Puppet users - Oct 2007 - Push /home/* directories recursively to clients

Hi I am trying to push populate /home & subdirectories from the puppet
server to all the Linux clients.

 

I managed this with cfengine using rsync.  But I am not sure how do I
achieve this in puppet, do we have any inbuilt function for this.

 

Also, is there a function for userdel like for useradd (user)
groupadd(group).

 

Any suggestion is appreciated.

 

--
Deepak



_______________________________________________
Puppet-users mailing list
Puppet-users@madstop.com
https://mail.madstop.com/mailman/listinfo/puppet-users

Deepak Naidu wrote:
> Hi I am trying to push populate /home & subdirectories from the puppet
> server to all the Linux clients.
> 
> I managed this with cfengine using rsync.  But I am not sure how do I
> achieve this in puppet, do we have any inbuilt function for this.
I didn''t have a good experience with asking puppetmaster to distribute 
tons of files. Might be less of an issue if I had mongrel in the mix, if 
puppetmaster wasn''t a Xen instance, or who knows what. But I switched
it
out to having puppet subscribe to a trigger file, and rsyncing a tree 
anytime that trigger file was updated.

Something resembling at writeup on this is at 
http://blogs.cae.tntech.edu/mwr/2007/05/19/client-application-management-part-2-for-stow-packages/
, but you won''t need the stow parts, just the subscribes and rsyncs.

Not to entirely second-guess what you''re trying to accomplish, but any 
reason to not just keep /home on a common NFS server and avoid the 
problem entirely?

-- 
Mike Renfro  / R&D Engineer, Center for Manufacturing Research,
931 372-3601 / Tennessee Technological University

Here''s my intension, every user added will have a authorized_keys2
&
/hom/$username/.ssh directory

So I can create user & group using the user & group command.

Now I just want to copy all the /home/  folder with their .ssh & auth
key to the client server with out changing the file ownership &
permission.

#ls /home

drwxr-xr-x  2 wss     int 4096 Sep 28 11:48 wss


--
Deepak





-----Original Message-----
From: puppet-users-bounces@madstop.com
[mailto:puppet-users-bounces@madstop.com] On Behalf Of Mike Renfro
Sent: Tuesday, October 02, 2007 12:13 PM
To: Puppet User Discussion
Subject: Re: [Puppet-users] Push /home/* directories recursively to
clients

Deepak Naidu wrote:
> Hi I am trying to push populate /home & subdirectories from the puppet
> server to all the Linux clients.
> 
> I managed this with cfengine using rsync.  But I am not sure how do I
> achieve this in puppet, do we have any inbuilt function for this.
I didn''t have a good experience with asking puppetmaster to distribute 
tons of files. Might be less of an issue if I had mongrel in the mix, if

puppetmaster wasn''t a Xen instance, or who knows what. But I switched
it

out to having puppet subscribe to a trigger file, and rsyncing a tree 
anytime that trigger file was updated.

Something resembling at writeup on this is at 
http://blogs.cae.tntech.edu/mwr/2007/05/19/client-application-management
-part-2-for-stow-packages/ 
, but you won''t need the stow parts, just the subscribes and rsyncs.

Not to entirely second-guess what you''re trying to accomplish, but any 
reason to not just keep /home on a common NFS server and avoid the 
problem entirely?

-- 
Mike Renfro  / R&D Engineer, Center for Manufacturing Research,
931 372-3601 / Tennessee Technological University
_______________________________________________
Puppet-users mailing list
Puppet-users@madstop.com
https://mail.madstop.com/mailman/listinfo/puppet-users

On Tue, Oct 02, 2007 at 12:35:23PM -0700, Deepak Naidu
wrote:
> Here''s my intension, every user added will have a authorized_keys2
&
> /hom/$username/.ssh directory
So use a custom type to set that up.  Copying files is a code smell.
> So I can create user & group using the user & group command.
> 
> Now I just want to copy all the /home/  folder with their .ssh & auth
> key to the client server with out changing the file ownership &
> permission.
That''s unlikely to work, unless all your users are created on the
Puppetmaster first (why would you bother?), or you have identical UIDs
everywhere.
> #ls /home
> 
> drwxr-xr-x  2 wss     int 4096 Sep 28 11:48 wss
Aaargh!

- Matt

-- 
For instance "Mine eyes haves seen the glory of the coming of the
Lord," the
anthem of the abolitionists (and the Union forces in the civil war)
doesn''t
actually refer to theology but the superiority of Arch over CVS.
		-- Jaldhar H. Vyas, debian-devel

--On Tuesday, October 02, 2007 11:59:08 AM -0700 Deepak Naidu 
<dnaidu@silverspringnet.com> wrote:
> Also, is there a function for userdel like for useradd (user)
> groupadd(group).
I don''t think you''re approaching things the "Puppet
way."  Instead of
thinking of implementation, think of managing resources.  So if you
don''t
want a user on a server, ensure => absent for that user and puppet will do 
the right thing.

-- 
Digant C Kasundra <digant@stanford.edu>
Technical Lead, ITS Unix Systems and Applications, Stanford University

Matthew Palmer wrote:
> On Tue, Oct 02, 2007 at 12:35:23PM -0700, Deepak Naidu wrote:
>> Here''s my intension, every user added will have a
authorized_keys2 &
>> /hom/$username/.ssh directory
> 
> So use a custom type to set that up.  Copying files is a code smell.
> 
Why is copying files code smell? Adding/Deleting files to/from a directory to
manage keys
seems preferable to having to declare all the keys as defines.

-- 
Russell A. Jackson <raj@csub.edu>
Network Analyst
California State University, Bakersfield

With all the fancy scientists in the world,
why can''t they just once build a nuclear balm.


_______________________________________________
Puppet-users mailing list
Puppet-users@madstop.com
https://mail.madstop.com/mailman/listinfo/puppet-users

Deepak Naidu wrote:
> Here''s my intension, every user added will have a authorized_keys2
&
> /hom/$username/.ssh directory
> 
> So I can create user & group using the user & group command.
> 
> Now I just want to copy all the /home/  folder with their .ssh & auth
> key to the client server with out changing the file ownership &
> permission.
> 
> #ls /home
> 
> drwxr-xr-x  2 wss     int 4096 Sep 28 11:48 wss
> 
> 
I''d recommend not storing the authorized_keys file in the
user''s home directory if puppet
is going to be managing it. You can configure sshd to look for it somewhere else
in
/etc/sshd_config:

AuthorizedKeysFile /etc/ssh/authorized_keys/%u

Now the user''s can''t mess with it, and you don''t have
to worry about ownership/permissions.


-- 
Russell A. Jackson <raj@csub.edu>
Network Analyst
California State University, Bakersfield

If one studies too zealously, one easily loses his pants.
		-- A. Einstein.


_______________________________________________
Puppet-users mailing list
Puppet-users@madstop.com
https://mail.madstop.com/mailman/listinfo/puppet-users