Hello, I''m trying to add an entry to /etc/hosts.allow only if the entry for ''client'' (daemon) does not already exit. In this #puppet log: http://www.puppetlogs.com/puppet/%23puppet-2012-05-03.log.html rodjek links a gist which should do exactly that: https://gist.github.com/18c50d8800840696bac0 But I can''t get it to execute with augtool: augtool> set /files/etc/hosts.allow/*[process=nrpe]/client[last()+1] 1.1.1.1 error: Failed to execute command What am I doing wrong? (I''m using the latest from here: https://raw.github.com/lutter/augeas/master/lenses/hosts_access.aug) Thank you kindly, Eugene -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
First thing I would do is use ''augtool'' on the command line and checking for any errors trying to parse your current /etc/hosts.allow file: augtool> ls /augeas/files/etc/hosts.allow/error(maybe *errors* plural, can''t remember off the top of my head ... play with the path as I may have typo''d something :P) If that exists and has nodes under it check out what it says for an error and goto the line with the error in /etc/hosts.allow. It means augeas is not able to parse the file as it is now before even trying to make the changes you want to make. If the ''errors'' didn''t exist then try adding the entry puppet is trying to add manually. I think you get get the augeas command puppet is trying to use by running ''puppet agent --debug'' and then grepping on the augeas resource name. So again, use augtool and manually try to edit the file through that and see if you are able to save your changes. If it fails, I think you can then reference that error path I gave you to first check for whatever error may be generated from trying to make the change. Hope that helps point you into a direction for a solution. Regards, Jake -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/HMyjqovJzqQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Wow, I think I totally missed reading the last part of your message. Unfortunately I don''t have a system currently to test what you are trying to do to further debug. Sorry for posting so hastily. Regards, Jake -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Bx4oHAw8nhcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Monday, September 24, 2012 2:40:41 PM UTC-5, jmccann wrote:> > First thing I would do is use ''augtool'' on the command line and checking > for any errors trying to parse your current /etc/hosts.allow file: > > augtool > > ls /augeas/files/etc/hosts.allow/error > (maybe *errors* plural, can''t remember off the top of my head ... play > with the path as I may have typo''d something :P) >I''m starting to think that with Augtool I have to explicitly create a node, while with Puppet augeas provider, I do not. Hmm. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/W4PfBRR4zUgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On 24/09/12 19:03, Eugene Vilensky wrote:> Hello, > > I''m trying to add an entry to /etc/hosts.allow only if the entry for > ''client'' (daemon) does not already exit. > > In this #puppet log: > http://www.puppetlogs.com/puppet/%23puppet-2012-05-03.log.html > > rodjek links a gist which should do exactly that: > https://gist.github.com/18c50d8800840696bac0 > > But I can''t get it to execute with augtool: > > augtool> set /files/etc/hosts.allow/*[process=nrpe]/client[last()+1] 1.1.1.1 > error: Failed to execute commandYou''re missing quotes around "nrpe", the command should be: set /files/etc/hosts.allow/*[process=''nrpe'']/client[last()+1] 1.1.1.1 rodjek''s example has the quotes in, so just a transcription error. On 12/10/12 21:08, Trammael wrote:>> I''m starting to think that with Augtool I have to explicitly create a > node, while with Puppet augeas provider, I do not. Hmm.There''s no difference like this. The Puppet provider parses the commands but feeds them into the same API as augtool itself uses. Were you having problems just with augtool, or from Puppet too? Cheers, -- Dominic Cleal Red Hat Consulting m: +44 (0)7817 878113 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Eugene Vilensky
2012-Oct-15 15:52 UTC
Re: [Puppet Users] augeas only add if doesn''t exist
On Oct 14, 2012, at 12:40 PM, Dominic Cleal <dcleal@redhat.com> wrote:> You''re missing quotes around "nrpe", the command should be: > > set /files/etc/hosts.allow/*[process=''nrpe'']/client[last()+1] 1.1.1.1 > > rodjek''s example has the quotes in, so just a transcription error.Totally works for an existing ''nrpe'' node (thanks!) but not if it does not exist. I don''t suppose there is a simple "create onlyif not exists" expression? (http://augeas.net/page/Path_expressions) -Eugene -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On 15/10/12 16:52, Eugene Vilensky wrote:> > On Oct 14, 2012, at 12:40 PM, Dominic Cleal <dcleal@redhat.com > <mailto:dcleal@redhat.com>> wrote: > >> You''re missing quotes around "nrpe", the command should be: >> >> set /files/etc/hosts.allow/*[process=''nrpe'']/client[last()+1] 1.1.1.1 >> >> rodjek''s example has the quotes in, so just a transcription error. > > > Totally works for an existing ''nrpe'' node (thanks!) but not if it does > not exist. I don''t suppose there is a simple "create onlyif not exists" > expression? (http://augeas.net/page/Path_expressions)The best way to do this currently is two separate resources, splitting out the responsibilities so that one adds "nrpe" and the client "1.1.1.1" if the process isn''t there already. The second, if you need it, will run if "nrpe" is already listed but the client "1.1.1.1" isn''t. $process = "nrpe" $client = "1.1.1.1" # Responsible for adding nrpe if it isn''t there augeas { "process-${process}": context => "/files/etc/hosts.allow", changes => [ "set /files/etc/hosts.allow/01/process ${process}", "set /files/etc/hosts.allow/01/client[.=''${client}''] ${client}", ], onlyif => "match *[process=''${process}''] size == 0", } # Responsible for updating existing nrpe entries missing the client augeas { "process-${process}-client": context => "/files/etc/hosts.allow", changes => "set /files/etc/hosts.allow/*[process=''${process}'']/client[.=''${client}''] ${client}", require => Augeas["process-${process}"], } I''ve changed this from last()+1 to a style that makes the command idempotent. -- Dominic Cleal Red Hat Consulting m: +44 (0)7817 878113 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On 16/10/12 11:42, Dominic Cleal wrote:> On 15/10/12 16:52, Eugene Vilensky wrote: >> >> On Oct 14, 2012, at 12:40 PM, Dominic Cleal <dcleal@redhat.com >> <mailto:dcleal@redhat.com>> wrote: >> >>> You''re missing quotes around "nrpe", the command should be: >>> >>> set /files/etc/hosts.allow/*[process=''nrpe'']/client[last()+1] 1.1.1.1 >>> >>> rodjek''s example has the quotes in, so just a transcription error. >> >> >> Totally works for an existing ''nrpe'' node (thanks!) but not if it does >> not exist. I don''t suppose there is a simple "create onlyif not exists" >> expression? (http://augeas.net/page/Path_expressions) > > The best way to do this currently is two separate resources, splitting > out the responsibilities so that one adds "nrpe" and the client > "1.1.1.1" if the process isn''t there already. The second, if you need > it, will run if "nrpe" is already listed but the client "1.1.1.1" isn''t.Sorry, that wasn''t a great example. I''d set context but not used it. $process = "nrpe" $client = "1.1.1.1" # Responsible for adding nrpe if it isn''t there augeas { "process-${process}": context => "/files/etc/hosts.allow", changes => [ "set 01/process ${process}", "set 01/client[.=''${client}''] ${client}", ], onlyif => "match *[process=''${process}''] size == 0", } # Responsible for updating existing nrpe entries missing the client augeas { "process-${process}-client": context => "/files/etc/hosts.allow", changes => "set *[process=''${process}'']/client[.=''${client}''] ${client}", require => Augeas["process-${process}"], } -- Dominic Cleal Red Hat Consulting m: +44 (0)7817 878113 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.