Sunday, 2009-05-10

« Saturday, 2009-05-09 Index Monday, 2009-05-11 »
[2009/05/10 00:45:37] @ Log started by gepetto
[2009/05/10 00:45:37] @ fujin joined channel #puppet
[2009/05/10 00:58:59] @ shake-n-bake joined channel #puppet
[2009/05/10 01:03:49] @ Quit: veritas_aequitas: "http://www.mibbit.com ajax IRC Client"
[2009/05/10 01:13:04] @ Quit: shake-n-bake:
[2009/05/10 01:27:03] @ Quit: Bass10: Read error: 110 (Connection timed out)
[2009/05/10 01:34:41] @ digiru joined channel #puppet
[2009/05/10 01:55:32] @ egerlach_ joined channel #puppet
[2009/05/10 01:55:41] @ Quit: egerlach: Read error: 60 (Operation timed out)
[2009/05/10 02:03:56] @ gaveen__ joined channel #puppet
[2009/05/10 02:04:55] @ Quit: gaveen_: Read error: 113 (No route to host)
[2009/05/10 02:07:12] @ WALoeIII joined channel #puppet
[2009/05/10 02:30:07] @ DavidS joined channel #puppet
[2009/05/10 02:31:11] @ WALoeIII_ joined channel #puppet
[2009/05/10 02:32:25] @ Quit: WALoeIII: Read error: 60 (Operation timed out)
[2009/05/10 03:30:27] @ gaveen__ is now known as gaveen
[2009/05/10 03:30:49] @ Quit: gaveen: "Enough lurking for now"
[2009/05/10 03:48:59] @ Quit: DavidS: Read error: 104 (Connection reset by peer)
[2009/05/10 04:12:50] <Volcane> coraline was way kewl
[2009/05/10 04:12:54] <Volcane> ah, wrong #
[2009/05/10 04:19:14] @ Quit: WALoeIII_: Remote closed the connection
[2009/05/10 04:20:05] @ nasrat joined channel #puppet
[2009/05/10 04:20:26] @ WALoeIII_ joined channel #puppet
[2009/05/10 04:27:38] @ Quit: skullY_: "EPIC5-1.0[1581] - amnesiac : crack the liars smile"
[2009/05/10 04:35:01] <jamesturnbull> Volcane: I haven't seen the film yet but the book is great
[2009/05/10 04:38:44] <jamesturnbull> nasrat: I'm going to hold the 1.5.5 release
[2009/05/10 04:38:50] <nasrat> ok
[2009/05/10 04:39:00] <jamesturnbull> nasrat: I figure you're working on stuff
[2009/05/10 04:39:03] <nasrat> I think we need to fixup the corner cases in interfaces
[2009/05/10 04:39:04] <nasrat> yeah
[2009/05/10 04:40:10] <jamesturnbull> is there anything else you wanted to fix in addition to that?
[2009/05/10 04:40:18] <nasrat> I'll scan the bug list
[2009/05/10 04:40:42] <nasrat> main goal is to avoid regressions
[2009/05/10 04:40:51] <jamesturnbull> stupid interfaces
[2009/05/10 04:40:56] <nasrat> indeed
[2009/05/10 04:41:14] <nasrat> and stupid operating systems
[2009/05/10 04:41:30] <nasrat> hmm my opensolaris vm boot is slow ...
[2009/05/10 04:41:47] <jamesturnbull> you were doing well being all English with the "indeed" until you dropped to my Antipodean level :P
[2009/05/10 04:45:38] <jamesturnbull> nasrat: speaking of slow - is Redmine crawling along for you too?
[2009/05/10 04:46:25] <nasrat> not sure just started looking at stuff this am
[2009/05/10 04:53:21] <jamesturnbull> gepetto: seen lludwig
[2009/05/10 04:53:21] <gepetto> jamesturnbull: lludwig was last seen 5 days, 6 hours, 31 minutes and 17 seconds ago, quitting IRC (Client Quit)
[2009/05/10 04:53:56] <jamesturnbull> nasrat: redmine is going down for a tick
[2009/05/10 04:54:08] <nasrat> np
[2009/05/10 05:00:05] <jamesturnbull> okay back
[2009/05/10 05:18:50] <Volcane> jamesturnbull: well recommended, i think the last 3d movie i saw was Jaws 3D in the cinema with shitty red/green glasses, so this way awesome with the new way they do it etc, just saw some strenge artifacts in the animation on forward/backward moves but otherwise its great
[2009/05/10 05:19:04] <nasrat> coraline?
[2009/05/10 05:20:03] <Volcane> yah
[2009/05/10 05:24:37] @ Quit: Kindred: Read error: 104 (Connection reset by peer)
[2009/05/10 05:24:52] @ Kindred joined channel #puppet
[2009/05/10 05:29:26] @ Quit: Kindred: Read error: 104 (Connection reset by peer)
[2009/05/10 05:29:52] @ Kindred joined channel #puppet
[2009/05/10 05:36:09] @ Quit: Kindred: Read error: 104 (Connection reset by peer)
[2009/05/10 05:36:23] <jamesturnbull> nasrat: so I dumped everything I think is worth doing into the 1.5.5 roadmap
[2009/05/10 05:36:36] <jamesturnbull> nasrat: feel free to bump
[2009/05/10 05:36:50] @ Kindred joined channel #puppet
[2009/05/10 05:37:40] @ Quit: mellen: Read error: 60 (Operation timed out)
[2009/05/10 05:39:09] @ tim|imac joined channel #puppet
[2009/05/10 05:39:59] <jamesturnbull> nasrat: #2155 you happy with that?
[2009/05/10 05:40:00] <gepetto> jamesturnbull: nasrat: #2155 is http://projects.reductivelabs.com/issues/show/2155 "Facter - Bug #2155: Wrong architecture results for Gentoo on x86 and amd64 - ReductiveLabs.com"
[2009/05/10 05:41:27] @ mellen joined channel #puppet
[2009/05/10 05:44:07] @ jrisch joined channel #puppet
[2009/05/10 06:00:27] @ Quit: jrisch:
[2009/05/10 06:10:18] @ Quit: WALoeIII_:
[2009/05/10 06:17:09] @ iFujin joined channel #puppet
[2009/05/10 06:17:42] @ Quit: iFujin: Client Quit
[2009/05/10 06:39:36] <nasrat> jamesturnbull: sorry was out shopping I'll look at that need a gentoo install first
[2009/05/10 06:42:38] <nasrat> I really should sort out ec2 instances for testing
[2009/05/10 06:43:49] <jamesturnbull> nasrat: me too
[2009/05/10 06:43:56] <jamesturnbull> nasrat: and now I think I've fucked up the damn repo
[2009/05/10 06:44:35] <jamesturnbull> nasrat: can you pull 1.5.x and master?
[2009/05/10 06:45:31] <nasrat> master yes
[2009/05/10 06:46:39] <nasrat> and 1.5
[2009/05/10 07:04:28] @ mfournier joined channel #puppet
[2009/05/10 07:05:27] @ Lennie78 joined channel #puppet
[2009/05/10 07:07:52] @ Quit: PhabX: "Leaving..."
[2009/05/10 07:15:34] <the-dude> what does a puppetclient use to identify his hostname @ the puppet server?
[2009/05/10 07:17:20] @ Quit: yarihm: "This computer has gone to sleep"
[2009/05/10 07:19:42] @ veritas_aequitas joined channel #puppet
[2009/05/10 07:22:07] @ jrisch joined channel #puppet
[2009/05/10 07:24:52] @ nigelk joined channel #puppet
[2009/05/10 07:25:13] @ nigelk_ joined channel #puppet
[2009/05/10 07:25:13] @ Quit: nigelk: Read error: 104 (Connection reset by peer)
[2009/05/10 07:25:22] @ Quit: nigelk_: Client Quit
[2009/05/10 07:30:56] <Lennie78> it's quiet here
[2009/05/10 07:31:07] @ Lennie78 is now known as LennieB
[2009/05/10 07:32:12] <LennieB> Did anyone see the video at podtech.net with Luke Kanies ?
[2009/05/10 07:33:12] <LennieB> I think the idea about Open Source which he expressed with the difference between envy and jealousy is briliant. :-)
[2009/05/10 07:38:00] <jamesturnbull> nasrat: are you developing on master or 1.5.x
[2009/05/10 07:38:20] <nasrat> I probably should be on 1.5.x
[2009/05/10 07:38:26] <jamesturnbull> the-dude: can you clarify - do you mean how the clinet identifies itself to the master?
[2009/05/10 07:38:28] <nasrat> do you need me to rebase stuff
[2009/05/10 07:38:41] <jamesturnbull> nasrat: nah I am going to merge my messy 1.5.sx into master now
[2009/05/10 07:39:02] <nasrat> it'll matter more once we start on bigger features
[2009/05/10 07:39:21] <jamesturnbull> I fucked up somewhere and they diverged - not sure how that happened
[2009/05/10 07:39:53] <the-dude> jamesturnbull: I mean when a add a new client it needs a certificate, on puppetmaster it generates a request, where will that name on the puppetmaster be based on?
[2009/05/10 07:40:14] <the-dude> I think on /etc/hostname?
[2009/05/10 07:43:58] <the-dude> ah hostname it is :)
[2009/05/10 07:45:40] <jamesturnbull> the-dude: facter
[2009/05/10 07:46:03] <jamesturnbull> the-dude: the fqdn
[2009/05/10 07:47:43] <the-dude> is it normal to put fqdn in /etc/hostname?
[2009/05/10 07:54:02] <kolla> with me it is
[2009/05/10 07:54:24] <realist> /etc/hostname generally does *not* have fqdn (on debian anyway)
[2009/05/10 07:54:33] <nasrat> that's going to be dist/policy based
[2009/05/10 07:54:59] <kolla> something that often causes headaches, so I always put fqdn into /etc/hostname, also on debian
[2009/05/10 07:55:15] <realist> Should probably have fqdn in /etc/hosts instead
[2009/05/10 07:55:35] <kolla> s/instead/as well/
[2009/05/10 07:56:12] @ johnw joined channel #puppet
[2009/05/10 07:56:26] <johnw> is there any document that makes sense of Puppet's variable scoping with regard to templates?
[2009/05/10 07:56:47] <johnw> I've got a define with a $display parameter, but although $display is available within the body of the define, it's not in the templates that it refers to
[2009/05/10 07:57:05] <johnw> i'm finding templates and scoping to be very counter-intuitive in other ways as well
[2009/05/10 07:57:17] <johnw> there are cases where :: scoping will work in a define, but not in the template that it includes
[2009/05/10 07:57:20] <realist> Can't say I've ever seen/needed a FQDN in /etc/hostname before
[2009/05/10 07:57:31] <jamesturnbull> nasrat: both branches are now fixed - you might need to pull again
[2009/05/10 07:57:37] <nasrat> ok will do
[2009/05/10 07:57:51] <nasrat> just fired up a gentoo ec2 instance
[2009/05/10 07:58:15] <jamesturnbull> it's not /etc/hostname - Puppet uses the facter facts - the combination of hostname and domain to name the certificate
[2009/05/10 07:58:58] <the-dude> kolla: I thought so, im using debian as well
[2009/05/10 08:00:08] <jamesturnbull> or rather identify the client rather than name the certificate
[2009/05/10 08:02:02] <the-dude> jamesturnbull: you mean puppetca --sign $fqdn ?
[2009/05/10 08:02:17] <jamesturnbull> the-dude: nope
[2009/05/10 08:02:25] <kolla> johnw: it became quite appearant when we had lots of machines that shared shortname, but had different domain names :)
[2009/05/10 08:02:30] <jamesturnbull> the-dude: when identifying the client Puppet uses $hostname + $domain
[2009/05/10 08:03:08] <the-dude> isn't that fqdn?
[2009/05/10 08:03:54] <jamesturnbull> the-dude: yes but Puppet specifically uses both facts combined so I was juyst highlighting that
[2009/05/10 08:04:42] <the-dude> allright :)
[2009/05/10 08:05:12] <kolla> so you might end up with machine.domain.tld.domain.tld?
[2009/05/10 08:05:22] <jamesturnbull> kolla: nope
[2009/05/10 08:05:42] <jamesturnbull> kolla: the resolution for hostname and domain should prevent that
[2009/05/10 08:05:48] <kolla> ok
[2009/05/10 08:07:10] <jamesturnbull> kolla: if you have a look at the hostname fact you can see that even if hostname returns the fqdn Facter will only grab the hostname and ignore domain.tld
[2009/05/10 08:08:02] <kolla> ok, good :)
[2009/05/10 08:08:23] * jamesturnbull doesn't think Kolla really cares as long as it works :)
[2009/05/10 08:08:39] <kolla> correct :)
[2009/05/10 08:14:14] <the-dude> any suggestions how to use a puppetclient on a computer with a dynamic adres?
[2009/05/10 08:15:10] @ nakano_ is now known as nakano
[2009/05/10 08:16:25] <jamesturnbull> the-dude: dynanic IP shouldn't matter as long as the fqdn doesn't change or do you mean something on a DSL link with a varying fqdn?
[2009/05/10 08:17:04] @ aymerick joined channel #puppet
[2009/05/10 08:17:06] <the-dude> jamesturnbull: I should fix something with dhcp and dyn dns or so I quess
[2009/05/10 08:17:15] <jamesturnbull> the-dude: yep
[2009/05/10 08:17:38] <the-dude> I am talking about client who use (MS)dhcp so that might be a challenge
[2009/05/10 08:17:43] <johnw> it looks like my issues is with the variable name $display
[2009/05/10 08:17:47] <johnw> using $screen, it works
[2009/05/10 08:18:27] <jamesturnbull> the-dude: you can get dyndns clients for Windows I think
[2009/05/10 08:19:32] <the-dude> dns and dhcp server is windoos , most of the clients will be ubuntu
[2009/05/10 08:19:38] <the-dude> windows
[2009/05/10 08:21:59] <the-dude> one solution would be add all clients to dns, and apply dynamic addresses on hostnames or so
[2009/05/10 08:27:13] <the-dude> would it be possible to use wins for resolving?
[2009/05/10 08:29:56] <LennieB> the-dude: http://ubuntuforums.org/showthread.php?t=268129 ?
[2009/05/10 08:31:22] <LennieB> the-dude: you might also need to disable a check on the windows-side of things
[2009/05/10 08:31:56] <the-dude> LennieB: interesting Im going to check thuesday :)
[2009/05/10 08:32:18] <the-dude> that would be very nice if it works that way :)
[2009/05/10 08:33:15] <LennieB> the-dude: that's usually the problem: it would be nice IF it worked that way, the problem is when it doesn't
[2009/05/10 08:33:52] <the-dude> *g* so true :)
[2009/05/10 08:34:05] <the-dude> most likely it doesn't work but it is worth a try
[2009/05/10 08:35:49] <LennieB> the-dude: that someone had it work, does give hope
[2009/05/10 08:37:20] @ lak joined channel #puppet
[2009/05/10 08:37:32] <LennieB> the-dude: what I think needs to be turned off is the: domain-authenticated updates or whatever it's called, I think it's per host
[2009/05/10 08:38:29] <the-dude> LennieB: thx I will check that
[2009/05/10 08:43:31] @ d3vilb0x joined channel #puppet
[2009/05/10 09:00:42] @ Quit: lak:
[2009/05/10 09:04:35] @ Quit: d3vilb0x:
[2009/05/10 09:19:02] @ Quit: johnw:
[2009/05/10 09:41:31] @ monachus- joined channel #puppet
[2009/05/10 09:43:36] @ monachus- is now known as monachus
[2009/05/10 09:52:08] @ Quit: monachus: "monachus (arces-1.client.vpn.arces.net[10.66.4.10]) requested QUIT."
[2009/05/10 09:52:18] @ monachus joined channel #puppet
[2009/05/10 09:56:45] @ Quit: monachus: Client Quit
[2009/05/10 09:57:05] @ monachus joined channel #puppet
[2009/05/10 10:00:00] @ Quit: monachus: Client Quit
[2009/05/10 10:03:16] @ Quit: DarkFlib: Remote closed the connection
[2009/05/10 10:04:09] @ DarkFlib joined channel #puppet
[2009/05/10 10:17:21] @ andrewcshafer joined channel #puppet
[2009/05/10 10:22:42] @ Bass10 joined channel #puppet
[2009/05/10 10:23:10] @ Quit: aymerick:
[2009/05/10 10:25:16] @ Quit: LennieB: "have a nice day !"
[2009/05/10 10:43:15] <nasrat> don't suppose anyones got a linux box with 8021q vlans setup to hand?
[2009/05/10 10:44:28] <ch> need something tested?
[2009/05/10 10:45:18] @ monachus joined channel #puppet
[2009/05/10 10:47:01] <nasrat> ifconfig output really
[2009/05/10 10:47:13] <nasrat> particularly if you have aliases on the vlan interface
[2009/05/10 10:48:06] <ch> http://nopaste.narf.at/m41f348ed
[2009/05/10 10:48:10] <ch> no aliases, just a single vlan
[2009/05/10 10:49:47] <nasrat> cheers, that's an awesome start I should be able to stub the alias by copy/paste
[2009/05/10 10:50:05] <nasrat> I'll anonymize the ip
[2009/05/10 10:50:19] <ch> http://nopaste.narf.at/m4d9b5f27 with aliases
[2009/05/10 10:51:21] <ch> mind you that vlan interface names can vary, this style (which is the default on debian I think) is what you get when /proc/net/vlan/config shows VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
[2009/05/10 10:51:45] <nasrat> yeah
[2009/05/10 10:52:02] <nasrat> hmm that's interesting as it's not got the alias in the entry
[2009/05/10 10:55:03] <nasrat> can you do me a favour and put up /proc/net/dev contents with the alias
[2009/05/10 10:57:17] <ch> ifconfig probably cuts off the interface name if it's too long
[2009/05/10 10:58:22] @ nakano is now known as nakano_
[2009/05/10 10:59:01] <ch> http://zeha.at/~ch/dev.txt
[2009/05/10 11:02:08] @ d3vilb0x joined channel #puppet
[2009/05/10 11:02:49] @ Quit: jrisch:
[2009/05/10 11:05:07] @ shake-n-bake joined channel #puppet
[2009/05/10 11:06:12] <nasrat> cheers
[2009/05/10 11:07:13] <nasrat> think my best plan is to split out the interface regex for now
[2009/05/10 11:11:36] @ Quit: bevans5446:
[2009/05/10 11:19:40] @ gaveen joined channel #puppet
[2009/05/10 11:20:39] @ andrewcshafer_ joined channel #puppet
[2009/05/10 11:20:39] @ Quit: andrewcshafer: Read error: 104 (Connection reset by peer)
[2009/05/10 11:23:27] @ andrewcshafer_ is now known as andrewcshafer
[2009/05/10 11:52:24] @ Quit: pdt:
[2009/05/10 11:54:55] <duritong> have I only dreamed that if not $foobar {} is possible?
[2009/05/10 12:03:53] @ Quit: Omahn: Read error: 60 (Operation timed out)
[2009/05/10 12:05:26] @ Quit: digiru: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:26] @ Quit: astinus: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:27] @ Quit: Cope: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:27] @ Quit: Joelio: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:27] @ Quit: euclid: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:28] @ Quit: macbar_: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:28] @ Quit: riddley: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:29] @ Quit: nmalik: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:29] @ Quit: bda: brown.freenode.net irc.freenode.net
[2009/05/10 12:05:29] @ Quit: prgmrcom: brown.freenode.net irc.freenode.net
[2009/05/10 12:07:26] @ euclid joined channel #puppet
[2009/05/10 12:08:07] @ prgmrcom joined channel #puppet
[2009/05/10 12:08:30] @ nmalik joined channel #puppet
[2009/05/10 12:09:25] @ bda joined channel #puppet
[2009/05/10 12:09:28] @ Joelio joined channel #puppet
[2009/05/10 12:10:10] @ Cope joined channel #puppet
[2009/05/10 12:18:36] @ digiru joined channel #puppet
[2009/05/10 12:19:49] @ Quit: JD: Read error: 110 (Connection timed out)
[2009/05/10 12:19:49] @ riddley joined channel #puppet
[2009/05/10 12:20:22] @ egerlach_ is now known as egerlach
[2009/05/10 12:21:27] @ johan-s joined channel #puppet
[2009/05/10 12:30:15] @ alban2 joined channel #puppet
[2009/05/10 12:42:21] @ Quit: gaveen: Read error: 113 (No route to host)
[2009/05/10 12:43:27] @ jmarki joined channel #puppet
[2009/05/10 12:48:32] @ gaveen joined channel #puppet
[2009/05/10 12:56:56] @ pdt joined channel #puppet
[2009/05/10 13:22:09] @ Quit: d3vilb0x:
[2009/05/10 13:38:08] @ jrisch joined channel #puppet
[2009/05/10 13:54:37] @ andrewcshafer_ joined channel #puppet
[2009/05/10 13:54:38] @ Quit: andrewcshafer: Read error: 131 (Connection reset by peer)
[2009/05/10 13:56:29] @ zirpu2 joined channel #puppet
[2009/05/10 13:56:42] @ zirpu2 is now known as zirpu
[2009/05/10 14:12:02] @ offCenter joined channel #puppet
[2009/05/10 14:12:14] @ Quit: offCenter: Remote closed the connection
[2009/05/10 14:16:38] @ fbe_ joined channel #puppet
[2009/05/10 14:17:19] @ PhabX joined channel #puppet
[2009/05/10 14:18:07] @ Quit: jmarki: Remote closed the connection
[2009/05/10 14:22:22] @ sebas891 joined channel #puppet
[2009/05/10 14:26:13] @ yarihm joined channel #puppet
[2009/05/10 14:29:05] @ ezmob joined channel #puppet
[2009/05/10 14:31:06] @ Quit: fbe: Read error: 110 (Connection timed out)
[2009/05/10 14:32:00] @ madrescher joined channel #puppet
[2009/05/10 14:45:08] <mfournier> duritong: the best I found is: if $foobar {} else { ...do stuff... }
[2009/05/10 14:49:37] @ jchonig joined channel #puppet
[2009/05/10 14:51:37] <jchonig> Good day. Does puppet have a function to turn an array into a string?
[2009/05/10 14:53:26] <jchonig> i.e. a join funtion?
[2009/05/10 14:58:38] <jchonig> I would like to build the contents of a file into an array and then join into a variable for the content parameter to file
[2009/05/10 14:59:34] <digiru> i having problems with the facter ec2 example?
[2009/05/10 14:59:41] <digiru> can anyone give me any ideas on how to get that to work?
[2009/05/10 15:01:17] @ Quit: jrisch:
[2009/05/10 15:02:51] @ WALoeIII joined channel #puppet
[2009/05/10 15:04:44] @ Quit: fujin:
[2009/05/10 15:08:49] @ macbar joined channel #puppet
[2009/05/10 15:09:30] @ astinus joined channel #puppet
[2009/05/10 15:12:30] <nasrat> *sigh*
[2009/05/10 15:12:45] <nasrat> #2231
[2009/05/10 15:12:46] <gepetto> nasrat: #2231 is http://projects.reductivelabs.com/issues/show/2231 "Facter - Bug #2231: ipaddress_pcn0 fact no longer exists on Solaris systems - ReductiveLabs.com"
[2009/05/10 15:13:05] <nasrat> spot the issue in REGEX_MAP ... :ipadddress
[2009/05/10 15:13:41] @ Quit: astinus: brown.freenode.net irc.freenode.net
[2009/05/10 15:13:41] @ Quit: macbar: brown.freenode.net irc.freenode.net
[2009/05/10 15:19:37] @ aymerick joined channel #puppet
[2009/05/10 15:22:41] @ mvn071 joined channel #puppet
[2009/05/10 15:23:25] <gepetto> ::trac:: Puppet Ubuntu edited by sebas891 @ http://reductivelabs.com/trac/puppet/wiki/PuppetUbuntu (by sebas@koumbit.org)
[2009/05/10 15:30:01] <duritong> mfournier: yeah I just thought that it might be possible, but doesn't look like
[2009/05/10 15:32:05] <sebas891> hi folks, I would like to use multiple instances of a define statement (svn::checkout) on a node but I get an error "duplicate definition"
[2009/05/10 15:32:44] <sebas891> Any idea, on how I can define multiple svn::checkout on a node?
[2009/05/10 15:33:18] @ Quit: mvn071: "Leaving"
[2009/05/10 15:35:28] <duritong> you need to have a unique name
[2009/05/10 15:37:40] <sebas891> the name is the same but the parameters are different. (like the repository and the destination)
[2009/05/10 15:46:37] <gepetto> ::trac:: Recipes/Authorized_keys edited by rasputnik @ http://reductivelabs.com/trac/puppet/wiki/Recipes/Authorized_keys (by rasputnik@hellooperator.net)
[2009/05/10 15:51:13] @ Quit: rberger:
[2009/05/10 15:52:36] @ andrewcshafer_ is now known as andrewcshafer
[2009/05/10 15:53:07] @ rberger joined channel #puppet
[2009/05/10 15:53:21] @ LittleIdea joined channel #puppet
[2009/05/10 15:53:35] @ Quit: LittleIdea: Client Quit
[2009/05/10 16:09:58] @ alban3 joined channel #puppet
[2009/05/10 16:10:46] @ Quit: alban2: Read error: 113 (No route to host)
[2009/05/10 16:11:57] @ meltemi_ joined channel #puppet
[2009/05/10 16:12:01] @ Quit: meltemi_: Client Quit
[2009/05/10 16:12:28] @ LittleIdea joined channel #puppet
[2009/05/10 16:12:50] @ digiru left channel #puppet ()
[2009/05/10 16:13:38] @ astinus joined channel #puppet
[2009/05/10 16:13:38] @ macbar joined channel #puppet
[2009/05/10 16:13:39] @ Quit: macbar: brown.freenode.net irc.freenode.net
[2009/05/10 16:13:39] @ Quit: astinus: brown.freenode.net irc.freenode.net
[2009/05/10 16:16:01] @ astinus joined channel #puppet
[2009/05/10 16:16:01] @ macbar joined channel #puppet
[2009/05/10 16:16:36] @ astinus is now known as Guest71117
[2009/05/10 16:25:08] @ alban3 is now known as alban2
[2009/05/10 16:25:10] @ fbe_ is now known as fbe
[2009/05/10 16:29:55] @ Omahn joined channel #puppet
[2009/05/10 16:33:26] @ Quit: madrescher: Read error: 110 (Connection timed out)
[2009/05/10 16:35:55] @ Quit: MarlondB:
[2009/05/10 16:39:52] @ ka83753 joined channel #puppet
[2009/05/10 16:55:24] @ cwebber joined channel #puppet
[2009/05/10 16:57:22] @ Quit: mfournier: Read error: 60 (Operation timed out)
[2009/05/10 17:09:46] @ Quit: ka83753: "leaving"
[2009/05/10 17:13:04] @ Quit: rberger:
[2009/05/10 17:18:07] @ Quit: fbe: Remote closed the connection
[2009/05/10 17:18:20] @ fbe joined channel #puppet
[2009/05/10 17:23:33] @ Quit: phantez: Read error: 110 (Connection timed out)
[2009/05/10 17:25:20] @ Quit: egerlach: "leaving"
[2009/05/10 17:27:36] @ d3vilb0x joined channel #puppet
[2009/05/10 17:34:22] @ Quit: gaveen: Connection timed out
[2009/05/10 17:36:34] @ Berge joined channel #puppet
[2009/05/10 17:36:49] <Berge> Cheers! I'm having a problem related to puppetmaster and file permissions.
[2009/05/10 17:37:01] <Berge> I'd like to distribute /etc/shadow to some clients.
[2009/05/10 17:37:05] @ gaveen joined channel #puppet
[2009/05/10 17:37:35] <Berge> puppetmaster is running as the user puppet, and that user has been added to the group shadow, and /etc/shadow is owned by root:shadow with 640 as permissions.
[2009/05/10 17:37:54] @ Quit: ghenry: Remote closed the connection
[2009/05/10 17:38:23] <Berge> There's a symlink from somewhere within puppetmaster's files to /etc/shadow.
[2009/05/10 17:38:53] <Berge> But puppetmaster can't seem to be able to access it: From syslog: puppetmasterd[4044]: Permission denied - /etc/puppet/files/unixpasswd/shadow
[2009/05/10 17:39:27] <Berge> puppetmaster has been restarted. If I su to the user puppet, I can access the symlink.
[2009/05/10 17:39:49] <Berge> Does puppetmaster drop group privileges upon start or something to that effect?
[2009/05/10 17:41:50] <ch> it tries to setgid to the pgid of the configured user (in your case, the puppet user)
[2009/05/10 17:42:24] <ch> therefore it won't have the shadow group attached to it
[2009/05/10 17:42:39] <Berge> ah
[2009/05/10 17:43:02] <Berge> Hm.
[2009/05/10 17:43:13] @ Djelibeybi joined channel #puppet
[2009/05/10 17:43:37] <Berge> Then what to do? (-:
[2009/05/10 17:44:05] <ch> don't use /etc/shadow as is but make a copy in your files directory
[2009/05/10 17:44:17] @ madrescher joined channel #puppet
[2009/05/10 17:44:32] <Berge> And symlink /etc/shadow there?
[2009/05/10 17:44:36] <Berge> Could work, of course.
[2009/05/10 17:44:38] <ch> *copy*.
[2009/05/10 17:44:54] <Berge> But that would break tools which edit /etc/shadow
[2009/05/10 17:44:58] <Berge> Such as adduser.
[2009/05/10 17:45:21] <Berge> cron could always help, though.
[2009/05/10 17:45:39] <Berge> Seems kind of complex just to distribute a single file, though (-.
[2009/05/10 17:46:03] <ch> it's easy to do the right thing, it's hard to do the wrong thing
[2009/05/10 17:46:40] <Berge> Hm? What would be the right and wrong this in this case?
[2009/05/10 17:48:07] <Berge> s/this in this/thing in this/
[2009/05/10 17:48:51] @ Quit: nasrat:
[2009/05/10 17:51:03] <kolla> Berge: muhaha :)
[2009/05/10 17:51:17] <Berge> kolla: Hah, you're here? (=
[2009/05/10 17:51:27] <kolla> :)
[2009/05/10 17:52:11] @ Quit: cwebber:
[2009/05/10 18:05:32] @ Quit: ezmob: "Bye!"
[2009/05/10 18:12:04] <gebi> Berge: hardlink /etc/shadow with group puppet?
[2009/05/10 18:15:36] <Berge> Hm, yes.
[2009/05/10 18:16:07] <Berge> Or perhaps do without /etc/shadow (or, with a minimal with just root account).
[2009/05/10 18:16:43] <gebi> adding the appropriate user/group entries through puppet would be the other way
[2009/05/10 18:17:34] <gebi> it's ugly that many linux tools still write to shadow/passwd directly instead of using pam :/
[2009/05/10 18:17:45] <Berge> We do use pam.
[2009/05/10 18:17:53] <Berge> And LDAP and Kerberos, even.
[2009/05/10 18:17:58] @ Quit: d3vilb0x:
[2009/05/10 18:18:20] <Berge> But the box running LDAP populates its database from /etc/passwd. (-:
[2009/05/10 18:18:46] <gebi> *g*
[2009/05/10 18:19:40] <Berge> And the user database is in turn synced with a database of users. Throw in some Samba, and stuff gets muddier.
[2009/05/10 18:20:56] <gepetto> ::trac:: Puppet Ubuntu edited by jamtur01 @ http://reductivelabs.com/trac/puppet/wiki/PuppetUbuntu (by james@lovedthanlost.net)
[2009/05/10 18:21:15] <gebi> on boxes needed reliable user lookup nsscache is worth a look
[2009/05/10 18:21:20] <jamesturnbull> duritong: it's possible in 0.24.7 and later
[2009/05/10 18:21:57] <Berge> gebi: Well, our setup is almost oddly reliable.
[2009/05/10 18:22:08] <jamesturnbull> duritong: sorry .6 onwards
[2009/05/10 18:23:16] <jamesturnbull> duritong: that's when complex conditionals were introduced
[2009/05/10 18:23:39] <gebi> Berge: reliable as in, a box should better know it's user, even without network, but over ldap ;)
[2009/05/10 18:24:15] <Berge> gebi: When the network's down, we lose anyhow.
[2009/05/10 18:24:28] <gebi> maybe
[2009/05/10 18:24:38] <Berge> Well, if you can't talk to the KDCs, you lose. (-:
[2009/05/10 18:26:03] @ Quit: WALoeIII:
[2009/05/10 18:27:59] <duritong> jamesturnbull: no it isn't even with complex conditionals
[2009/05/10 18:28:46] <duritong> pastie: url
[2009/05/10 18:29:35] <pastie> http://pastie.org/473975 by duritong.
[2009/05/10 18:29:46] <duritong> jamesturnbull: have a look at the pastie
[2009/05/10 18:43:11] @ Quit: PhabX: "Leaving..."
[2009/05/10 18:45:29] <Djelibeybi> jamesturnbull: can you think of any reason why Facter 1.5.4 with the -p option doesn't load any of my custom Puppet-delivered facts?
[2009/05/10 18:56:31] @ Quit: andrewcshafer:
[2009/05/10 18:56:32] @ Quit: LittleIdea:
[2009/05/10 19:08:59] @ andrewcshafer joined channel #puppet
[2009/05/10 19:08:59] @ LittleIdea joined channel #puppet
[2009/05/10 19:10:19] @ Quit: LittleIdea: Client Quit
[2009/05/10 19:10:19] @ Quit: andrewcshafer: Client Quit
[2009/05/10 19:12:50] @ edwardam is now known as edwardam|AFK
[2009/05/10 19:14:01] @ Quit: pdt:
[2009/05/10 19:15:29] @ schwagal1 joined channel #puppet
[2009/05/10 19:17:01] <jamesturnbull> Djelibeybi: yes
[2009/05/10 19:17:12] <jamesturnbull> Djelibeybi: there is a fix in 1.5.x HEAD
[2009/05/10 19:17:16] <Djelibeybi> jamesturnbull: narf.
[2009/05/10 19:17:41] <jamesturnbull> duritong: why not do it different if $variable == '' {} etc
[2009/05/10 19:18:24] <jamesturnbull> duritong: I more meant reinterpret the approach rather than the "if not" syntax being supported - sorry shjould have been clearer
[2009/05/10 19:19:35] <Djelibeybi> jamesturnbull: I need to get better at ruby. Also, need to switch the puppet client from running as a daemon to being called by cron.
[2009/05/10 19:19:54] <Djelibeybi> jamesturnbull: our puppetd processes are currently sucking anywhere from 200M to 500M
[2009/05/10 19:22:04] @ Quit: schwagala: Read error: 60 (Operation timed out)
[2009/05/10 19:24:24] @ James-iphone joined channel #puppet
[2009/05/10 19:24:26] @ Quit: James-iphone: Client Quit
[2009/05/10 19:25:46] <jamesturnbull> Djelibeybi: what version?
[2009/05/10 19:25:58] <Djelibeybi> jamesturnbull: Puppet 0.24.8 RPM
[2009/05/10 19:26:09] <Djelibeybi> jamesturnbull: I think it's the Ruby problem on EL, though
[2009/05/10 19:26:36] <jamesturnbull> Djelibeybi: might be worth testing 0.25z0 too
[2009/05/10 19:27:00] <Djelibeybi> jamesturnbull: if someone wraps that into an RPM, I might. I just don't have time to build RPMs for testing atm.
[2009/05/10 19:27:50] <jamesturnbull> Djelibeybi: tmz z has i believe check tge user list
[2009/05/10 19:28:26] @ James-iphone joined channel #puppet
[2009/05/10 19:29:29] @ James-iphone left channel #puppet ()
[2009/05/10 19:29:47] @ James-iphone joined channel #puppet
[2009/05/10 19:30:20] @ Quit: James-iphone: Client Quit
[2009/05/10 19:41:25] <tmz> Djelibeybi: indeed, repos for fedora and epel are here: http://tmz.fedorapeople.org/repo/puppet/ (no rawhide/F11 at the moment, if you need that, just rebuild the source rpms.)
[2009/05/10 19:41:58] <tmz> that includes facter-1.5.5rc1 and puppet-0.25.0beta1.
[2009/05/10 19:43:05] @ Quit: aymerick: "kit mais sage"
[2009/05/10 19:44:01] <Djelibeybi> tmz: ta muchly. :)
[2009/05/10 19:54:50] @ Quit: Bass10: Read error: 110 (Connection timed out)
[2009/05/10 19:55:41] <duritong> jamesturnbull: yeah I switched now to that, and I'm totally fine with it
[2009/05/10 19:55:53] <duritong> I just thought I had used it once :-/
[2009/05/10 20:08:53] @ WALoeIII joined channel #puppet
[2009/05/10 20:26:49] @ nakano_ is now known as nakano
[2009/05/10 20:34:21] @ KB1JWQ joined channel #puppet
[2009/05/10 20:36:30] @ Quit: gaveen: Read error: 60 (Operation timed out)
[2009/05/10 20:48:31] @ gaveen joined channel #puppet
[2009/05/10 20:49:53] @ Guest71117 is now known as astinus
[2009/05/10 20:53:28] @ nakano is now known as nakano_
[2009/05/10 21:12:12] @ ACID joined channel #puppet
[2009/05/10 21:20:29] @ ohadlevy joined channel #puppet
[2009/05/10 21:28:45] @ sys_Admin joined channel #puppet
[2009/05/10 21:29:57] <sys_Admin> can someone explain to me the difference between puppet and facter??
[2009/05/10 21:31:52] <proton> facter just gives facts about a system (run facter and look at its output, you'll see lots of info about the system)
[2009/05/10 21:32:06] @ d3vilb0x joined channel #puppet
[2009/05/10 21:32:39] <proton> puppet itself does the taking of facts, combining with manifests, etc and making the system match what you specified in the manifests
[2009/05/10 21:32:51] <sys_Admin> oh and puppet allows you to modify a system
[2009/05/10 21:33:19] <sys_Admin> i see thankyou
[2009/05/10 21:38:01] @ blahdeblah joined channel #puppet
[2009/05/10 21:38:13] @ Quit: blahdeblah: Client Quit
[2009/05/10 21:44:46] @ Quit: ACID: "Leaving"
[2009/05/10 21:46:50] @ fbe_ joined channel #puppet
[2009/05/10 22:02:30] @ Quit: fbe: Read error: 110 (Connection timed out)
[2009/05/10 22:05:06] @ maxagaz joined channel #puppet
[2009/05/10 22:14:06] @ Quit: WALoeIII: "Bai."
[2009/05/10 22:22:58] <ricky> Hey, I have a patch for the operatingsystemrelease fact in Facter: http://ricky.fedorapeople.org/facter/0001-Handle-non-integer-Fedora-releases.patch
[2009/05/10 22:23:32] @ jtimberman joined channel #puppet
[2009/05/10 22:23:52] <ricky> This is to handle things such as the preview release, where /etc/fedora-release contains: Fedora release 10.93 (Leonidas)
[2009/05/10 22:25:28] @ chip__ joined channel #puppet
[2009/05/10 22:27:09] <ricky> There is one case where this might break things for people. I made the same change for RHEL, and this will give 5.3 where it used to give 5. I'm not sure if that's correct behavior or not.
[2009/05/10 22:34:35] <jamesturnbull> ricky: send to the -dev list - there is some discussion about how to handle this there
[2009/05/10 22:34:42] <ricky> Sure thing, thanks
[2009/05/10 22:34:55] <jamesturnbull> ricky: it won't be changed until 1.6.0 anyways
[2009/05/10 22:35:59] @ Quit: sys_Admin: "http://www.mibbit.com ajax IRC Client"
[2009/05/10 22:41:39] @ Quit: atlan_: Read error: 110 (Connection timed out)
[2009/05/10 22:42:57] @ Quit: gaveen: Read error: 60 (Operation timed out)
[2009/05/10 22:56:31] @ fujin joined channel #puppet
[2009/05/10 22:58:26] <ricky> o
[2009/05/10 22:58:27] <ricky> Oops.
[2009/05/10 22:59:27] @ gaveen joined channel #puppet
[2009/05/10 23:01:50] @ jchonig left channel #puppet ("Leaving.")
[2009/05/10 23:04:32] @ sebas8911 joined channel #puppet
[2009/05/10 23:07:51] @ Quit: sebas891: Read error: 60 (Operation timed out)
[2009/05/10 23:17:58] @ Quit: sebas8911: Read error: 104 (Connection reset by peer)
[2009/05/10 23:26:56] @ nakano_ is now known as nakano
[2009/05/10 23:28:08] @ Quit: d3vilb0x:
[2009/05/10 23:35:35] @ Quit: edwardam|AFK: Remote closed the connection
« Saturday, 2009-05-09 Index Monday, 2009-05-11 »

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!