Comments (10)
purge => true
must be set on the file resource /etc/sudoers.d
to remove any unmanaged files. As this is some behavior of the puppet file type, it's not related to permissions (as new files are created and owned by root
) or any validation command (this will only affect new or changed files).
Either those files are managed by puppet or purge_ignore
is set and those files are matching and are therefore not removed (not sure if they will show up during an agent run with --debug
).
Another idea: maybe something else is creating those files between agent runs?
from puppet-sudo.
Files under puppet control aren't supposed to be purged, since puppet is managing them. Only non-managed files should be purged.
from puppet-sudo.
Yes, I'm seeing files not under Puppet control that are not being purged. Some are being purged. Some are not.
from puppet-sudo.
You might be able to tell why if you run puppet with --debug
.
from puppet-sudo.
@bpadgett505 can you show us some file names?
from puppet-sudo.
Hiya,
Here is an example. The files with a puppet-bak are not under puppet control but they are being handled.
115_sierra_romeo_foxtrot is being ignored by puppet and is not defined in my code.
I found at least three or four names last Friday that were being ignored.
Thanks for taking a look at my issue.
Here is a puppet debug run where I grep -i for sudo:
from puppet-sudo.
I think it's probably failing because of bad permissions. Should be 0600
or 0660
, otherwise the visudo -c
fails.
from puppet-sudo.
Are you sure, those files are not managed by puppet? It might be possible, that there's neither sudo nor a part of the file name in the title, which won't therefore be matched by grep.
What happens if you're manually removing such a file and run puppet right after?
Which parameters are you setting?
from puppet-sudo.
@bpadgett505 If you could also provide what your are feeding into your puppetcode, whether that be the relevant hiera entries or .pp files. That would be awesome. Would help immensely with debugging.
From what I can read out of your debug-logs etc, these 3 files are not touched by puppet.
-rw-r--r-- 1 root root 0 Oct 7 12:24 103_trout_fishing_rules.puppet-bak
-rw-r--r-- 1 root root 0 Oct 7 12:22 104_windows_sucks.puppet-bak
-rw-r--r-- 1 root root 0 Oct 7 12:27 115_sierra_romeo_foxtrot
As kenyon noted, the common denominator seems to be the file permissions. So I would like to know where they are from (manually placed, placed by something in your puppetcode or something else entirely)
PS: it seems these files are empty? maybe thats causing some misbehaviour?
from puppet-sudo.
@bpadgett505 As there's no response for a longer time and nobody else reports this behavior, I'll close the issue. If you think it's still a valid issue, please let me know.
from puppet-sudo.
Related Issues (20)
- Facter error on Windows HOT 3
- Module fails with resolving custom fact "sudoversion" HOT 3
- Group names with space HOT 6
- Dependency pinning resolves version 4.1.0 with new stdlib version 7.0.0 HOT 2
- update ::sudoversion to facts hash HOT 3
- Release 6.0.1? HOT 1
- Bump required stdlib version to <8.0.0 HOT 1
- sudo::content parameter is poorly named HOT 2
- Puppetlabs stdlib 8.x.x support
- wheel_config defaulting to 'absent' is undesirable, change to 'password' HOT 3
- 'versioncmp' parameter 'a' expects a String value, got Undef HOT 7
- Add ability to set passprompt or not mange main config file/package HOT 3
- Upgrade to Hiera 5 HOT 2
- Publish new version to forge
- sudo::purge_ignore: '*[!_puppet]' erase more then *_puppet HOT 1
- stdlib 9.x.x compat HOT 1
- secure_path in params.pp set to incorrect defaults for recent Redhat releases HOT 1
- I can't get sudo:defaults to work with hiera
- Version 8 on the forge does include the RHEL9 template
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-sudo.