Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Puppet manages files + packages + services. (Often called the trifecta).

If there is a file or service that controls access to usb ports, then puppet can manage it. There is nothing built in to puppet for that option.

You could manage the /etc/modprobe.d/blacklist.conf file in 1 of 2 ways.

  1. With a template

  2. Using an augeas filter

Puppet manages files + packages + services. (Often called the trifecta).

If there is a file or service that controls access to usb ports, then puppet can manage it. There is nothing built in to puppet for that option.

You could manage the /etc/modprobe.d/blacklist.conf file in 1 a couple of 2 ways. different ways

  1. With a template

  2. Using an augeas filter

Here is an augeas filter that will add usb-storage to the /etc/modprobe.d/blacklist.conf file

class blockusb {

   augeas { 'block usb-storage':
    context   =>  "/files/etc/modprobe.d/blacklist.conf/",
    changes => [ "set blacklist[last()+1] usb-storage",
               ],
    onlyif => "match blacklist[.='usb-storage'] size == 0 ",
  }

}
include blockusb

Apply it like so:

puppet apply blockusb.pp --debug --verbose

sources https://groups.google.com/forum/#!topic/puppet-users/sO5gUTAZW5k

Puppet manages files + packages + services. (Often called the trifecta).

If there is a file or service that controls access to usb ports, then puppet can manage it. There While there is nothing built in to puppet specifically for that option.

You could manage usb, puppet can manage the /etc/modprobe.d/blacklist.conf file in a file.

A couple of different waysways to accomplish this:

  1. With a template

  2. Using an augeas filter

Here is an augeas filter that will add usb-storage to the /etc/modprobe.d/blacklist.conf file

vim ~/blockusb.pp

class blockusb {

   augeas { 'block usb-storage':
    context   =>  "/files/etc/modprobe.d/blacklist.conf/",
"/files/etc/modprobe.d/blacklist.conf/", #File to change plus trailing slash
    changes => [ "set blacklist[last()+1] usb-storage",
               ],
usb-storage", ], # Append to last line of file
    onlyif => "match blacklist[.='usb-storage'] size == 0 ",
", # Only make the change once, prevents duplicates
  }

}
include blockusb

Apply it like so:

puppet apply blockusb.pp --debug --verbose

sources https://groups.google.com/forum/#!topic/puppet-users/sO5gUTAZW5k