root
2013-Aug-02 18:29 UTC
[Puppet Users] crapload of files to check permissions and ownership
Very new to Puppet and I need to create a class that checks the file
permissions and ownership for 60- 100 files. Some of the files will be
named differenty or have a different path depending on the OS. I am aware
of the core_permissions class demonstrated in the Puppet 3.0 Quick Start,
and I have read "Reduce Duplicated File Attributes" here:
https://groups.google.com/forum/?hl=en#!newtopic/puppet-users
That document advocates setting a default set of attributes for the File
resource, and then nest all the declarations inside one resource statement,
like so:
File {
ensure => "present",
owner => "root",
group => "root",
mode => 644,
}
file {
"/etc/cobbler/modules.conf":
content => template("cobbler/modules.conf");
"/etc/cobbler/dhcp.template":
content => template("cobbler/dhcp.template");
# override the permissions for this one file
"/etc/cobbler/users.digest":
source => "puppet:///modules/cobbler/users.digest.live",
mode => 660;
}
This looks kind of ugly to me. Anyone figure out a nicer way to do this? I
will only be checking "ensure", "mode", "owner"
and "group".
I want the class to be readable to admins who are new to Puppet, but I
don''t want to have a separate "file" declaration for each
file.
Thanks.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Dan White
2013-Aug-02 18:45 UTC
Re: [Puppet Users] crapload of files to check permissions and ownership
Your link is for posting a new message to this group on Google Groups.
Perhaps you wanted this:
http://www.puppetcookbook.com/posts/remove-duplicated-file-resource-attributes.html
You say you want to check file permission/ownership.
Do you want to make any changes if things are not how you want them ?
Subtle, but different.
Any file managed by Puppet can be controlled. However, Puppet does not
(directly) do anything to any file it does not manage.
The above cookbook-example will not set permission/ownership to any file not
explicitly managed.
Do you plan to manage all these files in Puppet ?
If not, another approach is needed.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the
universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
----- Original Message -----
From: "root" <clri.c0t0d0@gmail.com>
To: puppet-users@googlegroups.com
Sent: Friday, August 2, 2013 2:29:27 PM
Subject: [Puppet Users] crapload of files to check permissions and ownership
Very new to Puppet and I need to create a class that checks the file permissions
and ownership for 60- 100 files. Some of the files will be named differenty or
have a different path depending on the OS. I am aware of the core_permissions
class demonstrated in the Puppet 3.0 Quick Start, and I have read "Reduce
Duplicated File Attributes" here:
https://groups.google.com/forum/?hl=en#!newtopic/puppet-users
That document advocates setting a default set of attributes for the File
resource, and then nest all the declarations inside one resource statement, like
so:
File {
ensure => "present",
owner => "root",
group => "root",
mode => 644,
}
file {
"/etc/cobbler/modules.conf":
content => template("cobbler/modules.conf");
"/etc/cobbler/dhcp.template":
content => template("cobbler/dhcp.template");
# override the permissions for this one file
"/etc/cobbler/users.digest":
source => "puppet:///modules/cobbler/users.digest.live",
mode => 660;
} This looks kind of ugly to me. Anyone figure out a nicer way to do this? I
will only be checking "ensure", "mode", "owner"
and "group". I want the class to be readable to admins who are new to
Puppet, but I don''t want to have a separate "file"
declaration for each file. Thanks.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users .
For more options, visit https://groups.google.com/groups/opt_out .
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
ygor
2013-Aug-02 19:33 UTC
Re: [Puppet Users] crapload of files to check permissions and ownership
[Please respond to THE LIST and not directly/privately]
OK, then if you want to manage 100+ files, you need to either LIST 100+ files or
manage the file tree using the ''recurse'' parameter.
There is another thread here recently asking about wildcards in file resources.
They were told that wildcards do not work for that.
----- Original Message -----
From: "root" <clri.c0t0d0@gmail.com>
To: ygor@comcast.net
Sent: Friday, August 2, 2013 3:00:19 PM
Subject: Re: [Puppet Users] crapload of files to check permissions and ownership
Yes, my link is not correct, i meant to link to the puppet cookbook page.
I do want to mange and change the files. Thanks.
On Friday, August 2, 2013 2:45:01 PM UTC-4, Ygor wrote:
Your link is for posting a new message to this group on Google Groups.
Perhaps you wanted this:
http://www.puppetcookbook.com/posts/remove-duplicated-file-resource-attributes.html
You say you want to check file permission/ownership.
Do you want to make any changes if things are not how you want them ?
Subtle, but different.
Any file managed by Puppet can be controlled. However, Puppet does not
(directly) do anything to any file it does not manage.
The above cookbook-example will not set permission/ownership to any file not
explicitly managed.
Do you plan to manage all these files in Puppet ?
If not, another approach is needed.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the
universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
From: "root" < clri....@gmail.com >
To: puppet...@googlegroups.com
Sent: Friday, August 2, 2013 2:29:27 PM
Subject: [Puppet Users] crapload of files to check permissions and ownership
Very new to Puppet and I need to create a class that checks the file permissions
and ownership for 60- 100 files. Some of the files will be named differenty or
have a different path depending on the OS. I am aware of the core_permissions
class demonstrated in the Puppet 3.0 Quick Start, and I have read "Reduce
Duplicated File Attributes" here:
https://groups.google.com/forum/?hl=en#!newtopic/puppet-users
That document advocates setting a default set of attributes for the File
resource, and then nest all the declarations inside one resource statement, like
so:
File {
ensure => "present",
owner => "root",
group => "root",
mode => 644,
}
file {
"/etc/cobbler/modules.conf":
content => template("cobbler/modules.conf");
"/etc/cobbler/dhcp.template":
content => template("cobbler/dhcp.template");
# override the permissions for this one file
"/etc/cobbler/users.digest":
source => "puppet:///modules/cobbler/users.digest.live",
mode => 660;
} This looks kind of ugly to me. Anyone figure out a nicer way to do this? I
will only be checking "ensure", "mode", "owner"
and "group". I want the class to be readable to admins who are new to
Puppet, but I don''t want to have a separate "file"
declaration for each file. Thanks.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users...@googlegroups.com .
To post to this group, send email to puppet...@googlegroups.com .
Visit this group at http://groups.google.com/group/puppet-users .
For more options, visit https://groups.google.com/groups/opt_out .
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
root
2013-Aug-05 14:55 UTC
Re: [Puppet Users] crapload of files to check permissions and ownership
Yes, I do intend to list all the files and their expected mode and ownership, I just want to figure out the nicest, most succinct way to do that. Wildcards and recursive listings will do me no good -- these files are scattered all over. Thanks. On Friday, August 2, 2013 3:33:57 PM UTC-4, Ygor wrote:> > [Please respond to THE LIST and not directly/privately] > > OK, then if you want to manage 100+ files, you need to either LIST 100+ > files or manage the file tree using the ''recurse'' parameter. > > There is another thread here recently asking about wildcards in file > resources. They were told that wildcards do not work for that. > > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
jcbollinger
2013-Aug-06 13:36 UTC
Re: [Puppet Users] crapload of files to check permissions and ownership
On Monday, August 5, 2013 9:55:48 AM UTC-5, root wrote:> > Yes, I do intend to list all the files and their expected mode and > ownership, I just want to figure out the nicest, most succinct way to do > that. > > Wildcards and recursive listings will do me no good -- these files are > scattered all over. > >You are giving inconsistent criteria. Are you looking for succinct or pretty? The two are not well correlated. In your case, you need to create a separate File resource for each of the files you are talking about. Without some kind of regular organization to the target files, the most succinct way to do this is the one you described in your original post. You can pretty it up a little bit with nice formatting, but that can only take you so far. Alternatively, you can create a hash of hashes describing all the files you want to manage, and use Puppet''s create_resources() function to actually declare them. See the documentation and other threads on this group for details. That would make the actual declaration very succinct indeed, but when you include the data (the hash of hashes), the whole will be longer. Or you can just write a separate declaration for each file, with or without the aid of in-scope resource defaults. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.