Puppet: System Administration Automated

Support

Ticket #508 (closed defect: fixed)

Opened 2 years ago

Last modified 1 year ago

Remote Files that update existing files have wrong ownership and group attributes

Reported by: puppet Assigned to: luke
Priority: normal Milestone:
Component: library Version: 0.22.1
Severity: major Keywords: regression ownership file
Cc: portman@goshen.edu Triage Stage:
Attached Patches: Complexity:

Description

This regression only seems to happen when a file is _replaced_, if the file does not exist on the client it will be created with the correct ownership and group.

A remote file is pulled over on the first pass if the content changes, but it's ownership and group seem to be what they were in the filestore, not as specified in the config. This is all corrected by the second run of the puppet service.

My definitions: 

define remotefile($source, $owner = root, $group = root, $mode = 440, $recurse = true, $backup = main, $replace = true ) {                                                       
   file { $name:                                                                                                                                                                 
      source => "$puppetserver/files/$source",                                                                                                                   
      backup => $backup,                                                                                                                                                         
      owner => $owner,                                                                                                                                                           
      group => $group,                                                                                                                                                           
      mode => $mode,                                                                                                                                                             
      recurse => $recurse,                                                                                                                                                       
      replace => $replace                                                                                                                                                        
   }                                                                                                                                                                             
}

...snip... 

remotefile { "/etc/nagios/nrpe.cfg" :                                                                                                                                         
      source => "modules/nagios-nrpe/nrpe.cfg",                                                                                                                                  
      mode => 640,                                                                                                                                                               
      owner => root,                                                                                                                                                             
      group => nagios,                                                                                                                                                           
      require => Package["nagios-nrpe"] }

...snip... 

puppeteer manifests # ls -l ./files/modules/nagios-nrpe/nrpe.cfg 
-rw-r----- 1 root puppet 6479 Feb 14 16:15 ./files/modules/nagios-nrpe/nrpe.cfg

puppeteer manifests # ls -l /etc/nagios/nrpe.cfg 
-rw-r----- 1 root nagios 6479 Feb 16 09:18 /etc/nagios/nrpe.cfg

puppeteer manifests # echo "junk" >> /etc/nagios/nrpe.cfg

puppeteer manifests # ls -l /etc/nagios/nrpe.cfg 
-rw-r----- 1 root nagios 6484 Feb 16 09:18 /etc/nagios/nrpe.cfg

puppeteer manifests # puppetd --server puppeteer.goshen.edu --test --tags nagios-nrpe --verbose
notice: Ignoring --listen on onetime run
info: Config is up to date
notice: Starting configuration run
notice: //base-menno/puppeteer/nagios-nrpe/remotefile[/etc/nagios/nrpe.cfg]/File[/etc/nagios/nrpe.cfg]/checksum: checksum changed '{md5}88796d0b27f1496696fbc20732b4ced2' to '{md5}88be36ec13ae5270cee3cfc029d3d4f9'
info: //base-menno/puppeteer/nagios-nrpe/remotefile[/etc/nagios/nrpe.cfg]/File[/etc/nagios/nrpe.cfg]: Filebucketed to main with sum 88be36ec13ae5270cee3cfc029d3d4f9
notice: //base-menno/puppeteer/nagios-nrpe/remotefile[/etc/nagios/nrpe.cfg]/File[/etc/nagios/nrpe.cfg]/source: replacing from source puppet://puppeteer.goshen.edu/files/modules/nagios-nrpe/nrpe.cfg
info: //base-menno/puppeteer/nagios-nrpe/remotefile[/etc/nagios/nrpe.cfg]/File[/etc/nagios/nrpe.cfg]: Scheduling refresh of Service[nrpe]
info: //base-menno/puppeteer/nagios-nrpe/remotefile[/etc/nagios/nrpe.cfg]/File[/etc/nagios/nrpe.cfg]: Scheduling refresh of Service[nrpe]
notice: //base-menno/puppeteer/nagios-nrpe/Service[nrpe]: Triggering 'refresh' from 2 dependencies
err: //base-menno/puppeteer/nagios-nrpe/Service[nrpe]: Failed to call refresh on Service[nrpe]: Could not restart Service[nrpe]

puppeteer manifests # ls -l /etc/nagios/nrpe.cfg 
-rw-r----- 1 root puppet 6479 Feb 16 09:19 /etc/nagios/nrpe.cfg

Note the group change. It is corrected on the next run of puppet.

Again, this does not happen with files that are new on the client in my experience, but it does happen with files that have changed on the client.

Attachments

puppet-source.patch (0.6 kB) - added by luke on 02/16/07 16:47:24.
Patch written by Jon Nangle

Change History

02/16/07 16:47:24 changed by luke

  • attachment puppet-source.patch added.

Patch written by Jon Nangle

02/16/07 16:48:14 changed by luke

  • status changed from new to assigned.

The patch mostly just copies code from 'ensure' to check the properties after the file is copied. A more general solution needs to be created, though, because "content" will have the same problem.

02/22/07 13:05:22 changed by luke

  • status changed from assigned to closed.
  • resolution set to fixed.

Fixed in [2219]. Note that I didn't exactly use the patch; instead I created a separate method and made sure it gets called whenever a file or directory gets created or changed.

04/04/07 00:41:05 changed by

  • milestone deleted.

Milestone minor deleted