Posts etiquetados ‘configuration’

I will describe my configuration of puppetmaster server and puppet dashboard server running into the Debian’s Apache installation, but:

  • Using a custom or different user, not www-data and root. This is good to keep all puppet configuration and data with a different user than www-data and root.
  • Using a custom configuration directory, not default apache directory: /etc/apache2
  • You can issolate puppet server from the rest of apache applications.

First I recommend you to read the official documentation:

It is supposed that you have a running puppet installation.


In a previous post I commented the problems related to LDAP integration of Linux with LDAP. I proposed several solutions and commented that a good configuration can be enough. Tuning the configuration, trying to avoid buggy code, minimizing locks and delays, etc…

In this post I will comment a configuration that is quite stable at the moment, using Suse 11 SP2 with Active Directory 2003 + SFU.


To integrate a Linux system with a centralized user directory (like Microsoft Active Directory) the usual solution is to configure Kerberos for Authentication (password/credential checking) and LDAP for Authorization and Access Control. The “standarized” way to implement this is using libpam_krb5libnss_ldap (by padl software) and nscd (from libc).

Kerberos integration works pretty well and I do not have too many issues with it, but I can not say the same from libnss_ldap and nscd.

In this post I will explain the anoying problems that you can find using libnss_ldap and nscd, and propose some solutions and configurations that will make it work properly. I also recomend read a previous post about the problems and solutions with connecting an Unix server to Active directory (Spanish post).

Read this article if you are experiencing problems with nscd+libnss_ldap (quoting

  • Sometimes it consumes 100% cpu (and does not stop that until being killed)
  • Sometimes it just crashes.
  • Sometimes it causes users to “vanish”
  • Sometimes it hangs and thus slows down the whole system
  • Sometimes it makes all the host work slow
  • Sometimes login a host or execute sudo/su takes a lot of time or never logins.
  • Sometimes sudo or su dies with “Segmentation Fault”
  • Sometimes a simple ‘ls’ command takes minutes.
  • etc…



I think that I had the same issue. I want to use multiple environments, but I had a problem, puppet was always looking for the default location /etc/puppet/conf/manifests/site.pp instead of /etc/puppet/conf/data/<env>/manifests/site.pp.


I am playing arourd with puppet, a configuration management software.

We have both AIX and Linux systems, but I find puppet a little bit inmature for AIX.

Anyway, I think that it will be easy implement providers and recipes using the Exec providers on AIX. AIX has a consistent set of commands, and almost everything can be configured from command line. Most of commands have similar options, syntax and ouput.

Normally, all OS configuration items (users, groups, mountpoints) have a set of commands: ls, ch and mk. Most of then are based on attributes that can be changed/set and output of ls* commands usually can be printed in colons (-c option).