > > > > > > > > > To unsubscribe from this group, send email to
> >> > > > > > > > > > puppet-users+unsubscr...@googlegroups.com (mailto:
> >> > > puppet-users%2bunsubscr...@googlegroups.com) (mailto:
> >> > > > > > > > > > puppet-users+unsubscr...@googlegroups.com (mailto:
> >> > > puppet-users%2bunsubscr...@googlegroups.com)).
>
> ...
>
> read more »
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
