Hi, I am new to Puppet. I need to monitor a file for changes on a server and if it does, copy it immediately to the clients. But it has permissions 640, and must retain these. Can anyone suggest a manifest for this? Thanks a lot. M -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/aJMGyjp1PAYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi Marshie8
can you tied filebucket
#Filebucket config
filebucket { main:
server => "puppet"
}
-Ganesh.
Did I learn something today? If not, I wasted it.
On Tue, Jul 10, 2012 at 4:55 AM, Marshie8 <markmarshall8@gmail.com>
wrote:> Hi,
>
> I am new to Puppet.
>
> I need to monitor a file for changes on a server and if it does, copy it
> immediately to the clients. But it has permissions 640, and must retain
> these.
>
> Can anyone suggest a manifest for this?
>
> Thanks a lot.
>
> M
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/aJMGyjp1PAYJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
On Tue, Jul 10, 2012 at 9:55 AM, Marshie8 <markmarshall8@gmail.com> wrote:> Hi, > > I am new to Puppet. > > I need to monitor a file for changes on a server and if it does, copy it > immediately to the clients. But it has permissions 640, and must retain > these. > > Can anyone suggest a manifest for this?Hi, The idea behind puppet is that it centrally manages/controls your node''s configuration. Given that as a premise, allowing your source file to be changed on the server is going to quickly get things out of control again, as puppet, as far as I know, can''t monitor remote server''s files for changes to push out to other clients. My suggestion would be to take a copy of the file as it is on your server now, and place it under the control of puppet. The following simple manifest should do what you''re after: class server_file { file { "/destination/path/to/your/file": owner => owner, group => group, mode => 0640, source => "puppet:///files/server_file", } } In a default configuration of puppet on a UNIX-like OS, server_file would be placed at /etc/puppet/files/server_file. From now on though, your admins/users are going to have to understand that any changes to that file need to be made on the puppetmaster. The above manifest also assumes that server_file is placed in the same location on both clients and the server. Hope this helps, Matt. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Tuesday, July 10, 2012 11:33:38 AM UTC+1, Matthew Burgess wrote:> > My suggestion would be to take a copy of the file as it is on your > server now, and place it under the control of puppet. The following > simple manifest should do what you''re after: > > class server_file { > > file { "/destination/path/to/your/file": > owner => owner, > group => group, > mode => 0640, > source => "puppet:///files/server_file", > } > } > >Hi Matt, Thanks for your response. I tried your example but the client is complaining of a permissions error: Jul 10 15:00:24 system1 puppet-agent[16595]: (/Stage[main]/Server_file/File[/etc/server_file]) Could not evaluate: Error 400 on SERVER: Permission denied - /etc/puppet/files/server_file Could not retrieve file metadata for puppet://server-1.company.com/etc/puppet/files/server_file: Error 400 on SERVER: Permission denied - /etc/puppet/files/server_file at /etc/puppet/manifests/classes/server_file.pp:11 Is there a way I can overcome this, perhaps by changing the ownership temporarily? The original file will be changed semi-regularly by users on the server - they have no problem with that - so I put in a cron job to copy it into the puppet directory every 10 minutes. I know it''s messy but I don''t care if it works - each client system needs to take a copy of that file and apply the same permissions to it. Cheers, M -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/exCTzodHjaYJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Of course the file you want to deploy with puppet must be readable by the puppetmaster. Do you use Apache Passenger, Nginx or webbrick? If you use Apache Passenger: The file /etc/puppet/files/server_file must be readable by the user, who owns the /etc/puppet/rack/config.ru file. On Tuesday, July 10, 2012 4:11:02 PM UTC+2, Marshie8 wrote:> > > On Tuesday, July 10, 2012 11:33:38 AM UTC+1, Matthew Burgess wrote: >> >> My suggestion would be to take a copy of the file as it is on your >> server now, and place it under the control of puppet. The following >> simple manifest should do what you''re after: >> >> class server_file { >> >> file { "/destination/path/to/your/file": >> owner => owner, >> group => group, >> mode => 0640, >> source => "puppet:///files/server_file", >> } >> } >> >> > Hi Matt, > > Thanks for your response. > > I tried your example but the client is complaining of a permissions error: > > Jul 10 15:00:24 system1 puppet-agent[16595]: > (/Stage[main]/Server_file/File[/etc/server_file]) Could not evaluate: Error > 400 on SERVER: Permission denied - /etc/puppet/files/server_file Could not > retrieve file metadata for puppet:// > server-1.company.com/etc/puppet/files/server_file: Error 400 on SERVER: > Permission denied - /etc/puppet/files/server_file at > /etc/puppet/manifests/classes/server_file.pp:11 > > Is there a way I can overcome this, perhaps by changing the ownership > temporarily? > > The original file will be changed semi-regularly by users on the server - > they have no problem with that - so I put in a cron job to copy it into the > puppet directory every 10 minutes. > > I know it''s messy but I don''t care if it works - each client system needs > to take a copy of that file and apply the same permissions to it. > > Cheers, > > M >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/CQZBl0CU1toJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Tuesday, July 10, 2012 3:26:47 PM UTC+1, Andreas Paul wrote:> > Of course the file you want to deploy with puppet must be readable by the > puppetmaster. > Do you use Apache Passenger, Nginx or webbrick? > > If you use Apache Passenger: > > The file /etc/puppet/files/server_file must be readable by the user, who > owns the /etc/puppet/rack/config.ru file. >I don''t have any of those :( M -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/aS9sfIYsHD0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Tue, Jul 10, 2012 at 3:57 PM, Marshie8 <markmarshall8@gmail.com> wrote:> > > On Tuesday, July 10, 2012 3:26:47 PM UTC+1, Andreas Paul wrote: >> >> Of course the file you want to deploy with puppet must be readable by the >> puppetmaster. >> Do you use Apache Passenger, Nginx or webbrick? >> >> If you use Apache Passenger: >> >> The file /etc/puppet/files/server_file must be readable by the user, who >> owns the /etc/puppet/rack/config.ru file. > > > I don''t have any of those :(Then it looks like you''re running puppet under its default webrick configuration. How do you start your puppetmaster? Via the init script? When you do a ''ps -ef'' what user is the puppetmaster process running as? What does ''ls -l /etc/puppet/files/server_file'' show? Thanks, Matt. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Tuesday, July 10, 2012 4:12:42 PM UTC+1, Matthew Burgess wrote:> > Then it looks like you''re running puppet under its default webrick > configuration. How do you start your puppetmaster? Via the init > script?Yes, it''s running as the puppet user: server-1:~ # ps -ef |grep ''puppetmaster'' puppet 5256 1 0 Jun13 ? 03:20:41 /usr/bin/ruby /usr/sbin/puppetmasterd>What does ''ls -l /etc/puppet/files/server_file'' show?server-1:~ # ls -la /etc/puppet/files/server_file -rw-r----- 1 root work 1694 2012-07-10 10:59 /etc/puppet/files/server_file Thanks, M -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/fFLe1MBzQEcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Tue, Jul 10, 2012 at 4:18 PM, Marshie8 <markmarshall8@gmail.com> wrote:> > On Tuesday, July 10, 2012 4:12:42 PM UTC+1, Matthew Burgess wrote: >> >> Then it looks like you''re running puppet under its default webrick >> configuration. How do you start your puppetmaster? Via the init >> script? > > > Yes, it''s running as the puppet user: > > server-1:~ # ps -ef |grep ''puppetmaster'' > puppet 5256 1 0 Jun13 ? 03:20:41 /usr/bin/ruby > /usr/sbin/puppetmasterd > > >>What does ''ls -l /etc/puppet/files/server_file'' show? > > server-1:~ # ls -la /etc/puppet/files/server_file > -rw-r----- 1 root work 1694 2012-07-10 10:59 /etc/puppet/files/server_fileSo, presumably then ''groups puppet'' shows that it isn''t in the ''work'' group, at which point it won''t be able to read that file. ''chmod 0644'' should sort this for you. Note that those permissions won''t be affected by your manifest as this is the ''source'' file, not the target destination. Regards, Matt. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks guys for all your help, that all now works perfectly. Best wishes, M -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/vckvMCUUo4kJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.