It is OK to have sysctl keys with slashes in them:

[root@potemkin02 ~]# sysctl net.ipv4.conf.bond0/122.rp_filter
net.ipv4.conf.bond0/122.rp_filter = 1

However, it seems that one cannot really apply them. The following Puppet manifest:

    sysctl { 'net.ipv4.conf.bond0/122.rp_filter':
        ensure  => present,
        value   => 2,
        require => Service['network'],
    }

...results in this:

Error: Could not set 'present' on ensure: /augeas/files/etc/sysctl.conf/error/path = /files/etc/sysctl.conf
/augeas/files/etc/sysctl.conf/error/lens = /usr/share/augeas/lenses/dist/sysctl.aug:36.10-.52:
/augeas/files/etc/sysctl.conf/error/message = Malformed child node 'net.ipv4.conf.bond0' at 105:/etc/puppet/environments/test_vlans/modules/vesnicky/manifests/network.pp
Error: Could not set 'present' on ensure: /augeas/files/etc/sysctl.conf/error/path = /files/etc/sysctl.conf
/augeas/files/etc/sysctl.conf/error/lens = /usr/share/augeas/lenses/dist/sysctl.aug:36.10-.52:
/augeas/files/etc/sysctl.conf/error/message = Malformed child node 'net.ipv4.conf.bond0' at 105:/etc/puppet/environments/test_vlans/modules/vesnicky/manifests/network.pp
Wrapped exception:
/augeas/files/etc/sysctl.conf/error/path = /files/etc/sysctl.conf
/augeas/files/etc/sysctl.conf/error/lens = /usr/share/augeas/lenses/dist/sysctl.aug:36.10-.52:
/augeas/files/etc/sysctl.conf/error/message = Malformed child node 'net.ipv4.conf.bond0'
Error: /Stage[main]/Vesnicky::Network/Sysctl[net.ipv4.conf.bond0/122.rp_filter]/ensure: change from absent to present failed: Could not set 'present' on ensure: /augeas/files/etc/sysctl.conf/error/path = /files/etc/sysctl.conf
/augeas/files/etc/sysctl.conf/error/lens = /usr/share/augeas/lenses/dist/sysctl.aug:36.10-.52:
/augeas/files/etc/sysctl.conf/error/message = Malformed child node 'net.ipv4.conf.bond0' at 105:/etc/puppet/environments/test_vlans/modules/vesnicky/manifests/network.pp

Hi,

I'm running puppet 2.7.18 on CentOS 5.8 and Ubuntu 12.04 boxes, and recently installed domcleal/augeasproviders 0.5.1 (via puppet module install domcleal-augeasproviders). After plugin sync, every one of my machines gives a warning similar to the below for every /etc/hosts entry:

warning: Host localhost.localdomain found in both parsed and augeas; skipping the augeas version
warning: Host localhost6.localdomain6 found in both parsed and augeas; skipping the augeas version
warning: Host (fqdn) found in both parsed and augeas; skipping the augeas version

That comes either when running puppet agent -t or puppet resource Host. I haven't changed any of my modules to use the new providers yet.

$ puppet module build
Error: Could not find parent provider augeas of rsyslog
Error: Try 'puppet help module build' for usage

Hi,

The module is great with all the types but the required dependencies ( software wise ) are not installed with it.
Would be great if the module takes care of that.
Are you open for a PR on that?

Currently, the module simply appends Port to the end of the list which causes sshd to fail to restart.

The quoted parameter cannot be made to converge (unless ensure is changed).

Hello!
I would like to configure kernel.sem parameter in sysctl.conf:

kernel.sem=250 32000 32 2000

Here is my try:

sysctl { "kernel.sem":
  ensure => present,
  value  => "250 32000 32 2000",
}

And each time puppet reconfigures live value:

Notice: /Stage[main]/Profile::Itemservice/Sysctl[kernel.sem]/value: changed live value from '250        32000   32      2000' to '250 32000 32 2000'

I suppose it's because of

vagrant@Ubuntu1204-64:~$ sysctl -a 2>/dev/null | grep 'kernel.sem'
kernel.sem = 250        32000   32      2000

gives output with extra spaces.
Is it possible to avoid this behaviour?

Thanks.

The pass and dump properties are always being set to the default values (0) even when not specified in the resource. Filed against the type in puppetlabs-mount_providers as issue #16122.

Puppet::Type::Mounttab::ProviderAugeas with full file should update device without changing dump or pass
  # issue #16122 against mounttab type as they're changing
  # ./spec/unit/puppet/mounttab_spec.rb:129

I'm baffled as to why I'm seeing failures with the sysctl type on some el6.x systems in prod. I assume it has something to do the system setup, and not the provider, but I'm scratching my head as to the root cause. When the agent is run as puppet agent --test, even from ssh without a pty, it works, so I've been unable to reproduce the failure to debug it. I'm hoping someone has seen this error before or has a suggestion as to how to debug it.

puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv4.tcp_mtu_probing]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5961b8e220>
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.default.disable_ipv6]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5961b8dfa0>
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.all.disable_ipv6]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5961b8dff0>
puppet-agent[7585]: Finished catalog run in 90.24 seconds
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv4.tcp_mtu_probing]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5963580548>
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.default.disable_ipv6]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5963580250>
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.all.disable_ipv6]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f59635802c8>
puppet-agent[7585]: Finished catalog run in 89.20 seconds
puppet-agent[28159]: Ignoring --listen on onetime run
puppet-agent[28159]: Retrieving plugin
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_pci.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/postgres_default_version.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_http.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_hostgroups.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/megaraid.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_dns.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/tw.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_contactgroups.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/iptables_persistent_version.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_membase.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/nagios_moxi.rb
puppet-agent[28159]: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
puppet-agent[28159]: Caching catalog for dts-tu-podi.tuc.noao.edu
puppet-agent[28159]: Applying configuration version '1371495888'
puppet-agent[28159]: (/Stage[main]/Sdm::Users::Dts-tu-podi/User[pakzad]/ensure) removed
puppet-agent[28159]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.default.disable_ipv6]/value) changed live value from '0' to '1'
puppet-agent[28159]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.all.disable_ipv6]/value) changed live value from '0' to '1'
puppet-agent[28159]: Finished catalog run in 13.01 seconds
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv4.tcp_mtu_probing]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5961591778>
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.default.disable_ipv6]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f59615914f8>
puppet-agent[7585]: (/Stage[main]/Sdm::Site::Tu/Sysctl[net.ipv6.conf.all.disable_ipv6]) Could not evaluate: undefined method `value' for #<Puppet::Type::Sysctl::ProviderParsed:0x7f5961591548>
puppet-agent[7585]: Finished catalog run in 72.65 seconds

There is nothing special about my rsyslog.conf. It's the default conf file with the necessary modules uncommented. Trying to add local0 for haproxy, but getting the below error. As far as augeas goes I'm hopeless, so it wouldn't surprise me if I've not configured something correctly.

Error: /Stage[main]/Haproxy15/Syslog[haproxy log]: Could not evaluate: Augeas didn't load /etc/rsyslog.conf with Syslog.lns from : Get did not match entire input

syslog { 'haproxy log': ensure => present, facility => 'local0', level => '*', action_type => 'file', action => '/var/log/haproxy/haproxy.log', target => '/etc/rsyslog.conf', }

Is there interest in an autofs provider and type? I have a need for one in my environment, and I feel like this module would be a good place for it.

Currently, I have an idea to implement it as autofs_master and autofs_export.

Because of issues with #53 I've set apply => false on sysctl resources but the sysctl -w command is still being run from the sysctl_set method. The issue lines in lib/puppet/provider/sysctl/augeas.rb#L85.

Here's some output from reproducing the problem in vagrant.

Example:

# puppet apply  /tmp/sysctl_absent.pp
Notice: Compiled catalog for sysctl.vm in environment production in 0.04 seconds
Notice: /Stage[main]//Sysctl[vm.swappiness]/ensure: removed
Notice: Finished catalog run in 0.07 seconds

# puppet apply  /tmp/sysctl_present.pp
Notice: Compiled catalog for sysctl.vm in environment production in 0.04 seconds
Error: Execution of '/sbin/sysctl -w vm.swappiness="0"' returned 255: error: "Invalid argument" setting key "vm.swappiness"

Error: /Stage[main]//Sysctl[vm.swappiness]/ensure: change from absent to present failed: Execution of '/sbin/sysctl -w vm.swappiness="0"' returned 255: error: "Invalid argument" setting key "vm.swappiness"

Notice: Finished catalog run in 0.09 seconds

# puppet apply  /tmp/sysctl_present.pp
Notice: Compiled catalog for sysctl.vm in environment production in 0.04 seconds
Notice: Finished catalog run in 0.07 seconds

/tmp/sysctl_present.pp

sysctl { 'vm.swappiness':
  ensure => present,
  target => '/etc/sysctl.conf',
  value  => '0',
  apply  => false,
}

/tmp/sysctl_absent.pp

sysctl { 'vm.swappiness':
  ensure => absent,
  target => '/etc/sysctl.conf',
  value  => '0',
  apply  => false,
}

This change fixes the issue

--- lib/puppet/provider/sysctl/augeas.rb.orig   2013-09-25 17:20:48.717418028 +0000
+++ lib/puppet/provider/sysctl/augeas.rb    2013-09-25 17:20:58.505418005 +0000
@@ -82,7 +82,7 @@
                 "#{resource[:name]}: #{resource[:comment]}")
       end
       augsave!(aug)
-      if resource[:apply]
+      if resource[:apply] == :true
         self.class.sysctl_set(resource[:name], value)
       end
     end

# puppet apply  /tmp/sysctl_absent.pp
Notice: Compiled catalog for sysctl.vm in environment production in 0.04 seconds
Notice: /Stage[main]//Sysctl[vm.swappiness]/ensure: removed
Notice: Finished catalog run in 0.07 seconds

# puppet apply  /tmp/sysctl_present.pp
Notice: Compiled catalog for sysctl.vm in environment production in 0.04 seconds
Notice: /Stage[main]//Sysctl[vm.swappiness]/ensure: created
Notice: Finished catalog run in 0.07 seconds

Hi,

I'm getting a consistent error trying to either upgrade or uninstall the module using the puppet module command (I'm just trying to move the module to production, I don't want to get rid of it)

puppet module upgrade domcleal/augeasproviders --modulepath /etc/puppet/dev/modules:/etc/puppet/modules

Preparing to upgrade 'domcleal-augeasproviders' ...
Found 'domcleal-augeasproviders' (v0.5.2) in /etc/puppet/dev/modules ...
Error: No such file or directory - /etc/puppet/dev/modules/augeasproviders/modules/mount_providers/spec/unit/provider/mounttab/parsed_spec.rb
/usr/lib/ruby/1.8/pathname.rb:770:in read' /usr/lib/ruby/1.8/pathname.rb:770:inread'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/checksums.rb:19:in checksum' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/checksummer.rb:25:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/checksummer.rb:16:in each' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/checksummer.rb:16:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/application.rb:11:in run' /usr/lib/ruby/site_ruby/1.8/puppet/module.rb:184:inhas_local_changes?'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/upgrader.rb:41:in run' /usr/lib/ruby/site_ruby/1.8/puppet/face/module/upgrade.rb:60:inupgrade implementation, required on Ruby 1.8'
/usr/lib/ruby/site_ruby/1.8/puppet/interface/action.rb+eval[wrapper]:210:in __send__' /usr/lib/ruby/site_ruby/1.8/puppet/interface/action.rb+eval[wrapper]:210:inupgrade'
/usr/lib/ruby/site_ruby/1.8/puppet/application/face_base.rb:229:in send' /usr/lib/ruby/site_ruby/1.8/puppet/application/face_base.rb:229:inmain'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:354:in run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:438:in plugin_hook' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:500:in exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:87:in execute' /usr/bin/puppet:4 \# puppet module uninstall domcleal/augeasproviders --modulepath /etc/puppet/dev/modules:/etc/puppet/modules Preparing to uninstall 'domcleal-augeasproviders' ... Error: No such file or directory - /etc/puppet/dev/modules/augeasproviders/modules/mount_providers/lib/puppet/provider/mountpoint.rb /usr/lib/ruby/1.8/pathname.rb:770:inread'
/usr/lib/ruby/1.8/pathname.rb:770:in read' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/checksums.rb:19:inchecksum'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/checksummer.rb:25:in run' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/checksummer.rb:16:ineach'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/checksummer.rb:16:in run' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/application.rb:11:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/module.rb:184:in has_local_changes?' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/uninstaller.rb:89:invalidate_module'
/usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/uninstaller.rb:24:in run' /usr/lib/ruby/site_ruby/1.8/puppet/module_tool/applications/application.rb:11:inrun'
/usr/lib/ruby/site_ruby/1.8/puppet/face/module/uninstall.rb:56:in uninstall implementation, required on Ruby 1.8' /usr/lib/ruby/site_ruby/1.8/puppet/interface/action.rb+eval[wrapper]:210:insend'
/usr/lib/ruby/site_ruby/1.8/puppet/interface/action.rb+eval[wrapper]:210:in uninstall' /usr/lib/ruby/site_ruby/1.8/puppet/application/face_base.rb:229:insend'
/usr/lib/ruby/site_ruby/1.8/puppet/application/face_base.rb:229:in main' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:354:inrun_command'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:in run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:438:inplugin_hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:in run' /usr/lib/ruby/site_ruby/1.8/puppet/util.rb:500:inexit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:in run' /usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:87:inexecute'
/usr/bin/puppet:4

Thanks,
dusty

Hi,

when using sysctl in a manifest, the first time it returns an error 255, why does this happen?

# cat test_sysctl.pp
sysctl { "net.core.rmem_max":
  ensure  => present,
  value   => "2096304",
  comment => "Oracle Weblogic requirement.",
}

# puppet apply  test_sysctl.pp
Error: Execution of '/sbin/sysctl -w net.core.rmem_max="2096304"' returned 255: error: "Invalid argument" setting key "net.core.rmem_max"

Error: /Stage[main]//Sysctl[net.core.rmem_max]/ensure: change from absent to present failed: Execution of '/sbin/sysctl -w net.core.rmem_max="2096304"' returned 255: error: "Invalid argument" setting key "net.core.rmem_max"

Notice: Finished catalog run in 0.19 seconds

# puppet apply  test_sysctl.pp
Notice: Finished catalog run in 0.18 seconds

Regards,
Stefan

Hi,
unfortunately i couldn't spot it directly, but there is/are some special char(s), which are causing the "bug" described in http://projects.puppetlabs.com/issues/21751 when in use with Puppet 3.x and Ruby 1.9.x.
I removed everything execpt "lib" and "manifests" and their contents and now it works.
Perhaps you might want to check and fix that, so that other not run into the same problem...?

When run in verbose mode, standard augeas resources in puppet generate a 'diff', which is really helpful when testing new manifests.

Could this feature also be included in augeasproviders?

I'm trying to set kernel parameter to GRUB_CMDLINE_LINUX="cgroup_enable=memory"

  kernel_parameter { "cgroup_enable":
    ensure   => present,
    value => ["cgroup_enable=memory"] ,
    bootmode => "normal",
  }

however there's a problem with setting param in format 'key=value'

Augeas didn't load /etc/default/grub with Shellvars_list.lns from : Iterated lens matched less than it should

I'm in a situation where I really like the core functionality here, e.g. include AugeasProviders::Provider, but I need to build my own alternate implementations of e.g. puppet_auth type and/or provider(s). Is there any way this project could graduate to individual projects based on a central core library published purely as a mixin, a la e.g. http://forge.puppetlabs.com/adrien/filemapper, and individual dependent modules for the specific types/providers that use it?

See https://travis-ci.org/hercules-team/augeasproviders/builds/22679680

It is not valid to quote variables in bash 3 arrays. The type/provider should check for this.

Alexander reported in #13 that sshd_config keys should be case insensitive, so Listenaddress and ListenAddress entries are treated as a single key with multiple values.

Currently Augeas treats path expressions case sensitively, so it may need Raphael's regexpi pathx function and reworking of all the expressions, or a custom aug_match etc.

I'd like to be able to create individual resources provided by this module from an ENC (ie Foreman). In other modules I've written I use a $_hash parameter that is passed to the create_resources function. If such a feature would be merged I'll complete my changes and submit a PR. Right now I am modifying the augeasproviders class to provide a <type>_hash parameter for every type this module provides.

Is this something that would be merged into this module? Any input on the idea is welcome before I finish up my changes.

When setting a shellvar resource as exported and adding a comment, the comment is only added on the second pass.

I'd like to be able to pass an array of addresses to pg_hba:

pg_hba{'my_rule':
  ensure   => 'present',
  type     => 'hostssl',
  database => 'all',
  user     => 'all',
  method   => 'md5',
  address  => ['192.168.0.1', '192.168.0.2']
}

That would generate one line per address in pg_hba.conf file.

Rewrite positionable as a type property like ensure.

It will then reside in lib/puppet/property/position.rb. The:parent` attribute can be called to make use of the new lib.

Hi,

We're trying to use the kernel_parameter resource provided by this module to manage Ubuntu 12.04.

We are adding a resource:

class ubuntu::8_1_3 {
  kernel_parameter { 'audit':
    ensure => present,
    value => '1',
  }
}

The resulting error is:

Error: /Stage[main]/Ubuntu::8_1_3/Kernel_parameter[audit]: Could not evaluate: Augeas didn't load /etc/default/grub with Shellvars_list.lns: Iterated lens matched less than it should (line:10, character:0)

Line 10 of /etc/default/grub is this:

GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`

This is the distribution provided default in 12.04 and 14.04 which apparently can't be passed by Augeas. However, if we're applying a filter to the file to ignore anything not matching GRUB_CMDLINE_LINUX, why is Augeas attempting to parse it anyway?

Any ideas?

Thanks!

First of all, thanks for great module.
Well, for error.

2013-04-16T17:20:21.156588+04:00 monit puppet-agent[8816]: (/Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.lo.disable_ipv6]) Could not evaluate: undefined method `each' for "":String
2013-04-16T17:20:22.835183+04:00 monit puppet-agent[8816]: (/Stage[main]/Nfs::Home/Mounttab[/home]) Could not evaluate: undefined method `each' for "":String
2013-04-16T17:20:22.836926+04:00 monit puppet-agent[8816]: (/Stage[main]/Nfs::Home/Mountpoint[/home]) Dependency Mounttab[/home] has failures: true
2013-04-16T17:20:22.837479+04:00 monit puppet-agent[8816]: (/Stage[main]/Nfs::Home/Mountpoint[/home]) Skipping because of failed dependencies
2013-04-16T17:20:23.944054+04:00 monit puppet-agent[8816]: (/Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.default.disable_ipv6]) Could not evaluate: undefined method `each' for "":String
2013-04-16T17:20:25.351526+04:00 monit puppet-agent[8816]: (/Stage[main]/Lldp::Config/Augeas[enable_lldpd_daemon]/returns) executed successfully
2013-04-16T17:20:25.524476+04:00 monit puppet-agent[8816]: (/Stage[main]/Lldp::Service/Service[lldpd]) Triggered 'refresh' from 1 events
---lldp spam---
2013-04-16T17:20:25.718453+04:00 monit puppet-agent[8816]: (/Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.all.disable_ipv6]) Could not evaluate: undefined method `each' for "":String
2013-04-16T17:20:25.718488+04:00 monit puppet-agent[8816]: (/Stage[main]/Nfs::Pub/Mounttab[/pub]) Could not evaluate: undefined method `each' for "":String
2013-04-16T17:20:25.718494+04:00 monit puppet-agent[8816]: (/Stage[main]/Nfs::Pub/Mountpoint[/pub]) Dependency Mounttab[/pub] has failures: true
2013-04-16T17:20:25.718499+04:00 monit puppet-agent[8816]: (/Stage[main]/Nfs::Pub/Mountpoint[/pub]) Skipping because of failed dependencies
2013-04-16T17:20:26.325808+04:00 monit puppet-agent[8816]: Finished catalog run in 7.54 seconds

As you can see there is both mountpoint and sysctl failures.

full trace:

Error: /Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.all.disable_ipv6]: Could not evaluate: undefined method `each' for "":String
/usr/lib/ruby/1.9.1/augeas.rb:94:in `transform'
/var/lib/puppet/lib/augeasproviders/provider.rb:18:in `augopen'
/var/lib/puppet/lib/puppet/provider/sysctl/augeas.rb:23:in `augopen'
/var/lib/puppet/lib/puppet/provider/sysctl/augeas.rb:64:in `exists?'
/usr/lib/ruby/vendor_ruby/puppet/property/ensure.rb:81:in `retrieve'
/usr/lib/ruby/vendor_ruby/puppet/type.rb:1017:in `retrieve'
/usr/lib/ruby/vendor_ruby/puppet/type.rb:1041:in `retrieve_resource'
/usr/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:32:in `perform_changes'
/usr/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:133:in `evaluate'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:48:in `apply'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:83:in `eval_resource'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:103:in `block (2 levels) in evaluate'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:351:in `block in thinmark'
/usr/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:350:in `thinmark'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:103:in `block in evaluate'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:382:in `traverse'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:98:in `evaluate'
/usr/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:144:in `apply'
/usr/lib/ruby/vendor_ruby/puppet/configurer.rb:122:in `block in apply_catalog'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:179:in `block in benchmark'
/usr/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:178:in `benchmark'
/usr/lib/ruby/vendor_ruby/puppet/configurer.rb:121:in `apply_catalog'
/usr/lib/ruby/vendor_ruby/puppet/configurer.rb:179:in `run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `block (5 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/agent/locker.rb:20:in `lock'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `block (4 levels) in run'
/usr/lib/ruby/1.9.1/sync.rb:227:in `sync_synchronize'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `block (3 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:119:in `with_client'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:42:in `block (2 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:84:in `run_in_fork'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:41:in `block in run'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:179:in `call'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:179:in `controlled_run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:39:in `run'
/usr/lib/ruby/vendor_ruby/puppet/application/agent.rb:338:in `onetime'
/usr/lib/ruby/vendor_ruby/puppet/application/agent.rb:312:in `run_command'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `block (2 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:456:in `plugin_hook'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `block in run'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:504:in `exit_on_fail'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `run'
/usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:in `run'
/usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:86:in `execute'
/usr/bin/puppet:4:in `<main>'
Error: /Stage[main]/Nfs::Pub/Mounttab[/pub]: Could not evaluate: undefined method `each' for "":String
/usr/lib/ruby/1.9.1/augeas.rb:94:in `transform'
/var/lib/puppet/lib/augeasproviders/provider.rb:18:in `augopen'
/var/lib/puppet/lib/augeasproviders/mounttab/fstab.rb:37:in `augopen'
/var/lib/puppet/lib/augeasproviders/mounttab/fstab.rb:76:in `exists?'
/var/lib/puppet/lib/puppet/provider/mounttab/augeas.rb:39:in `method_missing'
/usr/lib/ruby/vendor_ruby/puppet/property/ensure.rb:81:in `retrieve'
/usr/lib/ruby/vendor_ruby/puppet/type.rb:1017:in `retrieve'
/usr/lib/ruby/vendor_ruby/puppet/type.rb:1041:in `retrieve_resource'
/usr/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:32:in `perform_changes'
/usr/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:133:in `evaluate'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:48:in `apply'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:83:in `eval_resource'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:103:in `block (2 levels) in evaluate'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:351:in `block in thinmark'
/usr/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:350:in `thinmark'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:103:in `block in evaluate'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:382:in `traverse'
/usr/lib/ruby/vendor_ruby/puppet/transaction.rb:98:in `evaluate'
/usr/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:144:in `apply'
/usr/lib/ruby/vendor_ruby/puppet/configurer.rb:122:in `block in apply_catalog'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:179:in `block in benchmark'
/usr/lib/ruby/1.9.1/benchmark.rb:295:in `realtime'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:178:in `benchmark'
/usr/lib/ruby/vendor_ruby/puppet/configurer.rb:121:in `apply_catalog'
/usr/lib/ruby/vendor_ruby/puppet/configurer.rb:179:in `run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `block (5 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/agent/locker.rb:20:in `lock'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `block (4 levels) in run'
/usr/lib/ruby/1.9.1/sync.rb:227:in `sync_synchronize'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:45:in `block (3 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:119:in `with_client'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:42:in `block (2 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:84:in `run_in_fork'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:41:in `block in run'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:179:in `call'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:179:in `controlled_run'
/usr/lib/ruby/vendor_ruby/puppet/agent.rb:39:in `run'
/usr/lib/ruby/vendor_ruby/puppet/application/agent.rb:338:in `onetime'
/usr/lib/ruby/vendor_ruby/puppet/application/agent.rb:312:in `run_command'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `block (2 levels) in run'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:456:in `plugin_hook'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `block in run'
/usr/lib/ruby/vendor_ruby/puppet/util.rb:504:in `exit_on_fail'
/usr/lib/ruby/vendor_ruby/puppet/application.rb:364:in `run'
/usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:in `run'
/usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:86:in `execute'
/usr/bin/puppet:4:in `<main>'

code:

class sysctltweak::noipvsix {
    sysctl { 'net.ipv6.conf.all.disable_ipv6':
        ensure    => 'present',
        value     => '1',
        target    => '/etc/sysctl.d/disable-ipv6.conf',
    }

    sysctl { 'net.ipv6.conf.default.disable_ipv6':
        ensure    => 'present',
        value     => '1',
        target    => '/etc/sysctl.d/disable-ipv6.conf',
    }

    sysctl { 'net.ipv6.conf.lo.disable_ipv6':
        ensure    => 'present',
        value     => '0',
        target    => '/etc/sysctl.d/disable-ipv6.conf',
    }
}

nfs part:

class nfs::home inherits nfs::install {
        file {"/home":
                ensure => directory,
        }

        mounttab {"/home" :
                ensure => present,
                device => "azov:/home",
                fstype => "nfs",
                options => "_netdev",
                pass => 2,
                target => "/etc/fstab",
                require => Class['nfs::install']
        }

        mountpoint {"/home":
                ensure => present,
                require => [Mounttab["/home"], File["/home"]],
        }

}

When trying to load Debian wheezy's default /etc/apache2/envvars with Shellvars lense, I get:

# augtool -t 'Shellvars incl /etc/apache2/envvars' -A -L
augtool> print
/augeas
/augeas/root = "/"
/augeas/context = "/files"
/augeas/variables
/augeas/version = "1.2.0"
/augeas/version/save
/augeas/version/save/mode[1] = "backup"
/augeas/version/save/mode[2] = "newfile"
/augeas/version/save/mode[3] = "noop"
/augeas/version/save/mode[4] = "overwrite"
/augeas/version/defvar
/augeas/version/defvar/expr
/augeas/version/pathx
/augeas/version/pathx/functions
/augeas/version/pathx/functions/count
/augeas/version/pathx/functions/glob
/augeas/version/pathx/functions/label
/augeas/version/pathx/functions/last
/augeas/version/pathx/functions/position
/augeas/version/pathx/functions/regexp
/augeas/save = "overwrite"
/augeas/span = "disable"
/augeas/load
/augeas/load/Shellvars
/augeas/load/Shellvars/lens = "Shellvars.lns"
/augeas/load/Shellvars/incl = "/etc/apache2/envvars"
/augeas/files
/augeas/files/etc
/augeas/files/etc/apache2
/augeas/files/etc/apache2/envvars
/augeas/files/etc/apache2/envvars/path = "/files/etc/apache2/envvars"
/augeas/files/etc/apache2/envvars/mtime = "1396598308"
/augeas/files/etc/apache2/envvars/lens = "Shellvars.lns"
/augeas/files/etc/apache2/envvars/lens/info = "/usr/share/augeas/lenses/dist/shellvars.aug:167.12-.99:"
/augeas/files/etc/apache2/envvars/error = "parse_failed"
/augeas/files/etc/apache2/envvars/error/pos = "179"
/augeas/files/etc/apache2/envvars/error/line = "7"
/augeas/files/etc/apache2/envvars/error/char = "22"
/augeas/files/etc/apache2/envvars/error/lens = "/usr/share/augeas/lenses/dist/shellvars.aug:167.12-.99:"
/augeas/files/etc/apache2/envvars/error/message = "Syntax error"
/files

File is:

# envvars - default environment variables for apache2ctl

# this won't be correct after changing uid
unset HOME

# for supporting multiple apache2 instances
if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
    SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}"
else
    SUFFIX=
fi

# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2$SUFFIX.pid
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
export APACHE_LOG_DIR=/var/log/apache2$SUFFIX

## The locale used by some modules like mod_dav
export LANG=C
## Uncomment the following line to use the system default locale instead:
#. /etc/default/locale

export LANG

## The command to get the status for 'apache2ctl status'.
## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
#export APACHE_LYNX='www-browser -dump'

Is it supposed to work ?

When an Augeas::Error is raised during a save, augeasproviders should log the contents of /augeas//error in order to diagnose the issue. This'll need raise conditions on each methods, or some patching etc.

A user reports seeing "No such file or directory" while installing ap, seemingly related to the symlinks in the release:

Error: No such file or directory - /etc/puppetlabs/puppet/modules/augeasproviders/docs/CONTRIBUTING.md Error: Try 'puppet help module install' for usage

Starting with Puppet 3.4.0.rc1 and up, unit tests fail. See for example https://travis-ci.org/hercules-team/augeasproviders/jobs/16581907

Running ralsh against syslog fails:

$ puppet resource --libdir lib/ syslog --trace
Error: Could not run: unknown error - Matching path expression '/files/etc/rsyslog.conf/entry[selector/facility='' and selector/level='' and action/='']' failed
/home/dcleal/code/augeasproviders/domcleal-augeasproviders/lib/puppet/provider/syslog/augeas.rb:86:in `match'
/home/dcleal/code/augeasproviders/domcleal-augeasproviders/lib/puppet/provider/syslog/augeas.rb:86:in `exists?'
/home/dcleal/.rvm/gems/ruby-1.9.3-p392@ap/gems/puppet-3.1.1/lib/puppet/property/ensure.rb:81:in `retrieve'

It appears that all of the parameters and properties of the resource generated in instances are nil when called in exists? and the only param available is the name. Since other fields are used to determine whether it exists, this fails.

In the scap-security-guide package for openscap they have a security recommendation to add the following two lines to /etc/pam.d/system-auth, after the pam_unix.so entry in the auth section:

auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
auth required pam_faillock.so authsucc deny=3 unlock_time=604800 fail_interval=900

I am able to get one entry or the other but I don't know how to craft a position path that will allow me to add both entries. Below is one of the things I have tried and the entries work individually but one overwrites the other if I use both. I know this is not an issue as much as a plea for help but if this is doable maybe it could make a nice example for the pam provider documentation.

pam { 'Set invalid login 3 times deny in system-auth -fail':
  ensure    => present,
  target    => '/etc/pam.d/system-auth',
  type      => 'auth',
  control   => '[default=die]',
  module    => 'pam_faillock.so',
  arguments => ['authfail','deny=3','unlock_time=604800','fail_interval=900'],
  position  => 'after module pam_unix.so',
}

pam { 'Set invalid login 3 times deny in system-auth - success':
  ensure    => present,
  target    => '/etc/pam.d/system-auth',
  type      => 'auth',
  control   => 'required',
  module    => 'pam_faillock.so',
  arguments => ['authsucc','deny=3','unlock_time=604800','fail_interval=900'],
  position  => "before module pam_succeed.so",
}

I've seen a few users now who struggle with using the raw augeas resource to set up a subtree idempotently (and that is a big head scratcher) I agree that ultimately the right answer is to build providers that are targetted at specific uses.

At the same time, it would be awesome to have one (or several) resources that make it easy to ensure that a certain subtree is there idempotently; I am thinking something along the lines of

# Most of this is the regular 'augeas' resource
augeas::tree { sshd_root_login:
  lens => 'Sshd.lns',
  file => ...,
  context => '/files/etc/ssh/sshd_config',
  after => "#comment[.='PermitRootLogin yes']",
  entries => [
    # Here we'd describe what we want the subtree to look like
    "PermitRootLogin = yes"
  ]
}

There's lots of variations on this theme, like should a subtree be deleted if it exists in the wrong place etc.

Since Augeas actually behaves idempotently if you delete and then recreate the exact same subtree, the implementation of such a resource might not be terribly difficult.

If you use pg_hba without specifying a target, it fails with:

Could not evaluate: private method `chomp' called for nil:NilClass

Because of:

def self.file(resource)
    ...
    file = resource[:target]
    file.chomp("/")
end

in pg_hba augeas provider.

I think it should be validated in the type to fail properly.

See output below. Trying to add two entries. First run of puppet combines the entries into one /etc/hosts line. Second run properly cleans up /etc/hosts and puts them as two lines. Issue also happens even when both host entries are not coming from the same class, or even the same module. (On another setup, I had 3 host entries specified throughout the environment, and all 3 were combined into one line. Took 2 more puppet runs for it to be clean)

####CLASS###
class requiredhostsentries{

  host{"managementhost2.private.com":
    ensure => present,
    ip => "192.168.10.12",
    host_aliases => ["managementhost2"],
    provider => augeas,
  }

  host{"myrepohost1.private.com":
    ensure => present,
    ip => "192.168.10.192",
    host_aliases => ["myrepohost1"],
    provider => augeas,
  }
}
#####END OF CLASS#####

###PUPPET RUNS###

[root@clientbox40 ~]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
<snip misc stuff>
Info: Applying configuration version '1400087970'
Notice: /Stage[main]/Required::Required_fmi/Host[managementhost.private.com]/ensure: created
Notice: /Stage[main]/Required::Required_fmi/Host[myrepohost1.private.com]/ensure: created
Notice: Finished catalog run in 7.00 seconds

[root@clientbox40 ~]# cat /etc/hosts
<snip unrelevant hosts>
192.168.10.192  myrepohost1.private.com managementhost2 myrepohost1
<eof>

######Next Run of Puppet######
[root@clientbox40 ~]# puppet agent --test
<snip misc stuff>
Info: Applying configuration version '1400087970'
Notice: /Stage[main]/Required::Required_fmi/Host[managementhost.private.com]/ensure: created
Notice: /Stage[main]/Required::Required_fmi/Host[myrepohost1.private.com]/host_aliases: host_aliases changed 'managementhost2 myrepohost1' to 'myrepohost1'
Notice: Finished catalog run in 6.77 seconds

[root@clientbox40 ~]# cat /etc/hosts
<snip unrelevant hosts>
192.168.10.192  myrepohost1.private.com myrepohost1
192.168.10.12   managementhost2.private.com managementhost2

 ####Information###

Versions of software/modules:
Puppet 3.5.1-1
Foreman 1.5.0-1
Augeasproviders 1.1.0, pulled from git://github.com/hercules-team/augeasproviders

The parsedfile provider for mounttab supports both fstabs and vfstabs, but augeasproviders only supports fstab today. The Vfstab module/lens is upstream in Augeas but awaiting a release.

Once released, either the augeas provider could be updated to support both lenses (a little messy) or we separate it into a new provider, then confine it by OS.

The maillist type calls mailalias with a piped value, such as | /var/lib/mailman/mail/mailman leave users as recipient.

This works when using the aliases provider, but not the augeas one.

Example output:

err: /Mailalias[users-leave]/recipient: change from "| /var/lib/mailman/mail/mailman leave users" to | /var/lib/mailman/mail/mailman leave users failed: /augeas/files/etc/aliases/error/path = /files/etc/aliases/27
/augeas/files/etc/aliases/error/lens = /usr/share/augeas/lenses/dist/aliases.aug:77.17-79.30:
/augeas/files/etc/aliases/error/message = Failed to match 
    { /name/ = /[^\001-\004\t\n #:@|]+|"[^\001-\004\n"|]*"/ }{ /value/ = /[^\001-\004\t\n ",|]+|\\|([^\001-\004\t\n ",]+|"[^\001-\004\n"]+")|"\\|[^\001-\004\n"]+"/ }({ /value/ = /[^\001-\004\t\n ",|]+|\\|([^\001-\004\t\n ",]+|"[^\001-\004\n"]+")|"\\|[^\001-\004\n"]+"/ })*
  with tree
    { "name" = "users-leave" } { "value" = "| /var/lib/mailman/mail/mailman leave users" }
err: /Mailalias[users-owner]/recipient: change from "| /var/lib/mailman/mail/mailman owner users" to | /var/lib/mailman/mail/mailman owner users failed: /augeas/files/etc/aliases/error/path = /files/etc/aliases/16
/augeas/files/etc/aliases/error/lens = /usr/share/augeas/lenses/dist/aliases.aug:77.17-79.30:
/augeas/files/etc/aliases/error/message = Failed to match 
    { /name/ = /[^\001-\004\t\n #:@|]+|"[^\001-\004\n"|]*"/ }{ /value/ = /[^\001-\004\t\n ",|]+|\\|([^\001-\004\t\n ",]+|"[^\001-\004\n"]+")|"\\|[^\001-\004\n"]+"/ }({ /value/ = /[^\001-\004\t\n ",|]+|\\|([^\001-\004\t\n ",]+|"[^\001-\004\n"]+")|"\\|[^\001-\004\n"]+"/ })*
  with tree
    { "name" = "users-owner" } { "value" = "| /var/lib/mailman/mail/mailman owner users" }

It was most excellent that we can specify more than one IPv4/IPv6 address to listen on with sshd. It would be also most helpful to be able to specify an array of ports to listen to that result in an individual configuration line in sshd_config as well. i.e.

sshd_config { 'Port':
value => [ '22', '8022' ],
}

would result in placing the following lines in the sshd_config:
Port 22
Port 24

If there is anything else that you would like to know concerning this, or are looking for a tester should you accept this, please let me know. Thank you!
Jeffrey

it would be good if the pam type would support composite namevars.

It would be nice to have unset and exported values for ensure for the shellvars provider.

Using 1.2.0 of this module I found that when applying Shellvar resources to a file with comments, all the existing comments had their spacing scrambled.

These are the resources:

  Shellvar {
    ensure  => 'present',
    target  => '/etc/zfs/zed.d/zed.rc',
    comment => 'managed by Puppet!',
  }

  shellvar { 'ZED_DEBUG_LOG': value => $::zfsonlinux::zed_debug_log }
  shellvar { 'ZED_EMAIL': value => $::zfsonlinux::zed_email }
  shellvar { 'ZED_EMAIL_VERBOSE': value => $::zfsonlinux::zed_email_verbose }
  shellvar { 'ZED_EMAIL_INTERVAL_SECS': value => $::zfsonlinux::zed_email_interval_secs }
  shellvar { 'ZED_LOCKDIR': value => $::zfsonlinux::zed_lockdir }
  shellvar { 'ZED_RUNDIR': value => $::zfsonlinux::zed_rundir }
  shellvar { 'ZED_SYSLOG_PRIORITY': value => $::zfsonlinux::zed_syslog_priority }
  shellvar { 'ZED_SYSLOG_TAG': value => $::zfsonlinux::zed_syslog_tag }
  shellvar { 'ZED_SPARE_ON_IO_ERRORS': value => $::zfsonlinux::zed_spare_on_io_errors }
  shellvar { 'ZED_SPARE_ON_CHECKSUM_ERRORS': value => $::zfsonlinux::zed_spare_on_checksum_errors }

Here's an example:

Without the comment parameter for Shellvar

--- zfs/zed.d/zed.rc.orig   2014-06-13 03:58:30.159763492 +0000
+++ zfs/zed.d/zed.rc    2014-06-13 04:01:12.831763401 +0000
@@ -2,33 +2,43 @@

 # Absolute path to the debug output file.
 #ZED_DEBUG_LOG="/tmp/zed.debug.log"
+ZED_DEBUG_LOG=/tmp/zed.debug.log

 # Email address of the zpool administrator.
 #   Email will only be sent if ZED_EMAIL is defined.
 #ZED_EMAIL="root"
+ZED_EMAIL=

 # Email verbosity.
 #   If set to 0, suppress email if the pool is healthy.
 #   If set to 1, send email regardless of pool health.
 #ZED_EMAIL_VERBOSE=0
+ZED_EMAIL_VERBOSE=0

 # Minimum number of seconds between emails sent for a similar event.
 #ZED_EMAIL_INTERVAL_SECS="3600"
+ZED_EMAIL_INTERVAL_SECS=3600

 # Default directory for zed lock files.
 #ZED_LOCKDIR="/var/lock"
+ZED_LOCKDIR=/var/lock

 # Default directory for zed state files.
 #ZED_RUNDIR="/var/run"
+ZED_RUNDIR=/var/run

 # The syslog priority (eg, specified as a "facility.level" pair).
 #ZED_SYSLOG_PRIORITY="daemon.notice"
+ZED_SYSLOG_PRIORITY=daemon.notice

 # The syslog tag for marking zed events.
 #ZED_SYSLOG_TAG="zed"
+ZED_SYSLOG_TAG=zed

 # Replace a device with a hot spare after N I/O errors are detected.
 #ZED_SPARE_ON_IO_ERRORS=1
+ZED_SPARE_ON_IO_ERRORS=0

 # Replace a device with a hot spare after N checksum errors are detected.
 #ZED_SPARE_ON_CHECKSUM_ERRORS=10
+ZED_SPARE_ON_CHECKSUM_ERRORS=0

With the comment parameter

--- zfs/zed.d/zed.rc.orig   2014-06-13 03:58:30.159763492 +0000
+++ zfs/zed.d/zed.rc    2014-06-13 04:03:40.303763325 +0000
@@ -2,33 +2,53 @@

 # Absolute path to the debug output file.
 #ZED_DEBUG_LOG="/tmp/zed.debug.log"
+# ZED_DEBUG_LOG: managed by Puppet!
+ZED_DEBUG_LOG=/tmp/zed.debug.log

-# Email address of the zpool administrator.
-#   Email will only be sent if ZED_EMAIL is defined.
-#ZED_EMAIL="root"
-
-# Email verbosity.
-#   If set to 0, suppress email if the pool is healthy.
-#   If set to 1, send email regardless of pool health.
+#   Email address of the zpool administrator.
+#Email will only be sent if ZED_EMAIL is defined.
+# ZED_EMAIL="root"
+#   ZED_EMAIL: managed by Puppet!
+ZED_EMAIL=
+
+#   Email verbosity.
+#If set to 0, suppress email if the pool is healthy.
+# If set to 1, send email regardless of pool health.
 #ZED_EMAIL_VERBOSE=0
+# ZED_EMAIL_VERBOSE: managed by Puppet!
+ZED_EMAIL_VERBOSE=0

-# Minimum number of seconds between emails sent for a similar event.
-#ZED_EMAIL_INTERVAL_SECS="3600"
+#Minimum number of seconds between emails sent for a similar event.
+# ZED_EMAIL_INTERVAL_SECS="3600"
+#ZED_EMAIL_INTERVAL_SECS: managed by Puppet!
+ZED_EMAIL_INTERVAL_SECS=3600

 # Default directory for zed lock files.
 #ZED_LOCKDIR="/var/lock"
+# ZED_LOCKDIR: managed by Puppet!
+ZED_LOCKDIR=/var/lock

-# Default directory for zed state files.
-#ZED_RUNDIR="/var/run"
+#Default directory for zed state files.
+# ZED_RUNDIR="/var/run"
+#ZED_RUNDIR: managed by Puppet!
+ZED_RUNDIR=/var/run

 # The syslog priority (eg, specified as a "facility.level" pair).
 #ZED_SYSLOG_PRIORITY="daemon.notice"
+# ZED_SYSLOG_PRIORITY: managed by Puppet!
+ZED_SYSLOG_PRIORITY=daemon.notice

 # The syslog tag for marking zed events.
-#ZED_SYSLOG_TAG="zed"
+# ZED_SYSLOG_TAG="zed"
+# ZED_SYSLOG_TAG: managed by Puppet!
+ZED_SYSLOG_TAG=zed

 # Replace a device with a hot spare after N I/O errors are detected.
-#ZED_SPARE_ON_IO_ERRORS=1
+# ZED_SPARE_ON_IO_ERRORS=1
+# ZED_SPARE_ON_IO_ERRORS: managed by Puppet!
+ZED_SPARE_ON_IO_ERRORS=0

 # Replace a device with a hot spare after N checksum errors are detected.
-#ZED_SPARE_ON_CHECKSUM_ERRORS=10
+# ZED_SPARE_ON_CHECKSUM_ERRORS=10
+# ZED_SPARE_ON_CHECKSUM_ERRORS: managed by Puppet!
+ZED_SPARE_ON_CHECKSUM_ERRORS=0

Code:

class sysctltweak::noipvsix {
    sysctl { 'net.ipv6.conf.all.disable_ipv6':
        ensure    => 'present',
        value     => '1',
        target    => '/etc/sysctl.d/disable-ipv6.conf',
    }

    sysctl { 'net.ipv6.conf.default.disable_ipv6':
        ensure    => 'present',
        value     => '1',
        target    => '/etc/sysctl.d/disable-ipv6.conf',
    }

    sysctl { 'net.ipv6.conf.lo.disable_ipv6':
        ensure    => 'present',
        value     => '0',
        target    => '/etc/sysctl.d/disable-ipv6.conf',
    }
}

Output:

2013-04-19T15:25:34.842711+04:00 puppet-build puppet-agent[11317]: (/Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.lo.disable_ipv6]) Could not evaluate: Augeas didn't load /etc/sysctl.d/disable-ipv6.conf with Sysctl.lns from : 
2013-04-19T15:25:36.486032+04:00 puppet-build puppet-agent[11317]: (/Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.default.disable_ipv6]) Could not evaluate: Augeas didn't load /etc/sysctl.d/disable-ipv6.conf with Sysctl.lns from : 
2013-04-19T15:25:36.676685+04:00 puppet-build puppet-agent[11317]: (/Stage[main]/Sysctltweak::Noipvsix/Sysctl[net.ipv6.conf.all.disable_ipv6]) Could not evaluate: Augeas didn't load /etc/sysctl.d/disable-ipv6.conf with Sysctl.lns from :

These providers work and I'm very appreciative for that but the number of times that a file gets opened is insane when you have a lot of variables being managed.

Ideally, the Augeas commands would be bundled up and run when the last resource call is run. Barring this, the file should only be opened once per resource call.

It would have been great if sshd_config should was able to define more than one ListeAddress. When I try to define two or more ListenAddresses only the first is written to the configuration file.

I have tried defined ListenAddress in the following way:

                sshd_config {'ListenAddress':
                        value => ['10.0.0.1', '10.0.0.2'],
                }

Only 10.0.0.1 is written to /etc/ssh/sshd_config

Please let me know if I need to provide more information.

Regards,
Alexander

Hello,

It would be really nice to have some provider(s) for the Httpd.lns, especially for directives. Something like:

apache_directive {'DirectiveName':
  ensure => $ensure,
  args   => ['one', 'two', '...'],
}

would be a great help. Maybe some other providers, like apache_vhost, apache_directory may be good as well, though I'm not sure it will be used a lot (but if it's available… who knows ;) )

Thanks in advance!

Cheers,

C.

The options field in an fstab is optional and has been fixed in Augeas recently. Once a release with this is available, the spec examples to test the provider can be enabled.

Puppet::Type::Mounttab::ProviderAugeas with full file when updating dump should add options first, then dump
  # release of Augeas where options field is optional
  # ./spec/unit/puppet/mounttab_spec.rb:264
Puppet::Type::Mounttab::ProviderAugeas with full file when updating pass should add options and dump first, then pass
  # release of Augeas where options field is optional
  # ./spec/unit/puppet/mounttab_spec.rb:316

when trying this:

host { $::fqdn:
  ensure => present,
  ip     => $::ipaddress_eth0,
  host_aliases => $::hostname,
  provider => augeas
}

It doesn't do as expected , if /etc/hosts contains the lines:

$::ipaddress_eth0  $::fqdn
$::ipaddress_eth1  $::fqdn

log shows it has changed: host_aliases changed '' to $::hostname, but nothing has been changed;
even worse, if the second line has any aliases, they are removed

If the first line already conforms to the puppet line, it is ok

Using rspec-puppet-augeas is the first step towards splitting this project.

This step should allow us to get rid of specific rspec extensions in the project, so that any module using augeasproviders can write type/provider specs using rspec-puppet-augeas.