I need to exec a program if ANY packages have been modified (added, removed, updated, etc). I tried subscribing to Package with a wildcard, but that isn''t supported. Is there any way to trigger an exec if there were any packages changes were made or if yum was executed? Specifically, I need to execute "rkhunter --propupd" so we will stop getting false alarms whenever we update a bunch of systems. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Matthias Pigulla
2011-Sep-30 18:20 UTC
Re: [Puppet Users] Trigger when on any package change
Does
Package<||> ~> exec { ..., refreshonly => true }
do the trick?
-mp.
Am 30.09.2011 um 19:43 schrieb "GeekBiker"
<wentworth.ross@gmail.com>:
> I need to exec a program if ANY packages have been modified (added,
> removed, updated, etc). I tried subscribing to Package with a
> wildcard, but that isn''t supported.
>
> Is there any way to trigger an exec if there were any packages changes
> were made or if yum was executed?
>
> Specifically, I need to execute "rkhunter --propupd" so we will
stop
> getting false alarms whenever we update a bunch of systems.
>
> --
> You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
I suspect that is in a later version than we are using at the moment. We plan to upgrade, but aren''t in a rush. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/4ifdbZsgaEoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Thu, Sep 29, 2011 at 12:22 PM, GeekBiker <wentworth.ross@gmail.com>wrote:> I need to exec a program if ANY packages have been modified (added, > removed, updated, etc). I tried subscribing to Package with a > wildcard, but that isn''t supported. > > Is there any way to trigger an exec if there were any packages changes > were made or if yum was executed? > > Specifically, I need to execute "rkhunter --propupd" so we will stop > getting false alarms whenever we update a bunch of systems. > >Does it matter if you run this at the end of every puppet run? Is the command itself idempotent? Or do you need to run it immediately after any package change? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Thu, Sep 29, 2011 at 10:22 PM, GeekBiker <wentworth.ross@gmail.com> wrote:> I need to exec a program if ANY packages have been modified (added, > removed, updated, etc). I tried subscribing to Package with a > wildcard, but that isn''t supported. > > Is there any way to trigger an exec if there were any packages changes > were made or if yum was executed? > > Specifically, I need to execute "rkhunter --propupd" so we will stop > getting false alarms whenever we update a bunch of systems. > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > >you could setup a file resource on the rpm db file with mtime, which notifies an exec, something like file {"/var/lib/rpm": checksum => mtime, notify => Exec...} this way every time that file would change, your exec would be triggered. Ohad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Run once after everything is the desirable result if any packages have been added, removed, or updated. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/fQBe3hsJ648J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
One option would be to create a define to use as a wrapper around
"package". Something like this:
define package::special($ensure) {
package { $name:
ensure => $ensure,
}
exec { "rkhunter-$name":
command => "rkhunter --propupd",
refreshonly => true
subscribe => Package[$name],
}
}
Then you''d just use package::special, instead of package by itself:
package::special { "openssh":
ensure => latest,
}
On Sep 29, 12:22 pm, GeekBiker <wentworth.r...@gmail.com>
wrote:> I need to exec a program if ANY packages have been modified (added,
> removed, updated, etc). I tried subscribing to Package with a
> wildcard, but that isn''t supported.
>
> Is there any way to trigger an exec if there were any packages changes
> were made or if yum was executed?
>
> Specifically, I need to execute "rkhunter --propupd" so we will
stop
> getting false alarms whenever we update a bunch of systems.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.