0

just start puppet. As everyone else knows, starting something is always the most difficult. Well for practice I wanna do the following: I assume I am to put it in init.pp. I did my google search before posting here. Most of them out there do not apply an if/else loop on version checking. Most just ensure a specific version or just ensure => latest. 

if 'openssl' version == '1.0.2b' or '1.0.2d'
    upgrade to 1.1.1e
else
     do nothing

Currently my code looks like this

 package { 'openssl':
    if 'openssl' version == '1.0.2b' or '1.0.2d' {
        ensure => '1.1.1e'
    }
    else {
    }

I have several problems:

1) I don't think my syntax for the version of openssl is written correctly. When I do simple google search I see people ensuring version of openssl something like this '1.0.1e-15.el6', sometimes it's '1.0.1e-16.el6_5.7' I am confused on determining what's after the '-'

3) How to check version of openssl? I think the syntax if 'openssl' version == "xxxx" is not correct.

Improve this question

1 Answer 1

Reset to default
1

depending on your OS you have to find out the full name of the package to install. On a redhat like system you can use yum info openssl to find out the full package name. You will see something like this:

[root@puppet-vm ~]# yum info openssl Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.informatik.hs-fulda.de * extras: mirror.informatik.hs-fulda.de * updates: mirror.maeh.org Installed Packages Name : openssl Arch : x86_64 Epoch : 1 Version : 1.0.1e Release : 42.el7.9 Size : 1.5 M Repo : installed From repo : updates Summary : Utilities from the general purpose cryptography library with TLS implementation URL : http://www.openssl.org/ License : OpenSSL Description : The OpenSSL toolkit provides support for secure communications between : machines. OpenSSL includes a certificate management tool and shared : libraries which provide various cryptographic algorithms and : protocols.

Where

Version : 1.0.1e Release : 42.el7.9

gives you the information you need.

This is how you can tell puppet to install this specific version of openssl or any other package.

package { 'openssl': ensure => '1.0.1e-42.el7.9', }

More detailed information about the package type can be found here.

Puppet is not designed to check for the existance of packages and only upgrade / downgrade them if they fullfill a specific requirement. Puppet is meant to be used for defining how the server should be configured finally.

There are ways to do what you are trying with exec but this is not how puppet should be used.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.