On Wednesday, May 21, 2014 12:31:59 AM UTC+10, jcbollinger wrote: > > > > On Monday, May 19, 2014 2:39:47 AM UTC-5, Grant Street wrote: >> >> Hi >> >> First time poster to this forum. I'm in the process of doing a pilot to >> convert a cfengine v2 install to puppet. >> >> I was wondering if any one had any ideas on the following. >> >> I have machines that can be in any combination(ie 0 or more) of 10 >> groups, that can change. I need to create an access.conf based on the group >> membership of the node. >> I would like the file to be dynamically created with any redundant lines >> removed. >> >> I have had a look at augeus but I can't see how to both add lines based >> on the group as well as remove unwanted and unknown lines. >> I have also had a look at templates but unsure how that would look like >> when the you have 0-10 insertion points >> >> > > A template is probably the way to go. The point to understand there is > that you will be templating the entire contents of the file, not just the > lines related to the 10 groups. Supposing that you have an array of the > names of the wanted groups, then, your template might look like this: > > +:root:LOCAL > <% @wanted_groups.each do |g| -%> > +:(<%= g %>):ALL > <% end -%> > -:ALL:ALL > > > John > > Hi John
Thanks a lot for the guidance my solution would have been a whole lot more messy. I was able to massage your example so that I could use a hash to specify the user and origin like this +:root:LOCAL <% pam_access.each_pair do |user,origin| -%> +:<%= user %>:<%= origin %> <% end -%> -:ALL:ALL Now what is the best way to dynamically create the array/hash? I am doing a hash merge at the moment is there a better/more puppet way? Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/75b1fcd4-4315-40b0-9924-38557eece79d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
