Hi, I am trying to override a hostname.rp from path: * /usr/lib/ruby/site_ruby/1.8/facter* as, Facter.add(:hostname) do confine :hostname => "serialnumber" setcode do Facter::Util::Resolution.exec(''cat /sys/power/states'') end end Is the fact code correct as I want puppet to pick serialnumber instead of hostname from facter ? Thanks mac01 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/dPw-mMSTV04J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Apr 5, 1:39 am, mac01 <smilemukul2...@gmail.com> wrote:> Hi, > > I am trying to override a hostname.rp from path: * > /usr/lib/ruby/site_ruby/1.8/facter* as, > > Facter.add(:hostname) do > confine :hostname => "serialnumber" > setcode do > Facter::Util::Resolution.exec(''cat /sys/power/states'') > end > end > > Is the fact code correct as I want puppet to pick serialnumber instead of hostname from facter ?You are trying to confine the ''hostname'' fact based on the value of that same fact. I don''t see how that could possibly work. Either it will throw Facter into an infinite loop, or that version of the fact will just never be chosen. There is probably a better approach to your problem than redefining the hostname fact. Not knowing what your actual problem is, I can only speculate, but you might be better off creating and using a "serialnumber" custom fact. You might also want to look into Puppet''s "certname" parameter. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi, Actually I want that nobody in my network can change the hostname as some has already changed the hostname of their node so I want to restrict a check that nobody in the network or outside network can change the hostname as they are already provided the sudo access as per requirement. Also all the nodes in the network are configured with serialnumber. Can you elaborate more that how "serialnumber" custom fact can be written & the same will be loaded through puppet for every node in the network. Thanks mac01 **** On Thu, Apr 5, 2012 at 6:47 PM, jcbollinger <John.Bollinger@stjude.org> wrote:**** On Apr 5, 1:39 am, mac01 <smilemukul2...@gmail.com> wrote:> Hi, >****> I am trying to override a hostname.rp from path: * > /usr/lib/ruby/site_ruby/1.8/facter* as,****> > Facter.add(:hostname) do > confine :hostname => "serialnumber" > setcode do > Facter::Util::Resolution.exec(''cat /sys/power/states'') > end > end > > Is the fact code correct as I want puppet to pick serialnumber instead ofhostname from facter ? **** You are trying to confine the ''hostname'' fact based on the value of that same fact. I don''t see how that could possibly work. Either it will throw Facter into an infinite loop, or that version of the fact will just never be chosen. There is probably a better approach to your problem than redefining the hostname fact. Not knowing what your actual problem is, I can only speculate, but you might be better off creating and using a "serialnumber" custom fact. You might also want to look into Puppet''s "certname" parameter. John**** -- You received this message because you are subscribed to the Google Groups "Puppet Users" group.**** To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.**** ** ** ------------------------------ Email Disclaimer: www.stjude.org/emaildisclaimer -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
No one should be able to change the hostname through the fact (they can override any fact for a one time occurrance but that is not a pernanent change) As to how you can get a serialnumber fact, we would need to know how you get the serial number from your system to begin with. Then you write the fact around that. You then put your rb file in with all the other fact rb files and puppet will find it. John John Kennedy On Sat, Apr 7, 2012 at 11:17, Mukul Malhotra <smilemukul2005@gmail.com>wrote:> > Hi, > > Actually I want that nobody in my network can change the hostname as some > has already changed the hostname of their node so > I want to restrict a check that nobody in the network or outside network > can change the hostname as they are already provided the sudo access as per > requirement. Also all the nodes in the network are configured with > serialnumber. > > Can you elaborate more that how "serialnumber" custom fact can be written > & the same will be loaded through puppet for every node in the network. > > Thanks > mac01 > > > **** > > On Thu, Apr 5, 2012 at 6:47 PM, jcbollinger <John.Bollinger@stjude.org> > wrote:**** > > > > On Apr 5, 1:39 am, mac01 <smilemukul2...@gmail.com> wrote: > > Hi, > >**** > > > I am trying to override a hostname.rp from path: * > > /usr/lib/ruby/site_ruby/1.8/facter* as,**** > > > > > Facter.add(:hostname) do > > confine :hostname => "serialnumber" > > setcode do > > Facter::Util::Resolution.exec(''cat /sys/power/states'') > > end > > end > > > > Is the fact code correct as I want puppet to pick serialnumber instead > of hostname from facter ? > > **** > > You are trying to confine the ''hostname'' fact based on the value of > that same fact. I don''t see how that could possibly work. Either it > will throw Facter into an infinite loop, or that version of the fact > will just never be chosen. > > There is probably a better approach to your problem than redefining > the hostname fact. Not knowing what your actual problem is, I can > only speculate, but you might be better off creating and using a > "serialnumber" custom fact. You might also want to look into Puppet''s > "certname" parameter. > > > John**** > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group.**** > > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.**** > > ** ** > > ------------------------------ > Email Disclaimer: www.stjude.org/emaildisclaimer > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi, I get the serialnumber from my system through "facter | grep serialnumber" Also this is possible whether puppet picks the serialnumber fact instead of hostname fact from the nodes. Can you provide the serialnumber.rb fact syntax Thanks On Sun, Apr 8, 2012 at 2:32 PM, John Kennedy <skebi69@gmail.com> wrote:> No one should be able to change the hostname through the fact (they can > override any fact for a one time occurrance but that is not a pernanent > change) > As to how you can get a serialnumber fact, we would need to know how you > get the serial number from your system to begin with. Then you write the > fact around that. You then put your rb file in with all the other fact rb > files and puppet will find it. > John > > John Kennedy > > > > > On Sat, Apr 7, 2012 at 11:17, Mukul Malhotra <smilemukul2005@gmail.com>wrote: > >> >> Hi, >> >> Actually I want that nobody in my network can change the hostname as some >> has already changed the hostname of their node so >> I want to restrict a check that nobody in the network or outside network >> can change the hostname as they are already provided the sudo access as per >> requirement. Also all the nodes in the network are configured with >> serialnumber. >> >> Can you elaborate more that how "serialnumber" custom fact can be written >> & the same will be loaded through puppet for every node in the network. >> >> Thanks >> mac01 >> >> >> **** >> >> On Thu, Apr 5, 2012 at 6:47 PM, jcbollinger <John.Bollinger@stjude.org> >> wrote:**** >> >> >> >> On Apr 5, 1:39 am, mac01 <smilemukul2...@gmail.com> wrote: >> > Hi, >> >**** >> >> > I am trying to override a hostname.rp from path: * >> > /usr/lib/ruby/site_ruby/1.8/facter* as,**** >> >> > >> > Facter.add(:hostname) do >> > confine :hostname => "serialnumber" >> > setcode do >> > Facter::Util::Resolution.exec(''cat /sys/power/states'') >> > end >> > end >> > >> > Is the fact code correct as I want puppet to pick serialnumber instead >> of hostname from facter ? >> >> **** >> >> You are trying to confine the ''hostname'' fact based on the value of >> that same fact. I don''t see how that could possibly work. Either it >> will throw Facter into an infinite loop, or that version of the fact >> will just never be chosen. >> >> There is probably a better approach to your problem than redefining >> the hostname fact. Not knowing what your actual problem is, I can >> only speculate, but you might be better off creating and using a >> "serialnumber" custom fact. You might also want to look into Puppet''s >> "certname" parameter. >> >> >> John**** >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group.**** >> >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en.**** >> >> ** ** >> >> ------------------------------ >> Email Disclaimer: www.stjude.org/emaildisclaimer >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Christopher Wood
2012-Apr-08 12:58 UTC
Re: [Puppet Users] Re: Customizing a hostname facts
/usr/lib/ruby/1.8/facter/manufacturer.rb has it on my system. On Sun, Apr 08, 2012 at 06:02:09PM +0530, Mukul Malhotra wrote:> Hi, > > I get the serialnumber from my system through "facter | grep serialnumber" > > Also this is possible whether puppet picks the serialnumber fact instead > of hostname fact from the nodes. > > Can you provide the serialnumber.rb fact syntax > > Thanks > > On Sun, Apr 8, 2012 at 2:32 PM, John Kennedy <[1]skebi69@gmail.com> wrote: > > No one should be able to change the hostname through the fact (they can > override any fact for a one time occurrance but that is not a pernanent > change) > As to how you can get a serialnumber fact, we would need to know how you > get the serial number from your system to begin with. Then you write the > fact around that. You then put your rb file in with all the other fact > rb files and puppet will find it. > John > > John Kennedy > > On Sat, Apr 7, 2012 at 11:17, Mukul Malhotra > <[2]smilemukul2005@gmail.com> wrote: > > � > Hi, > > Actually I want that nobody in my network can change the hostname as > some has already changed the hostname of their node so > I want to restrict a check that nobody in the network or outside > network can change the hostname as they are already provided the sudo > access as per requirement. Also all the nodes in the network are > configured with serialnumber. > > Can you elaborate more that how "serialnumber" custom fact can be > written & the same will be loaded through puppet for every node in the > network. > > Thanks > mac01 > > On Thu, Apr 5, 2012 at 6:47 PM, jcbollinger > <[3]John.Bollinger@stjude.org> wrote: > > On Apr 5, 1:39�am, mac01 <[4]smilemukul2...@gmail.com> wrote: > > Hi, > > > > > I am trying to override a hostname.rp from path: * > > /usr/lib/ruby/site_ruby/1.8/facter* as, > > > > > Facter.add(:hostname) do > > � confine :hostname => "serialnumber" > > � setcode do > > � � Facter::Util::Resolution.exec(''cat /sys/power/states'') > > � end > > end > > > > Is the fact code correct as I want puppet to pick serialnumber > instead of hostname from facter ? > > You are trying to confine the ''hostname'' fact based on the value of > that same fact. �I don''t see how that could possibly work. �Either it > will throw Facter into an infinite loop, or that version of the fact > will just never be chosen. > > There is probably a better approach to your problem than redefining > the hostname fact. �Not knowing what your actual problem is, I can > only speculate, but you might be better off creating and using a > "serialnumber" custom fact. �You might also want to look into Puppet''s > "certname" parameter. > > John > > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > > To post to this group, send email to [5]puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > [6]puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > [7]http://groups.google.com/group/puppet-users?hl=en. > > � > > -------------------------------------------------------------------------- > > Email Disclaimer: [8]www.stjude.org/emaildisclaimer > > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to [9]puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > [10]puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > [11]http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to [12]puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > [13]puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > [14]http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > References > > Visible links > 1. mailto:skebi69@gmail.com > 2. mailto:smilemukul2005@gmail.com > 3. mailto:John.Bollinger@stjude.org > 4. mailto:smilemukul2...@gmail.com > 5. mailto:puppet-users@googlegroups.com > 6. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 7. http://groups.google.com/group/puppet-users?hl=en > 8. http://www.stjude.org/emaildisclaimer > 9. mailto:puppet-users@googlegroups.com > 10. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 11. http://groups.google.com/group/puppet-users?hl=en > 12. mailto:puppet-users@googlegroups.com > 13. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 14. http://groups.google.com/group/puppet-users?hl=en-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
hi, But how can i redirect the parameter from hostname to serialnumber so that puppet will pick the serialnumber by default instead of hostname for the updates on the nodes. Thanks On Sun, Apr 8, 2012 at 6:28 PM, Christopher Wood <christopher_wood@pobox.com> wrote:> /usr/lib/ruby/1.8/facter/manufacturer.rb has it on my system. > > On Sun, Apr 08, 2012 at 06:02:09PM +0530, Mukul Malhotra wrote: > > Hi, > > > > I get the serialnumber from my system through "facter | grep > serialnumber" > > > > Also this is possible whether puppet picks the serialnumber fact > instead > > of hostname fact from the nodes. > > > > Can you provide the serialnumber.rb fact syntax > > > > Thanks > > > > On Sun, Apr 8, 2012 at 2:32 PM, John Kennedy <[1]skebi69@gmail.com> > wrote: > > > > No one should be able to change the hostname through the fact (they > can > > override any fact for a one time occurrance but that is not a > pernanent > > change) > > As to how you can get a serialnumber fact, we would need to know > how you > > get the serial number from your system to begin with. Then you > write the > > fact around that. You then put your rb file in with all the other > fact > > rb files and puppet will find it. > > John > > > > John Kennedy > > > > On Sat, Apr 7, 2012 at 11:17, Mukul Malhotra > > <[2]smilemukul2005@gmail.com> wrote: > > > > � > > Hi, > > > > Actually I want that nobody in my network can change the hostname > as > > some has already changed the hostname of their node so > > I want to restrict a check that nobody in the network or outside > > network can change the hostname as they are already provided the > sudo > > access as per requirement. Also all the nodes in the network are > > configured with serialnumber. > > > > Can you elaborate more that how "serialnumber" custom fact can be > > written & the same will be loaded through puppet for every node > in the > > network. > > > > Thanks > > mac01 > > > > On Thu, Apr 5, 2012 at 6:47 PM, jcbollinger > > <[3]John.Bollinger@stjude.org> wrote: > > > > On Apr 5, 1:39�am, mac01 <[4]smilemukul2...@gmail.com> wrote: > > > Hi, > > > > > > > > I am trying to override a hostname.rp from path: * > > > /usr/lib/ruby/site_ruby/1.8/facter* as, > > > > > > > > Facter.add(:hostname) do > > > � confine :hostname => "serialnumber" > > > � setcode do > > > � � Facter::Util::Resolution.exec(''cat /sys/power/states'') > > > � end > > > end > > > > > > Is the fact code correct as I want puppet to pick serialnumber > > instead of hostname from facter ? > > > > You are trying to confine the ''hostname'' fact based on the value > of > > that same fact. �I don''t see how that could possibly work. > �Either it > > will throw Facter into an infinite loop, or that version of the > fact > > will just never be chosen. > > > > There is probably a better approach to your problem than > redefining > > the hostname fact. �Not knowing what your actual problem is, I can > > only speculate, but you might be better off creating and using a > > "serialnumber" custom fact. �You might also want to look into > Puppet''s > > "certname" parameter. > > > > John > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Puppet Users" group. > > > > To post to this group, send email to [5] > puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [6]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [7]http://groups.google.com/group/puppet-users?hl=en. > > > > � > > > > > -------------------------------------------------------------------------- > > > > Email Disclaimer: [8]www.stjude.org/emaildisclaimer > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Puppet Users" group. > > To post to this group, send email to [9] > puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [10]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [11]http://groups.google.com/group/puppet-users?hl=en. > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Puppet Users" group. > > To post to this group, send email to [12] > puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [13]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [14]http://groups.google.com/group/puppet-users?hl=en. > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > > > References > > > > Visible links > > 1. mailto:skebi69@gmail.com > > 2. mailto:smilemukul2005@gmail.com > > 3. mailto:John.Bollinger@stjude.org > > 4. mailto:smilemukul2...@gmail.com > > 5. mailto:puppet-users@googlegroups.com > > 6. mailto:puppet-users%2Bunsubscribe@googlegroups.com > > 7. http://groups.google.com/group/puppet-users?hl=en > > 8. http://www.stjude.org/emaildisclaimer > > 9. mailto:puppet-users@googlegroups.com > > 10. mailto:puppet-users%2Bunsubscribe@googlegroups.com > > 11. http://groups.google.com/group/puppet-users?hl=en > > 12. mailto:puppet-users@googlegroups.com > > 13. mailto:puppet-users%2Bunsubscribe@googlegroups.com > > 14. http://groups.google.com/group/puppet-users?hl=en > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Apr 8, 11:51 pm, Mukul Malhotra <smilemukul2...@gmail.com> wrote:> hi, > > But how can i redirect the parameter from hostname to serialnumber so that > puppet will pick the serialnumber by default instead of hostname for the > updates on the nodes.You have a serious misunderstanding. Puppet uses cryptographic certificates to identify nodes to the master and the master to nodes. It does by default use the node''s hostname as the certname, but once the master (or another CA that the master trusts) signs the certificate, changing the node''s hostname hostname is not sufficient to allow it to impersonate another node. To node A impersonate node B that is already known to Puppet, an attacker would need also to steal a copy of B''s certificate. Anyone who can do that already has sufficient access to node B that he gains nothing by making some other node impersonate it, and anyway he doesn''t need Puppet''s help to steal data from node B or to present a fake node B to others. Even if Puppet didn''t rely on certificates, using serial number instead of hostname as you propose would gain nothing in security. An adversary with sufficient privilege to change nodes'' hostnames could as easily modify Facter to present facts of his choosing, including a forged serialnumber. Allowing untrusted users unrestricted access to your systems presents a very serious security problem. I would advise you to consider whether your requirements can be changed, or at least met in some less risky way. Alternatively, it might be wise to look into an alternative means to secure those parts of your systems that even privileged users must not touch. SELinux can do this for you, but you would want to design your SELinux policy very carefully. It is conceivable that your requirements are inconsistent with adequately securing your systems even via SELinux. Bottom line: Puppet already does better on the security issue than you would achieve with your proposed reconfiguration / modification. If the security already provided by Puppet is insufficient, then you need to look deeper to secure your systems. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Christopher Wood
2012-Apr-09 14:58 UTC
Re: [Puppet Users] Re: Customizing a hostname facts
Not that I''ve ever done it, but perhaps in the same way as Nan Liu suggests to do for the mac address in this thread: https://groups.google.com/group/puppet-users/tree/browse_frm/month/2010-10/060a412fb3b33b2c?rnum=171&_done=%2Fgroup%2Fpuppet-users%2Fbrowse_frm%2Fmonth%2F2010-10%3Ffwc%3D1%26 On Mon, Apr 09, 2012 at 10:21:43AM +0530, Mukul Malhotra wrote:> hi, > > But how can i redirect the parameter from hostname to serialnumber so that > puppet will pick the serialnumber by default instead of hostname for the > updates on the nodes. > > Thanks > > On Sun, Apr 8, 2012 at 6:28 PM, Christopher Wood > <[1]christopher_wood@pobox.com> wrote: > > /usr/lib/ruby/1.8/facter/manufacturer.rb has it on my system. > On Sun, Apr 08, 2012 at 06:02:09PM +0530, Mukul Malhotra wrote: > > Hi, > > > > I get the serialnumber from my system through "facter | grep > serialnumber" > > > > Also this is possible whether puppet picks the serialnumber fact > instead > > of hostname fact from the nodes. > > > > Can you provide the serialnumber.rb fact syntax > > > > Thanks > > > > On Sun, Apr 8, 2012 at 2:32 PM, John Kennedy > <[1][2]skebi69@gmail.com> wrote: > > > > No one should be able to change the hostname through the fact > (they can > > override any fact for a one time occurrance but that is not a > pernanent > > change) > > As to how you can get a serialnumber fact, we would need to know > how you > > get the serial number from your system to begin with. Then you > write the > > fact around that. You then put your rb file in with all the other > fact > > rb files and puppet will find it. > > John > > > > John Kennedy > > > > On Sat, Apr 7, 2012 at 11:17, Mukul Malhotra > > <[2][3]smilemukul2005@gmail.com> wrote: > > > > � > > Hi, > > > > Actually I want that nobody in my network can change the > hostname as > > some has already changed the hostname of their node so > > I want to restrict a check that nobody in the network or > outside > > network can change the hostname as they are already provided > the sudo > > access as per requirement. Also all the nodes in the network > are > > configured with serialnumber. > > > > Can you elaborate more that how "serialnumber" custom fact can > be > > written & the same will be loaded through puppet for every node > in the > > network. > > > > Thanks > > mac01 > > > > On Thu, Apr 5, 2012 at 6:47 PM, jcbollinger > > <[3][4]John.Bollinger@stjude.org> wrote: > > > > On Apr 5, 1:39�am, mac01 <[4][5]smilemukul2...@gmail.com> > wrote: > > > Hi, > > > > > > > > I am trying to override a hostname.rp from path: * > > > /usr/lib/ruby/site_ruby/1.8/facter* as, > > > > > > > > Facter.add(:hostname) do > > > � confine :hostname => "serialnumber" > > > � setcode do > > > � � Facter::Util::Resolution.exec(''cat /sys/power/states'') > > > � end > > > end > > > > > > Is the fact code correct as I want puppet to pick > serialnumber > > instead of hostname from facter ? > > > > You are trying to confine the ''hostname'' fact based on the > value of > > that same fact. �I don''t see how that could possibly work. > �Either it > > will throw Facter into an infinite loop, or that version of the > fact > > will just never be chosen. > > > > There is probably a better approach to your problem than > redefining > > the hostname fact. �Not knowing what your actual problem is, I > can > > only speculate, but you might be better off creating and using > a > > "serialnumber" custom fact. �You might also want to look into > Puppet''s > > "certname" parameter. > > > > John > > > > -- > > You received this message because you are subscribed to the > Google > > Groups "Puppet Users" group. > > > > To post to this group, send email to > [5][6]puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [6][7]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [7][8]http://groups.google.com/group/puppet-users?hl=en. > > > > � > > > > > -------------------------------------------------------------------------- > > > > Email Disclaimer: [8][9]www.stjude.org/emaildisclaimer > > > > -- > > You received this message because you are subscribed to the > Google > > Groups "Puppet Users" group. > > To post to this group, send email to > [9][10]puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [10][11]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [11][12]http://groups.google.com/group/puppet-users?hl=en. > > > > -- > > You received this message because you are subscribed to the > Google > > Groups "Puppet Users" group. > > To post to this group, send email to > [12][13]puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [13][14]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [14][15]http://groups.google.com/group/puppet-users?hl=en. > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Puppet Users" group. > > To post to this group, send email to > [16]puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > [17]puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > [18]http://groups.google.com/group/puppet-users?hl=en. > > > > References > > > > Visible links > > 1. mailto:[19]skebi69@gmail.com > > 2. mailto:[20]smilemukul2005@gmail.com > > 3. mailto:[21]John.Bollinger@stjude.org > > 4. mailto:[22]smilemukul2...@gmail.com > > 5. mailto:[23]puppet-users@googlegroups.com > > 6. mailto:[24]puppet-users%2Bunsubscribe@googlegroups.com > > 7. [25]http://groups.google.com/group/puppet-users?hl=en > > 8. [26]http://www.stjude.org/emaildisclaimer > > 9. mailto:[27]puppet-users@googlegroups.com > > 10. mailto:[28]puppet-users%2Bunsubscribe@googlegroups.com > > 11. [29]http://groups.google.com/group/puppet-users?hl=en > > 12. mailto:[30]puppet-users@googlegroups.com > > 13. mailto:[31]puppet-users%2Bunsubscribe@googlegroups.com > > 14. [32]http://groups.google.com/group/puppet-users?hl=en > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to [33]puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > [34]puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > [35]http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > References > > Visible links > 1. mailto:christopher_wood@pobox.com > 2. mailto:skebi69@gmail.com > 3. mailto:smilemukul2005@gmail.com > 4. mailto:John.Bollinger@stjude.org > 5. mailto:smilemukul2...@gmail.com > 6. mailto:puppet-users@googlegroups.com > 7. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 8. http://groups.google.com/group/puppet-users?hl=en > 9. http://www.stjude.org/emaildisclaimer > 10. mailto:puppet-users@googlegroups.com > 11. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 12. http://groups.google.com/group/puppet-users?hl=en > 13. mailto:puppet-users@googlegroups.com > 14. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 15. http://groups.google.com/group/puppet-users?hl=en > 16. mailto:puppet-users@googlegroups.com > 17. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 18. http://groups.google.com/group/puppet-users?hl=en > 19. mailto:skebi69@gmail.com > 20. mailto:smilemukul2005@gmail.com > 21. mailto:John.Bollinger@stjude.org > 22. mailto:smilemukul2...@gmail.com > 23. mailto:puppet-users@googlegroups.com > 24. mailto:puppet-users%252Bunsubscribe@googlegroups.com > 25. http://groups.google.com/group/puppet-users?hl=en > 26. http://www.stjude.org/emaildisclaimer > 27. mailto:puppet-users@googlegroups.com > 28. mailto:puppet-users%252Bunsubscribe@googlegroups.com > 29. http://groups.google.com/group/puppet-users?hl=en > 30. mailto:puppet-users@googlegroups.com > 31. mailto:puppet-users%252Bunsubscribe@googlegroups.com > 32. http://groups.google.com/group/puppet-users?hl=en > 33. mailto:puppet-users@googlegroups.com > 34. mailto:puppet-users%2Bunsubscribe@googlegroups.com > 35. http://groups.google.com/group/puppet-users?hl=en-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.