Saturday, 2008-05-17

« Friday, 2008-05-16 Index Sunday, 2008-05-18 »
[2008/05/17 00:01:32] @ Quit: aiurea: "Leaving"
[2008/05/17 00:05:28] @ cote joined channel #puppet
[2008/05/17 00:07:06] @ Quit: lak:
[2008/05/17 00:08:57] @ shenson_not_here is now known as shenson
[2008/05/17 00:20:17] <ashp> jamesturnbull: Hey, you around?
[2008/05/17 00:20:23] <ashp> You closed my ticket but I don't really think they are comparable
[2008/05/17 00:20:35] <jamesturnbull> ashp: re-=opened it
[2008/05/17 00:20:36] <ashp> I specifically want to be able to run a command and check the return, like unless/onlyif
[2008/05/17 00:20:41] <ashp> oh ok :)
[2008/05/17 00:20:52] <jamesturnbull> ashp: yeah fujin and I talked - I thought you meant language constructs
[2008/05/17 00:21:24] <ashp> I need to have another poke around because I suspect if I can get the metaparm bits of the code to be aware of checks I can just cut and paste a lot of the code and not have to try too hard :)
[2008/05/17 00:21:47] <jamesturnbull> ashp: yep that should be the case
[2008/05/17 00:22:10] <ashp> I'm really glad 1179 got into the next release
[2008/05/17 00:22:18] <ashp> I had to define a custom schema and I can now unwind that
[2008/05/17 00:24:11] @ thegcat joined channel #puppet
[2008/05/17 00:24:46] @ Quit: thegcat: Client Quit
[2008/05/17 00:26:27] @ Quit: Gwayne: Read error: 104 (Connection reset by peer)
[2008/05/17 00:29:26] @ thegcat joined channel #puppet
[2008/05/17 00:30:25] @ yure joined channel #puppet
[2008/05/17 00:30:56] @ lak joined channel #puppet
[2008/05/17 00:33:07] @ Gwayne joined channel #puppet
[2008/05/17 00:33:15] @ jmeeuwen`_ joined channel #puppet
[2008/05/17 00:34:24] @ Quit: jmeeuwen: Read error: 110 (Connection timed out)
[2008/05/17 00:36:36] <riddleyAthome> jamesturnbull, you still here?
[2008/05/17 00:36:52] <jamesturnbull> riddleyAthome: I am
[2008/05/17 00:37:28] <riddleyAthome> are you interested in nit-picky grammary kinds of corrections in your book? :)
[2008/05/17 00:37:51] @ jmeeuwen`_ is now known as jmeeuwen
[2008/05/17 00:39:43] <jamesturnbull> riddleyAthome: not particularly - mostly technical errata - but if it changes the meaning of something...?
[2008/05/17 00:40:07] <riddleyAthome> meh, it's nothing then ):
[2008/05/17 00:40:07] <jamesturnbull> riddleyAthome: also be aware I speak British English not American English
[2008/05/17 00:40:09] <riddleyAthome> er :)
[2008/05/17 00:40:47] <riddleyAthome> on page 3 you use 'unsatisfied' when I think you mean 'dissatisfied' ... contract terms and dependencies are unsatisfied, people are dissatisfied.
[2008/05/17 00:41:05] <riddleyAthome> but yea, no biggie
[2008/05/17 00:41:39] <jamesturnbull> ah okay
[2008/05/17 00:41:58] <dthacker-work> jamesturnbull: who published your book?
[2008/05/17 00:42:03] <jamesturnbull> Apress
[2008/05/17 00:42:12] <dthacker-work> thanks.
[2008/05/17 00:42:51] <jamesturnbull> you can get it through Amazon etc or the ebook is available via the Apress website - very reasonably priced
[2008/05/17 00:43:27] <dthacker-work> I was hoping I could get it on my Safari but the ebook will probably work. :)
[2008/05/17 00:43:31] @ Quit: _zsh: Read error: 104 (Connection reset by peer)
[2008/05/17 00:43:41] <jamesturnbull> Safari? Oh the O'Reilly thing
[2008/05/17 00:44:09] @ Quit: jvanzyl:
[2008/05/17 00:44:29] <thegcat> anyone familiar with rhel? (non puppet related question(s))
[2008/05/17 00:44:59] <shadowvice> thegcat: a lil whats up
[2008/05/17 00:45:02] <shadowvice> ?
[2008/05/17 00:45:34] <thegcat> how could I get "up to date" packages on these machines?
[2008/05/17 00:45:53] <shadowvice> either up2date or yum?
[2008/05/17 00:46:08] <Volcane> do you have a proper redhat network paid for subscription?
[2008/05/17 00:46:13] <thegcat> meaning java 1.5 and py 2.5
[2008/05/17 00:46:20] <thegcat> Volcane: yes
[2008/05/17 00:46:29] <Volcane> which version rhel?
[2008/05/17 00:46:32] <thegcat> 5
[2008/05/17 00:46:33] <shadowvice> what version of rhel
[2008/05/17 00:46:44] <shadowvice> snicker :D yum...
[2008/05/17 00:46:46] <jamesturnbull> yum upgrade
[2008/05/17 00:46:48] <Volcane> if you want 1.5 you'll need to make your own plan then
[2008/05/17 00:46:57] <jamesturnbull> or yum install blahpackage
[2008/05/17 00:47:04] <Volcane> ditto for python
[2008/05/17 00:47:06] <thegcat> oh, java is already 1.6
[2008/05/17 00:47:11] <thegcat> sorry
[2008/05/17 00:47:25] <thegcat> I'll have to beat my whiny users for that one
[2008/05/17 00:47:30] <Volcane> thegcat: redhat ships a gcj compiled 1.4 pile of junk for java
[2008/05/17 00:47:56] <Volcane> if you want a sun 1.5 or 1.6 you can follow the instructions at jpackage and use their srpms for sun java
[2008/05/17 00:48:00] <thegcat> Volcane: java -version java version "1.6.0_05"
[2008/05/17 00:48:09] <thegcat> sould have checked before asking, java is ok
[2008/05/17 00:48:13] <Volcane> thegcat: then someoens installed a new java on there for you
[2008/05/17 00:48:17] <Volcane> not from redhat
[2008/05/17 00:48:44] @ geertn joined channel #puppet
[2008/05/17 00:49:33] <thegcat> grmpf, I hate it when "privileged" users do stuff behind my back
[2008/05/17 00:49:36] <thegcat> whatever
[2008/05/17 00:49:45] <thegcat> any sugestions for py 2.5?
[2008/05/17 00:49:58] <Volcane> out of luck there unfort
[2008/05/17 00:50:17] <Volcane> unless you go about building your own
[2008/05/17 00:50:32] <shadowvice> looks like you can get a few more options from the epel
[2008/05/17 00:50:37] <geertn> when in an exec statement I require another exec statement I would expect it to be executed before the one having the require. Doesn't seem to be the case, anyone has a hint? http://pastie.caboo.se/198223
[2008/05/17 00:50:44] <thegcat> Volcane: no thanks, I'll pass
[2008/05/17 00:50:45] <Volcane> once redhat puts a peg in the ground for 5.0, they never do point upgrades in 5.x unless there are dire dire problems in what they chose
[2008/05/17 00:51:14] <thegcat> shadowvice: epel?
[2008/05/17 00:51:32] <shadowvice> hehe I got it from puppet ... om unless someone beats me to it
[2008/05/17 00:51:50] <thegcat> Volcane: it's not a bad thing per se, if there were say other repos to get some updates
[2008/05/17 00:52:06] <Volcane> thegcat: nods, but upgrading python might/will break a ton of stuff :)
[2008/05/17 00:52:07] <shadowvice> http://fedoraproject.org/wiki/EPEL/FAQ#howtouse
[2008/05/17 00:52:15] <Volcane> thegcat: especially your redhat surpport :P
[2008/05/17 00:52:51] <shadowvice> latest version of python Im using is python.i386 2.4.3-19.el5
[2008/05/17 00:53:23] <ashp> I both love and hate redhat for their sticking to no upgrades policy.
[2008/05/17 00:53:36] <thegcat> that's what slotting is for *weeps*
[2008/05/17 00:53:57] * thegcat wants at work
[2008/05/17 00:54:10] <thegcat> gentoo, there should be a gentoo in the above sentence
[2008/05/17 00:54:20] <ashp> geertn: Just as a test you could try before => rather than require => ?
[2008/05/17 00:54:52] <jbooth> Maybe gentoo has gotten better in the 1 to 1.5 years since I ran it as a desktop, but... stable was usually way out of date and unstable was seriously unstable.
[2008/05/17 00:55:49] <ashp> I'm generally unhappy with all linux distributions. :/
[2008/05/17 00:58:03] <thegcat> jbooth: well, I run unstable on my desktop, but only because it's more a machine to play with than anything else
[2008/05/17 00:58:32] <thegcat> stable base system + a selected few packages unstable to have the latest, and all is fine :-)
[2008/05/17 00:58:49] @ Quit: Volcane: Read error: 60 (Operation timed out)
[2008/05/17 00:59:42] @ Volcane joined channel #puppet
[2008/05/17 01:00:17] @ happymcp` joined channel #puppet
[2008/05/17 01:00:45] @ Quit: happymcplaksin: Read error: 104 (Connection reset by peer)
[2008/05/17 01:02:10] <geertn> ashp, I just discovered that the "refreshonly => true" statement was the culprit, thx for your help
[2008/05/17 01:03:09] @ Quit: ashp: Remote closed the connection
[2008/05/17 01:03:24] @ ashp joined channel #puppet
[2008/05/17 01:04:35] * ashp listens to the 'podcast'
[2008/05/17 01:04:44] <ashp> i liked it more when we just called those recordings. :)
[2008/05/17 01:08:44] @ Quit: Innocenti: Client Quit
[2008/05/17 01:09:31] @ lutter joined channel #puppet
[2008/05/17 01:14:25] <geertn> ubuntu lts is nice, bleeding edge and still long support
[2008/05/17 01:15:12] <geertn> altough I don't think it's certified for things like SAP/oracle and all
[2008/05/17 01:15:14] <ashp> I'm avoiding any debian derived server as they modify everything way too much
[2008/05/17 01:15:21] <jbooth> ashp: I've been pretty happy with Arch so far. ;-)
[2008/05/17 01:15:43] <ashp> Not tried it :)
[2008/05/17 01:16:06] <ashp> I just hate how debian modify stock configuration so much that you can never drop in your conf from other systems and have anything work properly
[2008/05/17 01:17:07] @ Quit: lak: Read error: 113 (No route to host)
[2008/05/17 01:17:13] @ lak joined channel #puppet
[2008/05/17 01:24:13] @ thegcat_ joined channel #puppet
[2008/05/17 01:24:34] @ jvanzyl joined channel #puppet
[2008/05/17 01:26:01] @ thegcat__ joined channel #puppet
[2008/05/17 01:26:31] @ Quit: thegcat: Read error: 110 (Connection timed out)
[2008/05/17 01:27:26] <chadh> anybody have a good solution for editing pam.d files?
[2008/05/17 01:27:49] <chadh> (this is brought on by the discussion on the mailing list)
[2008/05/17 01:28:57] <Volcane> how do you guys install cpan modules?
[2008/05/17 01:30:09] <f3ew> Volcane via rpm
[2008/05/17 01:30:21] <Volcane> nods, was hoping thats not the answer :P
[2008/05/17 01:30:36] <Volcane> better get cpan2dep going then, cos i have a gazillion perl mods to install
[2008/05/17 01:34:38] @ johnf joined channel #puppet
[2008/05/17 01:37:52] <lak> has freenode changed somehow? i used to be able to log in when my nick was ghosted and i would just get 'lak_', but now i can't even log in
[2008/05/17 01:42:17] @ Quit: thegcat_: Read error: 113 (No route to host)
[2008/05/17 01:42:39] <f3ew> not that I know
[2008/05/17 01:48:59] * Volcane recalls someone having a trick to make the master see new node files without a restart
[2008/05/17 01:49:12] <lak> you should be able to just touch them
[2008/05/17 01:49:41] <Volcane> tried, also tried touching the dir and the site.pp
[2008/05/17 01:52:15] <lak> and you're sure there aren't exceptions on the server
[2008/05/17 01:52:42] <duritong> am I right with this generation assumption?
[2008/05/17 01:52:44] <duritong> http://pastie.caboo.se/198261
[2008/05/17 01:52:58] <jbooth> Is there a wiki page on making puppetmaster more responsive/efficient?
[2008/05/17 01:53:13] @ Quit: johnf: Read error: 110 (Connection timed out)
[2008/05/17 01:53:14] <duritong> jbooth: wiki:UsingMongrel
[2008/05/17 01:53:17] <gepetto> duritong: jbooth: wiki:UsingMongrel is http://reductivelabs.com/trac/puppet/wiki/UsingMongrel
[2008/05/17 01:53:43] @ Quit: Volcane: kubrick.freenode.net irc.freenode.net
[2008/05/17 01:55:37] <jbooth> Perfect. I'm going to have to do that later.
[2008/05/17 01:55:51] <jbooth> puppetmaster is a real dog when I dump 64 nodes on it.
[2008/05/17 01:56:10] <jbooth> Still a bit worried about scaling up to the scale I need to, but...
[2008/05/17 01:56:27] <duritong> i think running 4 is not a that bad idea
[2008/05/17 02:00:54] <jbooth> I wonder if my puppetmaster is going to need to be beefier hardware, or can I mod_proxy that to multiple back-end machines?
[2008/05/17 02:01:08] <jamesturnbull> jbooth: wiki:PuppetScalability
[2008/05/17 02:01:11] <gepetto> jamesturnbull: jbooth: wiki:PuppetScalability is http://reductivelabs.com/trac/puppet/wiki/PuppetScalability
[2008/05/17 02:03:25] * jbooth is looking at 786 connections over the span of a few minutes.
[2008/05/17 02:03:46] <shadowvice> Has anyone been able to successfully get puppet connected to an AIX?
[2008/05/17 02:04:16] <jamesturnbull> jbooth: lots of alternatives - mongrel with apache/nginx/pound
[2008/05/17 02:04:35] <jamesturnbull> jbooth: I've had good experiences with pound YMMV
[2008/05/17 02:04:49] <jamesturnbull> shadowvice: It's been done
[2008/05/17 02:05:00] <jbooth> jamesturnbull: I'll have a look. I already have apache running, so that's attractive.
[2008/05/17 02:05:30] @ roald joined channel #puppet
[2008/05/17 02:06:37] @ tim|macbook joined channel #puppet
[2008/05/17 02:06:46] <jbooth> In some ways I'd love to rip out all the SSL stuff. Private network, already root trusts between all the hosts, so SSL is just overhead to me.
[2008/05/17 02:08:59] @ flakrat joined channel #puppet
[2008/05/17 02:10:23] @ Quit: flakrat: Client Quit
[2008/05/17 02:11:02] @ anarchat is now known as anarcat
[2008/05/17 02:11:13] <duritong> jboot: that's quite a bad idea as you would transmit every configuration file world readable
[2008/05/17 02:11:19] <duritong> jbooth
[2008/05/17 02:11:37] <jamesturnbull> jbooth: I work in security - no such thing as a private network :)
[2008/05/17 02:11:47] <duritong> indeed
[2008/05/17 02:11:53] @ anarcat left channel #puppet ()
[2008/05/17 02:17:20] <jbooth> Shrug, if you have enough privs to sniff a machine (or physical access) you already have the whole supercomputer.
[2008/05/17 02:20:03] <fsweetser> jbooth: true. however, I personally worry about confidentiality of the data sent a lot less than authenticating it
[2008/05/17 02:20:27] <fsweetser> without SSL, a DNS cache poisoning attack means you can push any policy you like out to a poor unsuspecting client
[2008/05/17 02:21:07] <jbooth> I run my own DNS.
[2008/05/17 02:21:22] <jbooth> This is a 10. network. It really is private. :-P
[2008/05/17 02:23:01] <shadowvice> jamesturnbull: thanks :D
[2008/05/17 02:23:04] <duritong> really private means _no_ connection to the internet (no physical connection)
[2008/05/17 02:23:46] <fsweetser> jbooth: I can understand that, I just wanted to point out that the SSL layer provides you with a lot more than just hiding the config files sent out
[2008/05/17 02:24:27] @ Quit: DerekW: "Leaving"
[2008/05/17 02:24:54] @ andrewcshafer joined channel #puppet
[2008/05/17 02:25:16] <jbooth> fsweetser: I know it's providing trusted identification too. In the case I'm working in, I'd just rather not have it. I'd rather make the decision to just trust and go with it.
[2008/05/17 02:26:25] @ Wakko666 joined channel #puppet
[2008/05/17 02:26:52] <jbooth> The idea of being security paranoid is nice, but means the cluster doesn't go. My goal is to get the most useful security stuff I can, without making it unusable.
[2008/05/17 02:29:09] @ Volcane joined channel #puppet
[2008/05/17 02:30:49] <mmestnik> Hello, I just added a folder with lots of files to my template/fileserver. Now I need to add them the the manifest, is there a quick way todo this. I'm half-way through using find/stat and I'm just now typing up some perl to convert this output in to a manifest. I can't help but think there must be an easier way.
[2008/05/17 02:32:12] @ flakrat joined channel #puppet
[2008/05/17 02:32:31] <jbooth> recurse => true might be what you want?
[2008/05/17 02:33:44] <mmestnik> jbooth: Why not copy the private key and cert onto each node?
[2008/05/17 02:35:54] <mmestnik> I'm looking for the ?handler? for mkdir now, I just have to RTFM a bit.
[2008/05/17 02:36:18] @ brscott joined channel #puppet
[2008/05/17 02:39:26] <mmestnik> Ohh, that might do just fine.
[2008/05/17 02:39:48] <jbooth> mmestnik: I could but how do I get it there? I can copy it with kickstart... but then it needs to be somewhere "public" anyway and I haven't gained much by doing it. Or I use a ssh command, but I setup my ssh keys in puppet, so there's a chicken and egg problem.
[2008/05/17 02:43:09] <mmestnik> jbooth: Huh? You just need to sync the keys with each cluster member. For the clients at some point you download and install puppet at that time you install your own CA.
[2008/05/17 02:44:16] @ Quit: machpo: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:18] @ Quit: jfluhmann: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:20] @ Quit: erikh: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:22] @ Quit: chillitom: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:23] @ Quit: tmz: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:25] @ Quit: pawalls_: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:26] @ Quit: thom: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:27] @ Quit: barnbarn: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:29] @ Quit: phips: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:44:41] @ brscott left channel #puppet ()
[2008/05/17 02:45:11] <jbooth> mmestnik: I should be more specific. When I say "cluster" I mean "768 node supercomputer." I install nodes via kickstart, they puppet their config, they reboot, they come up as a functional compute node. No (or at least, very little) human interaction needed.
[2008/05/17 02:45:12] @ machpo joined channel #puppet
[2008/05/17 02:45:13] @ jfluhmann joined channel #puppet
[2008/05/17 02:45:14] @ erikh joined channel #puppet
[2008/05/17 02:45:15] @ chillitom joined channel #puppet
[2008/05/17 02:45:17] @ tmz joined channel #puppet
[2008/05/17 02:45:19] @ pawalls_ joined channel #puppet
[2008/05/17 02:45:21] @ thom joined channel #puppet
[2008/05/17 02:45:22] @ barnbarn joined channel #puppet
[2008/05/17 02:45:24] @ phips joined channel #puppet
[2008/05/17 02:46:04] <mmestnik> For that puppetca has an auto sign option... or at least with a little cron script it could.
[2008/05/17 02:46:41] <jbooth> mmestnik: yeah, I use auto-sign. But at that point, why have the overhead? Just turn it off.
[2008/05/17 02:46:54] <ashp> Is it even turnoffable?
[2008/05/17 02:47:15] <ashp> without doing a ton of work to force it out
[2008/05/17 02:48:37] <jbooth> ashp: probably not, but that's what I'd /like/ to be able to do easily.
[2008/05/17 02:48:40] @ Quit: tim|macbook: "This computer has gone to sleep"
[2008/05/17 02:49:18] <mmestnik> Perhpas your right. Puppet should be dedicated at it's task and let wget/curl and apache handle the SSL tasks, no point in re-inventing the wheel.
[2008/05/17 02:50:24] <mmestnik> As a configuration automation system it can keep it's clinet cert signing system in place, but using SSL should be optional.
[2008/05/17 02:50:49] <jbooth> I suppose I could warp puppet to that now. Setup a NFS mount first and then quit using puppet:// and just use absolute paths.
[2008/05/17 02:50:59] @ plathrop joined channel #puppet
[2008/05/17 02:52:52] <ashp> Sigh, I guess I should find ssh-vulnkey for RHEL or SUSE
[2008/05/17 02:52:55] <ashp> so I can test our user keys.
[2008/05/17 02:54:36] <ashp> Anyone with debian able to yank me out a copy?
[2008/05/17 02:55:00] <plathrop> ashp: Give me a few and I will
[2008/05/17 02:55:05] <ashp> cheers
[2008/05/17 02:59:13] @ Quit: barnbarn: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:14] @ Quit: pawalls_: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:16] @ Quit: chillitom: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:18] @ Quit: machpo: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:20] @ Quit: phips: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:22] @ Quit: tmz: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:24] @ Quit: erikh: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:26] @ Quit: thom: kubrick.freenode.net irc.freenode.net
[2008/05/17 02:59:27] @ Quit: jfluhmann: kubrick.freenode.net irc.freenode.net
[2008/05/17 03:00:06] @ Quit: roald: Read error: 110 (Connection timed out)
[2008/05/17 03:00:48] <plathrop> ashp: Shall I email it? Or put it up on a website for you?
[2008/05/17 03:01:29] @ machpo joined channel #puppet
[2008/05/17 03:01:30] @ jfluhmann joined channel #puppet
[2008/05/17 03:01:32] @ erikh joined channel #puppet
[2008/05/17 03:01:33] @ chillitom joined channel #puppet
[2008/05/17 03:01:34] @ tmz joined channel #puppet
[2008/05/17 03:01:35] @ pawalls_ joined channel #puppet
[2008/05/17 03:01:36] @ thom joined channel #puppet
[2008/05/17 03:01:38] @ barnbarn joined channel #puppet
[2008/05/17 03:01:39] @ phips joined channel #puppet
[2008/05/17 03:01:40] @ emerose joined channel #puppet
[2008/05/17 03:02:41] <ashp> website or apenney@gmail.com is fine :)
[2008/05/17 03:03:56] <plathrop> ashp: http://plathrop.tertiusfamily.net/pub/ssh-vulnkey
[2008/05/17 03:06:42] <ashp> perfect, thank you!
[2008/05/17 03:06:57] <ashp> Now to kludge it into working via the magic of symlinks and libraries
[2008/05/17 03:07:12] <plathrop> ashp: Let me know if you need any more stuff from Debian for it.
[2008/05/17 03:07:42] <ashp> I'm kind of disappointed Redhat, once again, are behind the curve, and haven't provided their own package for this.
[2008/05/17 03:07:47] <plathrop> So, since I'm technically distributing, am I legally obligated under the GPL to pust the source too? :-P
[2008/05/17 03:09:07] @ Quit: machpo: Remote closed the connection
[2008/05/17 03:09:09] @ machpo joined channel #puppet
[2008/05/17 03:09:15] <ashp> :D probably!
[2008/05/17 03:09:18] <ashp> I wonder if
[2008/05/17 03:09:22] <ashp> 'no blacklist information' is good or bad
[2008/05/17 03:09:27] <ashp> I wonder if I need anything else, like a database
[2008/05/17 03:09:45] <plathrop> There's a whole "openssh-blacklist" package...
[2008/05/17 03:10:39] <ashp> Ahh, hmm, I guess that might be required
[2008/05/17 03:10:50] <ashp> I thought it could tell if things were vulnerable anyway
[2008/05/17 03:10:50] <plathrop> ashp: Let me see if I can track it down for ya
[2008/05/17 03:11:31] <gepetto> ::puppet:: RegenerateSSL edited by technician @ http://reductivelabs.com/trac/puppet/wiki/RegenerateSSL
[2008/05/17 03:11:54] <plathrop> ashp: hold on, found the blacklist files.
[2008/05/17 03:12:33] <ashp> k
[2008/05/17 03:13:00] <plathrop> ashp: blacklist.DSA-1024 and blacklist.RSA-2048 at the same URL above.
[2008/05/17 03:13:05] <plathrop> I found them in /etc/ssh/
[2008/05/17 03:13:51] <ashp> Ok, thanks, I'll give it a whirl
[2008/05/17 03:14:40] <ashp> nothing claims to be vulnerable, so I'll take that as good news
[2008/05/17 03:15:06] <plathrop> ashp: Congratulations
[2008/05/17 03:15:10] <plathrop> I'm still cleaning up.
[2008/05/17 03:15:14] * plathrop sighs.
[2008/05/17 03:15:39] <ashp> The only ubuntu around is on my desktop, and I don't boot into it very often
[2008/05/17 03:15:44] <ashp> the devs prefer gentoo, my coworker uses fedora
[2008/05/17 03:16:01] @ Quit: ianm: Remote closed the connection
[2008/05/17 03:17:02] <ashp> COMPROMISED: 2048 a0:e4:83:3f:cd:15:f4:cf:3b:67:9a:82:b4:06:7e:ff dev.affinesystems.com,64.191.214.48
[2008/05/17 03:17:05] <ashp> Oh, I change my mind.
[2008/05/17 03:17:08] <ashp> COMPROMISED: 2048 42:07:fb:23:39:c9:83:8b:0e:ce:2d:c2:e0:e6:6e:1c aqs.ods.org,216.57.153.40
[2008/05/17 03:18:02] <ashp> i just deleted them as it was known_hosts :D
[2008/05/17 03:21:05] @ Quit: jvanzyl:
[2008/05/17 03:23:31] @ auxesis_ joined channel #puppet
[2008/05/17 03:24:03] @ Quit: auxesis: Read error: 104 (Connection reset by peer)
[2008/05/17 03:25:14] @ gh joined channel #puppet
[2008/05/17 03:29:40] @ evil_ste1e joined channel #puppet
[2008/05/17 03:33:48] @ Quit: evil_steve: Read error: 113 (No route to host)
[2008/05/17 03:35:03] @ plathrop is now known as howlongcanmynick
[2008/05/17 03:35:08] @ howlongcanmynick is now known as plathrop
[2008/05/17 03:44:00] <emerose> lay: yt?
[2008/05/17 03:46:49] @ Quit: Demosthenex: "leaving"
[2008/05/17 03:46:53] @ jvanzyl joined channel #puppet
[2008/05/17 03:48:23] <plathrop> emerose: Looking for lak?
[2008/05/17 03:48:36] <emerose> yeah
[2008/05/17 03:48:38] <plathrop> emerose: Just thought you might not have noticed you typoed
[2008/05/17 03:48:47] <emerose> ha!
[2008/05/17 03:48:49] <emerose> indeed, thanks
[2008/05/17 03:48:54] <plathrop> emerose: No problem.
[2008/05/17 03:49:07] <plathrop> emerose: Did you guys ever find your new guy?
[2008/05/17 03:49:27] <emerose> and, actually, maybe you can help me -- you've been digging into adding specs to puppet, right?
[2008/05/17 03:49:39] <plathrop> emerose: Yeah, I might be able to help
[2008/05/17 03:49:43] <plathrop> What's up?
[2008/05/17 03:50:05] <emerose> i'm trying to add some specs to the gem package provider -- but i can't seem to see how to get started
[2008/05/17 03:50:15] <emerose> http://pastie.org/198312 is what i have
[2008/05/17 03:50:28] <plathrop> I take it you've read the wiki:WritingTests page?
[2008/05/17 03:50:30] <gepetto> plathrop: wiki:WritingTests is http://reductivelabs.com/trac/puppet/wiki/WritingTests
[2008/05/17 03:50:56] <emerose> but i don't see how to instantiate a gem resource that i can then test with
[2008/05/17 03:51:10] <emerose> yeah, I've seen that page -- and I've poked around with rspec in general
[2008/05/17 03:51:13] <plathrop> emerose: Ah, yeah. Let me pull up the source
[2008/05/17 03:51:15] @ randybias joined channel #puppet
[2008/05/17 03:51:32] @ Quit: cote:
[2008/05/17 03:51:40] <emerose> thanks
[2008/05/17 03:52:29] <emerose> (for the record, we've hired some folks, but are definitely still interested in meeting ops folks in the bay area)
[2008/05/17 03:52:56] <emerose> (we = www.wesabe.com)
[2008/05/17 03:53:03] <plathrop> emerose: You already interviewed me :-P Back in January. I ended up at Digg.
[2008/05/17 03:53:10] <ashp> do you pay more than $200,000?
[2008/05/17 03:53:14] <ashp> because if you do, i'm interested :D
[2008/05/17 03:53:18] <emerose> i know :) I noticed...
[2008/05/17 03:53:27] <emerose> ashp: over what time period? :)
[2008/05/17 03:53:37] <ashp> monthly ;)
[2008/05/17 03:53:54] <ashp> I think I'll stay here until my next job offers at least $120k because of all the nice benefits here
[2008/05/17 03:54:43] <holoway> speaking of jobs
[2008/05/17 03:54:46] <holoway> we're hiring as well
[2008/05/17 03:54:57] <holoway> if anyone wants to build infrastructure with puppet for startups for a living. :)
[2008/05/17 03:55:45] <ashp> Only if those startups want to pay millions :(
[2008/05/17 03:55:51] <ashp> with a baby on the way I have to be money grabbing, it sucks.
[2008/05/17 03:56:02] <plathrop> holoway: If I weren't so happy at Digg I'd be sorely tempted.
[2008/05/17 03:56:07] <lak> emerose: i'm back
[2008/05/17 03:56:20] <holoway> ashp: yeah, we don't pay millions
[2008/05/17 03:56:34] <holoway> but we do pay well
[2008/05/17 03:56:34] <holoway> :)
[2008/05/17 03:56:57] <ashp> Worse is thanks to my wonderful court battle I'm stuck in new england for now
[2008/05/17 03:57:15] <ashp> due to having to drive my stepkids up for visitation constantly, so I can't even look at positions elsewhere
[2008/05/17 03:58:14] <ashp> Maybe in a few years once the dust settles I can move somewhere warm finally
[2008/05/17 03:58:17] @ ekuleshov joined channel #puppet
[2008/05/17 03:59:07] @ ekuleshov left channel #puppet ()
[2008/05/17 03:59:31] <emerose> lak: i'm having a hard time figuring out how to get started writing tests; here's what i've got so far: http://pastie.org/198312
[2008/05/17 03:59:48] <emerose> how do I instantiate a gem object so that i can test, eg, that gemcmd is being called correctly?
[2008/05/17 04:00:28] <lak> that code does instantiate a gem object
[2008/05/17 04:00:36] @ dysinger joined channel #puppet
[2008/05/17 04:00:38] <lak> the provider_class.new creates an instance of the gem provider
[2008/05/17 04:00:58] <lak> e.g., you could say: it "should have an install method" { @provider.should respond_to(:install) }
[2008/05/17 04:01:02] <emerose> i guess i'm unsure of what needs to be passed into that initialize call
[2008/05/17 04:01:04] <lak> and that should pass
[2008/05/17 04:01:11] <lak> nothing needs to be
[2008/05/17 04:01:18] <lak> there are things you can pass in, but they're optional
[2008/05/17 04:01:37] <lak> you can pass in an instance of Type (i.e., a resource), or you can pass in a hash of values, or just nothing at all
[2008/05/17 04:02:43] <lak> emerose: btw, you going to be at velocity? i'll be in sf from the fri before to the fri after, so either way we should get together that week
[2008/05/17 04:02:49] <lak> probably have another puppet meetup that week
[2008/05/17 04:05:19] <emerose> so i guess part of the problem is that i'm not sure how to instantiate a resource object for that call. it seems like i need one, in order to call the @provider.install command
[2008/05/17 04:06:25] <emerose> eg: http://pastie.org/198326
[2008/05/17 04:07:00] <emerose> and -- not sure if i'm going to velocity, but yes, you should definitely come by if you're in town
[2008/05/17 04:07:29] <lak> you'll want to create a mock resource
[2008/05/17 04:07:34] <lak> gimme a sec...
[2008/05/17 04:07:36] <lak> pastie: url me
[2008/05/17 04:08:02] <emerose> yeah, exactly. not sure how i do that... thx
[2008/05/17 04:08:16] <holoway> lak: we should have a puppet bof the night before velocity, perhaps?
[2008/05/17 04:08:32] <lak> sunday night?
[2008/05/17 04:08:34] <holoway> yes
[2008/05/17 04:08:42] <lak> we could try, but... i would think that wouldn't work well for most
[2008/05/17 04:08:42] <holoway> a hack-a-thon could perhaps even be arranged
[2008/05/17 04:08:44] <lak> i could easily be wrong
[2008/05/17 04:09:27] <emerose> brb
[2008/05/17 04:11:01] <lak> for the record, it's kind of annoying to mock resources, which is one reason why refactoring the ral is one of my goals :/
[2008/05/17 04:14:10] <pastie> http://pastie.org/198328 by lak.
[2008/05/17 04:14:29] <gepetto> ::puppet:: Debian Testing Packages edited by technician @ http://reductivelabs.com/trac/puppet/wiki/DebianTestingPackages
[2008/05/17 04:24:41] <ashp> Oh god, I'm going to need yet another variable for every single node
[2008/05/17 04:24:58] <ashp> I need to be able to distingish by node where it should mount /home from
[2008/05/17 04:25:01] <ashp> as there's three options now
[2008/05/17 04:26:42] <emerose> lak: ok, i see. and you don't have to pass @resource to the @provider.new() call?
[2008/05/17 04:26:57] <emerose> er, i guess, you don't call @provider.new at all
[2008/05/17 04:27:03] <lak> oh, sorry; do @provider.stubs(:resource).returns @resource
[2008/05/17 04:27:10] <lak> i do; it's in the above example group
[2008/05/17 04:27:44] <lak> or just provider_class.new(@resource) should work too
[2008/05/17 04:28:27] <emerose> ok. i'll give that a shot. gotta run now; thanks for the help
[2008/05/17 04:28:40] @ Quit: emerose:
[2008/05/17 04:31:02] @ Quit: kambiz: "Leaving"
[2008/05/17 04:35:09] <geertn> Still having problems: when in an exec statement I require another exec statement I would expect it to be executed before the one having the require. refreshonly => true makes it never be executed (according to docs only notify and subscribe execute when this is set, not require). When refreshonly => false; the statement executes every time. I could notify them, but then I can't determine the order I guess
[2008/05/17 04:35:53] <geertn> also see: http://pastie.caboo.se/198350
[2008/05/17 04:44:47] <ashp> geertn: Did you try using before => rather than require, by the way?
[2008/05/17 04:47:51] <geertn> ashp, yes, for apt_clean but it didn't trigger. I now changed the config to use notify (cascading from apt-refresh to apt-upgrade and apt-clean). Guess from reading the docs this is the way to go anyway
[2008/05/17 04:49:57] <geertn> so now only build in debconf preseeding and I'm done with this module;) thx for your help
[2008/05/17 04:51:07] <ashp> Glad you managed to figure out something that worked :)
[2008/05/17 04:57:40] @ donkdonk joined channel #puppet
[2008/05/17 04:58:04] @ donkdonk left channel #puppet ()
[2008/05/17 04:59:47] @ emerose joined channel #puppet
[2008/05/17 05:03:42] <benp-> hi
[2008/05/17 05:06:57] <benp-> i'm thinking about doing something in rails but i havent done rails before. whats a good place to start, what to read?
[2008/05/17 05:10:50] @ emerose_ joined channel #puppet
[2008/05/17 05:12:30] <Volcane> #rails :)
[2008/05/17 05:13:24] <Volcane> i remember some good intro videos and stuff on their site
[2008/05/17 05:14:00] @ Quit: jvanzyl:
[2008/05/17 05:14:01] <Volcane> cleverly designed to skirt around the legion of shortcomings in the framework and all :)
[2008/05/17 05:14:47] @ jvanzyl joined channel #puppet
[2008/05/17 05:16:29] <ashp> Hmm, since when couldn't I define the same package (httpd) in different modules
[2008/05/17 05:16:36] <ashp> and just have puppet be smart enough to only add it once.
[2008/05/17 05:16:54] <ashp> Could not retrieve catalog: Puppet::Parser::AST::Resource failed with error ArgumentError: Duplicate definition: Package[httpd] is already defined in file /etc/puppet/modules/development/iclassify/manifests/install.pp at line 17; cannot redefine at /etc/puppet/modules/development/apache/manifests/install.pp:9 on node hlslinutil02.law.harvard.edu
[2008/05/17 05:17:10] <benp-> yeah, like the build in blog in 20 minutes thing from ~3-4 years ago when rails was teh hype
[2008/05/17 05:17:10] <Volcane> ashp: afaik thats how its always been
[2008/05/17 05:17:27] <ashp> that completely removes the ability to make self contained modules
[2008/05/17 05:17:37] <Volcane> ashp: indeed
[2008/05/17 05:17:39] <ashp> if I might want apache pulled in two different places, depending on what modules I require
[2008/05/17 05:17:49] <ashp> that makes no sense, I can't believe this is intended so it must be a bug
[2008/05/17 05:17:56] <Volcane> ashp: had similar thoughts
[2008/05/17 05:18:05] <ashp> lak: you around?
[2008/05/17 05:18:18] <lak> yeah, but not for long
[2008/05/17 05:18:29] <flakrat> man, I love puppet. I just migrated nagios server to a new virtual machine, and I made one change to the xinetd.d/nrpe file on the puppet server and now all of the clients are configured to allow the new server to communicate
[2008/05/17 05:18:32] <ashp> should I be able to do package { "httpd": } in two different modules
[2008/05/17 05:18:37] <ashp> and include them both and have puppet only add it once
[2008/05/17 05:18:41] <ashp> and not freak out and error out on me?
[2008/05/17 05:18:50] <lak> nope
[2008/05/17 05:19:02] <ashp> Doesn't that ruin the ability to keep each module fully self contained
[2008/05/17 05:19:11] <ashp> If I have to add some kind of check to see if another module might have httpd defined?
[2008/05/17 05:19:16] <lak> abstract it into a separate class
[2008/05/17 05:19:19] <chadh> module::httpd ?
[2008/05/17 05:19:30] <chadh> ashp: how would you decide which httpd you wanted to use
[2008/05/17 05:19:48] <ashp> chadh: If they are the same, then there's no decision to be made
[2008/05/17 05:19:55] <ashp> if I have two with ensure => latest, for example
[2008/05/17 05:19:59] <ashp> then they both turn into the same thing
[2008/05/17 05:20:38] <ashp> I just want to keep all my modules seperate, so I didn't want any shared classes that would be included by multiple modules
[2008/05/17 05:21:02] @ Quit: emerose: Read error: 110 (Connection timed out)
[2008/05/17 05:21:07] <chadh> can you do package { "module::httpd": ... }
[2008/05/17 05:21:20] <ashp> hmm
[2008/05/17 05:21:57] <chadh> puppet should support that, at least.
[2008/05/17 05:22:05] <ashp> I'll find out.
[2008/05/17 05:22:17] <chadh> although if you have different options on the resource, I am not sure how one might expect puppet to act
[2008/05/17 05:22:19] <ashp> no, it's having none of that
[2008/05/17 05:22:32] <ashp> I mean I see the logical problem because you're trying to manage the same package in two seperate places
[2008/05/17 05:22:49] <ashp> But I don't know how I can maintain my strict isolated module definition that I'm trying to stick to
[2008/05/17 05:22:59] <Volcane> needs proper namespaces kind of
[2008/05/17 05:23:10] <chadh> you can't create an httpd module?
[2008/05/17 05:23:30] <ashp> I have an httpd module
[2008/05/17 05:23:38] <Volcane> ashp: u might have to resort to like a helper module or something
[2008/05/17 05:23:56] <chadh> Volcane: exactly, although there is still the issue of choosing/merging resources that refer to the same thing
[2008/05/17 05:24:02] <ashp> I have a few classes like baseclass/puppetmaster
[2008/05/17 05:24:06] <ashp> and it's included under puppetmaster
[2008/05/17 05:24:12] <ashp> and then the node also has iclassify added
[2008/05/17 05:24:16] <Volcane> all your modules that need httpd installed should require Class["http::base"]
[2008/05/17 05:24:29] <ashp> yeah, I will have to do that instead
[2008/05/17 05:24:34] <ashp> do I use require or include?
[2008/05/17 05:24:38] <Volcane> ashp: collected resources or whatever they are?
[2008/05/17 05:24:51] <chadh> include
[2008/05/17 05:24:55] <Volcane> require
[2008/05/17 05:24:58] <ashp> haha
[2008/05/17 05:25:01] <chadh> heh. don't listen to me
[2008/05/17 05:25:04] <Volcane> include base::http once
[2008/05/17 05:25:10] <Volcane> require it in everything that needs http
[2008/05/17 05:27:10] <ashp> I'm just trying to work out the right bit to add the require => Class['apache::install'] to
[2008/05/17 05:27:16] <ashp> as i can't just slap it randomly under my iclassify class :)
[2008/05/17 05:27:23] <ashp> I have to attach it to something.. ;)
[2008/05/17 05:28:43] <Volcane> well, something in iclassify depends on httpd, make it depend on that class
[2008/05/17 05:29:08] <ashp> I threw it on mongrel for now
[2008/05/17 05:29:22] <ashp> I have to exec a script once I finish it that does iclassify so I can move it to there
[2008/05/17 05:29:44] @ Quit: machpo: Remote closed the connection
[2008/05/17 05:30:23] @ teyo joined channel #puppet
[2008/05/17 05:30:32] @ thegcat joined channel #puppet
[2008/05/17 05:31:30] @ machpo joined channel #puppet
[2008/05/17 05:33:22] <Volcane> ashp: http://reductivelabs.com/trac/puppet/wiki/VirtualResources
[2008/05/17 05:33:56] <ashp> ohhh, hmm
[2008/05/17 05:34:05] <ashp> I've seen references to this before
[2008/05/17 05:34:06] <ashp> time to read harder
[2008/05/17 05:34:45] <Volcane> you define it once, but can make it real many times u want
[2008/05/17 05:35:07] <Volcane> defining it doesnt make it real, ie you can define httpd once, somewhere, maybe even for all nodes
[2008/05/17 05:35:11] <Volcane> doesnt mean they'll get it installed
[2008/05/17 05:35:35] <Volcane> only if they pull in a module that realise the httpd will it make it on to the system
[2008/05/17 05:35:39] <Volcane> or some such :)
[2008/05/17 05:35:59] <ashp> It makes sense, I've a few places I could use something like that
[2008/05/17 05:40:50] <ashp> holoway: argh, do you use ANYTHING standard! :)
[2008/05/17 05:43:27] @ kambiz joined channel #puppet
[2008/05/17 05:44:10] <fsweetser> Wakko666: it looks like your work on adding tests is paying off in #1155
[2008/05/17 05:44:13] <gepetto> fsweetser: Wakko666: #1155 is http://reductivelabs.com/trac/puppet/ticket/1155 "PATCH: SELinux enhancements."
[2008/05/17 05:44:13] <fsweetser> nice work =)
[2008/05/17 05:45:00] <Wakko666> fsweetser: thanks. :) i'm working on a better set of rspec-based tests right now.
[2008/05/17 05:45:06] <fsweetser> cool =)
[2008/05/17 05:49:25] @ randybias_ joined channel #puppet
[2008/05/17 05:49:46] @ Quit: thegcat__: Read error: 110 (Connection timed out)
[2008/05/17 05:52:29] @ Quit: randybias: Read error: 110 (Connection timed out)
[2008/05/17 05:57:19] <gepetto> ::puppet:: Plugins InModules edited by josb @ http://reductivelabs.com/trac/puppet/wiki/PluginsInModules (by jos@catnook.com)
[2008/05/17 05:58:21] @ Quit: lak:
[2008/05/17 06:02:01] @ Quit: kambiz: "Leaving"
[2008/05/17 06:04:50] @ Quit: mellen: Read error: 110 (Connection timed out)
[2008/05/17 06:18:41] @ mellen joined channel #puppet
[2008/05/17 06:27:04] @ kolla joined channel #puppet
[2008/05/17 06:28:11] <Wakko666> fsweetser: do you have some time to look over one of my tests? if i'm doing this right, it may be a bug in your patch.
[2008/05/17 06:29:18] <Wakko666> fsweetser: http://pastie.org/198447
[2008/05/17 06:29:20] <fsweetser> sure
[2008/05/17 06:29:45] <Wakko666> the seboolean tests are returning "Command getsebool is missing"
[2008/05/17 06:30:44] <fsweetser> okay, just to check the obvious, what's the path to getsebool on your system?
[2008/05/17 06:31:07] <Wakko666> /usr/sbin/getsebool
[2008/05/17 06:31:20] @ lak joined channel #puppet
[2008/05/17 06:31:35] <fsweetser> hm... what's the path of the user you're running the tests as?
[2008/05/17 06:32:00] <Wakko666> i've tried as a non-root user and as root. same results on both
[2008/05/17 06:32:41] <fsweetser> can you tell me where I should apply that patch? I'll give it a try on my system and see if I can fgure out what's going on
[2008/05/17 06:33:09] <Wakko666> i've stuck the file in puppet/spec/unit/other
[2008/05/17 06:35:39] <fsweetser> okay, running the test now...
[2008/05/17 06:36:00] @ shadoi joined channel #puppet
[2008/05/17 06:36:19] <fsweetser> I get the same failures, so at least it's consistent =)
[2008/05/17 06:36:37] <Wakko666> heh heh... now to just figure out if i'm doing something wrong. ;-)
[2008/05/17 06:39:21] <lak> what's the problem?
[2008/05/17 06:40:31] <fsweetser> Wakko666: looks like the first part was a path problem
[2008/05/17 06:40:48] <fsweetser> it finds getsebool either by putting the full path in the provider, or by appending /sbin:/usr/sbin to the path
[2008/05/17 06:40:51] @ shenson is now known as shenson_not_here
[2008/05/17 06:41:09] <fsweetser> lak: Wakko666 is being good enough to write tests for the selinux stuff I threw together
[2008/05/17 06:41:32] <lak> i got that part figured out :)
[2008/05/17 06:42:12] @ Quit: randybias_:
[2008/05/17 06:42:48] <Wakko666> ok... so how do we get the test to pass if /usr/sbin isn't in the $PATH?
[2008/05/17 06:43:04] @ \ask_ joined channel #puppet
[2008/05/17 06:43:06] <fsweetser> is it legal to explicitly append to PATH in the unit test?
[2008/05/17 06:43:12] <lak> what is the test?
[2008/05/17 06:43:19] <lak> you should be able to mock/stub things so that you get what you want
[2008/05/17 06:43:34] <fsweetser> it's in the paste link above
[2008/05/17 06:43:46] <fsweetser> it uses a command in /usr/sbin
[2008/05/17 06:43:53] <fsweetser> which, of course, isn't in the normal path
[2008/05/17 06:45:40] <lak> i was offline when you pasted
[2008/05/17 06:45:56] <Wakko666> http://pastie.org/198447
[2008/05/17 06:46:39] <lak> which actual example is the issue?
[2008/05/17 06:47:16] <fsweetser> the selboolean tests all fail looking for getseboolean
[2008/05/17 06:48:01] <lak> Wakko666: you realize that a lot of your tests do things like set @bool to a resource in the before {} block, but then set it to a hash?
[2008/05/17 06:49:02] <lak> ok, let's rethink this for a second
[2008/05/17 06:49:12] <lak> there are a couple of things you probably want to test
[2008/05/17 06:49:19] <lak> 1) your code's interface to the binaries
[2008/05/17 06:49:28] <lak> 2) whether how you're using the binaries actually works
[2008/05/17 06:49:38] <lak> #1 is a unit test, #2 is mostly an integration test
[2008/05/17 06:49:40] <gepetto> lak: #1 is http://reductivelabs.com/trac/puppet/ticket/1 "Differentiate classes from definitions"
[2008/05/17 06:49:42] <gepetto> lak: #2 is http://reductivelabs.com/trac/puppet/ticket/2 "Add 'link' ability to File"
[2008/05/17 06:49:52] @ Quit: plathrop: Remote closed the connection
[2008/05/17 06:50:26] @ plathrop joined channel #puppet
[2008/05/17 06:50:28] <lak> #1 should be mocked to not require the actual binaries -- in no small part because you have to do so in order to make sure you're calling them correctly
[2008/05/17 06:50:30] <gepetto> lak: #1 is http://reductivelabs.com/trac/puppet/ticket/1 "Differentiate classes from definitions"
[2008/05/17 06:50:42] <lak> the second bit would need to be confined to only run when those binaries are available
[2008/05/17 06:50:51] <lak> else those tests will all fail on my mac :)
[2008/05/17 06:52:00] <Wakko666> i follow so far.
[2008/05/17 06:52:15] * lak runs to look at your code
[2008/05/17 06:54:17] <lak> e.g., you might say: @provider.expects(:getselbool).with("myresourcename"); @provider.value
[2008/05/17 06:54:40] <lak> so you're mocking out the interface, but basically trusting that the provider plumbing will turn your call to getselbool into a real call
[2008/05/17 06:55:24] <lak> then you might create integration tests with these confines in the example groups: confine :exists => "/usr/sbin/selbool" (or whatever they are)
[2008/05/17 06:56:03] <lak> so they only run on machines that have selbool
[2008/05/17 06:56:13] <lak> but then you need to be ready to clean up after yourself, which can get very complicated
[2008/05/17 06:56:39] <lak> i generally skip those, and consider it to be sufficient if you mock out your code's interface to the binaries
[2008/05/17 06:56:41] <lak> make sense?
[2008/05/17 06:57:04] <lak> e.g., the dpkg and apt tests in the test/ral/provider/package/ dir, altho those are old tests
[2008/05/17 06:57:14] <fsweetser> by "cleaning up", are you referring to attempting to test potentially destructive commands?
[2008/05/17 06:57:14] <Wakko666> i think i get it.
[2008/05/17 06:57:43] <lak> well, if you set a bool somewhere, you're probably going to want to remove it at the end of the test
[2008/05/17 06:58:08] <lak> e.g., if you were testing a package tool, you might do an integration test with installation, but then you'd want to remove the package when you were done
[2008/05/17 06:58:14] <lak> which is a PITA
[2008/05/17 06:58:29] <fsweetser> indeed
[2008/05/17 06:58:40] <Wakko666> get the running value, do your test, then restore the runtime value
[2008/05/17 06:58:45] <lak> yeah
[2008/05/17 06:58:50] <lak> always harder than you think
[2008/05/17 06:58:58] <fsweetser> I would imagine it would be difficult to pick a package that's a) available, b) not installed, and c) can be installed/uninstaled without side affects
[2008/05/17 06:59:28] <Wakko666> yeah... right now i'm just trying to create tests that exercise the code itself, not necessarily test its interface with the underlying OS.
[2008/05/17 06:59:36] <fsweetser> that's going to be even tricker with selinux policy modules :P
[2008/05/17 07:01:17] <lak> right, but if your code is looking up binaries, then you're not mocking enough of the provider, i'd think
[2008/05/17 07:03:59] <Wakko666> hrm... i get a NoMethodError when I try to access provider.value
[2008/05/17 07:04:21] <lak> is it one of those tests where you @bool = {}?
[2008/05/17 07:04:26] <Wakko666> i've removed that
[2008/05/17 07:04:45] <Wakko666> i think i figured it out
[2008/05/17 07:05:03] <lak> cool
[2008/05/17 07:05:06] <lak> bbiaf
[2008/05/17 07:05:12] <Wakko666> thanks for the help lak. :)
[2008/05/17 07:05:22] <lak> no problem, and definitely -- ping me when you want help
[2008/05/17 07:05:33] <lak> i'll *always* take the time to help people writing tests
[2008/05/17 07:05:41] <lak> it's the only way we're going to get more people working on tests here
[2008/05/17 07:14:21] @ shadowvice left channel #puppet ()
[2008/05/17 07:21:32] @ Quit: squiddle: "leaving"
[2008/05/17 07:23:19] @ Quit: jmeeuwen: Read error: 110 (Connection timed out)
[2008/05/17 07:28:01] @ Quit: kenvandine: "Ex-Chat"
[2008/05/17 07:29:48] @ randybias joined channel #puppet
[2008/05/17 07:36:47] @ Quit: markl__: "Lost terminal"
[2008/05/17 07:37:47] @ randybias_ joined channel #puppet
[2008/05/17 07:39:07] @ dysinger_ joined channel #puppet
[2008/05/17 07:39:26] @ Quit: randybias: Read error: 104 (Connection reset by peer)
[2008/05/17 07:40:34] @ Quit: plathrop: "ERC Version 5.2 (IRC client for Emacs)"
[2008/05/17 07:41:09] @ shake-n-bake_ joined channel #puppet
[2008/05/17 07:45:37] @ Quit: teyo:
[2008/05/17 07:47:12] @ jmeeuwen joined channel #puppet
[2008/05/17 07:47:38] @ dysinger__ joined channel #puppet
[2008/05/17 07:49:00] @ Quit: dthacker-work: "outta here like last year....."
[2008/05/17 07:51:07] @ Quit: jmeeuwen: Read error: 131 (Connection reset by peer)
[2008/05/17 07:52:27] @ jmeeuwen joined channel #puppet
[2008/05/17 07:55:38] @ Quit: dysinger: Read error: 113 (No route to host)
[2008/05/17 07:57:32] @ Quit: shadoi: Read error: 104 (Connection reset by peer)
[2008/05/17 08:00:48] @ shadoi joined channel #puppet
[2008/05/17 08:02:54] @ Quit: dysinger_: Read error: 113 (No route to host)
[2008/05/17 08:04:48] @ b52laptop joined channel #puppet
[2008/05/17 08:04:50] <bartc> I've converted some of the documentation on the wiki into a layout which is a bit easier on the eyes to me: http://puppetdocs.kumina.nl/html/
[2008/05/17 08:05:27] <waawaamilk> bartc: waawaamilk approves :)
[2008/05/17 08:05:42] <bartc> good :)
[2008/05/17 08:07:03] <waawaamilk> I should write a puppet language file for geshi
[2008/05/17 08:07:20] @ b52laptop left channel #puppet ("Leaving")
[2008/05/17 08:09:36] <gepetto> ::puppet:: Plugins InModules edited by luke @ http://reductivelabs.com/trac/puppet/wiki/PluginsInModules (by luke@madstop.com)
[2008/05/17 08:10:53] <bartc> the same docs but in restucturedtext are at http://puppetdocs.kumina.nl/rst/ btw
[2008/05/17 08:27:28] @ thegcat_ joined channel #puppet
[2008/05/17 08:28:00] @ mccune left channel #puppet ()
[2008/05/17 08:29:46] @ Quit: ashp: "leaving"
[2008/05/17 08:30:47] @ Quit: geertn: "Leaving"
[2008/05/17 08:31:38] @ Quit: lak:
[2008/05/17 08:34:57] @ technogeeky joined channel #puppet
[2008/05/17 08:35:33] <technogeeky> howdy
[2008/05/17 08:36:59] @ randybias joined channel #puppet
[2008/05/17 08:38:52] @ Quit: randybias: Client Quit
[2008/05/17 08:38:59] @ fsweetser_laptop joined channel #puppet
[2008/05/17 08:39:11] @ randybias joined channel #puppet
[2008/05/17 08:40:06] <jamesturnbull> bartc: pretty doco
[2008/05/17 08:40:33] <bartc> thanks
[2008/05/17 08:40:41] <chadh> I though facter couldn't see puppet custom facts?
[2008/05/17 08:40:46] <chadh> s/though/thought/
[2008/05/17 08:42:38] @ Quit: flakrat: "Leaving"
[2008/05/17 08:44:05] @ Quit: \ask_:
[2008/05/17 08:44:31] <jamesturnbull> chadh: it can't
[2008/05/17 08:44:39] <jamesturnbull> chadh: right now - as in version 1.3.8
[2008/05/17 08:44:52] <chadh> I'm trying to figure out why my facter does see them
[2008/05/17 08:45:03] <jamesturnbull> chadh: in v2 - which luke is slaving over now with some hapless help from me will
[2008/05/17 08:45:14] <chadh> where does facter look for facts?
[2008/05/17 08:45:47] <chadh> found it
[2008/05/17 08:46:09] @ Quit: thegcat: Read error: 113 (No route to host)
[2008/05/17 08:48:06] <bartc> I've converted some of the wiki pages from Tracs format to RST - would it be useful to replace these wiki pages with their RST version?
[2008/05/17 08:48:29] <bartc> e.g. wiki:CreatingCustomTypes and wiki:WritingYourOwnFunctions
[2008/05/17 08:48:33] <gepetto> bartc: wiki:CreatingCustomTypes is http://reductivelabs.com/trac/puppet/wiki/CreatingCustomTypes
[2008/05/17 08:48:35] <gepetto> bartc: wiki:WritingYourOwnFunctions is http://reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions
[2008/05/17 08:48:58] <jamesturnbull> bartc: yes
[2008/05/17 08:49:08] <bartc> ok, will do then
[2008/05/17 08:49:12] <jamesturnbull> bartc: it'd be great if everything was in one format
[2008/05/17 08:49:35] <jamesturnbull> bartc: one of my issues currently is that the half Trac/half rst things means two models for conversion/management
[2008/05/17 08:50:21] <bartc> yep, I have trouble enough remembering the syntax for 1 format
[2008/05/17 08:50:36] @ shinta42 joined channel #puppet
[2008/05/17 08:52:44] @ Quit: randybias_: Read error: 110 (Connection timed out)
[2008/05/17 08:55:15] <gepetto> ::puppet:: Writing Your Own Functions edited by bart @ http://reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions (by bart@kumina.nl)
[2008/05/17 09:02:35] <gepetto> ::puppet:: Practical Types edited by bart @ http://reductivelabs.com/trac/puppet/wiki/PracticalTypes (by bart@kumina.nl)
[2008/05/17 09:02:36] <gepetto> ::puppet:: Writing Your Own Functions edited by bart @ http://reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions (by bart@kumina.nl)
[2008/05/17 09:02:36] <gepetto> ::puppet:: Practical Types edited by bart @ http://reductivelabs.com/trac/puppet/wiki/PracticalTypes (by bart@kumina.nl)
[2008/05/17 09:04:54] @ shinta42 left channel #puppet ()
[2008/05/17 09:06:20] @ nDuff joined channel #puppet
[2008/05/17 09:11:08] @ randybias_ joined channel #puppet
[2008/05/17 09:11:11] @ Quit: randybias: Read error: 104 (Connection reset by peer)
[2008/05/17 09:16:50] <bartc> hm the RST spec got a lot bigger since I last looked at it many years ago
[2008/05/17 09:18:43] <chadh> can someone point me at an example of using the generate for file contents? I can't find anything
[2008/05/17 09:20:34] <chadh> can you just do ... contents => generate(...) ...
[2008/05/17 09:24:54] <gepetto> ::puppet:: Writing Your Own Functions edited by bart @ http://reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions (by bart@kumina.nl)
[2008/05/17 09:28:32] <benp-> chadh: yep that should work
[2008/05/17 09:28:54] <chadh> benp-: thanks. I finally found a reference in a puppet-users post
[2008/05/17 09:51:10] @ Quit: shadoi: Read error: 104 (Connection reset by peer)
[2008/05/17 09:54:10] @ shadoi joined channel #puppet
[2008/05/17 09:59:07] <josb> jamesturnbull: you here?
[2008/05/17 10:00:11] <jamesturnbull> josb: yep
[2008/05/17 10:00:28] <josb> jamesturnbull: would you mind looking at this doc update?
[2008/05/17 10:00:30] <josb> http://pastie.caboo.se/198561
[2008/05/17 10:00:49] <josb> This in response to the pluginsinmodules confusion
[2008/05/17 10:01:02] <jamesturnbull> ah okay
[2008/05/17 10:01:08] <josb> The question is whether this advice is okay
[2008/05/17 10:01:25] <josb> Or if something needs changing; It'd like to fix it once and for all
[2008/05/17 10:01:46] <josb> Sorry for the sucky formatting but I didn't want to check it in just yet
[2008/05/17 10:01:54] <jamesturnbull> I am actually thinkong read-only'ing that page
[2008/05/17 10:02:16] <josb> That would be fine with me
[2008/05/17 10:02:45] <josb> This text hopefully correctly incorporates Luke's feedback
[2008/05/17 10:03:11] <jamesturnbull> josb: and you saw Luke's last edits right?
[2008/05/17 10:03:22] <fujin> besides, it's wrong anyway. Facter plugins should go into /etc/puppet/modules/common/plugins/facter not /plugins/puppet/facter
[2008/05/17 10:03:40] <josb> I was away in a meeting; looks like I'll have to refresh
[2008/05/17 10:04:15] <josb> Ah. I as just following what Luke said in email
[2008/05/17 10:04:38] <josb> Let me check the new text
[2008/05/17 10:05:28] <fujin> yeah, looks like Luke edited it 2 hours ago and sorted it out
[2008/05/17 10:05:43] <fujin> jamesturnbull: probably worth marking that page read-only now that it has been clarified
[2008/05/17 10:05:45] <josb> yeah. This looks right
[2008/05/17 10:05:49] <fujin> I still don't like the way that page flows
[2008/05/17 10:05:57] <fujin> but I guess it contains enough information on how to set it up now
[2008/05/17 10:06:09] <josb> factpath = $vardir/lib/puppet/facter
[2008/05/17 10:06:09] <josb> is surprising though
[2008/05/17 10:06:29] <josb> I would expect this to be $vardir/lib/facter
[2008/05/17 10:07:07] <fujin> /var/lib/puppet/lib/facter
[2008/05/17 10:07:15] <josb> yeah
[2008/05/17 10:07:25] <josb> but it's not
[2008/05/17 10:08:52] <fujin> yes, I think i filed a bug about having to use factpath recently
[2008/05/17 10:08:54] <josb> puppetd --configprint factpath shows $vardir/facts here
[2008/05/17 10:09:05] <josb> bug 1002?
[2008/05/17 10:09:09] @ Quit: zirpu: "wandering the halls aimlessly."
[2008/05/17 10:09:45] <fujin> yup
[2008/05/17 10:09:56] <josb> ok
[2008/05/17 10:14:01] @ Quit: shake-n-bake_:
[2008/05/17 10:20:45] @ johnf joined channel #puppet
[2008/05/17 10:22:16] <johnf> Is this normal? (/File[/var/lib/puppet/lib]/checksum) checksum changed. I get it every puppet run
[2008/05/17 10:38:07] @ Quit: jvanzyl:
[2008/05/17 10:38:27] @ Quit: dysinger__:
[2008/05/17 10:39:29] @ evil_ste1e is now known as evil_steve
[2008/05/17 10:44:43] @ Quit: Wakko666: "Leaving."
[2008/05/17 10:53:01] @ Quit: shadoi: "leaving"
[2008/05/17 10:56:57] @ dysinger joined channel #puppet
[2008/05/17 10:57:11] <josb> jamesturnbull: thanks for your help, as always.
[2008/05/17 11:08:17] @ kenvandine joined channel #puppet
[2008/05/17 11:08:51] @ Quit: randybias_: Read error: 113 (No route to host)
[2008/05/17 11:09:06] @ jvanzyl joined channel #puppet
[2008/05/17 11:21:29] @ Quit: andrewcshafer:
[2008/05/17 11:23:47] * fujin waves
[2008/05/17 11:24:01] <fujin> johnf: every run? sounds like a bug from 0.24.1 or whatever it was.
[2008/05/17 11:24:12] <fujin> checksum mtime bug
[2008/05/17 11:32:29] @ andrewcshafer joined channel #puppet
[2008/05/17 11:39:35] @ Quit: jvanzyl:
[2008/05/17 11:42:08] <technogeeky> ping?
[2008/05/17 11:53:29] @ randybias joined channel #puppet
[2008/05/17 12:06:02] @ plathrop joined channel #puppet
[2008/05/17 12:06:19] <plathrop> Good evening.
[2008/05/17 12:07:10] <holoway> plathrop: hola
[2008/05/17 12:07:36] * plathrop is about to spend the evening trying to crank out more tests.
[2008/05/17 12:07:42] <holoway> nice
[2008/05/17 12:08:24] @ Quit: ricky: Client Quit
[2008/05/17 12:08:42] <holoway> I have learned that drbd can be your best friend
[2008/05/17 12:10:10] <plathrop> holoway: Oh? We just started playing with it. We plan to host our Zimbra on a DRBD cluster. What have you got going on with it?
[2008/05/17 12:10:43] <holoway> plathrop: we just started doing some postgres hot-standby stuff with it and heartbeat
[2008/05/17 12:11:00] <randybias> DRBD is good
[2008/05/17 12:11:05] <holoway> I'm totally impressed
[2008/05/17 12:11:10] <holoway> so much better than it was a few years ago
[2008/05/17 12:11:13] <randybias> I want it on solaris
[2008/05/17 12:11:16] <randybias> with ZVOLs
[2008/05/17 12:11:23] <plathrop> holoway: Very nice! Is it working smoothly? We have a plan to pur our MySQL masters on DRBD, too.
[2008/05/17 12:11:24] <randybias> gotta go
[2008/05/17 12:11:26] <holoway> DRBD + LVM = sweet like candy
[2008/05/17 12:11:31] @ Quit: randybias:
[2008/05/17 12:11:33] @ mikearr joined channel #puppet
[2008/05/17 12:11:34] <holoway> plathrop: like butter
[2008/05/17 12:11:54] <holoway> I'm totally going to start moving all our mysql folks to drbd masters if the postgres stuff works as well as I expect it will
[2008/05/17 12:12:11] <holoway> I'm a little stunned, honestly
[2008/05/17 12:13:01] @ ricky joined channel #puppet
[2008/05/17 12:13:20] <holoway> but for postgres, which has no good replication option other than slony, which is a total bitch
[2008/05/17 12:13:34] <plathrop> Good to hear it goes well.
[2008/05/17 12:13:34] <holoway> it's a gift
[2008/05/17 12:13:39] <plathrop> Awesome.
[2008/05/17 12:13:43] <holoway> I'll tell you how it goes once it's in production
[2008/05/17 12:13:49] <holoway> but in testing, it's gorgeous
[2008/05/17 12:13:49] <plathrop> Isn't it great when technology works?
[2008/05/17 12:13:51] @ jvanzyl joined channel #puppet
[2008/05/17 13:01:18] <plathrop> It's really tough for me to figure out what tests to tackle :-)
[2008/05/17 13:01:39] <plathrop> Also, how do you know when it is better to refactor the code than write a test for the existing code?
[2008/05/17 13:01:47] * plathrop doesn't *really* expect an answer :-D
[2008/05/17 13:02:07] @ Quit: Maliuta: Remote closed the connection
[2008/05/17 13:03:25] @ sparanjape joined channel #puppet
[2008/05/17 13:12:48] @ Quit: andrewcshafer:
[2008/05/17 13:40:51] @ Quit: emerose_:
[2008/05/17 13:45:08] @ Maliuta joined channel #puppet
[2008/05/17 13:45:55] @ Quit: Maliuta: Remote closed the connection
[2008/05/17 13:57:43] @ shadoi joined channel #puppet
[2008/05/17 14:13:02] @ andrewcshafer joined channel #puppet
[2008/05/17 15:16:33] @ Quit: dysinger:
[2008/05/17 15:31:41] @ dysinger joined channel #puppet
[2008/05/17 15:31:43] @ Quit: andrewcshafer: Read error: 104 (Connection reset by peer)
[2008/05/17 15:32:23] @ andrewcshafer joined channel #puppet
[2008/05/17 15:46:01] @ randybias joined channel #puppet
[2008/05/17 15:50:34] @ Quit: randybias: Client Quit
[2008/05/17 15:52:00] @ randybias joined channel #puppet
[2008/05/17 15:59:16] @ patobrien joined channel #puppet
[2008/05/17 16:01:03] @ Quit: patobrien: Client Quit
[2008/05/17 16:03:09] @ Quit: gh: Nick collision from services.
[2008/05/17 16:04:03] @ g1 joined channel #puppet
[2008/05/17 16:05:32] @ Quit: jvanzyl: Read error: 104 (Connection reset by peer)
[2008/05/17 16:27:16] @ \ask_ joined channel #puppet
[2008/05/17 16:29:18] @ Quit: \ask_: Client Quit
[2008/05/17 16:38:12] <mcbride> 1
[2008/05/17 16:45:59] @ shake-n-bake joined channel #puppet
[2008/05/17 17:00:14] @ Quit: shadoi: "leaving"
[2008/05/17 17:06:11] @ Quit: randybias:
[2008/05/17 17:06:32] @ Quit: shake-n-bake:
[2008/05/17 17:08:22] @ technogeeky left channel #puppet ()
[2008/05/17 17:11:57] @ Quit: kenvandine: Excess Flood
[2008/05/17 17:12:18] @ kenvandine joined channel #puppet
[2008/05/17 17:21:39] @ \ask_ joined channel #puppet
[2008/05/17 17:23:58] @ Quit: \ask_: Client Quit
[2008/05/17 17:45:06] @ Quit: johnf: Read error: 110 (Connection timed out)
[2008/05/17 17:47:35] @ Quit: huangmingyou: Remote closed the connection
[2008/05/17 17:48:38] @ huangmingyou joined channel #puppet
[2008/05/17 17:53:31] @ pleemans joined channel #puppet
[2008/05/17 18:04:17] @ Joined channel #puppet
[2008/05/17 18:04:18] @ Topic is "0.24.4 is out: http://snurl.com/22lnx | Please see http://snurl.com/1udr1 for channel guidelines | See http://snurl.com/1udr3 and http://snurl.com/2901u about two SSL issues"
[2008/05/17 18:04:18] @ Topic set by lak on Fri May 16 03:17:25 +1000 2008
[2008/05/17 18:21:37] @ Quit: sparanjape: "Few women admit their age. Few men act theirs."
[2008/05/17 18:47:03] @ jsgotangco joined channel #puppet
[2008/05/17 18:50:47] @ emerose joined channel #puppet
[2008/05/17 18:51:00] @ Quit: emerose: Remote closed the connection
[2008/05/17 19:02:26] @ Quit: jsgotangco: "Ciao"
[2008/05/17 19:28:27] @ jmeeuwen`_ joined channel #puppet
[2008/05/17 19:40:01] @ bolo joined channel #puppet
[2008/05/17 19:43:46] @ Quit: jmeeuwen: Read error: 110 (Connection timed out)
[2008/05/17 19:43:52] @ jmeeuwen`_ is now known as jmeeuwen
[2008/05/17 19:44:03] @ ballpointpenthie joined channel #puppet
[2008/05/17 20:22:30] @ Quit: andrewcshafer:
[2008/05/17 20:29:01] @ Quit: pleemans: Remote closed the connection
[2008/05/17 21:31:14] <gepetto> ::puppet:: Ticket #1228 (refactor created): Create RSpec tests for lib/puppet/util/storage.rb @ http://reductivelabs.com/trac/puppet/ticket/1228 (by paul@tertiusfamily.net)
[2008/05/17 22:07:15] @ Quit: ballpointpenthie: "Leaving"
[2008/05/17 22:08:51] @ ballpointpenthie joined channel #puppet
[2008/05/17 22:53:41] @ Quit: fsweetser_laptop: Read error: 104 (Connection reset by peer)
[2008/05/17 22:59:57] @ keithlard joined channel #puppet
[2008/05/17 23:26:15] @ duritong_ joined channel #puppet
[2008/05/17 23:28:26] @ urmo joined channel #puppet
[2008/05/17 23:29:28] @ Dave2 joined channel #puppet
[2008/05/17 23:29:33] @ urmo left channel #puppet ()
[2008/05/17 23:29:50] @ Dave2 left channel #puppet ("Leaving")
[2008/05/17 23:30:01] @ Dave2 joined channel #puppet
[2008/05/17 23:30:52] @ Dave2 left channel #puppet ("Leaving")
[2008/05/17 23:32:19] @ Quit: duritong: "leaving"
[2008/05/17 23:32:25] @ duritong_ is now known as duritong
« Friday, 2008-05-16 Index Sunday, 2008-05-18 »

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!