El miércoles, 1 de agosto de 2012 20:30:52 UTC+2, Calvin Walton escribió:
>
> On Wed, 2012-08-01 at 18:58 +0100, R.I.Pienaar wrote:
> > From: "Eric Shamow" <e...@puppetlabs.com>
> > > Not sure that this should be considered a bug in fqdn_rand - the idea
> > > with fqdn_rand is that it should generate the same random number
> > > each time it is run in order to maintain idempotency.
> >
> > The bug is that it does:
> >
> > * set salt to cause consistant random numbers
> > * get random data
> >
> > I think it should do:
> >
> > * set salt to cause consistant random numbers
> > * get random data
> > * reset salt to produce random data
>
> > This will retain the behaviour of fqdn_rand and not break random for
> everyone else
>
> I was going to say that an even *better* solution would be to do this:
>
> * Create a private Random object for use only by fqdn_rand
> * Set the seed on the private Random object, without disturbing
> the Kernel.rand implementation
> * get random data from the private Random object
>
> ...but then I remembered that the Random class was introduced in Ruby
> 1.9, so this won't work on older versions like 1.8.7, and I had
> forgotten that fqdn_rand should always return the same number on the
> same machine when it is called with the same arguments.
>
> The definition of 'srand' is actually kind of interesting:
> srand(number=0) => old_seed
> so the patch to fix this is actually quite trivial:
>
> diff --git a/lib/puppet/parser/functions/fqdn_rand.rb
> b/lib/puppet/parser/functi
> index 93ab98b..987815c 100644
> --- a/lib/puppet/parser/functions/fqdn_rand.rb
> +++ b/lib/puppet/parser/functions/fqdn_rand.rb
> @@ -7,6 +7,7 @@ Puppet::Parser::Functions::newfunction(:fqdn_rand, :type
> => :rva
> $random_number_seed = fqdn_rand(30,30)") do |args|
> require 'digest/md5'
> max = args.shift
> -
> srand(Digest::MD5.hexdigest([lookupvar('::fqdn'),args].join(':')).hex)
> + old_seed =
> srand(Digest::MD5.hexdigest([lookupvar('::fqdn'),args].join(':')).hex)
> rand(max).to_s
> + srand(old_seed)
> end
>
> --
> Calvin Walton <calvin.wal...@kepstin.ca>
>
>
Hi again,
I've tried the patch submitted by Calvin Walton, and it's almost working.
There are two remaining issues:
1.- The patch needs some more lines, because it returns the "new old seed"
value. So the new patch would be:
diff --git a/puppet/parser/functions/fqdn_rand.rb.orig
b/puppet/parser/functions/fqdn_rand.rb
index 93ab98b..6482449 100644
--- a/puppet/parser/functions/fqdn_rand.rb.orig
+++ b/puppet/parser/functions/fqdn_rand.rb
@@ -7,6 +7,8 @@ Puppet::Parser::Functions::newfunction(:fqdn_rand, :type =>
:rvalue, :doc =>
$random_number_seed = fqdn_rand(30,30)") do |args|
require 'digest/md5'
max = args.shift
- srand(Digest::MD5.hexdigest([lookupvar('::fqdn'),args].join(':')).hex)
- rand(max).to_s
+ old_seed =
srand(Digest::MD5.hexdigest([lookupvar('::fqdn'),args].join(':')).hex)
+ exit_value = rand(max).to_s
+ srand(old_seed)
+ exit_value
end
2.- I need to restart apache on the master server (remember I was using
Passenger) to get a different salt value of the shadow password. Without
the patch, I always get the same salt value, no matter if I restart the
apache server or not.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/nAuJ64JrsdAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
