similar to: RFC: Default File Permissions

http://projects.puppetlabs.com/issues/7600 I call this the "agent orange" option :) This works, purging all unmanaged hosts entries: resources { ''host'': purge => true, noop => true, } We should have a similar property for all (most?) types. Please comment on the ticket or reply here, whichever you prefer. Thanks! r P.S. This is in

Hello Does anybody share how to roll-back configuration if puppet definition on host is change. For example Let''s assume we have host on which initial was web server and bunch of users. All this resources we configured throw puppet. node <some node> { <webserver difinition> <user1 definition> <user2 definition> <user3 definition> } At some

I''m using puppetlabs/firewall with Puppet 2.7.2, and for the most part it''s working great. I have this in my sites.pp, which I took from this list sometime ago, to save firewall rules to disk when they''re changed: # Always persist firewall rules if ($kernel == ''Linux'') { exec { ''persist-firewall'':

Hello, I am in the process of "trying out" Puppet, and so far, it is going really well, and I can see a clear line of how we can use it internally. I do have one question though with regard to the using the onlyif parameter of the exec command (as per here http://docs.puppetlabs.com/references/latest/type.html#exec). Ideally, what I would like to do is to only run a PowerShell exec

I''ve run into an odd one on one of my new RHEL 6 boxes. Puppet and Facter seem to disagree about the value of a fact. Puppet version: 2.7.9 Facter version: 1.6.4 Module: puppetlabs-apache apache::params falls through its if structure: if $::osfamily == ''redhat'' or $::operatingsystem == ''amazon'' { ... } elsif $::osfamily ==

We have resources that, from time to time, are selected to be removed (unmanaged). When it comes to ssh keys, fstab... this leaves a lot of stuff behind that we don''t want. Is there a simple way to remove the unmanaged data so we can keep the systems clean. Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post

Hi I''m getting this error with a 0.25.1 puppetmaster and 0.25.1 node. Nov 4 14:43:35 devcentos5 puppetd[26099]: (//network-config::base/File [hosts]) Failed to retrieve current state of resource: Error 400 on SERVER: Not authorized to call find on /file_metadata/network-config/ hosts/hosts.devcentos5 Could not retrieve file metadata for puppet:///network-config/hosts/hosts.devcentos5:

Hi, I''m in the progress of writing custom facts to retrieve our network configuration for the nodes from the openldap ENC. Now, since the puppetmaster has also access to the ldap server, I''m thinking to move the custom facts to a function, so it runs on the puppetmaster only, end not on every node. I just wanted to here some other opinions about this issue. Thx Johan

I see that there are an assorted bunch of "provider" types for resource type user. Are there not any "local file" providers for it? I have need of ensuring that certain local user accounts get created on all machines, reguardless of what the system "/bin/password" and "useradd" type mechanisms are set to. It would be really nice to find a pre-written

Hello all, Can anyone please help, every time I push a config to my hosts, the windows service I have just defined keeps stopping and starting, and logging in the eventlog, I only want the service to stop and start, if something has changed, and to my knowledge nothing has changed ? so it should stay running ? Can some one please help or explain regards James -- You received this

I just built a new puppet master, and whenever I run puppet on it, it throws an error while processing a service resource: # puppet agent -t > Info: Retrieving plugin > Info: Caching catalog for i-45dc2b1d > Info: Applying configuration version ''g > 9ea47ad19bc706a754c00f00a024309948d3ea03'' > Error: /Stage[main]/Ipa::Client::Basic/Service[sssd]: Could not

Hi! Is it possible to add a new element to an array inside puppet manifest ? Something like ruby''s array.push(''new_element'') ? -- Best regards, Sergey Arlashin -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

I read the guide at http://docs.puppetlabs.com/guides/scope_and_puppet.htmland others'' mail, i am a little confused now, below is my understanding: 1. top scope only refers to site.pp, not include node definitions and facts. 2. in puppet class, using variables not local, must specify the namespace, like $class::variable, if it''s a top scope variable or a fact variable or a

Hello, I am testing some schedule configurations and was wondering if I can use the schedule type in my own defines? As far as I can claim from my own tests, this is not possible? For example, the schedule "morning" does not work with my self-written define "my_crontab": ######################################### class crontab { schedule {"morning":

Hello, Let''s consider the scenario when a client node in a puppet environment gets compromised. In case some of the puppet modules make decisions based on agent facts, these modules are potentially exposed to abuse from the malicious puppet agent. For example, if a class has: if $some_fact == ''some value'' { # deploy some configuration } then the compromised node

tl;dr: Windows manages permissions in a way that doesn''t always translate well to mode. We''re putting together a solution for this. Jump in the discussion. I wanted to get this conversation started. We''ve put a lot of thought into how the model should look and focused on ease of use up to more advanced scenarios. However I don''t feel that what we have is

Dear puppet wizards, http://docs.puppetlabs.com/puppet/3/reference/lang_defined_types.html does not suggest to me that nested parametrized defines would be forbidden, hence I expected the following code to work: add_to_ssh_authorized_keys.pp: -------- define a::ssh_keys::add_to_ssh_authorized_keys($homebasedir="/home", $targetuser="root", $keyowner, $keyownername,

Hello, I can''t figure out how I can use the module puppetlabs-firewall only for some targeted nodes. If I put : resources { "firewall": purge => true } in top scope (i.e. site.pp), then all the firewall rules on all my nodes are purged. Even for nodes for which I don''t apply any module containing specific firewall { ... } resources. If I put it in a module

Dear all, I''m seeing this strange thing: When I run "*puppet agent -td*" on the node (Nagios, in this example case), puppet fails to install Nagios3 (on Debian) with this: Debug: Executing ''/usr/bin/dpkg-query -W --showformat ${Status} ${Package} > ${Version}\n nagios3'' > Debug: Executing ''/usr/bin/apt-get -q -y -o >

G''day. We recently found some issues with the `links => follow` setting in recursive file copying; the designed behaviour is that it should allow you to determine if the master serves a symlink in a module as a symlink, or as the content of the file that the symlink points to. The full details are here: https://projects.puppetlabs.com/issues/12418 The short version is that toggling