puppet md5 checksum changed
283 views
Skip to first unread message
Lunixer
Jul 23, 2014, 6:58:17 PM7/23/14
to puppet...@googlegroups.com
I have an entry for a file in a puppet manifest that checks file properties. One is the MD5 checksum.
/etc/puppet/modules/Solaris/manifests/init.pp
file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys", checksum=>"md5", audit=>all; }
Wed Jul 23 03:31:41 -0700 2014 /Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit change: previously recorded value {md5}4313e436be52ffe7a8296aec05612c0b has been changed to {md5}fee96725c6872531af6e65b410f62a3d
How do you make the message go away?
--
thanks,
[ Lunixer ]
Lunixer
Jul 24, 2014, 2:35:37 PM7/24/14
to puppet...@googlegroups.com
Does anyone have a tip regarding this?
How do I stop it?
I know that the "audit=>all" is causing this.How do I stop it?
But a newer file was created as a result of patching the client machine.
Is there a command I could rerun on the client or the server to make puppet aware of the new MD5 sum?
Lun.
--
thanks,
[ Lunixer ]
Christopher Wood
Jul 24, 2014, 2:48:41 PM7/24/14
to puppet...@googlegroups.com
I was vaguely nosy, and found a note that the checksum is stored in state.yaml. Maybe stop puppet, nuke the state file, and start puppet?
http://puppetlabs.com/blog/all-about-auditing-with-puppet
/var/lib/puppet/state/state.yaml
NB: Untested advice, potentially dangerous, use at your own risk.
On Thu, Jul 24, 2014 at 11:35:14AM -0700, Lunixer wrote:
> Does anyone have a tip regarding this?
> How do I stop it?
>
> I know that the "audit=>all" is causing this.
> It recorded the MD5 sum of the file when the audit ran for the first time.
> But a newer file was created as a result of patching the client machine.
> Is there a command I could rerun on the client or the server to make
> puppet aware of the new MD5 sum?
>
> Lun.
>
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [2]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [3]https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com.
> For more options, visit [4]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. mailto:lun...@gmail.com
> 2. mailto:puppet-users...@googlegroups.com
> 3. https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com?utm_medium=email&utm_source=footer
> 4. https://groups.google.com/d/optout
http://puppetlabs.com/blog/all-about-auditing-with-puppet
/var/lib/puppet/state/state.yaml
NB: Untested advice, potentially dangerous, use at your own risk.
On Thu, Jul 24, 2014 at 11:35:14AM -0700, Lunixer wrote:
> Does anyone have a tip regarding this?
> How do I stop it?
>
> I know that the "audit=>all" is causing this.
> It recorded the MD5 sum of the file when the audit ran for the first time.
> But a newer file was created as a result of patching the client machine.
> Is there a command I could rerun on the client or the server to make
> puppet aware of the new MD5 sum?
>
> Lun.
>
> On Wed, Jul 23, 2014 at 3:58 PM, Lunixer <[1]lun...@gmail.com> wrote:
>
> I have an entry for a file in a puppet manifest that checks file
> properties. One is the MD5 checksum.
>
> /etc/puppet/modules/Solaris/manifests/init.pp
> file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
> checksum=>"md5", audit=>all; }
>
> Wed Jul 23 03:31:41 -0700 2014
> /Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
> change: previously recorded value {md5}4313e436be52ffe7a8296aec05612c0b
> has been changed to {md5}fee96725c6872531af6e65b410f62a3d
>
> How do you make the message go away?
>
> --
> thanks,
> [ Lunixer ]
>
> --
> thanks,
> [ Lunixer ]
>
> --
>
> I have an entry for a file in a puppet manifest that checks file
> properties. One is the MD5 checksum.
>
> /etc/puppet/modules/Solaris/manifests/init.pp
> file {"/etc/logadm.conf": mode=>"644", owner=>"root", group=>"sys",
> checksum=>"md5", audit=>all; }
>
> Wed Jul 23 03:31:41 -0700 2014
> /Stage[main]/Solaris/File[/etc/logadm.conf]/content (notice): audit
> change: previously recorded value {md5}4313e436be52ffe7a8296aec05612c0b
> has been changed to {md5}fee96725c6872531af6e65b410f62a3d
>
> How do you make the message go away?
>
> --
> thanks,
> [ Lunixer ]
>
> --
> thanks,
> [ Lunixer ]
>
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [2]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [3]https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com.
> For more options, visit [4]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. mailto:lun...@gmail.com
> 2. mailto:puppet-users...@googlegroups.com
> 3. https://groups.google.com/d/msgid/puppet-users/CACZbbm6YkUdV9XiEq7tgKt%3Dj9zK2_K2A8G3yGH_6c3dU4-qSZQ%40mail.gmail.com?utm_medium=email&utm_source=footer
> 4. https://groups.google.com/d/optout
Lunixer
Jul 24, 2014, 7:27:40 PM7/24/14
to puppet...@googlegroups.com
Thanks for the pointer. I believe this does it.
No need to stop the puppet agent. Just two things:
- blank the /var/lib/puppet/state/state.yaml file
New values are recorded.
Blank the file.
# cp /dev/null state.yaml
Run the agent.
# /opt/puppet/bin/puppet agent --test
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ensure: audit change: newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/content: audit change: newly-recorded value {md5}e08b47228d3d97a3dbe2004d821500b2
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/target: audit change: newly-recorded value notlink
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/owner: audit change: newly-recorded value 0
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/group: audit change: newly-recorded value 3
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mode: audit change: newly-recorded value 644
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/type: audit change: newly-recorded value file
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seluser: audit change: newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrole: audit change: newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/seltype: audit change: newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/selrange: audit change: newly-recorded value
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/ctime: audit change: newly-recorded value Thu Jul 24 03:10:00 -0700 2014
notice: /Stage[main]/Solaris/File[/etc/logadm.conf]/mtime: audit change: newly-recorded value Thu Jul 24 03:10:00 -0700 2014
Next run is normal
# /opt/puppet/bin/puppet agent --test
warning: iconv couldn't be loaded, which is required for UTF-8/UTF-16 conversions
info: Caching catalog for host.example.com
info: Applying configuration version '1406237846'
notice: Finished catalog run in 0.42 second
The puppet agent writes the information to state.yaml.
# ls -l /var/lib/puppet/state
total 370
drwxr-xr-x 2 root root 5 Oct 25 2012 graphs
-rw-rw---- 1 root root 420363 Jul 24 14:19 last_run_report.yaml
-rw-rw---- 1 root root 243 Jul 24 14:19 last_run_summary.yaml
-rw-r--r-- 1 root root 2825 Jul 24 14:19 resources.txt
-rw-rw---- 1 root root 42639 Jul 24 14:19 state.yaml
The file state.yaml records the MD5 sum.
# view /var/lib/puppet/state/state.yaml
"File[/etc/logadm.conf]":
!ruby/sym type: file
!ruby/sym checked: 2014-07-24 15:14:08.612241 -07:00
!ruby/sym target: !ruby/sym notlink
!ruby/sym owner: 0
!ruby/sym seltype:
!ruby/sym group: 3
!ruby/sym selrange:
!ruby/sym mode: "644"
!ruby/sym seluser:
!ruby/sym mtime: 2014-07-24 03:10:00.000000 -07:00
!ruby/sym ensure: !ruby/sym file
!ruby/sym content: "{md5}e08b47228d3d97a3dbe2004d821500b2"
!ruby/sym selrole:
!ruby/sym ctime: 2014-07-24 03:10:00.000000 -07:00
The last run is recorded in the file below.
# view /var/lib/puppet/state/last_run_report.yaml
"File[/etc/logadm.conf]": !ruby/object:Puppet::Resource::Status
change_count: 0
changed: false
evaluation_time: 0.000796
events: []
failed: false
file: *id001
line: 73
out_of_sync: false
out_of_sync_count: 0
resource: "File[/etc/logadm.conf]"
resource_type: File
skipped: false
tags:
- file
- class
- Solaris
time: 2014-07-24 15:14:08.611898 -07:00
title: /etc/logadm.conf
Thanks,
Lun
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20140724184814.GA23659%40iniquitous.heresiarch.ca.
For more options, visit https://groups.google.com/d/optout.
--
thanks,
[ Lunixer ]
Reply all
Reply to author
Forward
0 new messages