Hello,
I''m trying to learn how to use augeas in puppet. One of the packages
we
have puppet installing is vsftpd. Rather than putting the vsftpd conf file
in puppet (in case the config file is updated by the upstream maintainers)
I''d like to use augeas to make sure the correct lines exist in the
config
file.
Currently, the default vsftpd config file contains the following 21 lines
(among others of course):
anonymous_enable=YES
#chroot_local_user=YES
I''d like to change this to:
anonymous_enable=NO
chroot_local_user=YES
I have the following in a module:
#vsftpd
package { ''vsftpd'':
ensure => installed,
}
file { ''/etc/vsftpd/vsftpd.conf'':
ensure => file,
mode => 600,
require => Package[''vsftpd''],
}
augeas { ''vsftpd.conf'':
context => ''/etc/vsftpd/vsftpd.conf'',
changes => [ ''set anonymous_enable=NO'', ''set
chroot_local_user=YES'', ],
require => File[''/etc/vsftpd/vsftpd.conf''],
}
But I''m having no luck changing either line.
Any suggestions are welcome - thanks!
Greg
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Greg, I believe resource ini_setting would be appropriate here but I do understand the desire to learn about Puppet + Augeas.> augeas { ''vsftpd.conf'': > context => ''/etc/vsftpd/vsftpd.conf'', > changes => [ ''set anonymous_enable=NO'', ''set chroot_local_user=YES'',],> require => File[''/etc/vsftpd/vsftpd.conf''], > }context => ''*/files*/vsftpd/vsftpd.conf'', ? I''m lazy and haven''t tested with a Puppet apply but I think this might just be an issue of understanding the namespace-y Augeas stuff. You can test like so with augtool: $ augtool ls */files*/vsftpd/vsftpd.conf -- --- Nathan Valentine - nathan@puppetlabs.com Puppet Labs Professional Services GV: 415.504.2173 Skype: nrvale0 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Nathan,
Thanks for the response - I did not know about inifile.
I unfortunately seem to be having trouble with ini_setting - the following
causes a new line to be added every time puppet gets run:
ini_setting { ''anonymous_enable'':
path => ''/etc/vsftpd/vsftpd.conf'',
setting => ''anonymous_enable'',
value => ''NO'',
ensure => present,
}
ini_setting { ''chroot_local_user'':
path => ''/etc/vsftpd/vsftpd.conf'',
setting => ''chroot_local_user'',
value => ''YES'',
ensure => present,
}
BTW, still playing with augeas too - the most recent code is:
augeas { ''vsftpd.conf'':
context => ''/files/vsftpd/vsftpd.conf'',
incl => ''/etc/vsftpd/vsftpd.conf'',
load_path => ''/usr/share/augeas/lenses/dist/'',
lens => ''vsftpd'',
changes => [ ''set anonymous_enable NO'', ''set
chroot_local_user YES'',
],
}
Turns out that augeas has an unwelcome behavior - it tries to load all
files that match the lens - if any are non-standard, it errors out.
Greg
On Monday, September 23, 2013 3:00:36 PM UTC-7, Nathan Valentine
wrote:>
> Greg,
>
> I believe resource ini_setting would be appropriate here but I do
> understand the desire to learn about Puppet + Augeas.
>
> > augeas { ''vsftpd.conf'':
> > context => ''/etc/vsftpd/vsftpd.conf'',
> > changes => [ ''set anonymous_enable=NO'',
''set chroot_local_user=YES'',
> ],
> > require => File[''/etc/vsftpd/vsftpd.conf''],
> > }
>
>
> context => ''*/files*/vsftpd/vsftpd.conf'',
>
> ?
>
> I''m lazy and haven''t tested with a Puppet apply but I
think this might
> just be an issue of understanding the namespace-y Augeas stuff. You can
> test like so with augtool:
>
> $ augtool ls */files*/vsftpd/vsftpd.conf
>
> --
> ---
> Nathan Valentine - nat...@puppetlabs.com <javascript:>
> Puppet Labs Professional Services
> GV: 415.504.2173
> Skype: nrvale0
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
I''ve decided to not be blocked by this issue and to have puppet manage the config file. It''s not an ideal solution, but good enough until I learn more about either augeas or inifile. Greg On Monday, September 23, 2013 3:48:05 PM UTC-7, Greg Coit wrote:> > Nathan, > > Thanks for the response - I did not know about inifile. > > I unfortunately seem to be having trouble with ini_setting - the following > causes a new line to be added every time puppet gets run: > > ini_setting { ''anonymous_enable'': > path => ''/etc/vsftpd/vsftpd.conf'', > setting => ''anonymous_enable'', > value => ''NO'', > ensure => present, > } > > ini_setting { ''chroot_local_user'': > path => ''/etc/vsftpd/vsftpd.conf'', > setting => ''chroot_local_user'', > value => ''YES'', > ensure => present, > } > > BTW, still playing with augeas too - the most recent code is: > > augeas { ''vsftpd.conf'': > context => ''/files/vsftpd/vsftpd.conf'', > incl => ''/etc/vsftpd/vsftpd.conf'', > load_path => ''/usr/share/augeas/lenses/dist/'', > lens => ''vsftpd'', > changes => [ ''set anonymous_enable NO'', ''set chroot_local_user YES'', > ], > } > > Turns out that augeas has an unwelcome behavior - it tries to load all > files that match the lens - if any are non-standard, it errors out. > > Greg > > On Monday, September 23, 2013 3:00:36 PM UTC-7, Nathan Valentine wrote: >> >> Greg, >> >> I believe resource ini_setting would be appropriate here but I do >> understand the desire to learn about Puppet + Augeas. >> >> > augeas { ''vsftpd.conf'': >> > context => ''/etc/vsftpd/vsftpd.conf'', >> > changes => [ ''set anonymous_enable=NO'', ''set >> chroot_local_user=YES'', ], >> > require => File[''/etc/vsftpd/vsftpd.conf''], >> > } >> >> >> context => ''*/files*/vsftpd/vsftpd.conf'', >> >> ? >> >> I''m lazy and haven''t tested with a Puppet apply but I think this might >> just be an issue of understanding the namespace-y Augeas stuff. You can >> test like so with augtool: >> >> $ augtool ls */files*/vsftpd/vsftpd.conf >> >> -- >> --- >> Nathan Valentine - nat...@puppetlabs.com >> Puppet Labs Professional Services >> GV: 415.504.2173 >> Skype: nrvale0 >> >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
LOL - or I could just use one of the 2 vsftpd modules on puppetforge... I never *intend* to do things the hard way. :) Greg On Tuesday, September 24, 2013 9:32:53 AM UTC-7, Greg Coit wrote:> > I''ve decided to not be blocked by this issue and to have puppet manage the > config file. It''s not an ideal solution, but good enough until I learn > more about either augeas or inifile. > > Greg > > On Monday, September 23, 2013 3:48:05 PM UTC-7, Greg Coit wrote: >> >> Nathan, >> >> Thanks for the response - I did not know about inifile. >> >> I unfortunately seem to be having trouble with ini_setting - the >> following causes a new line to be added every time puppet gets run: >> >> ini_setting { ''anonymous_enable'': >> path => ''/etc/vsftpd/vsftpd.conf'', >> setting => ''anonymous_enable'', >> value => ''NO'', >> ensure => present, >> } >> >> ini_setting { ''chroot_local_user'': >> path => ''/etc/vsftpd/vsftpd.conf'', >> setting => ''chroot_local_user'', >> value => ''YES'', >> ensure => present, >> } >> >> BTW, still playing with augeas too - the most recent code is: >> >> augeas { ''vsftpd.conf'': >> context => ''/files/vsftpd/vsftpd.conf'', >> incl => ''/etc/vsftpd/vsftpd.conf'', >> load_path => ''/usr/share/augeas/lenses/dist/'', >> lens => ''vsftpd'', >> changes => [ ''set anonymous_enable NO'', ''set chroot_local_user >> YES'', ], >> } >> >> Turns out that augeas has an unwelcome behavior - it tries to load all >> files that match the lens - if any are non-standard, it errors out. >> >> Greg >> >> On Monday, September 23, 2013 3:00:36 PM UTC-7, Nathan Valentine wrote: >>> >>> Greg, >>> >>> I believe resource ini_setting would be appropriate here but I do >>> understand the desire to learn about Puppet + Augeas. >>> >>> > augeas { ''vsftpd.conf'': >>> > context => ''/etc/vsftpd/vsftpd.conf'', >>> > changes => [ ''set anonymous_enable=NO'', ''set >>> chroot_local_user=YES'', ], >>> > require => File[''/etc/vsftpd/vsftpd.conf''], >>> > } >>> >>> >>> context => ''*/files*/vsftpd/vsftpd.conf'', >>> >>> ? >>> >>> I''m lazy and haven''t tested with a Puppet apply but I think this might >>> just be an issue of understanding the namespace-y Augeas stuff. You can >>> test like so with augtool: >>> >>> $ augtool ls */files*/vsftpd/vsftpd.conf >>> >>> -- >>> --- >>> Nathan Valentine - nat...@puppetlabs.com >>> Puppet Labs Professional Services >>> GV: 415.504.2173 >>> Skype: nrvale0 >>> >>-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Greg Coit [24.09.2013 00:48]:> > BTW, still playing with augeas too - the most recent code is: > > augeas { ''vsftpd.conf'': > context => ''/files/vsftpd/vsftpd.conf'',Greg, shouldn''t this be ''/files/etc/vsftpd/vsftpd.conf''? Just a guess from a novice... Regards, Werner -- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.