similar to: Using puppet to manage user access to servers.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I was made aware of puppet a few weeks ago and I really like the way things are working. What I liked at cfengine was the capability to push content from the central server to any node. There was no need to open a port from DMZ or any other remote system to the central server. Is there a similar way within puppet? How is this solved by other

I''m trying to get a new file server managed by puppet from day 1, at least as much as possible. At the moment, though, there''s two issues I''m running into: 1. fstab should have entries for my comically-large RAID, but doesn''t. 2. each puppet run appears to remount the RAID, even when no rules in the manifest change. I suspect the issue may be in parsing

Part of my authentication setup is to keep clients'' secrets.tdb for Samba/Winbind on the puppetmaster. Since secrets.tdb contains the username/password for an Active Directory machine account, it will get changed by Winbind periodically, and I don''t want it those changes to get reverted by puppet. So I''ve got active-directory-member.pp, last modified August 19, with

Not that I''m much of a Solaris guy, and definitely not a Solaris 10 guy, but since nobody else had posted anything yet: http://reductivelabs.com/trac/puppet/wiki/PuppetSolaris#Solaris10 The good news is that it appears to be a completely hands-off puppetd installation. Just sign the client key afterwards on the puppetmaster and you''re set. The bad news is that it''s

Hi I am trying to push populate /home & subdirectories from the puppet server to all the Linux clients. I managed this with cfengine using rsync. But I am not sure how do I achieve this in puppet, do we have any inbuilt function for this. Also, is there a function for userdel like for useradd (user) groupadd(group). Any suggestion is appreciated. -- Deepak

Hi all, I''m a new puppet user and I''m running into some weirdness around creating users on solaris. (puppet version 0.23.2) The virt_all_users way of managing users seems pretty reasonable, but I don''t see how to deal with user specific groups with that. I have: class virt_all_users { @user { "seph": ensure => "present",

Hi all, I am new to this list and puppet. I am working at the Rutherford Appleton Lab and am part of a team that looks after several hundred servers mainly running Scientific Linux (based on RedHat). I am currently looking at puppet to be used to perform what is currently done by kickstart scripts, with these performing an on going configuration job once the systems are built. My current

Hi, I''m still writing my djbdns module, I came to the following design issue with master and slave tinydns. Normally there is no such master and slave distinction in djbdns: all tinydns instance are equal. Usually one instance on one host is considered the master on, which the RR are changed, and when you need to propagate them, you rsync the datas to the other hosts, where they will be

Just curious as to the functionality of puppet. Does Puppet ensure that a service is up and running as long as puppet is running? Ie, I want to make sure ssh is always running, if for some reason ssh get''s shut down, does puppet start it back up when it does it''s config sync run? Thanks! --------------------------------- Pinpoint customers who are looking for

hi,all I want the puppetd run in daemon only run by the puppetrun trigger, not schedule run . so how can do this ? what''s the maximum of the runinterval ? I want change this option to do this. Please help me . -- Huang Mingyou

Anyone care to share how they handle yum updates? We have a script that runs yum update nightly and then emails us the results when there are packages to be updated. Ideally I''d like a way to keep a class in site.pp that can be uncommented to run yum update -y after the update list is reviewed by a human. Tim

Is it possible to trigger a service restart without always forcing that service to be running? We shutdown mysql for about 30min every day to do backups, and I don''t want puppet to start mysql during this window. So I''ve removed ensure => "running" from the mysql service. But now notify => Service[mysql] doesn''t restart mysql. Is it possible to tell

It seems to me that when you have a master server and a client computer, the master doesn''t really need to know the implementation details of the client computer. It''s kinda like a browser from my perspective...the server is just telling the browser what needs to be drawn on the local side. Does the puppet model work like this? If not, I guess what I read didn''t

Hi, I''m absolutely new to centralized server management, sorry sorry in advance for any stupid remarks. Looking on the puppet documentation, I mainly find a lot of info about how to manage the config files, but nothing about centralized control. So I''m wandering if I''m looking a the right software package for my needs. I want to be able to do the following from a

Hello List, We are using puppet to manage a growing number of Debian Etch based servers (currently 70). Since upgrading to 0.22.4 we encountered a problem when services do not restarted on puppets request. For example the Nagios remote plugin executor daemon (nrpe). It''s running daemonized and its confiugration is located in /etc/nagios/nrpe.cfg. This file is managed through puppet

Hi, I have a number of puppets talking to 1 puppetmaster. Everything was working fine until suddenly this week the puppets are revolting. Whenever I try to run ''puppetd -v'' I see a lot of messages like: Certificates were not trusted: hostname was not match I''m sure I did not make any changes to DNS lately and I didn''t upgrade puppet on any of the machines

so I have this sudo module that I''ve been working on: class auth::sudo { package { sudo: ensure => installed } file { sudo_config: name => "/tmp/sudoers", owner => "root", group => "root", mode => 0440, notify => Exec["sudoers-syntax"], source => [

I tried to install the ''mongrel'' gem tonight via puppet in an attempt to migrate from webrick to mongrel as described on the puppet site[1]. I added the following to my manifest: package { "rubygems": ensure => installed; "mongrel": ensure => installed, provider => gem, require => Package["rubygems"]; }

I''m still tinkering, moving over code from CFE to Puppet in a test environment. One item I did with CfE was manage services. If something wasn''t running, it was restarted. Puppet''s service integration makes this easy. The flip side, is how do you guarantee Puppet''s running? I pulled some tricks with CfE to ensure it was always running. I made CfE a direct

Anyone know if it would be straightforward to extract this information from Puppet, probably in a custom function: The classes included as a result of the client''s parsed configuration - or - Am I in class X as a result of my parsed configuration? I''m thinking it would result in a more elegant manifest if classes X and Y behaved differently if they were both included compared