我尝试过以下 Puppet 配置禁用 root 密码:
class users {
user { 'root':
password => '*',
}
}
但应用后没有任何警告或错误消息我仍然可以su -
使用旧密码。只有在检查了调试输出后才清楚原因:
# puppet apply --debug --modulepath modules manifests/host.pp
[...]
Debug: Failed to load library 'shadow' for feature 'libshadow'
[...]
瓦特。我知道如何解决这个问题(sudo pacman --sync --needed --refresh ruby-shadow
),但这不是重点。当 Puppet 无法应用我的配置时,如何强制它崩溃并烧毁,至少通过给出非零退出代码?--detailed-exitcodes
没有帮助。
解决方法:以下仅在运行时才有效两次- 第一次运行时,它会user
在编译目录时忽略该条目。
class users {
package { 'ruby-shadow':
ensure => present,
}
user { 'root':
password => '*',
require => Package['ruby-shadow'],
}
}
答案1
您可以使用puppet apply --help
查看所有可用选项。这是您感兴趣的:
* --detailed-exitcodes:
Provide transaction information via exit codes. If this is enabled, an exit
code of '2' means there were changes, an exit code of '4' means there were
failures during the transaction, and an exit code of '6' means there were both
changes and failures.
在您的具体情况下:
# puppet apply --detailed-exitcodes --debug --modulepath modules manifests/host.pp