Andreas Vöst
28 days
Claus-Theodor Riegg
4 years
Andreas Vöst
2 months
Andreas Vöst
3 months
Kim Klotz
3 months
Claus-Theodor Riegg
8 years
Andreas Vöst
5 months
Andreas Vöst
7 months
Claus-Theodor Riegg
8 years
Marc Dierig
10 months
Claus-Theodor Riegg
7 years

Don't use puppet `exec` type without `cwd` and `user` parameter

Updated . Posted . Visible to the public. Repeats.
  1. Don't use exec without user parameter

    If you use exec without user parameter, the command will get executed as root. You mostly don't want this.

  2. There is a difference in the env variables of the exec if you run puppet manually or if the daemon runs.

  3. Never ever use exec without cwd parameter

    If you use exec without cwd parameter, the command get executed in the cwd of your puppet run. This can cause problems if you run the puppet agent manually.

    Example:

    # exec resource:
    exec { "update_rubygems_${user}_${version}":
      command => "${home}/.rbenv/shims/gem update --system ${version}",
      unless  => "${home}/.rbenv/shims/gem -v | /bin/grep ${version}",
    }
    

    This does execute rbenv commands. If puppet runs in a cwd without .rbenv-version it's no problem it uses the default ruby version. If you are in a cwd with a .ruby-version it uses the ruby version from this file for all rbenv commands. You will probably get some errors.

Last edit
Kim Klotz
License
Source code in this card is licensed under the MIT License.