how to do an action only if value is defined
24 views
Skip to first unread message
Jonathan Bayer
Mar 3, 2015, 12:31:50 PM3/3/15
to help-c...@googlegroups.com
Hi,
I have the following bundles (I tried to only put the relevant info here):
How can I make sure that if the entry is not defined, that it won't try to put it in?
Thanks in advance
I have the following bundles (I tried to only put the relevant info here):
bundle agent manage_users {My problem is that if the line with the sudo definition is commented out, it puts the following into the sudoers file:
vars:
"users[umanager][class]" string => "devnewhire";
"users[umanager][uid]" string => "5100";
"users[umanager][fullname]" string => "devnewhire";
"users[umanager][shell]" string => "/bin/bash";
"users[umanager][password]" string => "$1$RZF2UsUb$YamUzj2cR25KqvfpcdRwy0";
# "users[umanager][sudo]" string => "ALL=(ALL) ALL";
methods:
"users" usebundle => sys_create_users("manage_users.users");
"new_users" usebundle => sys_create_users("manage_users.internap_users");
}
bundle agent sys_create_users(info) {
vars:
"user" slist => getindices("$(info)");
"sudoers" string => "/etc/sudoers";
classes:
# "add_$(user)" not => userexists("$(user)");
"add_$($(info)[$(user)][class])" not => userexists("$(user)");
files:
linux::
"$(sudoers)" -> "Security Policy"
comment => "Append common configuration to sudoers",
edit_line => append_if_no_line("$(user) $($(info)[$(user)][sudo])");
}
umanager $(manage_users.users[umanager][sudo])
How can I make sure that if the entry is not defined, that it won't try to put it in?
Thanks in advance
Brian Bennett
Mar 3, 2015, 10:25:32 PM3/3/15
to Jonathan Bayer, help-c...@googlegroups.com
"$(sudoers)" -> "Security Policy"
comment => "Append common configuration to sudoers",
comment => "Append common configuration to sudoers",
edit_line => append_if_no_line("$(user) $($(info)[$(user)][sudo])"),
ifvarclass => isvariable("$(info)[$(user)][sudo]");
The promise will only be repaired if $($(info)[$(user)][sudo]) is defined.
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To post to this group, send email to help-c...@googlegroups.com.
Visit this group at http://groups.google.com/group/help-cfengine.
For more options, visit https://groups.google.com/d/optout.
Jonathan Bayer
Mar 4, 2015, 11:55:38 AM3/4/15
to Brian Bennett, help-c...@googlegroups.com
Is it possible to have two "ifvarclass" lines?
I tried the following:
"/usr/sbin/useradd -u $($(info)[$(user)][uid]) -g a3kdev -s $($(info)[$(user)][shell]) -c '$($(info)[
$(user)][fullname])' $(user)"
ifvarclass => "add_$($(info)[$(user)][class])",
ifvarclass => isvariable("$(info)[$(user)][uid]");
because some of the entries do not have a uid setting, but it seems to ignore the second ifvarclass
JBB
I tried the following:
"/usr/sbin/useradd -u $($(info)[$(user)][uid]) -g a3kdev -s $($(info)[$(user)][shell]) -c '$($(info)[
$(user)][fullname])' $(user)"
ifvarclass => "add_$($(info)[$(user)][class])",
ifvarclass => isvariable("$(info)[$(user)][uid]");
because some of the entries do not have a uid setting, but it seems to ignore the second ifvarclass
JBB
Brian Bennett
Mar 4, 2015, 2:16:33 PM3/4/15
to Jonathan Bayer, help-c...@googlegroups.com
No, but you can do this:
ifvarclass => and(add_$($(info)[$(user)][class]),isvariable("$(info)[$(user)][uid]"));
Boolean functions and(), or(), and not() are available. They can be nested:
ifvarclass => and(not("class1"),or("class2","class3"));
This would be equivalent to the context class expression:
!class1.(class2|class3)::
Unfortunately there's no xor function, which leads to the confusing syntax or(and(not("c1"),"c2"),and("c1",not("c2"))).
Reply all
Reply to author
Forward
0 new messages