-2

I am trying to install tomcat on a virtual box guest machine using puppet and vagrant. For tomcat to run, I need to change permission of the /bin/*.sh files.

Here is the relevant section of my puppet config:

class tomcat{

 exec{ 
 'get-tomcat':
    command => "wget -P /home/vagrant/tmp http://apache.crihan.fr/dist/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.tar.gz",
    path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ],
    require => File["/home/vagrant/tmp"];
 'expand-tomcat':
    command => "tar xzf apache-tomcat-7.0.42.tar.gz",
    cwd => "/home/vagrant/tmp",
    require => File["/home/vagrant/tmp"],   
    path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ],
    creates => "/home/vagrant/apache-tomcat-7.0.42",
 }

 file { "/home/vagrant/tmp":
    ensure => "directory",
    owner => "vagrant",
    group => "vagrant",
    mode => "u+rwx",
    recurse => true,
    require => File['/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh']
 }

 file { "/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh":
    owner => "vagrant",
    group => "vagrant",
    mode => "u+rwx",
    recurse => true
 }

}

What puzzles me is that I get the following output when I run vagrant provision:

debug: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/docs/introduction.html]: The container /home/vagrant/tmp will propagate my refresh event
debug: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/docs/introduction.html]: The container /home/vagrant/tmp will propagate my refresh event
debug: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/docs/introduction.html]: The container /home/vagrant/tmp will propagate my refresh event
notice: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/examples/jsp/plugin/plugin.jsp]/owner: owner changed 'root' to 'vagrant'
notice: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/examples/jsp/plugin/plugin.jsp]/group: group changed 'root' to 'vagrant'
notice: /File[/home/vagrant/tmp/apache-tomcat-7.0.42/webapps/examples/jsp/plugin/plugin.jsp]/mode: mode changed '0644' to '0744' (u+rwx)

and so on...

and then after I do a vagrant ssh, and listing the files with ls -l, I notice that all files are owned by root!

vagrant@precise64:~/tmp/apache-tomcat-7.0.42/bin$  ls -l
total 696
-rw-r--r-- 1 root root  28616 Jul  2 07:59 bootstrap.jar
-rw-r--r-- 1 root root  13217 Jul  2 07:59 catalina.bat
-rwxr-xr-x 1 root root  19877 Jul  2 07:59 catalina.sh
-rw-r--r-- 1 root root   2121 Jul  2 07:59 catalina-tasks.xml
-rw-r--r-- 1 root root  24283 Jul  2 07:59 commons-daemon.jar
-rw-r--r-- 1 root root 204944 Jul  2 07:59 commons-daemon-native.tar.gz
-rw-r--r-- 1 root root   2131 Jul  2 07:59 configtest.bat
-rwxr-xr-x 1 root root   1982 Jul  2 07:59 configtest.sh
-rw-r--r-- 1 root root   1342 Jul  2 07:59 cpappend.bat
-rwxr-xr-x 1 root root   7492 Jul  2 07:59 daemon.sh
-rw-r--r-- 1 root root   2178 Jul  2 07:59 digest.bat
-rwxr-xr-x 1 root root   2021 Jul  2 07:59 digest.sh
-rw-r--r-- 1 root root   3264 Jul  2 07:59 setclasspath.bat
-rwxr-xr-x 1 root root   3524 Jul  2 07:59 setclasspath.sh
-rw-r--r-- 1 root root   2111 Jul  2 07:59 shutdown.bat
-rwxr-xr-x 1 root root   1960 Jul  2 07:59 shutdown.sh
-rw-r--r-- 1 root root   2112 Jul  2 07:59 startup.bat
-rwxr-xr-x 1 root root   1961 Jul  2 07:59 startup.sh
-rw-r--r-- 1 root root  38333 Jul  2 07:59 tomcat-juli.jar
-rw-r--r-- 1 root root 288166 Jul  2 07:59 tomcat-native.tar.gz
-rw-r--r-- 1 root root   4114 Jul  2 07:59 tool-wrapper.bat
-rwxr-xr-x 1 root root   5086 Jul  2 07:59 tool-wrapper.sh
-rw-r--r-- 1 root root   2116 Jul  2 07:59 version.bat
-rwxr-xr-x 1 root root   1965 Jul  2 07:59 version.sh
balteo
  • 63
  • 2
  • 9

2 Answers2

2

As Scott said, your wildcards aren't valid.

Just as importantly, your requires are wrong. The order in which puppet is going to try to manage your resources is

  1. File["/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh"]
  2. File["home/vagrant/tmp"]
  3. Either (because you didn't specify) Exec['get-tomcat'] or Exec['expand-tomcat']
  4. Either (because you didn't specify) Exec['get-tomcat'] or Exec['expand-tomcat']

The ownership problem you noticed happens because your declaration of the user and group for files in /home/vagrant/tmp takes effect before the tomcat files exist.

I think you're trying to write this:

class tomcat{

  $scripts = [
      '/home/vagrant/tmp/apache-tomcat-7.0.42/daemon.sh',
      '/home/vagrant/tmp/apache-tomcat-7.0.42/digest.sh',
      '/home/vagrant/tmp/apache-tomcat-7.0.42/setclasspath.sh',
      '/home/vagrant/tmp/apache-tomcat-7.0.42/shutdown.sh',
      '/home/vagrant/tmp/apache-tomcat-7.0.42/startup.sh',
      '/home/vagrant/tmp/apache-tomcat-7.0.42/tool-wrapper.sh',
      '/home/vagrant/tmp/apache-tomcat-7.0.42/version.sh'
  ]

  file { '/home/vagrant/tmp':
    ensure => 'directory',
    owner  => 'vagrant',
    group  => 'vagrant',
    mode   => 'u+rwx',
  }

  exec { 'get-tomcat':
    command => 'wget http://apache.crihan.fr/dist/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.tar.gz',
    cwd     => '/home/vagrant/tmp',
    path    => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
    creates => '/home/vagrant/apache-tomcat-7.0.42.tar.gz',
    require => File['/home/vagrant/tmp'],
  }

  exec { 'expand-tomcat':
    command => 'tar xzf apache-tomcat-7.0.42.tar.gz',
    cwd     => '/home/vagrant/tmp',
    path    => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
    creates => '/home/vagrant/apache-tomcat-7.0.42',
    require => Exec['get-tomcat'],
  }

  file { $scripts:
    owner   => 'vagrant',
    group   => 'vagrant',
    mode    => 'u+rwx',
    recurse => true,
    require => Exec['expand-tomcat'],
  }

}

Notice how I declared the dependencies logically, leading to this order

  1. File["/home/vagrant/tmp/"]
  2. Exec['get-tomcat']
  3. Exec['expand-tomcat']

Followed by all the files in $scripts

sciurus
  • 12,678
  • 2
  • 31
  • 49
0

File resources in puppet do not expand wildcards, so the following puppet code is not doing what you are expecting:

file { "/home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh":
   owner => "vagrant",
   group => "vagrant",
   mode => "u+rwx",
   recurse => true
}

That is looking for a single file that is literally named /home/vagrant/tmp/apache-tomcat-7.0.42/bin/*.sh.

To do what you are wanting to do, you need to remove the above code and add this code:

exec { 'set-tomcat-permissions':
  command => "chown -Rh vagrant:vagrant .; find . -name '*.sh' -exec chmod u+rwx {} ';'",
  cwd => "/home/vagrant/tmp",
  path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ],
  subscribe => Exec["expand-tomcat"],
  refreshonly => true,
}
Scott Duckworth
  • 846
  • 1
  • 10
  • 12