Lab 9 - Configuration Management with Puppet (Advanced)

The Setting

You’re suddenly awoken by an alarm. Still drowsy from sleep, you check the time on your phone. 7:00am?? you think to yourself. No way. I don’t even have any 8ams. In fact, I haven’t woken up this early since… Looking back at your phone again, which you realize is now 2 times thicker and suddenly has a 3.5mm audio port, you check the year. You may have thought Berkeley was hell, but now you’ve traveled back in time for some true suffering: high school.

After getting dressed and lamenting your disastrous teenage fashion sense, you get a text message on your dumb phone. Sighing, you open it even though it’s going to cost you 10 cents.

FROM: 5cr1p7k1dd1337
MSG: w31c0m3 b4ck t0 h1ghsk00l. i h4v3 a t45k f0r j00: j00 mu5t 1n5ta11 th3
f0ll0w1ng 5cr1p7 0n 3v3ry c0mput3r 1n j00r sk00l by the 3nd 0f t0d4y, 0r j00l
b3 5tuCk 5ever.

j00r sk00l u535 puppet, s0 j00 c4n ju57 wr1t3 a m0dul3 f0r th15. F1l3s R @
https://github.com/0xcf/decal-labs 1n a9/

Rubbing your eyes, you try to understand 5cr1p7k1dd1337’s arcane runes once again:

Welcome back to high school. I have a task for you: you must install the
following script on every computer in your school by the end of today, or
you'll be stuck forever.

Your school uses puppet, so you can just write a module for this. Files are in
the decal-labs repo (https://github.com/0xcf/decal-labs) in the a9/ directory.

Great, you think to yourself, good thing I’m currently taking the best DeCal at UC Berkeley, the Unix SysAdmin DeCal! This is gonna be a piece of cake

Your task, in plain English

You need to write a puppet module that places a script hack_everything into /usr/local/bin/ and sets up a cronjob to run the script repeatedly and append its output to a file. Your module will need to install the dependencies for the script and ensure that all of the pieces are installed correctly.

There are three main parts that you’ll need to work on:

1. Installing the packages the script depends on
2. Placing the script in the right directory and placing a file the script depends on in the right directory
3. Setting up a cronjob to run the script every 30 minutes and append its output to a file

We’ve provided skeleton code for you in the decal-labs repository If you haven’t cloned this repo yet, then git clone https://github.com/0xcf/decal-labs should get you the files. Otherwise, a simple git pull from the root of the repository should fetch the files for you. The script is located in a9/modules/hacked/files/hack_everything

The only file you will need to change is in a9/modules/hacked/manifests/hacked.pp. We’ve included some hints and pointers to relevant documentation that will help you complete this manifest.

Although we are only applying your manifest on one machine (your DeCal VM), you could in theory apply this module on thousands of machines that are connected to a puppet-master! How neat is that!

While you’re writing your manifest, there’s an easy way to check your syntax: you can use the command puppet parser validate hacking.pp

Once you have completed your manifest, you can apply the changes to your system with this command (I assume you cloned things into $HOME):

sudo puppet apply --modulepath=$HOME/decal-labs/a9/modules $HOME/decal-labs/a9/manifests/default.pp

Basically, we’re running puppet locally on the module we just created. default.pp is just a file that includes the hacked module you’re editing, and we need to be sure to include the path to the modules so puppet can find them.

Once this is done, you should be able to run the command hack_everything (as the script is now in your path). Try it out!

Hints (if you need them):

• The skeleton code has links to relevant docs
• Here is an example puppet manifest that might be helpful

After you think everything works, fill out the Google form (you’ll need to copy paste your hacking.pp manifest) here