1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
|
---
inMenu: true
title: Executable Reference
---
# Puppet Executable Reference
Every Puppet executable (with the exception of ``puppetdoc``) accepts all of
these arguments, but not all of the arguments make sense for every executable.
Each argument has a section listed with it in parentheses; often, that section
will map to an executable (e.g., ``puppetd``), in which case it probably only
makes sense for that one executable. If ``puppet`` is listed as the section,
it is most likely an option that is valid for everyone.
This will not always be the case. I have tried to be as thorough as possible
in the descriptions of the arguments, so it should be obvious whether an
argument is approprite or not.
* **authconfig** (*puppet*)
The configuration file that defines the rights to the different namespaces and methods. This can be used as a coarse-grained authorization system for both ``puppetd`` and ``puppetmasterd``.
* **autosign** (*ca*)
Whether to enable autosign. Valid values are true (which autosigns any key request, and is a very bad idea), false (which never autosigns any key request), and the path to a file, which uses that configuration file to determine which keys to sign.
* **bucketdir** (*filebucket*)
Where FileBucket files are stored.
* **ca_days** (*ca*)
How long a certificate should be valid.
* **ca_md** (*ca*)
The type of hash used in certificates.
* **cacert** (*ca*)
The CA certificate.
* **cadir** (*ca*)
The root directory for the certificate authority.
* **cakey** (*ca*)
The CA private key.
* **capass** (*ca*)
Where the CA stores the password for the private key
* **caprivatedir** (*ca*)
Where the CA stores private certificate information.
* **capub** (*ca*)
The CA public key.
* **certdir** (*certificates*)
The certificate directory.
* **classfile** (*puppetd*)
The file in which puppetd stores a list of the classes associated with the retrieved configuratiion. Can be loaded in the separate ``puppet`` executable using the ``--loadclasses`` option.
* **color** (*puppet*)
Whether to use ANSI colors when logging to the console.
* **confdir** (*puppet*)
The main Puppet configuration directory.
* **config** (*puppetdoc*)
The configuration file for puppetdoc.
* **csrdir** (*ca*)
Where the CA stores certificate requests
* **dbadapter** (*puppetmaster*)
The type of database to use.
* **dblocation** (*puppetmaster*)
The database cache for client configurations. Used for querying within the language.
* **dbname** (*puppetmaster*)
The name of the database to use.
* **dbpassword** (*puppetmaster*)
The database password for Client caching. Only used when networked databases are used.
* **dbserver** (*puppetmaster*)
The database server for Client caching. Only used when networked databases are used.
* **dbuser** (*puppetmaster*)
The database user for Client caching. Only used when networked databases are used.
* **fileserverconfig** (*fileserver*)
Where the fileserver configuration is stored.
* **genconfig** (*puppet*)
Whether to just print a configuration to stdout and exit. Only makes sense when used interactively. Takes into account arguments specified on the CLI.
* **genmanifest** (*puppet*)
Whether to just print a manifest to stdout and exit. Only makes sense when used interactively. Takes into account arguments specified on the CLI.
* **group** (*puppetmasterd*)
The group puppetmasterd should run as.
* **httplog** (*puppetd*)
Where the puppetd web server logs.
* **ignoreschedules** (*puppetd*)
Boolean; whether puppetd should ignore schedules. This is useful for initial puppetd runs.
* **keylength** (*ca*)
The bit length of keys.
* **ldapattrs** (*ldap*)
The LDAP attributes to use to define Puppet classes. Values should be comma-separated.
* **ldapbase** (*ldap*)
The search base for LDAP searches. It's impossible to provide a meaningful default here, although the LDAP libraries might have one already set. Generally, it should be the 'ou=Hosts' branch under your main directory.
* **ldapnodes** (*ldap*)
Whether to search for node configurations in LDAP.
* **ldapparentattr** (*ldap*)
The attribute to use to define the parent node.
* **ldappassword** (*ldap*)
The password to use to connect to LDAP.
* **ldapport** (*ldap*)
The LDAP port. Only used if ``ldapnodes`` is enabled.
* **ldapserver** (*ldap*)
The LDAP server. Only used if ``ldapnodes`` is enabled.
* **ldapssl** (*ldap*)
Whether SSL should be used when searching for nodes. Defaults to false because SSL usually requires certificates to be set up on the client side.
* **ldapstring** (*ldap*)
The search string used to find an LDAP node.
* **ldaptls** (*ldap*)
Whether TLS should be used when searching for nodes. Defaults to false because TLS usually requires certificates to be set up on the client side.
* **ldapuser** (*ldap*)
The user to use to connect to LDAP. Must be specified as a full DN.
* **lexical** (*puppet*)
Whether to use lexical scoping (vs. dynamic).
* **listen** (*puppetd*)
Whether puppetd should listen for connections. If this is true, then by default only the ``runner`` server is started, which allows remote authorized and authenticated nodes to connect and trigger ``puppetd`` runs.
* **localconfig** (*puppetd*)
Where puppetd caches the local configuration. An extension indicating the cache format is added automatically.
* **lockdir** (*puppet*)
Where lock files are kept.
* **logdir** (*puppet*)
The Puppet log directory.
* **manifest** (*puppetmasterd*)
The entry-point manifest for puppetmasterd.
* **manifestdir** (*puppetmasterd*)
Where puppetmasterd looks for its manifests.
* **masterhttplog** (*puppetmasterd*)
Where the puppetmasterd web server logs.
* **masterlog** (*puppetmasterd*)
Where puppetmasterd logs. This is generally not used, since syslog is the default log destination.
* **masterport** (*puppetmasterd*)
Which port puppetmasterd listens on.
* **mkusers** (*puppet*)
Whether to create the necessary user and group that puppetd will run as.
* **noop** (*puppetd*)
Whether puppetd should be run in noop mode.
* **paramcheck** (*ast*)
Whether to validate parameters during parsing.
* **parseonly** (*puppetmasterd*)
Just check the syntax of the manifests.
* **passfile** (*certificates*)
Where puppetd stores the password for its private key. Generally unused.
* **privatedir** (*certificates*)
Where the client stores private certificate information.
* **privatekeydir** (*certificates*)
The private key directory.
* **publickeydir** (*certificates*)
The public key directory.
* **puppetdlockfile** (*puppetd*)
A lock file to temporarily stop puppetd from doing anything.
* **puppetdlog** (*puppetd*)
The log file for puppetd. This is generally not used.
* **puppetport** (*puppetd*)
Which port puppetd listens on.
* **railslog** (*puppetmaster*)
Where Rails-specific logs are sent
* **req_bits** (*ca*)
The bit length of the certificates.
* **rrddir** (*metrics*)
The directory where RRD database files are stored.
* **rrdgraph** (*metrics*)
Whether RRD information should be graphed.
* **rundir** (*puppet*)
Where Puppet PID files are kept.
* **runinterval** (*puppetd*)
How often puppetd applies the client configuration; in seconds
* **serial** (*ca*)
Where the serial number for certificates is stored.
* **server** (*puppetd*)
The server to which server puppetd should connect
* **setpidfile** (*puppet*)
Whether to store a PID file for the daemon.
* **signeddir** (*ca*)
Where the CA stores signed certificates.
* **ssldir** (*puppet*)
Where SSL certificates are kept.
* **statedir** (*puppet*)
The directory where Puppet state is stored. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts).
* **statefile** (*puppet*)
Where puppetd and puppetmasterd store state associated with the running configuration. In the case of puppetmasterd, this file reflects the state discovered through interacting with clients.
* **storeconfigs** (*puppetmaster*)
Whether to store each client's configuration. This requires ActiveRecord from Ruby on Rails.
* **tags** (*transaction*)
Tags to use to find objects. If this is set, then only objects tagged with the specified tags will be applied. Values must be comma-separated.
* **typecheck** (*ast*)
Whether to validate types during parsing.
* **usecacheonfailure** (*puppetd*)
Whether to use the cached configuration when the remote configuration will not compile. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known-good one.
* **user** (*puppetmasterd*)
The user puppetmasterd should run as.
* **vardir** (*puppet*)
Where Puppet stores dynamic and growing data.
----------------
*This page autogenerated on Fri Jun 16 14:45:05 PDT 2006*
|
