Help, I have a role that gets applied to a newly installed OS that sets up basic OS configuration. This role sets up the ldap configuration and all that works correctly. However, the role also sets the ownership for some directories and files for a user in ldap. The first run through fails with an error stating the user does not exist. If I rerun the role, it will complete successfully. I even added the resource ‘ohai’ with an action of ‘reload’ to the recipe and it still doesn’t help. I do not know where to go from here. Here is an example of the recipe and the error: Here is the error.. [Wed, 21 Mar 2012 23:12:49 -0400] INFO: Processing remote_directory[/usr/local/nagios/libexec] action create (nagios::client line 33) [Wed, 21 Mar 2012 23:12:49 -0400] INFO: remote_directory[/usr/local/nagios/libexec] created directory /usr/local/nagios/libexec [Wed, 21 Mar 2012 23:12:49 -0400] ERROR: remote_directory[/usr/local/nagios/libexec] (nagios::client line 33) has had an error [Wed, 21 Mar 2012 23:12:49 -0400] ERROR: remote_directory[/usr/local/nagios/libexec] (/var/chef/cache/cookbooks/nagios/recipes/client.rb:33:in `from_file') had an error: remote_directory[/usr/local/nagios/libexec] (nagios::client line 33) had an error: can't find user for nagacct Thanks Randy From: Van Fossan,Randy Well, I spoke too soon. This is still not working.. From: Van Fossan,Randy I just needed to rerun ohai after configuring ldap.. http://lists.opscode.com/sympa/arc/chef/2010-07/msg00234.html ## If you configure ldap for the first time, ohai will not know about ## the accounts within that run. ruby_block "reload_ohai" do block do ohai = Ohai::System.new ohai.all_plugins node.automatic_attrs = ohai.data node.save end action :nothing end … … # Install the template template "/etc/ldap.conf" do source "ldap.conf.erb" owner "root" group "root" mode 0644 notifies :create, resources(:ruby_block => 'reload_ohai'), :immediately end … …. (Below is what fails as the user is in ldap) remote_directory node['nagios']['plugin_dir'] do source "plugins" owner "nagacct” group “nagacct” mode 0755 files_mode 0755 purge true notifies :restart, "service[xinetd]", :delayed end From: Van Fossan,Randy I have a base role that configures ldap on the client and cycles the nscd daemon. Later in that role I try to create some directories using “owner” and “group” from these ldap accounts. It always fails on the first pass through. If I run it again, it will work fine. I suspect that the chef run cannot yet see these accounts until after the chef run is complete. If I run ‘getent passwd | grep account’ right after the chef run, I can indeed see the account. Anyone have any idea how to deal with ldap account changes within a chef run? Does ohai need to be rerun in the middle of the run somehow? Thanks Randy |
Archive powered by MHonArc 2.6.16.