Geek Answers Handbook

Puppet manifest - 'sudo' commands?

I have a basic CentOS box in Vagrant that I stand with a puppet manifest. Here is the manifest so far:

class base { exec { "sudocmd": path => ["/usr/bin/","/usr/sbin/","/bin"], command => "sudo yum update -y", } package { "man": ensure => present, } package { "bind": ensure => present, } package { "bind-utils": ensure => present, } } include base

But when I say vagrant up , I get an error message that sudocmd yum update terminates with 1. I looked on the Internet but have not yet found a solution for this. Any help?

======== EDIT ========== I read the answers and I agree - thanks guys. I just use this in the dev block to get around, and I need this to be relevant before I start working on it.

+6
source share
2 answers

With a puppet, you do not need to use sudo , just run the yum command. Typically, commands run as root by default, but you can specify which user.

 exec { "sudocmd": path => ["/usr/bin/","/usr/sbin/","/bin"], command => "yum update -y", user => root, }

However, I strongly recommend that you not use any conditional exec with a puppet. This will be done every time the puppets are working. As Forrest said , this is not what the puppet is for. I would not use a puppet for yum update , and my exec always had creates , onlyif , refreshonly or unless , to make sure that they only run if necessary.

+11
source

So, Puppet is not really designed to perform tasks such as updating yum. This is a configuration management tool, not something that completely replaces such a task. In addition, you have a lot of problems with this. What if the puppet demonized? Will this negatively affect our work environment? What happens if a user accidentally launches Puppet and updates a package that breaks our scripts (JDK, MySQL, PHP, etc.). As far as I know, there is no solution for this, because this is not considered a problem. Scott Pak at Serverfault gave a very descriptive answer to a similar question.

+3
source

More articles:


All Articles