From 88d466e3aca349b3f129dd8e8967b90002a2584b Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Mon, 21 Apr 2014 15:57:36 -0700 Subject: fix comment from copied code --- manifests/agent/generate_sshkey.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 3187037..47f3026 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -6,7 +6,7 @@ define check_mk::agent::generate_sshkey( $check_mk_tag = 'check_mk_sshkey' ){ - # generate backupninja ssh keypair + # generate check-mk ssh keypair $ssh_key_name = "monitoring_${::fqdn}_id_rsa" $ssh_keys = ssh_keygen("${ssh_key_basepath}/${ssh_key_name}") $public = split($ssh_keys[1],' ') -- cgit v1.2.3 From 25b9b5f7cd2d64f464fb198d90cc757a1bff1c81 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 22 Apr 2014 00:17:34 -0700 Subject: replace homedir with more specific keydir, authdir, and authfile in order to allow overriding each. modify ::agent, ::agent::config, and ::agent::generate_sshkey to allow changing at each level, with reasonable defaults --- manifests/agent/config.pp | 21 +++++++++++++++---- manifests/agent/generate_sshkey.pp | 43 ++++++++++++++++++++++++++------------ 2 files changed, 47 insertions(+), 17 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index 256af8f..40b9ff5 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -1,8 +1,10 @@ class check_mk::agent::config ( - $ip_whitelist = '', + $ip_whitelist = '', $port, $server_dir, - $homedir, + $keydir, + $authdir, + $authfile = undef, $use_cache, $user, $method = 'xinetd', @@ -34,8 +36,19 @@ class check_mk::agent::config ( } 'ssh' : { if $generate_sshkey { - check_mk::agent::generate_sshkey { 'check_mk_key': - homedir => $homedir + if $authfile { + # if authfile is overridden, pass it through + check_mk::agent::generate_sshkey { 'check_mk_key': + keydir => $keydir, + authdir => $authdir, + authfile => $authfile + } + } else { + # otherwise don't + check_mk::agent::generate_sshkey { 'check_mk_key': + keydir => $keydir, + authdir => $authdir + } } } } diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 47f3026..3bc9a1d 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -1,27 +1,47 @@ -define check_mk::agent::generate_sshkey( +define check_mk::agent::generate_sshkey ( + # dir on the check-mk-server where the collected key pairs are stored + $keydir, + # dir on the check-mk-agent where the authorized_keys file is stored + $authdir, + # name of the authorized_keys file + $authfile = undef, + # dir on the puppetmaster where keys are stored $ssh_key_basepath = '/etc/puppet/modules/keys/files/check_mk_keys', + # user and group to run the agent as $user = 'monitoring', $group = 'monitoring', - $homedir, $check_mk_tag = 'check_mk_sshkey' ){ # generate check-mk ssh keypair - $ssh_key_name = "monitoring_${::fqdn}_id_rsa" + $ssh_key_name = "${user}_${::fqdn}_id_rsa" $ssh_keys = ssh_keygen("${ssh_key_basepath}/${ssh_key_name}") $public = split($ssh_keys[1],' ') $public_type = $public[0] $public_key = $public[1] $secret_key = $ssh_keys[0] - sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => 'root', - options => 'command="/usr/bin/check_mk_agent"'; + if $authdir or $authfile { + # if $authkey or $authdir are set, override authorized_keys path and file + sshd::ssh_authorized_key { $ssh_key_name: + type => 'ssh-rsa', + key => $public_key, + user => 'root', + target => "${authdir}/${authfile}", + options => 'command="/usr/bin/check_mk_agent"'; + } + } else { + # otherwise use the defaults + sshd::ssh_authorized_key { $ssh_key_name: + type => 'ssh-rsa', + key => $public_key, + user => 'root', + options => 'command="/usr/bin/check_mk_agent"'; + } } - @@file { "${homedir}/.ssh/${ssh_key_name}": + # resource collector, these end up on the check-mk-server host + @@file { "${keydir}/${ssh_key_name}": content => $secret_key, owner => $user, group => $group, @@ -29,14 +49,11 @@ define check_mk::agent::generate_sshkey( tag => $check_mk_tag; } - - @@file { "${homedir}/.ssh/${ssh_key_name}.pub": + @@file { "${keydir}/${ssh_key_name}.pub": content => $public_key, owner => $user, group => $group, mode => '0666', tag => $check_mk_tag; } - - } -- cgit v1.2.3 From c1eda813fbe51ab3476d4e5e2a1c996230339cef Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 24 Apr 2014 15:39:08 -0700 Subject: if using ssh, clean up any existing xinetd config --- manifests/agent/config.pp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'manifests/agent') diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index 40b9ff5..58e3b1e 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -51,6 +51,11 @@ class check_mk::agent::config ( } } } + + # make sure the xinetd method is not configured + file { '/etc/xinetd.d/check_mk': + ensure => absent; + } } default : {} } -- cgit v1.2.3 From 95947b5213b58be61563f966e2fb3a0cf3a072c1 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 29 Apr 2014 11:33:41 -0700 Subject: remove username from key filename, add comments explaining where things are getting installed, don't install the private key on the agent, it's not needed there --- manifests/agent/generate_sshkey.pp | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 3bc9a1d..fb7ce11 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -13,14 +13,15 @@ define check_mk::agent::generate_sshkey ( $check_mk_tag = 'check_mk_sshkey' ){ - # generate check-mk ssh keypair - $ssh_key_name = "${user}_${::fqdn}_id_rsa" + # generate check-mk ssh keypair, stored on puppetmaster + $ssh_key_name = "${::fqdn}_id_rsa" $ssh_keys = ssh_keygen("${ssh_key_basepath}/${ssh_key_name}") $public = split($ssh_keys[1],' ') $public_type = $public[0] $public_key = $public[1] $secret_key = $ssh_keys[0] + # setup the public half of the key in authorized_keys on the agent if $authdir or $authfile { # if $authkey or $authdir are set, override authorized_keys path and file sshd::ssh_authorized_key { $ssh_key_name: @@ -40,20 +41,13 @@ define check_mk::agent::generate_sshkey ( } } - # resource collector, these end up on the check-mk-server host + # resource collector for the private half of the keys, these end up on + # the check-mk-server host @@file { "${keydir}/${ssh_key_name}": content => $secret_key, - owner => $user, - group => $group, + owner => root, + group => root, mode => '0600', tag => $check_mk_tag; } - - @@file { "${keydir}/${ssh_key_name}.pub": - content => $public_key, - owner => $user, - group => $group, - mode => '0666', - tag => $check_mk_tag; - } } -- cgit v1.2.3 From 6547ba79591886544af4eaab88b65215d579d857 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 29 Apr 2014 12:33:37 -0700 Subject: switch to using a more standard storage location on the puppetmaster, and make sure it exists, work around bug with /var/lib/puppet/modules, drop monitoring user/group --- manifests/agent/generate_sshkey.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index fb7ce11..6f88f35 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -6,10 +6,10 @@ define check_mk::agent::generate_sshkey ( # name of the authorized_keys file $authfile = undef, # dir on the puppetmaster where keys are stored - $ssh_key_basepath = '/etc/puppet/modules/keys/files/check_mk_keys', - # user and group to run the agent as - $user = 'monitoring', - $group = 'monitoring', + # FIXME: need a way to ensure this dir is setup on the puppetmaster correctly + #$ssh_key_basepath = "${common::moduledir::module_dir_path}/check_mk/keys", + # for now use a dir we know works + $ssh_key_basepath = '/etc/puppet/modules/check_mk/keys', $check_mk_tag = 'check_mk_sshkey' ){ -- cgit v1.2.3 From ec8169eadc16fde4a8019b67f4966d2b119cb765 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 1 May 2014 14:07:53 -0700 Subject: create an sshuser parameter, so we can determine when we need to use sudo in the agent authorized_keys command --- manifests/agent/config.pp | 11 +++++++---- manifests/agent/generate_sshkey.pp | 13 +++++++++++-- 2 files changed, 18 insertions(+), 6 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index 58e3b1e..b00329b 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -9,6 +9,7 @@ class check_mk::agent::config ( $user, $method = 'xinetd', $generate_sshkey = false, + $sshuser = undef ) { if $use_cache { $server = "${server_dir}/check_mk_caching_agent" @@ -39,15 +40,17 @@ class check_mk::agent::config ( if $authfile { # if authfile is overridden, pass it through check_mk::agent::generate_sshkey { 'check_mk_key': - keydir => $keydir, - authdir => $authdir, - authfile => $authfile + keydir => $keydir, + authdir => $authdir, + authfile => $authfile, + sshuser => $sshuser } } else { # otherwise don't check_mk::agent::generate_sshkey { 'check_mk_key': keydir => $keydir, - authdir => $authdir + authdir => $authdir, + sshuser => $sshuser } } } diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 6f88f35..f01d2cf 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -10,6 +10,7 @@ define check_mk::agent::generate_sshkey ( #$ssh_key_basepath = "${common::moduledir::module_dir_path}/check_mk/keys", # for now use a dir we know works $ssh_key_basepath = '/etc/puppet/modules/check_mk/keys', + $sshuser = 'root', $check_mk_tag = 'check_mk_sshkey' ){ @@ -21,7 +22,15 @@ define check_mk::agent::generate_sshkey ( $public_key = $public[1] $secret_key = $ssh_keys[0] + # if we're not root we need to use sudo + if $sshuser != 'root' { + $command = 'sudo /usr/bin/check_mk_agent' + } else { + $command = '/usr/bin/check_mk_agent' + } + # setup the public half of the key in authorized_keys on the agent + # and restrict it to running only the agent if $authdir or $authfile { # if $authkey or $authdir are set, override authorized_keys path and file sshd::ssh_authorized_key { $ssh_key_name: @@ -29,7 +38,7 @@ define check_mk::agent::generate_sshkey ( key => $public_key, user => 'root', target => "${authdir}/${authfile}", - options => 'command="/usr/bin/check_mk_agent"'; + options => "command=\"${command}\""; } } else { # otherwise use the defaults @@ -37,7 +46,7 @@ define check_mk::agent::generate_sshkey ( type => 'ssh-rsa', key => $public_key, user => 'root', - options => 'command="/usr/bin/check_mk_agent"'; + options => "command=\"${command}\""; } } -- cgit v1.2.3 From 133c87b0f3a85ccb4aafd16fef0fa68348a559c1 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Mon, 5 May 2014 13:00:49 -0700 Subject: make resource name unique per host to ensure no collisions --- manifests/agent/config.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index b00329b..934a05f 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -39,7 +39,7 @@ class check_mk::agent::config ( if $generate_sshkey { if $authfile { # if authfile is overridden, pass it through - check_mk::agent::generate_sshkey { 'check_mk_key': + check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": keydir => $keydir, authdir => $authdir, authfile => $authfile, @@ -47,7 +47,7 @@ class check_mk::agent::config ( } } else { # otherwise don't - check_mk::agent::generate_sshkey { 'check_mk_key': + check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": keydir => $keydir, authdir => $authdir, sshuser => $sshuser -- cgit v1.2.3 From bb832e0f0fa92627412058f690b45eec0b4bbadc Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 13 May 2014 10:27:34 -0700 Subject: use new override_builtin parameter to fix problem with central authorized_keys directory, use sshuser --- manifests/agent/generate_sshkey.pp | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index f01d2cf..c72da91 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -33,12 +33,15 @@ define check_mk::agent::generate_sshkey ( # and restrict it to running only the agent if $authdir or $authfile { # if $authkey or $authdir are set, override authorized_keys path and file + # and also override using the built-in ssh_authorized_key since it may + # not be able to write to $authdir sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => 'root', - target => "${authdir}/${authfile}", - options => "command=\"${command}\""; + type => 'ssh-rsa', + key => $public_key, + user => $sshuser, + target => "${authdir}/${authfile}", + override_builtin => true, + options => "command=\"${command}\""; } } else { # otherwise use the defaults -- cgit v1.2.3 From 4a6e0fe8b1c17d2b35da7b7e548c01d93ee1ea9c Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 13 May 2014 15:56:22 -0700 Subject: set the user/group the key needs to be owner by on the server, default to nagios, but this might need to be something else for OMD (if so then that will need tobe passed down via agent::config) --- manifests/agent/generate_sshkey.pp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index c72da91..68c3bf1 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -1,6 +1,9 @@ define check_mk::agent::generate_sshkey ( # dir on the check-mk-server where the collected key pairs are stored $keydir, + # user/group the key should be owned by on the check-mk-server + $keyuser = 'nagios', + $keygroup = 'nagios', # dir on the check-mk-agent where the authorized_keys file is stored $authdir, # name of the authorized_keys file @@ -54,11 +57,11 @@ define check_mk::agent::generate_sshkey ( } # resource collector for the private half of the keys, these end up on - # the check-mk-server host + # the check-mk-server host, and the user running check-mk needs access @@file { "${keydir}/${ssh_key_name}": content => $secret_key, - owner => root, - group => root, + owner => $keyuser, + group => $keygroup, mode => '0600', tag => $check_mk_tag; } -- cgit v1.2.3 From 7893decc59cc67d446e65f7045e0de5ee929252e Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Fri, 16 May 2014 11:52:32 -0700 Subject: add mrpe subclass to setup the needed things for doing mrpe checks, so that those checks can just include it (stolen from the leap site_check_mk, seems like a good thing to have in the shared module) --- manifests/agent/mrpe.pp | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 manifests/agent/mrpe.pp (limited to 'manifests/agent') diff --git a/manifests/agent/mrpe.pp b/manifests/agent/mrpe.pp new file mode 100644 index 0000000..749550a --- /dev/null +++ b/manifests/agent/mrpe.pp @@ -0,0 +1,17 @@ +class check_mk::agent::mrpe { + # check_mk can use standard nagios plugins using + # a wrapper called mrpe + # see http://mathias-kettner.de/checkmk_mrpe.html + # this subclass is provided to be included by checks that use mrpe + + # FIXME: this is Debian specific and should be made more generic + package { 'nagios-plugins-basic': + ensure => latest, + } + + # ensure the config file exists, individual checks will add lines to it + file { '/etc/check_mk/mrpe.cfg': + ensure => present, + require => Package['check-mk-agent'] + } +} -- cgit v1.2.3 From 989fb446c1db090f7f9a4d1401b5ba83681af581 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 26 Jun 2014 17:21:27 -0700 Subject: new resource collector for 'ps' checks --- manifests/agent/ps.pp | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 manifests/agent/ps.pp (limited to 'manifests/agent') diff --git a/manifests/agent/ps.pp b/manifests/agent/ps.pp new file mode 100644 index 0000000..67a999f --- /dev/null +++ b/manifests/agent/ps.pp @@ -0,0 +1,17 @@ +define check_mk::agent::ps ( + # procname and levels have defaults in check_mk::ps + $procname = undef, + $levels = undef, + # user is optional + $user = undef +) { + + @@check_mk::ps { "${::fqdn}_${name}": + desc => $name, + host => $::fqdn, + procname => $procname, + user => $user, + levels => $levels, + tag => 'check_mk_ps'; + } +} -- cgit v1.2.3 From ef821fad2dda052fd60255e7c6e3a199d536fa69 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 22 Jan 2015 12:11:04 -0800 Subject: we don't need to check $authfile, puppet will do the right thing Conflicts: manifests/agent/generate_sshkey.pp --- manifests/agent/config.pp | 20 +++++--------------- manifests/agent/generate_sshkey.pp | 27 +++++++-------------------- 2 files changed, 12 insertions(+), 35 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index 934a05f..36f2910 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -37,21 +37,11 @@ class check_mk::agent::config ( } 'ssh' : { if $generate_sshkey { - if $authfile { - # if authfile is overridden, pass it through - check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": - keydir => $keydir, - authdir => $authdir, - authfile => $authfile, - sshuser => $sshuser - } - } else { - # otherwise don't - check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": - keydir => $keydir, - authdir => $authdir, - sshuser => $sshuser - } + check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": + keydir => $keydir, + authdir => $authdir, + authfile => $authfile, + sshuser => $sshuser } } diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 68c3bf1..71b58e9 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -34,26 +34,13 @@ define check_mk::agent::generate_sshkey ( # setup the public half of the key in authorized_keys on the agent # and restrict it to running only the agent - if $authdir or $authfile { - # if $authkey or $authdir are set, override authorized_keys path and file - # and also override using the built-in ssh_authorized_key since it may - # not be able to write to $authdir - sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => $sshuser, - target => "${authdir}/${authfile}", - override_builtin => true, - options => "command=\"${command}\""; - } - } else { - # otherwise use the defaults - sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => 'root', - options => "command=\"${command}\""; - } + sshd::ssh_authorized_key { $ssh_key_name: + type => 'ssh-rsa', + key => $public_key, + user => $sshuser, + target => "${authdir}/${authfile}", + override_builtin => true, + options => "command=\"${command}\""; } # resource collector for the private half of the keys, these end up on -- cgit v1.2.3 From 23a17e5c42e185034e9de809625de1125fa08873 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 22 Jan 2015 12:40:06 -0800 Subject: revert this part, since we contruct $target we _do_ need to check authdir/authfile --- manifests/agent/generate_sshkey.pp | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 71b58e9..419e73f 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -34,13 +34,25 @@ define check_mk::agent::generate_sshkey ( # setup the public half of the key in authorized_keys on the agent # and restrict it to running only the agent - sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => $sshuser, - target => "${authdir}/${authfile}", - override_builtin => true, - options => "command=\"${command}\""; + if $authdir or $authfile { + # if $authkey or $authdir are set, override authorized_keys path and file + # and also override using the built-in ssh_authorized_key since it may + # not be able to write to $authdir + sshd::ssh_authorized_key { $ssh_key_name: + type => 'ssh-rsa', + key => $public_key, + user => $sshuser, + target => "${authdir}/${authfile}", + override_builtin => true, + options => "command=\"${command}\""; + } else { + # otherwise use the defaults + sshd::ssh_authorized_key { $ssh_key_name: + type => 'ssh-rsa', + key => $public_key, + user => $sshuser, + options => "command=\"${command}\""; + } } # resource collector for the private half of the keys, these end up on -- cgit v1.2.3 From 3d35cd86c25588449b418c996fe861f44da05bca Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 22 Jan 2015 12:55:43 -0800 Subject: add sshuser comment --- manifests/agent/generate_sshkey.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 419e73f..d2d1d39 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -13,6 +13,7 @@ define check_mk::agent::generate_sshkey ( #$ssh_key_basepath = "${common::moduledir::module_dir_path}/check_mk/keys", # for now use a dir we know works $ssh_key_basepath = '/etc/puppet/modules/check_mk/keys', + # user on the client the check_mk server will ssh to, to run the agent $sshuser = 'root', $check_mk_tag = 'check_mk_sshkey' ){ -- cgit v1.2.3 From bdfc4c3c3be065c3d9110cb49bb3609d643e6041 Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Thu, 22 Jan 2015 12:57:33 -0800 Subject: make sure package isn't already defined first --- manifests/agent/mrpe.pp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/mrpe.pp b/manifests/agent/mrpe.pp index 749550a..5bc5f33 100644 --- a/manifests/agent/mrpe.pp +++ b/manifests/agent/mrpe.pp @@ -5,8 +5,10 @@ class check_mk::agent::mrpe { # this subclass is provided to be included by checks that use mrpe # FIXME: this is Debian specific and should be made more generic - package { 'nagios-plugins-basic': - ensure => latest, + if !defined(Package['nagios-plugins-basic']) { + package { 'nagios-plugins-basic': + ensure => latest, + } } # ensure the config file exists, individual checks will add lines to it -- cgit v1.2.3