Monday, 2010-02-15

« Sunday, 2010-02-14 Index Tuesday, 2010-02-16 »
[2010/02/15 00:12:58] @ Log started by gepetto
[2010/02/15 00:12:58] @ bodepd joined channel #puppet
[2010/02/15 00:15:55] <noradific> i was thinking I should learn puppet or fall behind with how sysadmin work is .... but OTOH -- CFEngine has been around a long time, and still a lot of smaller shops don't bother with that
[2010/02/15 00:16:38] <noradific> or i guess it really depends on how big the shop is - if you have enough servers you have to turn to some sort of config mangaement system or go crazy
[2010/02/15 00:17:30] <asenchi> honestly, i manage 400+ productions servers currently, and after using puppet in that configuration I couldn't imagine not using it on even my 2 personal servers
[2010/02/15 00:17:33] <asenchi> i use it everywhere now
[2010/02/15 00:17:53] <asenchi> puppet /path/to/file.pp is a very useful tool for getting configurations done w/o having a central puppetmaster, etc
[2010/02/15 00:18:00] @ Quit: mizzy: Ping timeout: 272 seconds
[2010/02/15 00:33:43] @ mizzy joined channel #puppet
[2010/02/15 00:36:08] <noradific> is there something like this out there - auto change the local root password, and email the new password gpg encrypted to the sysadmin?
[2010/02/15 00:40:19] <asenchi> that's way to dangerous to automate imo
[2010/02/15 00:46:29] <noradific> could be -- do you know anyone that actually rotates local root passwords every so often (3-6 months)? last few jobs I've been in, it hasn't been that way.
[2010/02/15 00:48:30] <proton> I don't know if there's much point doing that if you just use silly hard to guess passwords unique per machine to start with
[2010/02/15 00:48:41] <proton> and never actually use the password, use sudo etc
[2010/02/15 00:53:58] <noradific> we auth to ldap and disable root logins via ssh. so the stuff at the colo we'd only need root for offline troubleshooting or during install
[2010/02/15 00:54:16] @ blahdeblah joined channel #puppet
[2010/02/15 01:03:51] @ RageLink joined channel #puppet
[2010/02/15 01:05:23] @ OpenMedia left channel #puppet ()
[2010/02/15 01:08:10] @ ckauhaus joined channel #puppet
[2010/02/15 01:10:18] <noradific> i guess I can partly merge puppet into my kickstart file with a " puppet /path/to/file.pp" a the end
[2010/02/15 01:18:17] @ Quit: rcrowley: Quit: rcrowley
[2010/02/15 01:22:17] @ Quit: bodepd: Quit: bodepd
[2010/02/15 01:27:43] @ bodepd joined channel #puppet
[2010/02/15 01:40:28] @ Quit: nigelk: Quit: nigelk
[2010/02/15 01:44:03] @ suchu joined channel #puppet
[2010/02/15 01:44:06] @ Quit: ckauhaus: Ping timeout: 258 seconds
[2010/02/15 01:48:57] @ Quit: jcape: Ping timeout: 260 seconds
[2010/02/15 01:53:18] @ nigelk joined channel #puppet
[2010/02/15 01:59:16] @ Quit: justinfreeman: Ping timeout: 252 seconds
[2010/02/15 02:11:32] @ Quit: Djelibeybi: Quit: Leaving
[2010/02/15 02:13:32] @ skiold joined channel #puppet
[2010/02/15 02:13:37] @ Demosthenes joined channel #puppet
[2010/02/15 02:15:55] @ rdtsc left channel #puppet ("No matter how dark the night, somehow the Sun rises once again")
[2010/02/15 02:20:51] @ ckauhaus joined channel #puppet
[2010/02/15 02:20:59] @ bodepd left channel #puppet ()
[2010/02/15 02:21:29] @ Quit: Bass10: Ping timeout: 240 seconds
[2010/02/15 02:22:28] @ mfournier joined channel #puppet
[2010/02/15 02:33:54] @ Quit: giskard: Remote host closed the connection
[2010/02/15 02:36:25] @ Quit: mfournier: Ping timeout: 264 seconds
[2010/02/15 02:36:52] @ Robbie_ joined channel #puppet
[2010/02/15 02:36:52] @ mattwynne joined channel #puppet
[2010/02/15 02:37:59] @ choc joined channel #puppet
[2010/02/15 02:38:07] @ mfournier joined channel #puppet
[2010/02/15 02:39:06] @ pacalm joined channel #puppet
[2010/02/15 02:42:37] @ Quit: ckauhaus: Quit: Leaving.
[2010/02/15 02:45:00] @ lucky__ joined channel #puppet
[2010/02/15 02:54:40] @ ohadlevy joined channel #puppet
[2010/02/15 03:02:29] @ alban21 joined channel #puppet
[2010/02/15 03:02:41] @ Quit: alban2: Ping timeout: 245 seconds
[2010/02/15 03:04:03] @ Ramonster joined channel #puppet
[2010/02/15 03:06:47] @ Quit: pugnacity: Remote host closed the connection
[2010/02/15 03:06:57] @ pugnacity joined channel #puppet
[2010/02/15 03:12:56] @ Quit: mattwynne: Remote host closed the connection
[2010/02/15 03:13:31] @ yarihm joined channel #puppet
[2010/02/15 03:19:03] @ ckauhaus joined channel #puppet
[2010/02/15 03:19:04] @ Quit: masterzen: Quit: Au revoir!
[2010/02/15 03:23:09] @ giskard joined channel #puppet
[2010/02/15 03:27:05] @ Quit: Robbie_: Remote host closed the connection
[2010/02/15 03:29:27] @ xerxas left channel #puppet ()
[2010/02/15 03:30:58] @ masterzen joined channel #puppet
[2010/02/15 03:31:26] @ MattyM joined channel #puppet
[2010/02/15 03:36:50] @ alban21 is now known as alban2
[2010/02/15 03:48:38] @ Quit: nigelk: Quit: nigelk
[2010/02/15 03:51:00] <telmich> good morning
[2010/02/15 03:51:09] @ Quit: raphink: Remote host closed the connection
[2010/02/15 03:51:16] <telmich> I installed puppet via AUR on arch and trying to run it resolves in
[2010/02/15 03:51:16] <telmich> [9:51] ikn:puppet# puppetd --server master.ethz.ch --ca_port 8141
[2010/02/15 03:51:16] <telmich> Could not autoload file: constant Puppet::Type::File not defined
[2010/02/15 03:51:31] <telmich> any hint on what I did wrong?
[2010/02/15 03:54:43] @ verwilst joined channel #puppet
[2010/02/15 03:58:01] @ danielbln joined channel #puppet
[2010/02/15 03:58:34] @ gebi joined channel #puppet
[2010/02/15 04:13:45] @ Quit: yarihm: Quit: This computer has gone to sleep
[2010/02/15 04:13:57] @ kolla joined channel #puppet
[2010/02/15 04:16:18] @ Quit: cmoates: Ping timeout: 248 seconds
[2010/02/15 04:22:09] @ suchu_ joined channel #puppet
[2010/02/15 04:22:20] @ Quit: suchu: Read error: Connection reset by peer
[2010/02/15 04:22:42] @ Quit: mizzy: Ping timeout: 240 seconds
[2010/02/15 04:23:45] @ yarihm joined channel #puppet
[2010/02/15 04:24:50] @ Quit: suchu_: Client Quit
[2010/02/15 04:25:26] @ Robbie joined channel #puppet
[2010/02/15 04:25:54] @ Robbie is now known as Guest13908
[2010/02/15 04:25:57] @ Quit: verwilst: Ping timeout: 276 seconds
[2010/02/15 04:26:21] @ cmoates joined channel #puppet
[2010/02/15 04:33:14] @ maxagaz_ joined channel #puppet
[2010/02/15 04:34:31] @ JD_ joined channel #puppet
[2010/02/15 04:35:26] @ mizzy joined channel #puppet
[2010/02/15 04:35:59] @ suchu joined channel #puppet
[2010/02/15 04:37:09] @ Quit: suchu: Client Quit
[2010/02/15 04:37:18] @ suchu joined channel #puppet
[2010/02/15 04:37:25] @ verwilst joined channel #puppet
[2010/02/15 04:37:26] @ jab_doa joined channel #puppet
[2010/02/15 04:39:06] @ Quit: maxagaz_: Quit: Ex-Chat
[2010/02/15 04:41:59] @ Djelibeybi joined channel #puppet
[2010/02/15 04:44:15] @ raphink joined channel #puppet
[2010/02/15 04:46:23] @ mattwynne joined channel #puppet
[2010/02/15 04:47:27] @ cynicismic joined channel #puppet
[2010/02/15 04:55:46] @ Quit: ohadlevy: Ping timeout: 248 seconds
[2010/02/15 04:55:46] @ masterzen_ joined channel #puppet
[2010/02/15 04:58:06] @ Quit: masterzen: Quit: Leaving
[2010/02/15 05:00:08] @ Quit: gebi: Ping timeout: 256 seconds
[2010/02/15 05:03:33] @ peace-keeper joined channel #puppet
[2010/02/15 05:15:02] @ Quit: Djelibeybi: Quit: Leaving
[2010/02/15 05:21:01] @ mikepea joined channel #puppet
[2010/02/15 05:27:02] @ Quit: Ramonster: Quit: Get MacIrssi - http://www.sysctl.co.uk/projects/macirssi/
[2010/02/15 05:27:53] @ Quit: peace-keeper: Quit: One has to look out for engineers they begin with sewing machines and end up with the atomic bomb.
[2010/02/15 05:27:55] @ Roksteady joined channel #puppet
[2010/02/15 05:30:16] @ Welsh_Dwarf joined channel #puppet
[2010/02/15 05:33:24] @ mvn071 joined channel #puppet
[2010/02/15 05:37:42] @ Ramonster joined channel #puppet
[2010/02/15 05:41:08] @ m1nish joined channel #puppet
[2010/02/15 05:54:31] <tim|imac> hm... did something change with the search function? it doesn't seem to be working anymore from within a defined type...
[2010/02/15 05:57:13] @ Quit: mattwynne: Remote host closed the connection
[2010/02/15 05:57:36] @ Quit: biertie: Remote host closed the connection
[2010/02/15 06:01:51] <stephbul> Hello, I've been using puppet for a while with simple (and short) template files. Since a few days, I introduced large templates and I have a warning (wihcih should be an error) saying "warning: Configuration could not be translated from yaml; using cached catalog"
[2010/02/15 06:02:48] <stephbul> When I get this warning, my template is not processed. Did you have already face this issue?
[2010/02/15 06:03:21] @ Quit: verwilst: Quit: Ex-Chat
[2010/02/15 06:03:21] @ Robbie_ joined channel #puppet
[2010/02/15 06:03:21] <stephbul> I use 0.24.8 on rhel4.
[2010/02/15 06:04:41] @ Quit: Guest13908: Ping timeout: 260 seconds
[2010/02/15 06:10:23] @ Quit: bug: Quit: bug
[2010/02/15 06:22:50] @ Quit: Jailbait: Ping timeout: 256 seconds
[2010/02/15 06:23:28] @ Jailbait joined channel #puppet
[2010/02/15 06:31:05] @ Quit: barn: Quit: Lost terminal
[2010/02/15 06:31:37] @ benlovell joined channel #puppet
[2010/02/15 06:33:49] @ biertie joined channel #puppet
[2010/02/15 06:34:15] @ Quit: benlovell: Read error: Connection reset by peer
[2010/02/15 06:35:44] @ Quit: artista_frustrad: Ping timeout: 256 seconds
[2010/02/15 06:36:49] @ Quit: hggh: Quit: leaving
[2010/02/15 06:36:54] @ hggh joined channel #puppet
[2010/02/15 06:40:07] @ gebi joined channel #puppet
[2010/02/15 06:45:40] @ Quit: hggh: Quit: leaving
[2010/02/15 06:45:44] @ hggh joined channel #puppet
[2010/02/15 06:47:46] @ artista_frustrad joined channel #puppet
[2010/02/15 06:49:56] @ Quit: Robbie_: Quit: Leaving...
[2010/02/15 07:00:04] @ jcape joined channel #puppet
[2010/02/15 07:04:04] @ Quit: Demosthenes: Quit: leaving
[2010/02/15 07:05:22] @ Robbie_ joined channel #puppet
[2010/02/15 07:11:42] @ Quit: alexine_dsouza: Read error: Connection reset by peer
[2010/02/15 07:38:41] @ Quit: ckauhaus: Quit: Leaving.
[2010/02/15 07:38:58] @ ckauhaus joined channel #puppet
[2010/02/15 07:44:08] @ Quit: yarihm: Quit: This computer has gone to sleep
[2010/02/15 07:46:26] @ xerxas joined channel #puppet
[2010/02/15 07:46:39] <xerxas> Hi all !
[2010/02/15 07:46:46] <xerxas> In a template I would like to:
[2010/02/15 07:47:09] <xerxas> sth like this:
[2010/02/15 07:47:45] <xerxas> ucarp-vip 10.0.0.<% ipaddress.split(".").last + 20 %>
[2010/02/15 07:47:56] <xerxas> it doesn't work
[2010/02/15 07:48:20] <xerxas> this : <%= ipaddress.split(".").last %> doesn't either
[2010/02/15 07:49:57] <xerxas> ahh
[2010/02/15 07:50:05] <xerxas> it does work indeed, sorry guys ...
[2010/02/15 08:02:49] @ yarihm joined channel #puppet
[2010/02/15 08:09:36] @ fzzzt joined channel #puppet
[2010/02/15 08:21:47] <tim|imac> if using qualified variables to access variables from another class, do i manually have to make sure the other class is evaluated before the current one (with a require on the class) or is that done automagically by puppet?
[2010/02/15 08:24:41] <Volcane> manually afaik
[2010/02/15 08:25:54] @ Quit: mvn071: Quit: Leaving
[2010/02/15 08:26:17] <tim|imac> ah hm
[2010/02/15 08:29:01] @ bug joined channel #puppet
[2010/02/15 08:33:03] @ Quit: bug: Client Quit
[2010/02/15 08:33:27] @ Quit: masterzen_: Quit: Au revoir!
[2010/02/15 08:33:46] @ masterzen joined channel #puppet
[2010/02/15 08:38:01] @ RSpacePope joined channel #puppet
[2010/02/15 08:38:14] <tim|imac> hm... yet another question (can you notice I'm doing a heavy puppet module rewrite here?)... does anyone have a solution to allow something like ${ipaddress_$interface} ?
[2010/02/15 08:39:32] <robinbowes> In a manifest?
[2010/02/15 08:39:36] <tim|imac> yeah
[2010/02/15 08:40:09] * tim|imac thinks it should be possible with an inline template, since i think ruby supports something like it
[2010/02/15 08:40:26] <robinbowes> So, you have two vars and want to combine to make one string?
[2010/02/15 08:40:56] <robinbowes> "$var1$var2" ?
[2010/02/15 08:42:14] <robinbowes> Or even: "${var1}_${var2}"
[2010/02/15 08:42:26] <tim|imac> no, i have a variable $ipaddress_eth0 and $ipaddress_eth1 etc. and I want to assign the content of the ipaddress of $interface to a new variable
[2010/02/15 08:42:54] @ Quit: jcape: Read error: Operation timed out
[2010/02/15 08:42:55] <masterzen> unfortunately this isn't possible directly
[2010/02/15 08:43:04] <robinbowes> Ah, gotcha
[2010/02/15 08:43:07] <masterzen> try with a selector or an if on ${var2}
[2010/02/15 08:43:26] <masterzen> it will certainly be possible in Rowlf
[2010/02/15 08:43:36] <tim|imac> that only works if I know the possible interfaces up front :/
[2010/02/15 08:43:46] <tim|imac> but an inline template should work, I think
[2010/02/15 08:43:52] * tim|imac searches for the correct ruby syntax
[2010/02/15 08:47:14] <robinbowes> Is it possible to only apply a specific class on a client run?
[2010/02/15 08:47:29] <robinbowes> ie puppetd --test --class just::this::one
[2010/02/15 08:47:36] <tim|imac> robinbowes: yes, add --tags=classname
[2010/02/15 08:47:41] <masterzen> robinbowes: --tags this::one
[2010/02/15 08:47:45] <robinbowes> tags - that's the one!
[2010/02/15 08:47:49] <tim|imac> afaik everything gets tagged with the classname by default
[2010/02/15 08:48:20] <masterzen> yes, everything is tagged with the node, and the current class name (and all the classes in between)
[2010/02/15 08:49:04] <robinbowes> Thos man pages need work
[2010/02/15 08:49:09] <robinbowes> Those man pages need work
[2010/02/15 08:49:26] <robinbowes> Also "No help available unless you have RDoc::usage installed" is not helpful!
[2010/02/15 08:55:07] @ Quit: kolla: Remote host closed the connection
[2010/02/15 08:55:46] @ ahasenack joined channel #puppet
[2010/02/15 08:56:03] @ andreas__ joined channel #puppet
[2010/02/15 08:56:25] @ Quit: ahasenack: Client Quit
[2010/02/15 08:56:25] @ Quit: andreas__: Read error: Connection reset by peer
[2010/02/15 08:56:33] @ ahasenack joined channel #puppet
[2010/02/15 08:59:05] <tim|imac> awsome, inline_template("<%= ipaddress_${interface} %>") works like a charm
[2010/02/15 09:00:07] @ verwilst joined channel #puppet
[2010/02/15 09:00:09] @ Quit: Robbie_: Remote host closed the connection
[2010/02/15 09:00:32] @ Robbie_ joined channel #puppet
[2010/02/15 09:03:38] @ Quit: cmoates: Ping timeout: 256 seconds
[2010/02/15 09:04:40] @ cmoates joined channel #puppet
[2010/02/15 09:05:31] @ malraid joined channel #puppet
[2010/02/15 09:07:56] @ jcape joined channel #puppet
[2010/02/15 09:09:48] @ Quit: elementai: Quit: Lost terminal
[2010/02/15 09:11:37] @ markwell joined channel #puppet
[2010/02/15 09:14:22] @ elasticdog joined channel #puppet
[2010/02/15 09:21:31] @ TREllis joined channel #puppet
[2010/02/15 09:22:33] @ Bass10 joined channel #puppet
[2010/02/15 09:26:54] <gepetto> ::trac:: Puppet Version Control edited @ http://reductivelabs.com/trac/puppet/wiki/PuppetVersionControl?version=15
[2010/02/15 09:33:46] @ nigelk joined channel #puppet
[2010/02/15 09:34:11] @ Quit: doubleukay: Ping timeout: 246 seconds
[2010/02/15 09:35:28] @ doubleukay joined channel #puppet
[2010/02/15 09:35:56] @ Quit: cmoates: Ping timeout: 256 seconds
[2010/02/15 09:37:05] @ zz_RedPepper is now known as RedPepper
[2010/02/15 09:38:42] @ brd joined channel #puppet
[2010/02/15 09:40:01] @ bobbyz joined channel #puppet
[2010/02/15 09:40:55] @ cmoates joined channel #puppet
[2010/02/15 09:41:33] <stephbul> hi all,
[2010/02/15 09:41:37] <stephbul> 12:01 < stephbul> Hello, I've been using puppet for a while with simple (and short) template files. Since a few days, I introduced large templates and I have a warning (wihcih should be an error) saying "warning: Configuration could not be translated from yaml; using cached catalog"
[2010/02/15 09:41:42] <stephbul> 12:02 < stephbul> When I get this warning, my template is not processed. Did you have already face this issue?
[2010/02/15 09:42:00] @ ckrough joined channel #puppet
[2010/02/15 09:43:00] <Volcane> sounds like your template is outputing some weird character or non string or something
[2010/02/15 09:43:32] @ Quit: m1nish: Quit: Leaving
[2010/02/15 09:43:38] @ inveratulo joined channel #puppet
[2010/02/15 09:43:43] <ckrough> are my custom functions available in the init.pp of a module? I cant seem to access a variable that gets set in a function
[2010/02/15 09:43:48] @ Quit: doubleukay: Ping timeout: 276 seconds
[2010/02/15 09:46:29] <Volcane> ckrough: functions are available everywhere - maybe pastie.org your code and errors
[2010/02/15 09:46:59] <ckrough> thanks, no specific error, just unexpected behavior. I'll find it, just wanted to make sure I was barking up the right tree
[2010/02/15 09:47:28] @ bug joined channel #puppet
[2010/02/15 09:49:24] <ckrough> this is always defaulting to false, even thought $geo resolves to 'ord' for a template in the same module. http://pastebin.com/d70fcbe4
[2010/02/15 09:49:42] <ckrough> nm...
[2010/02/15 09:49:45] <ckrough> I see what I did
[2010/02/15 09:50:32] <ckrough> ensure != enable :)
[2010/02/15 09:50:38] @ mvn071 joined channel #puppet
[2010/02/15 09:50:39] <Volcane> hehe
[2010/02/15 09:51:32] <stephbul> Volcane: no, it is only text. The only way to make it works is to reduce template size file. I can not figure out why.
[2010/02/15 09:52:18] @ pheezy joined channel #puppet
[2010/02/15 09:52:38] <Volcane> stephbul: how big is the template output? I do recall an old bug related to template size
[2010/02/15 09:52:42] <Volcane> stephbul: and what puppet version?
[2010/02/15 09:52:58] <stephbul> 0.24.8 on rhel 4
[2010/02/15 09:53:43] <stephbul> template size is arounk 6k
[2010/02/15 09:53:46] <Volcane> hmm, did think the bug predates 0.24.8 but maybe i am wrong
[2010/02/15 09:53:55] <Volcane> search on projects.reductivelabs.com see if its known
[2010/02/15 09:54:04] <masterzen> there are platforms where yaml is broken...
[2010/02/15 09:54:12] <masterzen> not sure rhel 4 is one of them
[2010/02/15 09:54:13] <Volcane> yeah rhel 4 with ruby 1.8.1 :P
[2010/02/15 09:54:38] <stephbul> masterzen: what do you mean by "yaml is broken" ?
[2010/02/15 09:55:09] <masterzen> stephbul: producing unparseable yaml, or crashing with a segfault. choose your poison
[2010/02/15 09:55:37] <masterzen> stephbul: I remember doing a patch to fix up invalid yaml, not sure if it was for 0.24.8 or 0.25...
[2010/02/15 09:57:37] @ kaptk2 joined channel #puppet
[2010/02/15 09:58:00] <inveratulo> Do you guys know of a good resource comparing/contrasting puppet vs. cfengine? I am trying to make a business decision and need the options layed out in a clear and concise manner.
[2010/02/15 09:58:11] <stephbul> masterzen: you made a patch for client side?
[2010/02/15 09:58:46] @ Quit: ckauhaus: Quit: Leaving.
[2010/02/15 09:58:56] <masterzen> stephbul: actually it was server side. But your problem might not be this one. Let me check what it was.
[2010/02/15 09:59:04] <Volcane> inveratulo: i dont think a good unbiased side by side comparison exist at the moment - puppet wiki has one but i'd say its not unbiased :)
[2010/02/15 09:59:53] <inveratulo> Volcane: unbiased isn't neccessarily bad. I'm fighting an ideological war here :-P I'll check the wiki
[2010/02/15 10:01:10] <Volcane> inveratulo: i found a) puppet has a bigger more active community that covers more industries b) puppet is more program like c) puppet allows you to model more complex setups easier d) puppet makes it easier on hetrogenous environments e) easier to extend
[2010/02/15 10:01:28] <xerxas> anyone adding repositories, using apt-add key … with puppet ?
[2010/02/15 10:01:32] <xerxas> apt-get update ?
[2010/02/15 10:01:54] <masterzen> stephbul: #2218
[2010/02/15 10:01:55] <gepetto> masterzen: stephbul: #2218 is http://projects.reductivelabs.com/issues/show/2218 "Puppet - Bug #2218: Ruby YAML bug prevents catalog to be properly reloaded by puppetd - ReductiveLabs.com"
[2010/02/15 10:01:59] <xerxas> just to confirm, all these commands must be issued with refreshonly and notify, right ?
[2010/02/15 10:02:09] <masterzen> xerxas: I do :-)
[2010/02/15 10:02:32] <xerxas> masterzen: Hi !
[2010/02/15 10:02:51] <masterzen> xerxas: hello :-P
[2010/02/15 10:02:52] <xerxas> so you run apt-get update which is supposed to be call from a notify ?
[2010/02/15 10:03:08] <xerxas> and apt-get update has refreshonly => true
[2010/02/15 10:03:10] <xerxas> ?
[2010/02/15 10:03:17] <masterzen> xerxas: checking
[2010/02/15 10:04:30] @ Quit: yarihm: Quit: This computer has gone to sleep
[2010/02/15 10:04:37] <masterzen> xerxas: my apt-update subscribe to all the apt config files. including all the apt-key I have. there is an apt-key exec that does the apt key stuff.
[2010/02/15 10:04:42] @ Quit: bug: Quit: bug
[2010/02/15 10:04:48] @ bug joined channel #puppet
[2010/02/15 10:05:37] <stephbul> masterzen: gepetto : thx, it looks like it might be my pb.
[2010/02/15 10:06:18] <xerxas> gepetto is a bot ;)
[2010/02/15 10:06:25] <xerxas> (right ? )
[2010/02/15 10:06:38] @ barn joined channel #puppet
[2010/02/15 10:06:43] <xerxas> anyway, why not thank a bot ;)
[2010/02/15 10:06:55] <stephbul> if it is, it is a nice bot!
[2010/02/15 10:07:04] <stephbul> ;)
[2010/02/15 10:07:09] <xerxas> deployed with puppet ? ;)
[2010/02/15 10:07:32] <xerxas> masterzen: thanks, thinking about it
[2010/02/15 10:09:51] @ shenson joined channel #puppet
[2010/02/15 10:12:42] <xerxas> masterzen: so you're using only one apt-get update ?
[2010/02/15 10:13:11] <masterzen> xerxas: yes
[2010/02/15 10:13:24] <xerxas> resources can be callable through other module ?
[2010/02/15 10:13:45] <xerxas> I mean a resource delcared in a module can be called from another module ?
[2010/02/15 10:14:05] <xerxas> just by it's name ?
[2010/02/15 10:14:09] <xerxas> its
[2010/02/15 10:14:31] <masterzen> correct
[2010/02/15 10:14:45] <masterzen> like this: File["/etc/apt/apt.conf"]
[2010/02/15 10:15:07] <xerxas> ok
[2010/02/15 10:15:20] <xerxas> no class prefix ?
[2010/02/15 10:15:27] <xerxas> no namespace ...
[2010/02/15 10:15:32] <xerxas> seems strange to me , but why not ;)
[2010/02/15 10:15:57] <Volcane> since there's only ever one instance of a resource the namespace would be redundant so you can just reference it direct
[2010/02/15 10:16:03] <xerxas> ok
[2010/02/15 10:16:24] <xerxas> I didn't knew that a resource name can be unique ...
[2010/02/15 10:16:35] <Volcane> *has* to be unique :)
[2010/02/15 10:16:57] <xerxas> oops
[2010/02/15 10:17:00] <xerxas> right ;)
[2010/02/15 10:20:49] @ lucky___ joined channel #puppet
[2010/02/15 10:22:26] @ ckauhaus joined channel #puppet
[2010/02/15 10:23:31] @ Quit: lucky__: Ping timeout: 245 seconds
[2010/02/15 10:24:50] @ warreng joined channel #puppet
[2010/02/15 10:27:25] <inveratulo> So does anyone have any insight on why Ruby was chosen as a core language?
[2010/02/15 10:28:22] <Volcane> it's easy, strongly object orientated, has a lot of features that makes it very good for writing DSLs
[2010/02/15 10:28:23] <danielbln> lack of cobol programmers I guess
[2010/02/15 10:28:43] <Volcane> and luke doesnt like python :)
[2010/02/15 10:29:04] <inveratulo> heh
[2010/02/15 10:29:09] <nasrat> inveratulo: luke talks about this in his puppetcamp talk
[2010/02/15 10:29:50] @ brothers joined channel #puppet
[2010/02/15 10:30:28] <tim|imac> python makes his eyes bleed :(
[2010/02/15 10:30:47] <inveratulo> my loyalties are with Python
[2010/02/15 10:31:00] @ eshamow joined channel #puppet
[2010/02/15 10:31:09] <nasrat> http://coursestream.sfsu.edu/ess/echo/presentation/37cfb197-bb66-4e09-8733-b2cb0385ac34
[2010/02/15 10:31:10] <jb> feel free to re-write it in python :)
[2010/02/15 10:32:19] <inveratulo> hehe, I would but I suspect my employers would grow angry about 2 months in when I haven't done anything else :-P
[2010/02/15 10:32:31] @ Quit: lucky___: Quit: Leaving...
[2010/02/15 10:32:36] <tim|imac> just 2 months? you're very optimistic :)
[2010/02/15 10:32:48] <jb> yeah, i doubt thats possible :P
[2010/02/15 10:33:13] <inveratulo> oh don't mistake that as me saying i could do it in 2 months, just two months *IN* is when eyebrows would raise
[2010/02/15 10:33:25] <tim|imac> i mean, that it would take 2 months for your boss to get angry :)
[2010/02/15 10:35:23] <inveratulo> at least you can call methods on string literals like you can in Python, that's often useful
[2010/02/15 10:35:39] @ brd left channel #puppet ()
[2010/02/15 10:38:02] @ Quit: suchu: Quit: ChatZilla 0.9.86 [Firefox 3.5.7/20091221164558]
[2010/02/15 10:39:17] @ j00bar joined channel #puppet
[2010/02/15 10:39:23] @ Quit: j00bar: Changing host
[2010/02/15 10:39:23] @ j00bar joined channel #puppet
[2010/02/15 10:39:27] <j00bar> gr33tz
[2010/02/15 10:39:54] <j00bar> what are my options for dns records so my puppetmaster can be found by clients?
[2010/02/15 10:40:19] <j00bar> i'm told i can make an A record puppet.mydomain.com, but are there other options? SRV records for example?
[2010/02/15 10:40:25] <agaffney> A and CNAME records :P
[2010/02/15 10:40:35] <j00bar> also, where does it pull the domain from that it's looking up? default search domain?
[2010/02/15 10:41:03] <agaffney> by default, the puppet client will look for "puppet". the DNS resolving library will likely automatically append the default search suffix as well
[2010/02/15 10:41:10] <j00bar> bueno. gracias.
[2010/02/15 10:41:19] <agaffney> you can override it completely by putting 'server = foo.bar.baz' in puppet.conf
[2010/02/15 10:41:32] <agaffney> or with --server foo.bar.baz
[2010/02/15 10:41:36] <RedPepper> j00bar you can also add an /etc/hosts entry
[2010/02/15 10:41:47] <RedPepper> like x.x.x.x puppet
[2010/02/15 10:42:04] <j00bar> dns is fine
[2010/02/15 10:42:19] <j00bar> the CNAME will work great.
[2010/02/15 10:42:24] <tim|imac> AAAA records work too
[2010/02/15 10:42:59] <tim|imac> hm... I can't create exported resources from a defined type?
[2010/02/15 10:49:02] @ Arrigi left channel #puppet ()
[2010/02/15 10:49:39] @ doubleukay joined channel #puppet
[2010/02/15 10:50:25] @ Quit: vzctl_: Read error: Operation timed out
[2010/02/15 10:50:47] @ vzctl_ joined channel #puppet
[2010/02/15 10:51:52] @ labrown joined channel #puppet
[2010/02/15 10:51:58] @ ccaum joined channel #puppet
[2010/02/15 10:57:40] @ Quit: vzctl_: Ping timeout: 258 seconds
[2010/02/15 10:57:52] @ vzctl_ joined channel #puppet
[2010/02/15 11:01:28] <gepetto> ::trac:: Puppet Version Control edited @ http://reductivelabs.com/trac/puppet/wiki/PuppetVersionControl?version=16
[2010/02/15 11:06:52] @ Quit: ckauhaus: Ping timeout: 258 seconds
[2010/02/15 11:07:52] <j00bar> is there a wiki doc for generating your own ca certs for puppet -- what it expects/requires and such?
[2010/02/15 11:09:04] <j00bar> e.g. should the subject be simply cn=puppet? that seems rather indistinct...
[2010/02/15 11:09:27] @ rcrowley joined channel #puppet
[2010/02/15 11:10:30] @ ckauhaus joined channel #puppet
[2010/02/15 11:12:49] <masterzen> tim|imac: should work out of the box
[2010/02/15 11:13:37] @ Quit: brothers: Remote host closed the connection
[2010/02/15 11:13:48] <tim|imac> masterzen: hm... I'm creating @@nagios_host resources from a define called host_check, but when I collect them using Nagios_host <<| |>>, I get nothing
[2010/02/15 11:14:06] <tim|imac> will look further later, need to go to the shop now, before they close
[2010/02/15 11:14:33] <masterzen> tim|imac: check that they are correctly exported (in the db).
[2010/02/15 11:15:10] <j00bar> masterzen: ooh. just found your certificates and security wiki page.
[2010/02/15 11:15:14] <j00bar> btw, trac search is lame.
[2010/02/15 11:15:16] <j00bar> :-D
[2010/02/15 11:16:04] <masterzen> j00bar: it's not my "page". It just happens I certainly was the last to edit it :-)
[2010/02/15 11:16:34] <j00bar> then the "by masterzen" credit in the trac search is reason #17 why i dislike it.
[2010/02/15 11:16:34] <gepetto> j00bar: #17 is http://projects.reductivelabs.com/issues/show/17 "Puppet - Feature #17: Fix typesettings to be scoped - ReductiveLabs.com"
[2010/02/15 11:16:40] @ Quit: cmoates: Ping timeout: 272 seconds
[2010/02/15 11:16:53] <j00bar> i mean really, who write a search engine that returns raw wiki markup in its snippet?
[2010/02/15 11:18:06] <masterzen> j00bar: I think i'ts because the wiki pages are not written in trac native wiki but in ReST...
[2010/02/15 11:18:54] <j00bar> masterzen: what does the certificate authority's subject need to be to avoid the "hostname does not match with the server certificate" error?
[2010/02/15 11:19:07] <j00bar> i saw this: http://reductivelabs.com/trac/puppet/wiki/RubySSL-2007-006
[2010/02/15 11:19:16] <j00bar> which leads me to believe i need simply cn=puppet
[2010/02/15 11:19:21] <j00bar> which is fail security.
[2010/02/15 11:20:49] <masterzen> j00bar: I have my puppet fqdn in my ca cert.
[2010/02/15 11:21:07] <Volcane> (it gets added by default)
[2010/02/15 11:21:19] <masterzen> j00bar: the problem is not for the ca, it is for the server certificate.
[2010/02/15 11:21:53] <masterzen> j00bar: in which I usually append certdnsnames...
[2010/02/15 11:22:00] <j00bar> masterzen: so puppet.mydomain.com -- as a CN? or broken into DC?
[2010/02/15 11:22:58] <masterzen> j00bar: as a CN.
[2010/02/15 11:23:12] <j00bar> tQ -- will edit subject and try that.
[2010/02/15 11:23:59] <j00bar> does the CA need to be trusted on the client?
[2010/02/15 11:24:14] @ cmoates joined channel #puppet
[2010/02/15 11:24:15] <j00bar> or does it not do CA validation?
[2010/02/15 11:24:35] @ Quit: mvn071: Quit: Leaving
[2010/02/15 11:29:11] <masterzen> j00bar: the client needs to trust the ca. Hence it has a copy of the ca.
[2010/02/15 11:29:36] <fzzzt> Can I use variables in a definition...definition? e.g. define foo($prefix = $title) { ... }
[2010/02/15 11:30:52] <Volcane> not to set defaults no
[2010/02/15 11:33:49] <fzzzt> ok
[2010/02/15 11:33:51] @ boomshankerx joined channel #puppet
[2010/02/15 11:36:53] @ Spruit_elf joined channel #puppet
[2010/02/15 11:40:49] @ Quit: asenchi: Quit: leaving
[2010/02/15 11:41:57] @ asenchi joined channel #puppet
[2010/02/15 11:42:50] @ Quit: nexx: Quit: quit
[2010/02/15 11:44:07] <noradific> for RHEL 4 the highest version of puppet is 0.24.8? so the chose is to make do with that, or build your own RPM? any other options?
[2010/02/15 11:44:29] <noradific> i don't use it just wondering if that is a common thing for people to do
[2010/02/15 11:44:57] <RedPepper> another option is to install puppet through rubygems
[2010/02/15 11:45:25] <RedPepper> then you should get the most up-to-date version
[2010/02/15 11:45:31] <Volcane> the tar files include the rpm specs
[2010/02/15 11:45:40] <Volcane> itw ould be just a matter of building with that spec
[2010/02/15 11:45:58] @ Quit: ckauhaus: Ping timeout: 258 seconds
[2010/02/15 11:48:08] @ nexx joined channel #puppet
[2010/02/15 11:49:43] <nasrat> noradific: tmz builds for later
[2010/02/15 11:49:51] <nasrat> http://tmz.fedorapeople.org/repo/puppet/epel/4/x86_64/
[2010/02/15 11:50:10] <nasrat> repo config http://tmz.fedorapeople.org/repo/puppet/epel/puppet.repo
[2010/02/15 11:50:52] <tmz> Those builds are in epel-testing now as well.
[2010/02/15 11:53:20] @ Quit: eshamow: Quit: eshamow
[2010/02/15 11:53:37] @ eshamow joined channel #puppet
[2010/02/15 11:53:40] @ Quit: TREllis: Quit: leaving
[2010/02/15 11:54:40] @ Quit: cmoates: Ping timeout: 272 seconds
[2010/02/15 11:56:01] @ Quit: danielbln: Quit: Leaving.
[2010/02/15 11:56:03] @ Quit: Ramonster: Quit: leaving
[2010/02/15 11:57:08] @ notbrien joined channel #puppet
[2010/02/15 11:57:15] @ fzzzt left channel #puppet ()
[2010/02/15 11:57:21] @ Quit: verwilst: Quit: Ex-Chat
[2010/02/15 11:59:37] @ TREllis joined channel #puppet
[2010/02/15 12:00:24] @ cmoates joined channel #puppet
[2010/02/15 12:01:09] <j00bar> following the suggestions for http://reductivelabs.com/trac/puppet/wiki/FileServingConfiguration i have for one of my fileserver.conf resources "allow *.mydomain.com" (without the quotes obv)
[2010/02/15 12:01:31] <j00bar> puppetmasterd on startup complains that it's an invalid pattern
[2010/02/15 12:01:31] <gepetto> ::trac:: Puppet Version Control edited @ http://reductivelabs.com/trac/puppet/wiki/PuppetVersionControl?version=17
[2010/02/15 12:02:19] @ Quit: Welsh_Dwarf: Remote host closed the connection
[2010/02/15 12:07:50] @ Quit: skiold: Quit: skiold
[2010/02/15 12:10:42] @ alfism joined channel #puppet
[2010/02/15 12:11:49] <xerxas> anybody using puppet de deploy opennms ?
[2010/02/15 12:11:57] <xerxas> it needs a postgresql configuration
[2010/02/15 12:12:44] @ tonyskapunk joined channel #puppet
[2010/02/15 12:16:03] @ Quit: tonyskapunk: Remote host closed the connection
[2010/02/15 12:16:54] @ tonyskapunk joined channel #puppet
[2010/02/15 12:17:40] @ Quit: pacalm: Quit: pacalm
[2010/02/15 12:18:38] @ mattwynne joined channel #puppet
[2010/02/15 12:20:11] @ ckauhaus joined channel #puppet
[2010/02/15 12:21:28] @ toi joined channel #puppet
[2010/02/15 12:24:34] @ Bryce_ joined channel #puppet
[2010/02/15 12:26:30] @ Quit: mattwynne: Remote host closed the connection
[2010/02/15 12:28:02] @ Quit: gebi: Ping timeout: 248 seconds
[2010/02/15 12:30:46] @ neek joined channel #puppet
[2010/02/15 12:31:01] * neek grumps at logrotate.
[2010/02/15 12:32:00] <neek> so, for those who have had to deal with this, what's the best way to change a logrotate config from "nocompress" to "compress" ? changing the config file is easy enough, unforunately logrotate then proceeds to ignore the previously uncompressed log files for ever.
[2010/02/15 12:32:42] <neek> any sane way to handle this, short of an exec to gzip them manually?
[2010/02/15 12:34:26] @ Quit: Robbie_: Ping timeout: 246 seconds
[2010/02/15 12:36:31] @ autowidget joined channel #puppet
[2010/02/15 12:37:16] @ brothers joined channel #puppet
[2010/02/15 12:41:26] @ Quit: brothers: Ping timeout: 245 seconds
[2010/02/15 12:45:40] @ Quit: eshamow: Quit: eshamow
[2010/02/15 12:45:59] @ eshamow joined channel #puppet
[2010/02/15 12:47:20] @ Quit: ckauhaus: Quit: Leaving.
[2010/02/15 12:48:21] @ murkk joined channel #puppet
[2010/02/15 12:49:03] @ Quit: jcape: Ping timeout: 276 seconds
[2010/02/15 12:52:26] @ Quit: tonyskapunk: Remote host closed the connection
[2010/02/15 12:57:12] @ Quit: \ask: Remote host closed the connection
[2010/02/15 12:57:34] @ \ask joined channel #puppet
[2010/02/15 12:57:44] @ Quit: boomshankerx: Quit: Leaving
[2010/02/15 13:06:03] @ boomshankerx joined channel #puppet
[2010/02/15 13:08:41] @ Quit: boomshankerx: Client Quit
[2010/02/15 13:08:45] @ Quit: londo: Remote host closed the connection
[2010/02/15 13:13:58] @ mattwynne joined channel #puppet
[2010/02/15 13:17:02] @ Quit: mattwynne: Remote host closed the connection
[2010/02/15 13:18:52] @ tonyskapunk joined channel #puppet
[2010/02/15 13:19:42] @ Quit: MattyM: Quit: ta ta
[2010/02/15 13:31:42] @ Quit: tessier: Changing host
[2010/02/15 13:31:42] @ tessier joined channel #puppet
[2010/02/15 13:34:26] @ lilmatt joined channel #puppet
[2010/02/15 13:42:50] @ Quit: alban2: Ping timeout: 265 seconds
[2010/02/15 13:43:04] @ alban2 joined channel #puppet
[2010/02/15 13:48:29] <murkk> can you use tagged in conjunction with case?
[2010/02/15 13:49:36] <murkk> something like: http://pastie.org/825935
[2010/02/15 13:50:31] @ jcape joined channel #puppet
[2010/02/15 13:51:23] @ tuf joined channel #puppet
[2010/02/15 13:53:54] @ Quit: nigelk: Ping timeout: 240 seconds
[2010/02/15 13:58:12] @ Quit: giskard: Remote host closed the connection
[2010/02/15 14:05:45] @ Quit: madduck: Ping timeout: 276 seconds
[2010/02/15 14:05:55] @ Quit: lutter: Quit: Leaving.
[2010/02/15 14:06:14] @ fzzzt joined channel #puppet
[2010/02/15 14:07:33] @ Quit: bug: Quit: bug
[2010/02/15 14:08:18] @ lutter joined channel #puppet
[2010/02/15 14:12:36] @ nigelk joined channel #puppet
[2010/02/15 14:14:05] @ madduck joined channel #puppet
[2010/02/15 14:14:33] @ yarihm joined channel #puppet
[2010/02/15 14:16:23] <tim|imac> is there a value you can check to see if the client is run with --debug?
[2010/02/15 14:16:46] <tim|imac> I'd like to add some notify{}s if the client is run with --debug, for (you didn't see this coming) easier debugging
[2010/02/15 14:17:50] * neek boggles.
[2010/02/15 14:17:52] <neek> :)
[2010/02/15 14:17:55] @ Quit: Spruit_elf: Quit: Spruit_elf
[2010/02/15 14:18:02] <tim|imac> :P
[2010/02/15 14:18:34] @ brothers joined channel #puppet
[2010/02/15 14:19:15] <tim|imac> about your earlier question, I think the exec is the way to go, I'm afraid... or using tidy{} to clear them up after a while
[2010/02/15 14:22:41] @ Quit: tessier: Ping timeout: 245 seconds
[2010/02/15 14:29:05] <neek> mm, tidy is new to me. will look at that, but for this I'd rather compress them then blow them away, so yeah.
[2010/02/15 14:29:24] <neek> I finally got past the parse error I was getting on "-" in the command, heh.
[2010/02/15 14:29:40] <neek> trying to get my unless/onlyif logic straight now.
[2010/02/15 14:31:47] @ WALoeIII joined channel #puppet
[2010/02/15 14:32:46] @ Quit: brothers: Ping timeout: 252 seconds
[2010/02/15 14:33:03] @ justinfreeman joined channel #puppet
[2010/02/15 14:33:12] @ brothers joined channel #puppet
[2010/02/15 14:34:30] @ brothers_ joined channel #puppet
[2010/02/15 14:34:43] <taihen> anyone, unix group managment ( create, remove ) with puppet, can't find any good trace how to do that
[2010/02/15 14:34:45] @ Quit: brothers_: Client Quit
[2010/02/15 14:35:02] <Volcane> you didnt see the group type in wiki:TypeReference?
[2010/02/15 14:35:27] @ tessier joined channel #puppet
[2010/02/15 14:36:39] <taihen> Volcane oh yeah, thanks
[2010/02/15 14:36:45] @ spencert joined channel #puppet
[2010/02/15 14:37:41] @ Quit: brothers: Ping timeout: 245 seconds
[2010/02/15 14:38:05] <spencert> hello everyone,
[2010/02/15 14:38:36] <spencert> I have a duplication definition question/problem, need some ideas on how to solve.
[2010/02/15 14:39:40] <spencert> I have two classes: hp_qla and oracle-11g, each class in order to do its job needs to install package { "gcc": ensure => present, }
[2010/02/15 14:39:57] <Volcane> make a class gcc
[2010/02/15 14:40:01] <Volcane> include it in each of those
[2010/02/15 14:40:07] <Volcane> you can include many times the same thing
[2010/02/15 14:40:09] <spencert> there are some circumstances where I need to have hp_qla and oracle on the same node
[2010/02/15 14:40:19] <spencert> ahh, let me think about that for a sec,
[2010/02/15 14:40:29] <spencert> why that has not occurred to me in the past...
[2010/02/15 14:40:49] <Volcane> always the way :)
[2010/02/15 14:44:40] @ mikerowehl joined channel #puppet
[2010/02/15 14:45:05] <spencert> Volcane: that worked like a champ.
[2010/02/15 14:45:11] <Volcane> kewl
[2010/02/15 14:45:28] <spencert> now to make it form a wrinkle in my gray matter as to why that works.
[2010/02/15 14:46:31] <spencert> ok, another similar problem...
[2010/02/15 14:47:07] @ rmiller4pi8 joined channel #puppet
[2010/02/15 14:47:44] <spencert> baseclass is included on all nodes, it's part of the default node and its inherited by all other classes, within baseclass I manage a file /root/.ssh/authorized_keys, its just a static file with a bunch of peer's keys.
[2010/02/15 14:48:24] <spencert> almost all machines need these keys, however there are some that should not have my keys on them. i.e. production oracle machines, development oracle machines should have my keys
[2010/02/15 14:48:41] @ mvn071 joined channel #puppet
[2010/02/15 14:49:09] @ zobspaddic joined channel #puppet
[2010/02/15 14:49:35] <spencert> do I need to create a separate class that "overrides" /root/.ssh/authorized_keys with a source => undef, ensure => absent and apply that separate class to the nodes that should not have my keys, or is there different way to handle this?
[2010/02/15 14:50:14] @ skiold joined channel #puppet
[2010/02/15 14:50:28] <Volcane> are you copying files out or using the authorized_key type?
[2010/02/15 14:51:12] <spencert> copying files out
[2010/02/15 14:51:39] <Volcane> you can do the inherit or just copy out empty files using the array passed to source => trick
[2010/02/15 14:51:56] <Volcane> or just set variables in your node {} blocks
[2010/02/15 14:52:02] <Volcane> $have_root_ssh = 1
[2010/02/15 14:52:03] <Volcane> etc
[2010/02/15 14:52:10] <spencert> ahh, duh, variables in node block,
[2010/02/15 14:52:19] <spencert> I need to think more before I ask :-)
[2010/02/15 14:52:23] <Volcane> heh
[2010/02/15 14:52:33] @ Quit: RageLink: Remote host closed the connection
[2010/02/15 14:52:41] <spencert> I like variables in node block, that is better imho than a separate class that overrides etc....
[2010/02/15 14:53:05] <Volcane> yeah much less hassle
[2010/02/15 14:54:51] <spencert> I have not used the authorized_key type because I need to prevent some lame people from putting their keys in authorized_keys on the server. I don't want to have to find each key and remove it using the authorized_key type, dropping in a file and overwriting is easier. I know that I should prevent them from logging in all together as root, but the politics have prevented me from doing that on my dev nodes.
[2010/02/15 14:55:09] <Volcane> yup authorized_key isnt really fit for purpose most of the time
[2010/02/15 14:55:44] <Volcane> you know on file you can do source => ["puppet:///ssh/root.${fqdn}", "puppet:///ssh/root"]
[2010/02/15 14:55:57] <Volcane> so if you made root.your.box.com as empty file those machines will be foreced empty
[2010/02/15 14:56:07] <Volcane> else it will get the default 'root' one
[2010/02/15 14:56:13] @ Quit: rmiller4pi8: Ping timeout: 260 seconds
[2010/02/15 14:56:14] <spencert> I had not considered that
[2010/02/15 14:56:25] <Volcane> if say you need different key sets per domain, location or whatever, that model works really well
[2010/02/15 14:56:51] <spencert> I see, is there some variable I need to set to the array is parsed in order
[2010/02/15 14:56:56] <spencert> or does it always go in order?
[2010/02/15 14:57:03] <Volcane> always goes in order
[2010/02/15 14:57:24] <Volcane> file{"/root/.ssh/authorized_keys": source => ["puppet:///ssh/root.${fqdn}", "puppet:///ssh/root"] }
[2010/02/15 14:57:35] <Volcane> it will just try them one by one till it finds a file
[2010/02/15 14:57:48] <spencert> interesting, I had seen that before, but never had it click on this example.
[2010/02/15 14:57:55] <spencert> thanks for the suggestion.
[2010/02/15 14:58:10] <Volcane> kewl
[2010/02/15 14:58:12] <spencert> one last question
[2010/02/15 14:59:11] <Volcane> shoot
[2010/02/15 14:59:12] <spencert> I run 0.25.1 on master and nodes. sometimes without anything in the logs I will see that puppetd has stopped running. no compilation errors nothing, I restart it and everything goes merrily along. Has anyone else see this? do I need something in cron to restart puppet if its dead?
[2010/02/15 14:59:23] <Volcane> yeah
[2010/02/15 14:59:27] <Volcane> 0.25.4 does it too
[2010/02/15 14:59:40] <Volcane> there's been a good few fixes in this regard around 0.25.1 so its lots better
[2010/02/15 14:59:48] <Volcane> but apparently still some left
[2010/02/15 14:59:57] <Volcane> its *much* better in 0.25.4
[2010/02/15 15:00:06] <spencert> ok, I was trying to isolate it but cannot find anything
[2010/02/15 15:00:09] <Volcane> everything is much better in 0.25.4 you shouldnt use .1
[2010/02/15 15:00:18] <spencert> I will upgrade and see what happens
[2010/02/15 15:00:24] <Volcane> in my case it was down to network timeouts = die
[2010/02/15 15:01:40] <spencert> has debian packagers packaged 0.25.4? I run puppetmaster on debian and nodes are all rhel, I see Todd Zullinger has published rpms for rhel/fedora/centos
[2010/02/15 15:01:53] <Volcane> i tnink so, check with nigelk
[2010/02/15 15:02:09] <nigelk> spencert: ya, it's up
[2010/02/15 15:02:16] <spencert> cool
[2010/02/15 15:02:19] <nigelk> http://packages.debian.org/sid/puppet shows 0.25.1 still
[2010/02/15 15:02:24] <nigelk> but 0.25.4 is definitely up
[2010/02/15 15:02:28] <nigelk> and facter 1.5.7
[2010/02/15 15:02:30] <spencert> nigelk: do you also package facter for debian?
[2010/02/15 15:02:39] <nigelk> yep :)
[2010/02/15 15:02:52] <nigelk> (one of the awesome team who do it to be accurate)
[2010/02/15 15:02:58] <spencert> I think I have found a bug, let me try to verify
[2010/02/15 15:03:08] <spencert> its in the fqdn code
[2010/02/15 15:03:10] <nigelk> hacim is another packager
[2010/02/15 15:03:52] <spencert> same facter version works on rhel, just seems to break on debian (or at least provide inconsistent results)
[2010/02/15 15:03:59] <nigelk> if possible, it's really helpful to bug report to facter on redmine and put that reference into a debian bug report. Makes life much easier for us with cherry-picking fixes
[2010/02/15 15:04:08] @ giskard joined channel #puppet
[2010/02/15 15:04:09] <spencert> ok,
[2010/02/15 15:04:25] <spencert> if I can identify it I will create a bug in redmine
[2010/02/15 15:04:32] <hacim> hm, i wonder why the PTS is so far behind
[2010/02/15 15:04:34] <nigelk> I think there were some fixes to the fqdn code recently
[2010/02/15 15:04:40] <nigelk> hacim: yeah, I was wondering that
[2010/02/15 15:05:09] <nigelk> spencert: http://ftp.de.debian.org/debian/pool/main/p/puppet/ has the 0.25.4 debs
[2010/02/15 15:05:51] <spencert> ok, I will grab from there, thank you
[2010/02/15 15:13:02] @ bug joined channel #puppet
[2010/02/15 15:18:52] @ fsweetser_ is now known as fsweetser
[2010/02/15 15:24:21] @ Quit: justdave: Remote host closed the connection
[2010/02/15 15:24:30] @ justdave joined channel #puppet
[2010/02/15 15:26:53] <spencert> nigelk: new package puppet-common?
[2010/02/15 15:28:38] <spencert> grabbed that and it all was successful.
[2010/02/15 15:29:54] @ Quit: Whoop: Ping timeout: 240 seconds
[2010/02/15 15:29:59] @ mathiaz joined channel #puppet
[2010/02/15 15:31:12] <mathiaz> nigelk: hi!
[2010/02/15 15:31:58] <mathiaz> nigelk: trying to install the puppetmaster package with 0.25.4-1ubuntu1 (based on the version in unstable) and it fails
[2010/02/15 15:32:02] @ Quit: justinfreeman: Ping timeout: 248 seconds
[2010/02/15 15:32:09] <mathiaz> nigelk: the puppet user is not created if the puppet package is not installed
[2010/02/15 15:32:45] <mathiaz> nigelk: should the creation of the puppet user be move to puppet-common instead of puppet?
[2010/02/15 15:36:26] @ Quit: zobspaddic: Ping timeout: 245 seconds
[2010/02/15 15:43:34] @ fzzzt left channel #puppet ()
[2010/02/15 15:47:10] <nigelk> ah nice catch mathiaz
[2010/02/15 15:47:25] <nigelk> oh wait. no it shouldn't create it for puppet-common
[2010/02/15 15:47:42] @ Quit: mfournier: Quit: leaving
[2010/02/15 15:47:44] <nigelk> I thought you were saying the other way around
[2010/02/15 15:48:01] @ Quit: nigelk: Quit: nigelk
[2010/02/15 15:50:01] <shenson> does a class have to directly include another class to use an exec inside of it or does that class just have to be included at some point
[2010/02/15 15:50:49] <tim|imac> shenson: it only has to be included at some point
[2010/02/15 15:51:30] <tim|imac> hm... how can i depend on a version of a package? I want to put a apt/preferences file with a source down when libaugeas0 < 0.7...
[2010/02/15 15:52:04] <shenson> tim|imac, thanks
[2010/02/15 15:52:21] <shenson> tim|imac, require => version
[2010/02/15 15:52:36] <shenson> works with yum, I would think it works with apt
[2010/02/15 15:52:39] <tim|imac> also depends on your meaning of "use"... if you want to override it, your class will need to inherit the other class
[2010/02/15 15:52:42] @ Quit: skiold: Ping timeout: 252 seconds
[2010/02/15 15:53:06] <tim|imac> yeah, but i need the preferences in place before it can update to the version in backports :S
[2010/02/15 15:54:05] @ Quit: ccaum: Ping timeout: 260 seconds
[2010/02/15 15:54:09] @ skiold joined channel #puppet
[2010/02/15 15:54:38] @ scyld joined channel #puppet
[2010/02/15 15:55:02] @ Quit: bug: Quit: bug
[2010/02/15 15:56:09] <tim|imac> which i could do something like if versioncmp(Package["libaugeas0"].version, "0.7.0") < 0 { file{ bla } } else { augeas { bla } }
[2010/02/15 15:56:39] <spencert> ok, just upgraded both puppetmaster on master and puppet on node from 0.25.1 to 0.25.4, got the following in the logs: "Value of 'preferred_serialization_format' (pson) is invalid for report, using default (marshal)" is that ok?
[2010/02/15 15:57:10] <noradific> can having a excessively large /var/log/wtmp be a problem?
[2010/02/15 15:57:11] <Volcane> spencert: ignore that
[2010/02/15 15:57:30] <spencert> Volcane: ok, I assume there is a bug already filed?
[2010/02/15 15:57:31] <tim|imac> s/which/wish/ in my last sentence
[2010/02/15 15:57:51] <Volcane> spencert: its just a debug message, not a bug - but it hink there's a ticket to make it shut up
[2010/02/15 15:58:00] @ Whoop joined channel #puppet
[2010/02/15 15:58:39] <spencert> ok, thanks
[2010/02/15 15:58:47] <tim|imac> actually... may I could write a function pkgversion() that does that or something... time for me to learn some ruby anyway :)
[2010/02/15 15:59:08] @ Quit: skiold: Ping timeout: 272 seconds
[2010/02/15 15:59:08] @ scyld is now known as skiold
[2010/02/15 16:04:51] @ RageLink joined channel #puppet
[2010/02/15 16:06:06] @ bug joined channel #puppet
[2010/02/15 16:06:58] @ Quit: toi: Quit: Ex-Chat
[2010/02/15 16:07:01] @ Quit: derekl: Ping timeout: 264 seconds
[2010/02/15 16:10:39] @ Quit: lilmatt: Quit: lilmatt
[2010/02/15 16:14:23] <neek> ok, so my exec is killing me.
[2010/02/15 16:14:25] <neek> command => "/bin/gzip /var/log/httpd/*log.\[1\-9\]",
[2010/02/15 16:14:55] <Volcane> your using the wrong tool for the job
[2010/02/15 16:14:58] <neek> I need that to work. if I don't \ the -, I get errors. if I \ the [], I get
[2010/02/15 16:14:59] <Volcane> write a shell script
[2010/02/15 16:15:00] <neek> failed: /bin/gzip /var/log/httpd/*log.\[1\-9\] returned 1 instead of 0
[2010/02/15 16:15:03] <Volcane> use puppet to deploy the script
[2010/02/15 16:15:05] <fsweetser> puppet doesn't run execs through the shell, so you don't have file globs
[2010/02/15 16:15:06] <Volcane> add a cron job
[2010/02/15 16:15:07] <neek> Volcane: for a one liner?!?!?
[2010/02/15 16:15:13] <neek> fuc!
[2010/02/15 16:15:36] <neek> Volcane: it's a run-once to get around borken logrotate
[2010/02/15 16:15:48] <Volcane> still, wrong tool for the job then
[2010/02/15 16:15:54] <Volcane> capistrano, dssh, whatever
[2010/02/15 16:16:11] <neek> yeah, puppet keeps turning up to be the limiting factor in "tool for job"
[2010/02/15 16:16:28] <Volcane> your trying to make puppet a) be a shell script b) do something once only c) replace tools designed specifically to do a and b
[2010/02/15 16:16:37] <neek> this change should go out at the same time as the config change.
[2010/02/15 16:16:42] <Volcane> and surprisingly you find that it sux - no doubt you could hack something up to do it with puppet
[2010/02/15 16:16:56] <neek> which is staged out through the environment, so using dssh etc is paintfull.
[2010/02/15 16:17:39] <neek> no, it's a config change. the config change needs things done to support it. doing that OUTSIDE of config management is a waste of time.
[2010/02/15 16:17:49] <Volcane> fair enough, exec has options to log the output always or on failure so you can see whats going on
[2010/02/15 16:17:52] <neek> and leads to breakage.
[2010/02/15 16:18:05] <Volcane> but like fsweetser says you probably dont have globs and probably want to exec your code through a shell
[2010/02/15 16:19:02] <neek> fwiw, the * works in the exec.
[2010/02/15 16:23:47] @ gebi joined channel #puppet
[2010/02/15 16:24:29] <tim|imac> another solution would be something like command => "/bin/sh /bin/gzip etc.
[2010/02/15 16:24:32] <tim|imac> uh
[2010/02/15 16:24:43] <tim|imac> /bin/sh -c \"
[2010/02/15 16:25:23] <neek> that's a thought
[2010/02/15 16:25:56] <tim|imac> apparantly, there's a libdpkg-ruby1.8 package...
[2010/02/15 16:26:04] <tim|imac> i really need to learn the language :)
[2010/02/15 16:26:20] @ Quit: _nalle: Remote host closed the connection
[2010/02/15 16:26:23] @ _nalle joined channel #puppet
[2010/02/15 16:27:10] <tim|imac> but not today.
[2010/02/15 16:27:13] <tim|imac> good night, everyone.
[2010/02/15 16:27:20] @ Quit: ppickfor: Ping timeout: 256 seconds
[2010/02/15 16:27:40] <neek> Volcane: but all annoyance aside, I DO agree with you. The problem lies in making a config change to software that doesn't handle it sanely. (logrotate not handling the change from nocompress to compress)
[2010/02/15 16:27:53] <neek> so then having to perform a 1 time task to suppor the config change.
[2010/02/15 16:28:35] <neek> but I think that's a common occurance: Having a way to perform those within the config management tool makes perfect sense.
[2010/02/15 16:28:46] @ Wandrewvious joined channel #puppet
[2010/02/15 16:28:57] <neek> I think having to kick off an exec with a bunch of onlyif/unless checks isn't the right way, but it's all I've found so far....
[2010/02/15 16:30:20] <neek> maybe if I could nest the exec inside the file{} or augeus{} that does the update, or something, keeping it relative to the version being changed (kind of like a notify..), but...
[2010/02/15 16:32:18] @ Quit: WALoeIII: Ping timeout: 248 seconds
[2010/02/15 16:32:19] @ Wandrewvious is now known as WALoeIII
[2010/02/15 16:36:13] @ OpenMedia joined channel #puppet
[2010/02/15 16:40:28] <justdave> are there any built-in path expansions in puppet manifests to get the "/lib" or "/usr/lib" directory on Linux?
[2010/02/15 16:40:56] <justdave> thinking it would be handier than a large if {} block to do /usr/lib or /usr/lib64 based on $arch
[2010/02/15 16:42:17] @ Quit: Bryce_: Quit: It's a dud! It's a dud! It's a du...
[2010/02/15 16:47:21] <KarlHungus> $usrlib => $operatingsystem ? { 'centos' => $architecture ? { 'i386' => '/usr/lib', 'x86_64' => '/usr/lib64' }, default => 'whoa'. }
[2010/02/15 16:47:34] <KarlHungus> maybe =)
[2010/02/15 16:50:33] <justdave> heh
[2010/02/15 16:50:39] <justdave> yeah, looks like there's a feature request for it in http://projects.reductivelabs.com/issues/1919
[2010/02/15 16:51:11] * justdave tries to figure out how to create an account on there so I can reply "yes" to the question in comment 7
[2010/02/15 16:52:13] <KarlHungus> justdave: why not just set that in a common module?
[2010/02/15 16:52:19] <KarlHungus> its somewhat RHEL specific
[2010/02/15 16:53:45] @ zobbo joined channel #puppet
[2010/02/15 16:54:37] <justdave> I was going to say Ubuntu does the same thing, but apparently theirs is a symlink to lib anyway
[2010/02/15 16:55:04] <justdave> (and they do a lib32 for 32-bit stuff on 64-bit arch)
[2010/02/15 16:55:29] @ jfreeman joined channel #puppet
[2010/02/15 16:55:42] <justdave> yeah, I'm doing the common module definition thing anyway, just wanted to make sure there wasn't something built-in before I went and did it
[2010/02/15 17:05:50] @ Quit: p3rror: Ping timeout: 265 seconds
[2010/02/15 17:10:44] @ Quit: eshamow: Quit: eshamow
[2010/02/15 17:11:02] @ eshamow joined channel #puppet
[2010/02/15 17:13:10] <axisys> hi i am trying to create multiple user accounts on multiple nodes from a given input file userfile
[2010/02/15 17:13:23] <axisys> does this look kosher ? http://pastie.org/826275
[2010/02/15 17:13:26] <axisys> syntax wise
[2010/02/15 17:14:16] <axisys> ldap is not an option.. cannot have multiple password for same dn .. which is how it is now
[2010/02/15 17:15:19] <axisys> it is non homogeneous env .. so will be very difficult to switch to ldap with all other issues
[2010/02/15 17:17:52] @ Quit: bug: Quit: bug
[2010/02/15 17:18:40] <KarlHungus> i still suggest ldap =) because it makes * easier
[2010/02/15 17:19:22] <KarlHungus> but yeah, it can be quite difficult to set it up right initially
[2010/02/15 17:20:12] <axisys> KarlHungus: yeah.. i have been told few times to go with ldap.. but i am thinking using puppet for now and once i get all normalized .. i will switch to ldap
[2010/02/15 17:20:53] <axisys> in the meantime i like to see if i could use puppet to add multiple users on multiple nodes w/o too much difficulty while getting help from here, of course
[2010/02/15 17:21:05] @ Quit: mvn071: Quit: Leaving
[2010/02/15 17:21:09] @ eshamow is now known as eshamow|away
[2010/02/15 17:21:12] @ ahasenack left channel #puppet ("Leaving")
[2010/02/15 17:24:06] @ Quit: RageLink: Ping timeout: 240 seconds
[2010/02/15 17:25:13] @ Quit: skiold: Quit: skiold
[2010/02/15 17:25:45] <tessier> Does puppet not normally create homedirs when you realize a virtual user? I even specify home => "/home/user" on the @user
[2010/02/15 17:26:06] <Volcane> it doesnt no, there's an option to enable it, check the docs
[2010/02/15 17:26:14] <tessier> Well that explains it then. :)
[2010/02/15 17:26:16] <tessier> Thanks
[2010/02/15 17:27:17] <axisys> tessier: i think it is managehomedir or something
[2010/02/15 17:28:30] <axisys> i modified it a little .. my previous pastie .. http://pastie.org/826275 .. can i put node inside a class like this http://pastie.org/826275 ? i had been on looong vacation.. forgot lot of the syntaxes
[2010/02/15 17:28:44] <tessier> managehome => true
[2010/02/15 17:28:47] <tessier> That's what I need.
[2010/02/15 17:28:59] <axisys> tessier: yep
[2010/02/15 17:29:58] <axisys> it almost seems like to add multiple users in multiple nodes the right tool (short from ldap) would be capistrano and not puppet..
[2010/02/15 17:30:30] <tessier> In my case I only have 4 users to manage so doing it in puppet is easier than setting up a bunch of other infrastructure.
[2010/02/15 17:31:27] <fsweetser> anybody have any experience with the puppet-mysql modules on github?
[2010/02/15 17:31:32] <axisys> tessier: of course.. i was not commenting on your work..
[2010/02/15 17:31:39] <tessier> axisys: Ah, ok
[2010/02/15 17:31:42] @ Quit: jfreeman: Remote host closed the connection
[2010/02/15 17:32:08] @ jfreeman joined channel #puppet
[2010/02/15 17:32:27] <axisys> i am just seeking help in adding multiple users on multiple nodes outside ldap
[2010/02/15 17:32:40] <tessier> oh, wow. I can even set the user's encrypted password.
[2010/02/15 17:33:44] <tessier> That is exactly what I have been looking for to solve my sudo issue. Although now I am wondering if sudo with password really adds any security vs the password management hassle. Plus I just realized that if a user changes their password on a particular machine puppet will set it back and we may not want the same passwords everywhere.
[2010/02/15 17:34:43] <tessier> I am tempted to go with ssh key only auth and no password needed for sudo. But then any automated script you run could just sudo off a command.
[2010/02/15 17:35:12] <KarlHungus> tessier: ldap+pam is so much simpler ;)
[2010/02/15 17:35:34] <KarlHungus> and almost negligible overhead for such a small realm
[2010/02/15 17:36:03] <tessier> KarlHungus: But then I have to learn ldap. And set up two ldap servers.
[2010/02/15 17:36:30] <KarlHungus> yeah, but its simple =) and you can have a master ldap somewhere and replicate a local copy to each server
[2010/02/15 17:37:08] <tessier> I've been looking at LDAP in fear for years. It has never seemed simple to me.
[2010/02/15 17:37:09] <KarlHungus> and writes to a replicated slave actually chain back to the master instead of breaking replication like some databases do, *cough* mysql *cough*
[2010/02/15 17:37:25] <tessier> Almost as bad as SNMP. Purportedly simple yet big huge books are written on it.
[2010/02/15 17:37:41] @ Quit: blahdeblah: Ping timeout: 260 seconds
[2010/02/15 17:37:49] <tessier> ldap doesn't have to enforce relational constraints like mysql does.
[2010/02/15 17:37:56] <tessier> Totally different kind of db.
[2010/02/15 17:38:05] <KarlHungus> its just a database that stores a heirarchy of data instead of relational data
[2010/02/15 17:38:17] <KarlHungus> but relational contraints are enforced with an overlay
[2010/02/15 17:39:02] <KarlHungus> mysql could pretty easily relay writes to the master like openldap ;)
[2010/02/15 17:39:14] @ Robbie joined channel #puppet
[2010/02/15 17:39:16] <KarlHungus> but it doesnt, so i'll quit griping and get over it
[2010/02/15 17:39:42] @ Robbie is now known as Guest97865
[2010/02/15 17:40:41] <KarlHungus> at least we have row delta replication and stable partitioning now
[2010/02/15 17:47:33] @ RageLink joined channel #puppet
[2010/02/15 17:58:00] @ Quit: shine: Ping timeout: 256 seconds
[2010/02/15 18:01:49] @ malraid_ joined channel #puppet
[2010/02/15 18:02:27] @ Quit: malraid_: Client Quit
[2010/02/15 18:03:13] @ Quit: \ask: Remote host closed the connection
[2010/02/15 18:03:34] @ \ask joined channel #puppet
[2010/02/15 18:04:41] @ Quit: Guest97865: Remote host closed the connection
[2010/02/15 18:05:36] @ Quit: WALoeIII: Quit: WALoeIII
[2010/02/15 18:05:46] @ Quit: malraid: Ping timeout: 265 seconds
[2010/02/15 18:05:50] @ RedPepper is now known as zz_RedPepper
[2010/02/15 18:06:27] @ lilmatt joined channel #puppet
[2010/02/15 18:06:49] @ WALoeIII joined channel #puppet
[2010/02/15 18:07:25] @ Quit: notbrien: Read error: Operation timed out
[2010/02/15 18:07:53] @ Quit: WALoeIII: Client Quit
[2010/02/15 18:13:15] @ malraid joined channel #puppet
[2010/02/15 18:14:45] @ Quit: TREllis: Read error: Operation timed out
[2010/02/15 18:15:46] @ londo_ is now known as londo
[2010/02/15 18:17:04] @ PaulWay[w] joined channel #puppet
[2010/02/15 18:19:03] @ Djelibeybi joined channel #puppet
[2010/02/15 18:19:53] @ Quit: giskard: Remote host closed the connection
[2010/02/15 18:20:34] @ giskard joined channel #puppet
[2010/02/15 18:20:49] @ Quit: labrown: Quit: Leaving
[2010/02/15 18:22:48] <jbartus> http://reductivelabs.com/training/new-york-training/ <--- I really wanna do this, but 2K is not gonna happen
[2010/02/15 18:23:15] <jbartus> i could probably get a 1-day/$695-er out of the boss
[2010/02/15 18:24:41] <justdave> is there a way to "undefine" something that got defined in a class you're inheriting?
[2010/02/15 18:31:45] @ Quit: j00bar: Quit: j00bar
[2010/02/15 18:31:54] @ Quit: jab_doa: Quit: Verlassend
[2010/02/15 18:33:20] @ Quit: pheezy: Remote host closed the connection
[2010/02/15 18:33:49] @ blahdeblah joined channel #puppet
[2010/02/15 18:34:05] @ Quit: blahdeblah: Client Quit
[2010/02/15 18:35:08] @ Quit: shenson: Quit: /me taps out
[2010/02/15 18:35:58] * eshamow|away waves hi at jbartus
[2010/02/15 18:36:02] @ eshamow|away is now known as eshamow
[2010/02/15 18:36:17] <eshamow> fancy bumping into you here ;-)
[2010/02/15 18:37:32] @ shenson joined channel #puppet
[2010/02/15 18:37:35] @ Quit: shenson: Read error: Connection reset by peer
[2010/02/15 18:38:09] @ Quit: RageLink: Remote host closed the connection
[2010/02/15 18:39:25] @ Quit: bobbyz: Ping timeout: 264 seconds
[2010/02/15 18:40:03] @ Quit: kaptk2: Quit: Leaving.
[2010/02/15 18:48:59] <jbartus> hah, hey man
[2010/02/15 18:49:24] <dan__t> So say I want to ensure => versionnumber yada yada... what if that version breaks or is unavailable, can I specify a fallback?
[2010/02/15 18:51:16] @ Quit: neek: Quit: My damn controlling terminal disappeared!
[2010/02/15 18:55:51] @ WALoeIII joined channel #puppet
[2010/02/15 18:57:27] @ Quit: WALoeIII: Client Quit
[2010/02/15 18:58:49] @ WALoeIII joined channel #puppet
[2010/02/15 19:02:42] @ bug joined channel #puppet
[2010/02/15 19:06:48] <gepetto> ::trac:: Puppet Version Control edited @ http://reductivelabs.com/trac/puppet/wiki/PuppetVersionControl?version=18
[2010/02/15 19:10:13] @ spencert left channel #puppet ()
[2010/02/15 19:12:14] @ shine joined channel #puppet
[2010/02/15 19:12:57] @ Quit: murkk: Ping timeout: 265 seconds
[2010/02/15 19:14:40] @ ppickfor joined channel #puppet
[2010/02/15 19:16:07] @ verwilst joined channel #puppet
[2010/02/15 19:16:37] @ TREllis joined channel #puppet
[2010/02/15 19:20:10] @ Quit: bug: Ping timeout: 256 seconds
[2010/02/15 19:20:41] @ Quit: biertie: Ping timeout: 265 seconds
[2010/02/15 19:20:58] @ biertie joined channel #puppet
[2010/02/15 19:24:42] @ bug joined channel #puppet
[2010/02/15 19:24:48] @ tjoe joined channel #puppet
[2010/02/15 19:28:56] @ Quit: autowidget: Quit: autowidget
[2010/02/15 19:32:18] @ Quit: ppickfor: Quit: Leaving.
[2010/02/15 19:32:24] @ Quit: WALoeIII: Quit: WALoeIII
[2010/02/15 19:33:04] @ WALoeIII joined channel #puppet
[2010/02/15 19:43:26] @ eshamow is now known as eshamow|away
[2010/02/15 19:47:00] @ Quit: gebi: Ping timeout: 276 seconds
[2010/02/15 19:47:08] @ Quit: bug: Ping timeout: 272 seconds
[2010/02/15 19:51:21] @ Quit: tjoe: Quit: #arch
[2010/02/15 19:51:33] @ tjoe joined channel #puppet
[2010/02/15 19:55:11] @ Quit: Djelibeybi: Quit: Leaving
[2010/02/15 19:57:59] @ Quit: verwilst: Quit: Ex-Chat
[2010/02/15 20:00:24] @ verwilst joined channel #puppet
[2010/02/15 20:06:46] @ notbrien joined channel #puppet
[2010/02/15 20:08:08] @ Quit: TREllis: Quit: leaving
[2010/02/15 20:08:56] @ Quit: verwilst: Quit: Ex-Chat
[2010/02/15 20:10:15] @ Quit: tjoe: Quit: leaving
[2010/02/15 20:11:56] @ Quit: alfism: Quit: http://opensolaris.com/
[2010/02/15 20:16:17] <explody> anyone know of a commandline/programmatic way to enable LDAPv3 service on OSX? Like the equivalent of checking the box next to LDAPv3 under Services in Directory Utility?
[2010/02/15 20:17:34] <explody> I know about DirectoryService.plist, but I need to manage several services in there, and I can't just write the file
[2010/02/15 20:18:05] @ Quit: cmoates: Quit: Leaving
[2010/02/15 20:18:10] <RandalSchwartz> there are some commandline things
[2010/02/15 20:18:13] <RandalSchwartz> I think they start with "nc"
[2010/02/15 20:18:19] <RandalSchwartz> or maybe that was the 10.4 way
[2010/02/15 20:18:26] <RandalSchwartz> it gets confusing :)
[2010/02/15 20:19:05] <explody> well, there's a bunch of "ds*" tools that will configure directory servers, but I haven't found any that just enable the service
[2010/02/15 20:19:44] <RandalSchwartz> that's probably a launchd thing
[2010/02/15 20:19:47] <explody> RandalSchwartz: say, aren't you a friend of Monty Williams?
[2010/02/15 20:19:50] @ eshamow|away is now known as eshamow
[2010/02/15 20:19:51] <RandalSchwartz> I am
[2010/02/15 20:20:07] <RandalSchwartz> as in, if the launchd for directory services is up, then it's up
[2010/02/15 20:20:44] <explody> yeah, that's the silly part, it's not actually a service (they just call it that). All I can tell that checking that box does is change a line in one plist file
[2010/02/15 20:21:03] <RandalSchwartz> there are plist editors
[2010/02/15 20:21:06] <RandalSchwartz> you could use that
[2010/02/15 20:21:21] <RandalSchwartz> but I don't imagine editing the plist actually makes it start
[2010/02/15 20:22:23] <explody> there are 3 pieces, the DirectoryService daemon, the DirectoryService.plist and another plist that defines the directory servers. The daemon will only *use* what's enabled in DirectoryService.plist
[2010/02/15 20:22:37] @ blahdeblah joined channel #puppet
[2010/02/15 20:23:04] @ Quit: blahdeblah: Client Quit
[2010/02/15 20:23:17] <RandalSchwartz> there's apparently an applescript interface too
[2010/02/15 20:23:22] <RandalSchwartz> might be able to get to that from osascript
[2010/02/15 20:23:24] <explody> hm that might be workable
[2010/02/15 20:23:39] @ blahdeblah joined channel #puppet
[2010/02/15 20:28:41] @ Quit: tonyskapunk: Remote host closed the connection
[2010/02/15 20:44:01] @ Quit: notbrien: Quit: notbrien
[2010/02/15 20:44:30] @ ppickfor joined channel #puppet
[2010/02/15 20:46:24] <explody> well this actually works, but it spits out errors unrelated to actually changing the plist file (albeit ones you could ignore)
[2010/02/15 20:46:37] <explody> osascript -e "tell application \"System Events\" to set value of property list item \"LDAPv3\" of contents of property list file \"/Library/Preferences/DirectoryService/DirectoryService.plist\" to \"Active\""
[2010/02/15 20:54:07] @ notbrien joined channel #puppet
[2010/02/15 20:54:59] @ Quit: WALoeIII: Quit: WALoeIII
[2010/02/15 20:59:09] @ docelic__ joined channel #puppet
[2010/02/15 21:00:39] @ autowidget joined channel #puppet
[2010/02/15 21:01:03] @ Quit: autowidget: Client Quit
[2010/02/15 21:01:48] @ Quit: docelic_: Ping timeout: 252 seconds
[2010/02/15 21:10:03] @ Quit: cynicismic: Quit: leaving
[2010/02/15 21:14:14] @ Quit: giskard: Remote host closed the connection
[2010/02/15 21:21:43] @ RageLink joined channel #puppet
[2010/02/15 21:23:08] @ alexine_dsouza joined channel #puppet
[2010/02/15 21:23:17] @ WALoeIII joined channel #puppet
[2010/02/15 21:27:22] @ stewartl42 joined channel #puppet
[2010/02/15 21:28:12] @ Quit: WALoeIII: Client Quit
[2010/02/15 21:39:20] @ stewartl42 left channel #puppet ()
[2010/02/15 21:42:05] @ Djelibeybi joined channel #puppet
[2010/02/15 21:44:45] @ DrHouseMD is now known as HouseAway
[2010/02/15 21:55:16] @ Quit: mathiaz: Quit: leaving
[2010/02/15 22:06:50] @ Quit: eshamow: Quit: eshamow
[2010/02/15 22:09:36] @ Quit: malraid: Ping timeout: 256 seconds
[2010/02/15 22:13:40] @ malraid joined channel #puppet
[2010/02/15 22:13:44] @ Quit: Djelibeybi: Quit: Leaving
[2010/02/15 22:14:12] @ Quit: \ask: Remote host closed the connection
[2010/02/15 22:15:05] @ \ask joined channel #puppet
[2010/02/15 22:23:15] @ Quit: mikerowehl: Quit: mikerowehl
[2010/02/15 22:23:31] <axisys> how do I add a user with random generated passwd ?
[2010/02/15 22:23:48] <axisys> user type only has option to provide a encrypted string
[2010/02/15 22:24:45] @ Djelibeybi joined channel #puppet
[2010/02/15 22:27:29] @ Djeli joined channel #puppet
[2010/02/15 22:28:44] @ Djeli_ joined channel #puppet
[2010/02/15 22:31:10] @ Quit: Djelibeybi: Ping timeout: 258 seconds
[2010/02/15 22:32:18] @ Quit: Djeli: Ping timeout: 252 seconds
[2010/02/15 22:39:46] <eric0> explody ewww
[2010/02/15 22:39:56] <eric0> here i have a better one, we are doing this on lots o macs
[2010/02/15 22:42:28] @ Djeli_ is now known as Djelibeybi
[2010/02/15 22:42:45] <eric0> http://pastie.org/826619
[2010/02/15 22:43:15] @ malraid_ joined channel #puppet
[2010/02/15 22:44:32] <eric0> you do not need to manipulate the contents of DirectoryService.plist
[2010/02/15 22:47:38] @ Quit: malraid: Ping timeout: 272 seconds
[2010/02/15 22:47:38] @ malraid_ is now known as malraid
[2010/02/15 23:00:49] @ rmiller4pi8 joined channel #puppet
[2010/02/15 23:01:00] @ Djeli joined channel #puppet
[2010/02/15 23:04:12] @ Quit: Djelibeybi: Ping timeout: 252 seconds
[2010/02/15 23:14:45] @ Quit: yarihm: Quit: This computer has gone to sleep
[2010/02/15 23:15:11] @ Djeli is now known as Djelibeybi
[2010/02/15 23:18:51] @ Demosthenes joined channel #puppet
[2010/02/15 23:23:31] @ Quit: sjefen6: Ping timeout: 245 seconds
[2010/02/15 23:24:04] @ ahuman joined channel #puppet
[2010/02/15 23:26:22] @ Quit: xerxas: Quit: Leaving.
[2010/02/15 23:31:39] @ bug joined channel #puppet
[2010/02/15 23:38:57] <axisys> http://pastie.org/826669 this generates the random passwd .. but now what ruby module to use to generate a des3 (solaris) or md5 (linux) crypted passwd ?
[2010/02/15 23:42:24] @ Quit: notbrien: Ping timeout: 252 seconds
[2010/02/15 23:44:49] @ murkk joined channel #puppet
[2010/02/15 23:47:14] @ QtPlatypus joined channel #puppet
[2010/02/15 23:48:24] @ Quit: malraid: Quit: malraid
[2010/02/15 23:57:32] <QtPlatypus> I'm reading http://openskill.info/infobox.php?ID=1476 which features the concept of roles however I note that the roles limmited that a host can only be meber of one role. Is there a simmalar idea that allows hosts to be in more then one role?
« Sunday, 2010-02-14 Index Tuesday, 2010-02-16 »

Generated by irclog2html.py 2.8 by Marius Gedminas - find it at mg.pov.lt!