Renoir Boulanger Un geek social et Linuxien de nature

A few useful GNU/Linux truth tests while creating salt states

A common task while writing server configuration management manifests is to make sure that some enforcements are run in specific situations.

Nothing amazing here, just that in some situations I want to run commands in salt stack only in some situations that should be enforced.

Those tests are written within Salt stack states and YAML, but the test are plain GNU/Linux tests.

Add group additional membership to user

usermod -a -G amavis clamav:
  cmd.run:
    - unless: 'grep "^amavis" /etc/group | grep -q -e clamav'

A similar alternate could also be

usermod -a -G amavis clamav:
  cmd.run:
    - unless: grep -q -e '^amavis.*clamav$' /etc/group

Change ownership on a folder only if its not what we expect

{% for es_folder in ['/usr/share/elasticsearch/data','/var/lib/elasticsearch'] %}
chown -R app-user:app-user {{ es_folder }}:
  cmd.run:
    - onlyif: "test `stat -c %G {{ es_folder }}` != app-user"
{% endfor %}
Comments are closed.