No need to stop the puppet agent. Just two things:
- blank the /var/lib/puppet/state/state.yaml file
- run the puppet agent
New values are recorded.
Blank the file.
# cp /dev/null state.yaml
Run the agent.
# /opt/puppet/bin/puppet agent --test
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ensure: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/content: audit change:
newly-recorded value {md5}e08b47228d3d97a3dbe2004d821500b2
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/target: audit change:
newly-recorded value notlink
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/owner: audit change:
newly-recorded value 0
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/group: audit change:
newly-recorded value 3
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mode: audit change:
newly-recorded value 644
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/type: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seluser: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrole: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seltype: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrange: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ctime: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mtime: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014
Next run is normal
# /opt/puppet/bin/puppet agent --test
warning: iconv couldn't be loaded, which is required for UTF-8/UTF-16
conversions
info: Caching catalog for host.example.com
info: Applying configuration version '1406237846'
notice: Finished catalog run in 0.42 second
The puppet agent writes the information to state.yaml.
# ls -l /var/lib/puppet/state
total 370
drwxr-xr-x 2 root root 5 Oct 25 2012 graphs
-rw-rw---- 1 root root 420363 Jul 24 14:19 last_run_report.yaml
-rw-rw---- 1 root root 243 Jul 24 14:19 last_run_summary.yaml
-rw-r--r-- 1 root root 2825 Jul 24 14:19 resources.txt
-rw-rw---- 1 root root 42639 Jul 24 14:19 state.yaml
The file state.yaml records the MD5 sum.
# view /var/lib/puppet/state/state.yaml
"File[/etc/logadm.conf]":
!ruby/sym type: file
!ruby/sym checked: 2014-07-24 15:14:08.612241 -07:00
!ruby/sym target: !ruby/sym notlink
!ruby/sym owner: 0
!ruby/sym seltype:
!ruby/sym group: 3
!ruby/sym selrange:
!ruby/sym mode: "644"
!ruby/sym seluser:
!ruby/sym mtime: 2014-07-24 03:10:00.000000 -07:00
!ruby/sym ensure: !ruby/sym file
!ruby/sym content: "{md5}e08b47228d3d97a3dbe2004d821500b2"
!ruby/sym selrole:
!ruby/sym ctime: 2014-07-24 03:10:00.000000 -07:00
The last run is recorded in the file below.
# view /var/lib/puppet/state/last_run_report.yaml
"File[/etc/logadm.conf]": !ruby/object:Puppet::Resource::Status
change_count: 0
changed: false
evaluation_time: 0.000796
events: []
failed: false
file: *id001
line: 73
out_of_sync: false
out_of_sync_count: 0
resource: "File[/etc/logadm.conf]"
resource_type: File
skipped: false
tags:
- file
- class
- Solaris
time: 2014-07-24 15:14:08.611898 -07:00
title: /etc/logadm.conf
Thanks,
Lun
On Thu, Jul 24, 2014 at 11:48 AM, Christopher Wood wrote:
I was vaguely nosy, and found a note that the checksum is stored in
state.yaml. Maybe stop puppet, nuke the state file, and start puppet?
http://puppetlabs.com/blog/all-about-auditing-with-puppet
/var/lib/puppet/state/state.yaml
NB: Untested advice, potentially dangerous, use at your own risk.
.
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/20140724184814.GA23659%40iniquitous.heresiarch.ca
.
For more options, visit https://groups.google.com/d/optout.
I was vaguely nosy, and found a note that the checksum is stored in
state.yaml. Maybe stop puppet, nuke the state file, and start puppet?
http://puppetlabs.com/blog/all-about-auditing-with-puppet
/var/lib/puppet/state/state.yaml
NB: Untested advice, potentially dangerous, use at your own risk.
On Thu, Jul 24, 2014 at 11:35:14AM -0700, Lunixer wrote:
Does anyone have a tip regarding this?
How do I stop it?
I know that the "audit=>all" is causing this.
It recorded the MD5 sum of the file when the audit ran for the first time.
But a newer file was created as a result of patching the client machine.
Is there a command I could rerun on the client or the server to make
puppet aware of the new MD5 sum?
Lun.
On Wed, Jul 23, 2014 at 3:58 PM, Lunixer wrote:
I have an entry for a file in a puppet manifest that checks file
properties. One is the MD5 checksum.
/etc/puppet/modules/Solaris/manifests/init.pp
file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
checksum=>"md5", audit=>all; }
Wed Jul 23 03:31:41 -0700 2014
/Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
change: previously recorded value
{md5}4313e436be52ffe7a8296aec05612c0b
has been changed to {md5}fee96725c6872531af6e65b410f62a3d
How do you make the message go away?
--
thanks,
[ Lunixer ]
--
thanks,
[ Lunixer ]
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [2]puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
[3]
https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.comDoes anyone have a tip regarding this?
How do I stop it?
I know that the "audit=>all" is causing this.
It recorded the MD5 sum of the file when the audit ran for the first time.
But a newer file was created as a result of patching the client machine.
Is there a command I could rerun on the client or the server to make
puppet aware of the new MD5 sum?
Lun.
On Wed, Jul 23, 2014 at 3:58 PM, Lunixer wrote:
I have an entry for a file in a puppet manifest that checks file
properties. One is the MD5 checksum.
/etc/puppet/modules/Solaris/manifests/init.pp
file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
checksum=>"md5", audit=>all; }
Wed Jul 23 03:31:41 -0700 2014
/Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
change: previously recorded value
{md5}4313e436be52ffe7a8296aec05612c0b
has been changed to {md5}fee96725c6872531af6e65b410f62a3d
How do you make the message go away?
--
thanks,
[ Lunixer ]
--
thanks,
[ Lunixer ]
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [2]puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
[3]
.
For more options, visit [4]https://groups.google.com/d/optout.
References
Visible links
1. mailto:lunixer@gmail.com
2. mailto:puppet-users+unsubscribe@googlegroups.com
3.
https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com?utm_medium=email&utm_source=footer
4. https://groups.google.com/d/optout
--References
Visible links
1. mailto:lunixer@gmail.com
2. mailto:puppet-users+unsubscribe@googlegroups.com
3.
https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com?utm_medium=email&utm_source=footer
4. https://groups.google.com/d/optout
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/20140724184814.GA23659%40iniquitous.heresiarch.ca
.
For more options, visit https://groups.google.com/d/optout.
--
thanks,
[ Lunixer ]
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACZbbm6j%2BDjTTjNvLJdnOFe%3Dc1QzBqc8qwEZo-2DMsBDv0FJmA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
