我正在尝试使用 puppet 和 vagrant 在虚拟机上安装 tomcat。为了运行 tomcat,我需要更改 /bin/*.sh 文件的权限。
这是我的傀儡配置的相关部分:
class tomcat{
exec{
'get-tomcat':
command => "wget -P /home/vagrant/tmp http://apache.crihan.fr/dist/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.tar.gz",
path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ],
require => File["/home/vagrant/tmp"];
'expand-tomcat':
command => "tar xzf apache-tomcat-7.0.42.tar.gz",
cwd => "/home/vagrant/tmp",
require => File["/home/vagrant/tmp"],
path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ],
creates => "/home/vagrant/apache-tomcat-7.0.42",
}
file { "/home/vagrant/tmp":
ensure => "directory",
owner => "vagrant",
group => "vagrant",
mode => "u+rwx",
recurse => true,
require => File['/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh']
}
file { "/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh":
owner => "vagrant",
group => "vagrant",
mode => "u+rwx",
recurse => true
}
}
令我困惑的是,当我运行时我得到以下输出vagrant provision:
debug: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/docs/introduction.html]: The container /home/vagrant/tmp will propagate my refresh event
debug: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/docs/introduction.html]: The container /home/vagrant/tmp will propagate my refresh event
debug: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/docs/introduction.html]: The container /home/vagrant/tmp will propagate my refresh event
notice: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/examples/jsp/plugin/plugin.jsp]/owner: owner changed 'root' to 'vagrant'
notice: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/examples/jsp/plugin/plugin.jsp]/group: group changed 'root' to 'vagrant'
notice: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/examples/jsp/plugin/plugin.jsp]/mode: mode changed '0644' to '0744' (u+rwx)
等等...
然后,在我执行vagrant ssh并列出文件之后ls -l,我注意到所有文件都归所有root!
vagrant@precise64:~/tmp/apache-tomcat-7.0.42/bin$ ls -l
total 696
-rw-r--r-- 1 root root 28616 Jul 2 07:59 bootstrap.jar
-rw-r--r-- 1 root root 13217 Jul 2 07:59 catalina.bat
-rwxr-xr-x 1 root root 19877 Jul 2 07:59 catalina.sh
-rw-r--r-- 1 root root 2121 Jul 2 07:59 catalina-tasks.xml
-rw-r--r-- 1 root root 24283 Jul 2 07:59 commons-daemon.jar
-rw-r--r-- 1 root root 204944 Jul 2 07:59 commons-daemon-native.tar.gz
-rw-r--r-- 1 root root 2131 Jul 2 07:59 configtest.bat
-rwxr-xr-x 1 root root 1982 Jul 2 07:59 configtest.sh
-rw-r--r-- 1 root root 1342 Jul 2 07:59 cpappend.bat
-rwxr-xr-x 1 root root 7492 Jul 2 07:59 daemon.sh
-rw-r--r-- 1 root root 2178 Jul 2 07:59 digest.bat
-rwxr-xr-x 1 root root 2021 Jul 2 07:59 digest.sh
-rw-r--r-- 1 root root 3264 Jul 2 07:59 setclasspath.bat
-rwxr-xr-x 1 root root 3524 Jul 2 07:59 setclasspath.sh
-rw-r--r-- 1 root root 2111 Jul 2 07:59 shutdown.bat
-rwxr-xr-x 1 root root 1960 Jul 2 07:59 shutdown.sh
-rw-r--r-- 1 root root 2112 Jul 2 07:59 startup.bat
-rwxr-xr-x 1 root root 1961 Jul 2 07:59 startup.sh
-rw-r--r-- 1 root root 38333 Jul 2 07:59 tomcat-juli.jar
-rw-r--r-- 1 root root 288166 Jul 2 07:59 tomcat-native.tar.gz
-rw-r--r-- 1 root root 4114 Jul 2 07:59 tool-wrapper.bat
-rwxr-xr-x 1 root root 5086 Jul 2 07:59 tool-wrapper.sh
-rw-r--r-- 1 root root 2116 Jul 2 07:59 version.bat
-rwxr-xr-x 1 root root 1965 Jul 2 07:59 version.sh
答案1
正如斯科特所说,你的通配符无效。
同样重要的是,你的requires 是错误的。puppet 尝试管理你的资源的顺序是
File["/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh"]File["home/vagrant/tmp"]- 要么(因为你没有指定)
Exec['get-tomcat']要么Exec['expand-tomcat'] - 要么(因为你没有指定)
Exec['get-tomcat']要么Exec['expand-tomcat']
您注意到的所有权问题发生的原因是,您对 /home/vagrant/tmp 中文件的用户和组的声明在 tomcat 文件存在之前生效。
我认为你想写这个:
class tomcat{
$scripts = [
'/home/vagrant/tmp/apache-tomcat-7.0.42/daemon.sh',
'/home/vagrant/tmp/apache-tomcat-7.0.42/digest.sh',
'/home/vagrant/tmp/apache-tomcat-7.0.42/setclasspath.sh',
'/home/vagrant/tmp/apache-tomcat-7.0.42/shutdown.sh',
'/home/vagrant/tmp/apache-tomcat-7.0.42/startup.sh',
'/home/vagrant/tmp/apache-tomcat-7.0.42/tool-wrapper.sh',
'/home/vagrant/tmp/apache-tomcat-7.0.42/version.sh'
]
file { '/home/vagrant/tmp':
ensure => 'directory',
owner => 'vagrant',
group => 'vagrant',
mode => 'u+rwx',
}
exec { 'get-tomcat':
command => 'wget http://apache.crihan.fr/dist/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.tar.gz',
cwd => '/home/vagrant/tmp',
path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
creates => '/home/vagrant/apache-tomcat-7.0.42.tar.gz',
require => File['/home/vagrant/tmp'],
}
exec { 'expand-tomcat':
command => 'tar xzf apache-tomcat-7.0.42.tar.gz',
cwd => '/home/vagrant/tmp',
path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
creates => '/home/vagrant/apache-tomcat-7.0.42',
require => Exec['get-tomcat'],
}
file { $scripts:
owner => 'vagrant',
group => 'vagrant',
mode => 'u+rwx',
recurse => true,
require => Exec['expand-tomcat'],
}
}
注意我如何逻辑地声明依赖关系,从而得到以下顺序
File["/home/vagrant/tmp/"]Exec['get-tomcat']Exec['expand-tomcat']
接下来是$scripts
答案2
puppet 中的文件资源不扩展通配符,因此以下 puppet 代码并未执行您所期望的操作:
file { "/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh":
owner => "vagrant",
group => "vagrant",
mode => "u+rwx",
recurse => true
}
这是在寻找一个名为 的单个文件/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh。
要做您想要做的事情,您需要删除上述代码并添加以下代码:
exec { 'set-tomcat-permissions':
command => "chown -Rh vagrant:vagrant .; find . -name '*.sh' -exec chmod u+rwx {} ';'",
cwd => "/home/vagrant/tmp",
path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ],
subscribe => Exec["expand-tomcat"],
refreshonly => true,
}