Restart ssh daemon when sshdconfig is modified
239 views
Skip to first unread message
Vikas Kumar
Aug 15, 2014, 8:31:01 AM8/15/14
to puppet...@googlegroups.com
Dear All,
I am trying to restart SSH daemon whenever /etc/ssh/sshd_config is modified. This is my class, it modifies the file but does not restarts the daemon. I have tried to use both notify and subscribe in vain.
class ssh ( $ssh_service = hiera("sshservicename") ) {
package { "openssh-server": ensure => installed }
file { "/etc/ssh/sshd_config":
owner => "root",
group => "root",
# notify => Service["$ssh_service"],
}
augeas { "my-ssh":
context => "/files/etc/ssh/sshd_config",
changes => [
"set PermitRootLogin yes",
"set UsePAM yes",
"set AllowUsers root vikas"
],
}
service { "$ssh_service":
ensure => running,
enable => true,
hasrestart => true,
require => Package["openssh-server"],
subscribe => File["/etc/ssh/sshd_config"],
}
File["/etc/ssh/sshd_config"] -> Augeas["my-ssh"] -> Service["$ssh_service"]
}Please help me out to identify what I am missing here.
Regards,
Vikas
Jeffrey Watts
Aug 15, 2014, 8:52:22 AM8/15/14
to puppet...@googlegroups.com
On Fri, Aug 15, 2014 at 7:31 AM, Vikas Kumar <vika...@gmail.com> wrote:
Dear All,I am trying to restart SSH daemon whenever /etc/ssh/sshd_config is modified. This is my class, it modifies the file but does not restarts the daemon. I have tried to use both notify and subscribe in vain.
Change your subscribe line to Augeas["my-ssh"].
Good luck,
Jeffrey.
Christopher Wood
Aug 15, 2014, 9:54:28 AM8/15/14
to puppet...@googlegroups.com
Could also go for:
File["/etc/ssh/sshd_config"] -> Augeas["my-ssh"]
File["/etc/ssh/sshd_config"] ~> Service["$ssh_service"]
Augeas["my-ssh"] ~> Service["$ssh_service"]
A bit wordier but it covers what happens when the file is changed but augeas has nothing to change.
Vikas, perhaps you might use a template instead of augeas? That way you could have the standard package->file->service set of relationships and a single source for the content in your sshd_config.
https://docs.puppetlabs.com/learning/templates.html
https://docs.puppetlabs.com/guides/templating.html
On Fri, Aug 15, 2014 at 07:52:15AM -0500, Jeffrey Watts wrote:
> On Fri, Aug 15, 2014 at 7:31 AM, Vikas Kumar <[1]vika...@gmail.com>
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [2]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [3]https://groups.google.com/d/msgid/puppet-users/CAMvPdm1i%2BxXj54W-8rBTw5mRXmnQtCzd7sZF7%2B9mzePdcjMAsQ%40mail.gmail.com.
> For more options, visit [4]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. mailto:vika...@gmail.com
> 2. mailto:puppet-users...@googlegroups.com
> 3. https://groups.google.com/d/msgid/puppet-users/CAMvPdm1i%2BxXj54W-8rBTw5mRXmnQtCzd7sZF7%2B9mzePdcjMAsQ%40mail.gmail.com?utm_medium=email&utm_source=footer
> 4. https://groups.google.com/d/optout
File["/etc/ssh/sshd_config"] -> Augeas["my-ssh"]
Augeas["my-ssh"] ~> Service["$ssh_service"]
A bit wordier but it covers what happens when the file is changed but augeas has nothing to change.
Vikas, perhaps you might use a template instead of augeas? That way you could have the standard package->file->service set of relationships and a single source for the content in your sshd_config.
https://docs.puppetlabs.com/learning/templates.html
https://docs.puppetlabs.com/guides/templating.html
On Fri, Aug 15, 2014 at 07:52:15AM -0500, Jeffrey Watts wrote:
> On Fri, Aug 15, 2014 at 7:31 AM, Vikas Kumar <[1]vika...@gmail.com>
> wrote:
>
> Dear All,
> I am trying to restart SSH daemon whenever /etc/ssh/sshd_config is
> modified. This is my class, it modifies the file but does not restarts
> the daemon. I have tried to use both notify and subscribe in vain.
>
> Change your subscribe line to Augeas["my-ssh"].
> Good luck,
> Jeffrey.
>
> --
>
> Dear All,
> I am trying to restart SSH daemon whenever /etc/ssh/sshd_config is
> modified. This is my class, it modifies the file but does not restarts
> the daemon. I have tried to use both notify and subscribe in vain.
>
> Change your subscribe line to Augeas["my-ssh"].
> Good luck,
> Jeffrey.
>
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [2]puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> [3]https://groups.google.com/d/msgid/puppet-users/CAMvPdm1i%2BxXj54W-8rBTw5mRXmnQtCzd7sZF7%2B9mzePdcjMAsQ%40mail.gmail.com.
> For more options, visit [4]https://groups.google.com/d/optout.
>
> References
>
> Visible links
> 1. mailto:vika...@gmail.com
> 2. mailto:puppet-users...@googlegroups.com
> 3. https://groups.google.com/d/msgid/puppet-users/CAMvPdm1i%2BxXj54W-8rBTw5mRXmnQtCzd7sZF7%2B9mzePdcjMAsQ%40mail.gmail.com?utm_medium=email&utm_source=footer
> 4. https://groups.google.com/d/optout
Vikas Kumar
Aug 16, 2014, 3:37:37 AM8/16/14
to puppet...@googlegroups.com, wa...@jayhawks.net
Many thanks Jeffrey, working like a charm.
Vikas Kumar
Aug 16, 2014, 3:59:13 AM8/16/14
to puppet...@googlegroups.com, christop...@pobox.com
Hi Christopher,
Thanks for the links and suggestion. I am not well versed with ERB as of now, just wanted to make things work (and understand them of course), will surely work on improving my code soon.
Regards,
Vikas
Reply all
Reply to author
Forward
0 new messages