Puppet fails to ensure file is present

asked 2016-09-30 16:48:41 -0600

Edely gravatar image

I am using the following configuration in a module. It only has to ensure the file sysctl.conf is present in /etc folder. But it doesn't do that.

class sysctl::config{
  file{ "/etc/sysctl.conf":
    ensure   => present,
    owner    => 'root',
    group    => 'root',
    mode     => '0644',
    source   => 'puppet:///modules/sysctl/sysctl.conf',
   }
}

I use a similar configuration for other files like sshd_config, sources.list, etc in their respective modules, and all they work.

Furthermore when I check the puppet report it seems all occurred correctly despite the file not being present.

File[/etc/sysctl.conf]: !ruby/object:Puppet::Resource::Status
      resource: File[/etc/sysctl.conf]
      file: /etc/puppet/modules/sysctl/manifests/config.pp
      line: 9
      evaluation_time: 0.037749125
      change_count: 0
      out_of_sync_count: 0
      tags: 
        - file
        - class
        - "sysctl::config"
        - sysctl
        - config
        - "profile::base"
        - profile
        - base
        - role
        - node
        - default
      time: 2016-09-30 18:24:20.977037 -03:00
      events: []
      out_of_sync: false
      changed: false
      resource_type: File
      title: /etc/sysctl.conf
      skipped: false
      failed: false
      containment_path: 
        - Stage[main]
        - "Sysctl::Config"
        - File[/etc/sysctl.conf]

What am I missing?

edit retag flag offensive close merge delete

Comments

1

You're specifying the file's `source` attribute, but it never gets considered since `ensure => present` (= `touch <filename>`). See https://docs.puppetlabs.com/puppet/latest/reference/types/file.html#file-attribute-ensure for details.

Kai Burghardt gravatar imageKai Burghardt ( 2016-09-30 18:29:16 -0600 )edit

Kai's correct, you want ensure => file if you plan on using a source. ensure => present is more for, ensuring the file exists but doing nothing with it. Combined with audit, this can be useful. It also ensures a file that is normally manually modified, exists at least ...

ken gravatar imageken ( 2016-09-30 20:37:46 -0600 )edit

That is not true. If you specify `ensure => present` the ensure property will be considered insync if it is a file OR a directory (instead of `ensure=>file` or `ensure=>directory`). However this should not ignore the source property and wether the source is in sync..

Stefan gravatar imageStefan ( 2016-10-01 07:22:43 -0600 )edit

Do you see any error messages? Is sysctl empty? Is the puppet able to read the source file? What happens if you modify `/etc/sysctl` locally?

Stefan gravatar imageStefan ( 2016-10-01 07:24:59 -0600 )edit

are you sure you are looking at the correct server? If you edit the file puppet:///modules/sysctl/sysctl.conf and run puppet, is the Puppet report different than the one in your post?

alexandre gravatar imagealexandre ( 2016-10-05 00:22:54 -0600 )edit