Well, I spoke too soon. This is still not working.. From: Van Fossan,Randy I just needed to rerun ohai after configuring ldap.. http://lists.opscode.com/sympa/arc/chef/2010-07/msg00234.html ## If you configure ldap for the first time, ohai will not know about ## the accounts within that run. ruby_block "reload_ohai" do block do ohai = Ohai::System.new ohai.all_plugins node.automatic_attrs = ohai.data node.save end action :nothing end … … # Install the template template "/etc/ldap.conf" do source "ldap.conf.erb" owner "root" group "root" mode 0644 notifies :create, resources(:ruby_block => 'reload_ohai'), :immediately end … …. (Below is what fails as the user is in ldap) remote_directory node['nagios']['plugin_dir'] do source "plugins" owner "nagacct” group “nagacct” mode 0755 files_mode 0755 purge true notifies :restart, "service[xinetd]", :delayed end From: Van Fossan,Randy I have a base role that configures ldap on the client and cycles the nscd daemon. Later in that role I try to create some directories using “owner” and “group” from these ldap accounts. It always fails on the first pass through. If I run it again, it will work fine. I suspect that the chef run cannot yet see these accounts until after the chef run is complete. If I run ‘getent passwd | grep account’ right after the chef run, I can indeed see the account. Anyone have any idea how to deal with ldap account changes within a chef run? Does ohai need to be rerun in the middle of the run somehow? Thanks Randy |
Archive powered by MHonArc 2.6.16.