Ask Your Question
0

when I try to update /etc/sudoers in puppet master the file it doesnt get updated!

asked 2015-09-04 11:21:58 -0500

babak1973 gravatar image

updated 2015-09-04 12:02:35 -0500

csharpsteen gravatar image

Hello All,

i have created a module called Sudoers here is the content of the init.pp

File { owner => "root", group => "root", mode  => "0440" }

    file {"/etc/sudoers":
            ensure => "present",
            content => template("sudoers/sudoers.erb"),
    }

    file {  "/etc/sudoers.d":
                    ensure  => "directory",
                    owner   => "root",
                    group   => "root",
                    recurse => "false",
                    mode    => 550,
    }

and this is the content of sudoers.erb

root                            ALL=(ALL)       NOPASSWD: ALL


# Admins
user1                      ALL=(ALL)       NOPASSWD: ALL
user2                      ALL=(ALL)       NOPASSWD: ALL

now when i do puppet agent --test

i am getting

Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for ip-10-167-26-44.
Info: Applying configuration version '1441378237'
Notice: Finished catalog run in 0.03 seconds

but when i look to content of /etc/sudeors nothing get uppdated. basically all my sudeors class is ignored can you guys tell me what I am doing wrong?

Thanks a lot!

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
0

answered 2015-09-04 13:00:45 -0500

GregLarkin gravatar image

updated 2015-09-04 13:13:24 -0500

How are you classifying that Puppet code to your node? Are you using site.pp or some other means to do that? Ultimately, you have to tell Puppet that a certain node should be classified with certain classes.

This page should help a bit: https://docs.puppetlabs.com/pe/latest/puppetassignconfigurations.html

UPDATE: It looks like you are matching on a specific IP address range to classify your node. However, based on the hostname that I see in your puppet agent run, your node may not be in the correct IP range:

Info: Caching catalog for ip-10-167-26-44.

You can confirm that if you log into your node and run "facter ipaddress". Does the IP address match the range you have specified?

edit flag offensive delete link more
0

answered 2015-09-04 13:09:10 -0500

babak1973 gravatar image

Hi Greg, Thank you for your reply.

I am using site.pp

import "nodes/*.pp"

and then inside nodes folder

  if $::ipaddress =~ /^10\.162\.[5,6]\.\d{1,3}$/ {
        include user::groups
        include user::sysadmin
  }
}

please note that the /etc/sudoers it is not get updated inside puppet master as well

Thank you again

edit flag offensive delete link more

Comments

sorry I found the issue, in my default.pp i should have entered include sudoers Thank you again

babak1973 gravatar imagebabak1973 ( 2015-09-04 13:14:56 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-09-04 11:21:58 -0500

Seen: 12,729 times

Last updated: Sep 04 '15