On May 2, 2014, at 9:25 AM, jcbollinger <[email protected]> wrote:
> > > On Thursday, May 1, 2014 9:06:52 AM UTC-5, Peter Bukowinski wrote: > On May 1, 2014, at 9:29 AM, [email protected] wrote: > > > Hi, > > > > I am using puppet enterprise 3.x . I have a manifest used to install and > > manage custom application on my client node. > > Part of manifest is :- > > > > file { 'app_config': > > ensure => directory, > > mode => 0644, > > path => '/etc/cmas/app_config', > > source => 'puppet:///modules/cmas/app_config', > > recurse => true, > > } > > > > file { 'config.xml': > > audit => "content", > > path => '/etc/cmas/app_config/config.xml', > > } > > > > I want if file config.xml is changed, it should get back to old one from > > source in next puppet run. > > is it possible to do it ? > > This is the default behavior of puppet, but by telling puppet to audit the > config.xml file, you are preventing it from managing that file's content. > > > Not exactly. Only unmanaged resource properties can be audited, but enabling > auditing on a property that was eligible for it in the first place (because > it was unmanaged) doesn't prevent Puppet from doing what it wasn't going to > do anyway. Going the other way, disabling auditing on a property that was > eligible for auditing in the first place does not in itself make that > property managed. Thanks for clarifying and correcting my assumption. I'm slapping my forehead. > Puppet's normal behavior is to leave unmanaged resource properties alone. It > sounds like the OP may be hoping to get Puppet to revert content changes > based on a record of the last content it saw, rather than managing the > content to a state asserted by the master. The latter is Puppet's behavior > when managing file content via File's 'content' property or 'source' > parameter. The former is not among Puppet's features. > > > As a result, the first file resource that recursively puts the app_config > directory in place will actually *skip* creating the config.xml file. You'll > get a notice like this: > > > > Puppet may skip creating the file, yes, because an explicit File resource is > honored instead of any implicit File resource arising from a recursive File > resource, and because no 'ensure' parameter is specified in the explicit > declaration of File[/etc/cmas/app_config/config.xml]. Puppet might also > create it as an empty, normal file; I don't recall at the moment which. > That's not directly related to auditing the file content. > > > Notice: /Stage[main]/cmas/File[/etc/cmas/app_config/config.xml]/content: > audit change: newly-recorded value absent > > If you want puppet to manage the content of that file and revert any changes, > you'll need to stop auditing it. > > > > Well, yes, because only unmanaged properties can be audited. But in addition > to turning off auditing of the content, it is also necessary to specify an > appropriate 'content' or 'source' parameter if the File's content is to be > managed. More forehead slapping. > And as for auditing changes in a more general sense, Puppet will log when it > changes the file content, and, if desired, the 'show_diff' parameter can be > used to make it log the exact changes it makes. Those will also make it into > the agent's if reporting is enabled. > > > John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5487047E-0ABE-4A59-87A8-5F285B78CA26%40gmail.com. For more options, visit https://groups.google.com/d/optout.
