Augeas and idempotency

[Kenton Brede]

I'd like to add a "this file managed by puppet" line to the top of the files I manage with augeas.

This works but is not idempotent.  I could add an onlyif but then if I want to change SELINUX to "off" I won't be able to, since the comment will always exist.
 
augeas { 'selinux_config':
  context => '/files/etc/selinux/config',
  changes => [
    'ins #comment before #comment[1]',
    'set #comment[1] "TEST"',
    'set SELINUX on',
  ],
}


I I tried the following but get error "Error: /Stage[main]/Test_module/Augeas[selinux_config]: Could not evaluate: Saving failed, see debug"

If I remove the 'ins' line the comment is added and it's idempotent, but of course the comment is at the bottom of the file.

augeas { 'selinux_config':
  context => '/files/etc/selinux/config',
  changes => [
    'ins #comment before #comment[1]',
    'set #comment[. = "TEST" ] "TEST"',
    'set SELINUX on',
  ],
}

Is there any way to get this to work or am I just beating my head against the wall for nothing?

Thanks,

--

Kent Brede

[Trevor Vaughan]

Being a file with only two options, do you need to use Augeas? Why not just manage the whole file?

The only time you wouldn't do this is if you expect someone to independently change variables in the file either by hand or with another tool later and you do not want to change them back.

Trevor

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CA%2BnSE3904TTdfbuwBNpkykUtLEBY01201h7aTNWGkWYLYg34NQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
tvau...@onyxpoint.com

-- This account not approved for unencrypted proprietary information --

[Kenton Brede]

This is a proof of concept if you will.  Just using this as a simple example.  I've got a lot of files I'd like to add a "managed by Puppet" header to. 

There's two camps.  Manage the whole file or edit in place.  I realize Puppet users are mostly of the former.  I'm of the latter.

Thanks,
Kent

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANs%2BFoUpdNjfBg8anYasU-dF-DqC74sgme4LHHbs7aUwnv4qcg%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

--

Kent Brede

[Trevor Vaughan]

It comes down to your use case.

You may find that writing custom types/providers is easier than using Augeas (it certainly is for me in general).

Also, remember that editing LOTS of files creates LOTS of resources and relationships which means a longer compile time (fewer nodes able to be managed) and longer runs/more resources used on your clients.

I prefer to keep things as efficient as possible and only edit parts of files when I have requirements from other users to do so. Otherwise, you could end up with (quite literally) tens of thousands of resources and relationships. Then you'll be back asking why everything is so slow ;-).

Trevor

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CA%2BnSE39OgGKh4myQKA-KE%2BB7NASTjjnyZmY5o4YW-PifVa%2BFXw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.