puppet-purge icon indicating copy to clipboard operation
puppet-purge copied to clipboard

Published 20 hours ago verified publisher icon crayfishx

can't purge cron resources

Open vchepkov opened this issue 5 years ago • 6 comments

while attempting removing 'unmanaged' cron entries, module recognizes those, but fails to remove

how to reproduce:

# crontab -u user -l
0 0 * * * /bin/echo test

puppet resource reports it as 'unmanaged'

# puppet resource cron 
cron { 'unmanaged:/bin/echo_test-1':
  ensure   => 'present',
  command  => '/bin/echo test',
  hour     => ['0'],
  minute   => ['0'],
  provider => 'crontab',
  target   => 'user',
  user     => 'user',
}

Code to apply:

purge { 'cron':
  if => [ 'user', '==', 'user' ],
}

Result of puppet apply:

Notice: /Stage[main]/Main/Purge[cron]/ensure: ensure changed 'purgable' to 'purged'
Notice: /Stage[main]/Main/Cron[unmanaged:/bin/echo_test-1]/ensure: removed

But cron entry remains intact.

Thanks, Vadym

vchepkov avatar Jun 24 '20 23:06 vchepkov

Hello,

I've just hit this while trying to use the module.

I'm able to get cronjobs purged for the root user using a snippet similar to @vchepkov 's, but any for other user the cronjobs get marked as getting removed but they just stay there in the crontab file like what is described by OP.

lelutin avatar Aug 20 '21 16:08 lelutin

I'm trying to figure out what's present in the catalog, but with with a request of the following type against puppetdb, I'm not seeing a resource for the cronjob that's not getting removed:

catalogs { certname = "node-name.fqdn" }

nothing in the output is mentioning "unmanaged:" or "echo" (which is part of the test cronjob that should get removed).

I don't know why that resource is not in the catalog but visibly getting processed by the agent

lelutin avatar Aug 20 '21 16:08 lelutin

ah, sorry for my confusion in the previous message. I've read the type code and I can see the resources are injected by the purge type. if I look at the reports (instead of the catalogs) for that same machine, I can see that puppet claims to have removed the resource:

      {
        "status": "success",
        "timestamp": "2021-08-20T12:33:12.795-04:00",
        "resource_type": "Cron",
        "resource_title": "unmanaged:/usr/bin/echo_blah_toisssi-1",
        "property": "ensure",
        "corrective_change": null,
        "new_value": "absent",
        "old_value": "present",
        "message": "removed",
        "file": null,
        "line": null,
        "containment_path": [
          "Stage[main]",
          "Profile::Cron",
          "Cron[unmanaged:/usr/bin/echo_blah_toisssi-1]"
        ],
        "containing_class": "Profile::Cron"
      },

as stated before though, it's still present in the crontab file for the www-data user.

lelutin avatar Aug 20 '21 16:08 lelutin

It's being awhile, anyone was able to find a solution?

vchepkov avatar Jan 03 '23 20:01 vchepkov

I have inspected the res object in generate function and I found that

res[:user] -> nil
res[:target] -> "root"

I believe both are wrong and should be set to an actual user

vchepkov avatar Jan 04 '23 18:01 vchepkov

FYI, module fails to remove previously managed entries, i.e. those that have Puppet Name: prefix

vchepkov avatar Jan 10 '23 15:01 vchepkov