Ask Your Question

Executing this class only when necessary

asked 2014-10-07 14:26:20 -0600

Anil gravatar image

updated 2014-10-07 17:15:23 -0600


I am in the process of creating a class for patching our solaris operating systems. I am writing the code in parts and testing as i go along (i am not a programmer). The thing is the class i have listed below works. (it creates a directory in /tmp the patch is placed there, it is then extracted and then applied). The issues is that i would like for this to not run again once it was successfully executed but it is doing over everything which causes error. For example it is retrying to extract again then gets stucked at the overwrite prompt. Is there a straight forward way to correct this? thank you in advance.


class solbash{
case $operatingsystem {

       "5.10": {
           case $hardwareisa{
               "i386": {
                  file { '/tmp/Sol1064Bit':
                   ensure => "directory",
                   source => "puppet:///modules/solbash/SolarisBashPatch/Sol1064Bit",
                   recurse => "true",
                   #before =>  Exec['unzip_patch'],
          command => "/usr/bin/unzip /tmp/Sol1064Bit/ -d /tmp/Sol1064Bit/",
           onlyif => "/usr/bin/test -f /tmp/Sol1064Bit/",
              command => "/usr/sbin/patchadd /tmp/Sol1064Bit/126547-07",
                     onlyif => "/usr/bin/test -d /tmp/Sol1064Bit/126547-07",}
                   "sparc": {
                           file { '/tmp/$Sol10Sparc64Bit':
                           ensure => "directory",
           source => "puppet:///modules/solbash/SolarisBashPatch/Sol10Sparc64Bit",
                           recurse => true

               fail("Unrecognized operating system")
edit retag flag offensive close merge delete


fix your formatting. This is unreadable.

ramindk gravatar imageramindk ( 2014-10-07 16:01:59 -0600 )edit

Indeed. Hard tabs are always bad forever.

lavaman gravatar imagelavaman ( 2014-10-07 16:06:49 -0600 )edit

adjusted as best as possible sorry about that

Anil gravatar imageAnil ( 2014-10-07 17:15:49 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2014-10-08 01:40:48 -0600

Ancillas gravatar image

updated 2014-10-08 02:07:50 -0600

I see a few things that you should look at other than the formatting, and the nested conditionals.

  1. File['/tmp/Sol1064Bit'] gets placed in /tmp. If Sol1064Bit is purged, which can happen in /tmp, then the resource is going to add the file again.

  2. You are using onlyif in your Exec['unzip\_patch'] and Exec['install\_patch'] resources. The onlyif parameter causes the Exec to run only when the command in the onlyif returns 0. You are testing for the presence of a file, and a directory respectively. In the case of the former, if /tmp/Sol1064Bit/ exists, then and only then will your Exec run. The next Exec does the exact same thing. It will only run if /tmp/Sol1064Bit/126547-07 exists and is a directory. Are those the correct conditions for when these should run? If you're not removing that zip file, and the directory, during your install process, then I would expect these Exec statements to always run.

  3. Your Exec['unzip_patch'] command unzips your files to the same directory that you're trying to sync with puppet:///modules/solbash/SolarisBashPatch/Sol1064Bit in the File['/tmp/Sol1064Bit'] resource. You're telling Puppet to sync up a directory with the master, but then you're adding files to that directory. Since you have specified a source, and set recurse to true, Puppet will try to remove the unzipped files on every run because they don't match the source on the master.

I can't fully test since I don't have your patch, but here's some code to start with. Instead of using onlyif/unless parameters on the Exec, it instead sets refreshonly => true, and then sets a subscription chain based on the zip file. If the zip file is updated on the agent, then it will trigger the unzip Exec, and then the install Exec. If the zip file already exists, and the File['/var/puppet_tmp/Sol1064Bit/'] doesn't run, then the Execs aren't triggered.

# I suggest setting your mode, owner, and group
# on all File resources

file {'/var/puppet_tmp':
  ensure => directory,
} ->

file {'/var/puppet_tmp/Sol1064Bit':
  ensure => directory,
} ->

file {'/var/puppet_tmp/Sol1064Bit/':
  ensure => present,
  source => 'puppet:///modules/solbash/SolarisBashPatch/Sol1064Bit/',
} ~>

exec {'unzip_patch':
  command     => "/usr/bin/unzip /tmp/Sol1064Bit/ -d /var/puppet_tmp/Sol1064Bit/",
  refreshonly => true,
} ~>

  command     => '/usr/sbin/patchadd /var/puppet_tmp/Sol1064Bit/126547-07",
  refreshonly => true,
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2014-10-07 14:26:20 -0600

Seen: 1,190 times

Last updated: Oct 08 '14