AlmaLinux 10 - Locmap¶
Locmap is a tool for locally applying a curated subset of puppet modules on a Linux machine without the need for a puppet master.
Locmap is typically installed by default when installing a new AlmaLinux system and selecting 'Software Development Workstation (CERN Recommended Setup)' during the installation.
In the event that locmap is not available, you may follow these instructions to install it.
console
$ sudo dnf -y install locmap-release
$ sudo dnf -y install locmap
$ sudo locmap --enable all
$ sudo locmap --configure all
Usage¶
You can access the documentation by typing (as root):
```console
man locmap¶
```
You can list enabled modules:
```console
locmap --list¶
[Available Modules] afs [disabled] cernbox [disabled] cernphone [disabled] chrony [disabled] cvmfs [disabled] eosclient [disabled] kerberos [disabled] lpadmin [disabled] postfix [disabled] resolved [disabled] ssh [disabled] sudo [disabled] zoom [disabled] ```
You can configure all enabled module with the following command:
```console
locmap --configure all¶
```
You can configure a new module:
```console
locmap --enable modulename¶
locmap --configure modulename¶
```
You can disable a module:
```console
locmap --disable modulename¶
```
You can remove root access to the Main Users of LanDB using the --disallow_root. It means that only Resposibles defined in LanDB will have root access.
```console
locmap --disallow_root --configure modulename¶
locmap --disallow_root --configure all¶
```
Locmap and Openstack¶
It easy to run locmap during an openstack installation:
- Create a script with the above commands, say
install.sh. - Pass this as user data to
openstack create.bash openstack server create --image 'ALMA10 - x86_64' --key-name <mykey> --user-data ~/tmp/install.sh --flavor m2.small mynode
Alternatively, the script can be uploaded via the configuration tab of the "Launch Instance" panel of OpenStack.