resource dependency while enforcing resource attributes

asked 2015-03-10 17:15:13 -0600

John Ting gravatar image

I have the following in my module's manifest file.

service {'centrify-sshd': ensure => running, enable => true, hasrestart => true, hasstatus => true, subscribe => File['/etc/centrifydc/ssh/sshd_config'] }

file {'/etc/centrifydc/ssh/sshdconfig': mode => "0600", owner => root, group => root, content => template("mymodule/sshdconfig.erb"), }

The dependency works, ie. when the file changes, the service is restarted. However, I would also like to have the service be started if it happens to be off. ie. if some sys-admin or other system process stops the sshd service, I want the manifest to just turn it on.

Puppet doesn't do this. The service will only restart if the file changes. And if the file changes while the service is off, an attempted restart causes an error, because it really just needs a "start".

Is there a way to restart if file changes AND start service if it's not running?

service ensure => running should start the service if it's not running. It doesn't do that???

lorcutt gravatar imagelorcutt ( 2015-03-10 21:59:45 -0600 )edit

answered 2015-03-11 09:44:30 -0600

John Ting gravatar image

Thanks for the input thus far. I found the problem. It lies in the service's rc script - centrify-sshd. The "status" input returns a 0 exit code even if the service is stopped... So puppet thinks it's running. This is a bug with centrify-sshd rc script.

Ah that would prevent the service from restarting yes :P

PorkCharSui gravatar imagePorkCharSui ( 2015-03-11 10:36:10 -0600 )edit

answered 2015-03-11 05:35:30 -0600

PorkCharSui gravatar image

You have a dependency issue... You've "subscribed" the service to the file. This means the service will only update if the file changes. Use "require" instead of "subscribe". Then the service will get updated even if the file doesn't.

