Puppet

當 puppet 控制的文件將被 yum 更改時通知

  • January 27, 2016

當包含由 puppet 控制的文件的包即將更改該文件時,是否可以在控制台上收到通知?意思是,在 yum 中進行 yum update 時,是否可以注入自定義警告?

Yum 支持外掛,因此完全可以編寫一個外掛來讀取記憶體的 puppet 清單並在事務將覆蓋 puppet 控制的文件時發出警告。我不知道現有的外掛可以做到這一點,但我可能會自己寫一個,因為我喜歡這個想法。

該外掛檢查所有新安裝/升級/降級的軟體包,告訴您它將覆蓋哪些 puppet 管理的文件,並要求確認這樣做。

   [root@camel ~]# yum update pam
   Loaded plugins: puppet, security
   Skipping security plugin, no data
   Setting up Update Process
   Resolving Dependencies
   Skipping security plugin, no data
   --> Running transaction check
   ---> Package pam.i386 0:0.99.6.2-12.el5 set to be updated
   ---> Package pam.x86_64 0:0.99.6.2-12.el5 set to be updated
   --> Finished Dependency Resolution

   Dependencies Resolved

   ===============================================================================================================================================================
    Package                           Arch                                 Version                                       Repository                          Size
   ===============================================================================================================================================================
   Updating:
    pam                               i386                                 0.99.6.2-12.el5                               base                               983 k
    pam                               x86_64                               0.99.6.2-12.el5                               base                               982 k

   Transaction Summary
   ===============================================================================================================================================================
   Install       0 Package(s)
   Upgrade       2 Package(s)

   Total download size: 1.9 M
   Is this ok [y/N]: y
   Downloading Packages:
   (1/2): pam-0.99.6.2-12.el5.x86_64.rpm                                                                                                   | 982 kB     00:00
   (2/2): pam-0.99.6.2-12.el5.i386.rpm                                                                                                     | 983 kB     00:00
   ---------------------------------------------------------------------------------------------------------------------------------------------------------------
   Total                                                                                                                          8.7 MB/s | 1.9 MB     00:00
   Running rpm_check_debug
   Running Transaction Test
   Finished Transaction Test
   Transaction Test Succeeded
   Running Transaction
   Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/pam.d/system-auth
   Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/access.conf
   Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/limits.conf
   Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/pam.d/system-auth
   Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/access.conf
   Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/limits.conf
   Is this ok [y/N]: n


   Aborting
   [root@camel ~]# yum update pam
   Loaded plugins: puppet, security
   Skipping security plugin, no data
   Setting up Update Process
   Resolving Dependencies
   Skipping security plugin, no data
   --> Running transaction check
   ---> Package pam.i386 0:0.99.6.2-12.el5 set to be updated
   ---> Package pam.x86_64 0:0.99.6.2-12.el5 set to be updated
   --> Finished Dependency Resolution

   Dependencies Resolved

   ===============================================================================================================================================================
    Package                           Arch                                 Version                                       Repository                          Size
   ===============================================================================================================================================================
   Updating:
    pam                               i386                                 0.99.6.2-12.el5                               base                               983 k
    pam                               x86_64                               0.99.6.2-12.el5                               base                               982 k

   Transaction Summary
   ===============================================================================================================================================================
   Install       0 Package(s)
   Upgrade       2 Package(s)

   Total size: 1.9 M
   Is this ok [y/N]: y
   Downloading Packages:
   Running rpm_check_debug
   Running Transaction Test
   Finished Transaction Test
   Transaction Test Succeeded
   Running Transaction
   Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/pam.d/system-auth
   Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/access.conf
   Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/limits.conf
   Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/pam.d/system-auth
   Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/access.conf
   Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/limits.conf
   Is this ok [y/N]: y
     Updating       : pam                                                                                                                                     1/4
     Updating       : pam                                                                                                                                     2/4
     Cleanup        : pam                                                                                                                                     3/4
     Cleanup        : pam                                                                                                                                     4/4

   Updated:
     pam.i386 0:0.99.6.2-12.el5                                                    pam.x86_64 0:0.99.6.2-12.el5

   Complete!

該外掛本身可以在我的 github hacks 儲存庫中找到。


2013 年 11 月 8 日更新:

正如評論中所暗示的,我現在已經把它變成了一個更大的項目,以改善 Yum 和 Puppet 之間的互動。你可以在 GitHub 上找到它。

引用自:https://serverfault.com/questions/546175