Book Image

Puppet Cookbook - Third Edition - Third Edition

By : Thomas Uphill, John Arundel
Book Image

Puppet Cookbook - Third Edition - Third Edition

By: Thomas Uphill, John Arundel

Overview of this book

This book is for anyone who builds and administers servers, especially in a web operations context. It requires some experience of Linux systems administration, including familiarity with the command line, file system, and text editing. No programming experience is required.
Table of Contents (12 chapters)
11
Index

Auditing resources


Dry run mode, using the --noop switch, is a simple way to audit any changes to a machine under Puppet's control. However, Puppet also has a dedicated audit feature, which can report changes to resources or specific attributes.

How to do it...

Here's an example showing Puppet's auditing capabilities:

  1. Modify your site.pp file as follows:

    node 'cookbook' {
      file { '/etc/passwd':
        audit => [ owner, mode ],
      }
    }
  2. Run Puppet:

    [root@cookbook clients]# puppet agent -t
    Info: Caching catalog for cookbook.example.com
    Info: Applying configuration version '1413789080'
    Notice: /Stage[main]/Main/Node[cookbook]/File[/etc/passwd]/owner: audit change: newly-recorded value 0
    Notice: /Stage[main]/Main/Node[cookbook]/File[/etc/passwd]/mode: audit change: newly-recorded value 644
    Notice: Finished catalog run in 0.55 seconds
    

How it works...

The audit metaparameter tells Puppet that you want to record and monitor certain things about the resource. The value can be a list of the parameters that...