FAQ
Thanks for the pointer. I believe this does it.

No need to stop the puppet agent. Just two things:
- blank the /var/lib/puppet/state/state.yaml file
- run the puppet agent
New values are recorded.


Blank the file.
# cp /dev/null state.yaml

Run the agent.

# /opt/puppet/bin/puppet agent --test
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ensure: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/content: audit change:
newly-recorded value {md5}e08b47228d3d97a3dbe2004d821500b2
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/target: audit change:
newly-recorded value notlink
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/owner: audit change:
newly-recorded value 0
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/group: audit change:
newly-recorded value 3
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mode: audit change:
newly-recorded value 644
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/type: audit change:
newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seluser: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrole: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seltype: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrange: audit change:
newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ctime: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mtime: audit change:
newly-recorded value Thu Jul 24 03:10:00 -0700 2014

Next run is normal

# /opt/puppet/bin/puppet agent --test
warning: iconv couldn't be loaded, which is required for UTF-8/UTF-16
conversions
info: Caching catalog for host.example.com
info: Applying configuration version '1406237846'
notice: Finished catalog run in 0.42 second

The puppet agent writes the information to state.yaml.

# ls -l /var/lib/puppet/state
total 370
drwxr-xr-x 2 root root 5 Oct 25 2012 graphs
-rw-rw---- 1 root root 420363 Jul 24 14:19 last_run_report.yaml
-rw-rw---- 1 root root 243 Jul 24 14:19 last_run_summary.yaml
-rw-r--r-- 1 root root 2825 Jul 24 14:19 resources.txt
-rw-rw---- 1 root root 42639 Jul 24 14:19 state.yaml

The file state.yaml records the MD5 sum.

# view /var/lib/puppet/state/state.yaml
   "File[/etc/logadm.conf]":
     !ruby/sym type: file
     !ruby/sym checked: 2014-07-24 15:14:08.612241 -07:00
     !ruby/sym target: !ruby/sym notlink
     !ruby/sym owner: 0
     !ruby/sym seltype:
     !ruby/sym group: 3
     !ruby/sym selrange:
     !ruby/sym mode: "644"
     !ruby/sym seluser:
     !ruby/sym mtime: 2014-07-24 03:10:00.000000 -07:00
     !ruby/sym ensure: !ruby/sym file
     !ruby/sym content: "{md5}e08b47228d3d97a3dbe2004d821500b2"
     !ruby/sym selrole:
     !ruby/sym ctime: 2014-07-24 03:10:00.000000 -07:00

The last run is recorded in the file below.

# view /var/lib/puppet/state/last_run_report.yaml
     "File[/etc/logadm.conf]": !ruby/object:Puppet::Resource::Status
       change_count: 0
       changed: false
       evaluation_time: 0.000796
       events: []
       failed: false
       file: *id001
       line: 73
       out_of_sync: false
       out_of_sync_count: 0
       resource: "File[/etc/logadm.conf]"
       resource_type: File
       skipped: false
       tags:
         - file
         - class
         - Solaris
       time: 2014-07-24 15:14:08.611898 -07:00
       title: /etc/logadm.conf

Thanks,
Lun

On Thu, Jul 24, 2014 at 11:48 AM, Christopher Wood wrote:

I was vaguely nosy, and found a note that the checksum is stored in
state.yaml. Maybe stop puppet, nuke the state file, and start puppet?

http://puppetlabs.com/blog/all-about-auditing-with-puppet

/var/lib/puppet/state/state.yaml

NB: Untested advice, potentially dangerous, use at your own risk.
On Thu, Jul 24, 2014 at 11:35:14AM -0700, Lunixer wrote:
Does anyone have a tip regarding this?
How do I stop it?

I know that the "audit=>all" is causing this.
It recorded the MD5 sum of the file when the audit ran for the first time.
But a newer file was created as a result of patching the client machine.
Is there a command I could rerun on the client or the server to make
puppet aware of the new MD5 sum?

Lun.

On Wed, Jul 23, 2014 at 3:58 PM, Lunixer wrote:

I have an entry for a file in a puppet manifest that checks file
properties. One is the MD5 checksum.

/etc/puppet/modules/Solaris/manifests/init.pp
file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
checksum=>"md5", audit=>all; }

Wed Jul 23 03:31:41 -0700 2014
/Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
change: previously recorded value
{md5}4313e436be52ffe7a8296aec05612c0b
has been changed to {md5}fee96725c6872531af6e65b410f62a3d

How do you make the message go away?

--
thanks,
[ Lunixer ]

--
thanks,
[ Lunixer ]

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [2]puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
[3]
https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com
.
For more options, visit [4]https://groups.google.com/d/optout.

References

Visible links
1. mailto:lunixer@gmail.com
2. mailto:puppet-users+unsubscribe@googlegroups.com
3.
https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com?utm_medium=email&utm_source=footer
4. https://groups.google.com/d/optout
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/20140724184814.GA23659%40iniquitous.heresiarch.ca
.
For more options, visit https://groups.google.com/d/optout.


--

thanks,
[ Lunixer ]

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACZbbm6j%2BDjTTjNvLJdnOFe%3Dc1QzBqc8qwEZo-2DMsBDv0FJmA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Discussion Posts

Previous

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 4 of 4 | next ›
Discussion Overview
grouppuppet-users @
categoriespuppet
postedJul 23, '14 at 10:58p
activeJul 24, '14 at 11:27p
posts4
users2
websitepuppetlabs.com

2 users in discussion

Lunixer: 3 posts Christopher Wood: 1 post

People

Translate

site design / logo © 2022 Grokbase