AlmaLinux 10 - Locmap

Locmap is a tool for locally applying a curated subset of puppet modules on a Linux machine without the need for a puppet master.

Locmap is typically installed by default when installing a new AlmaLinux system and selecting 'Software Development Workstation (CERN Recommended Setup)' during the installation.

In the event that locmap is not available, you may follow these instructions to install it.

$ sudo dnf -y install locmap-release
$ sudo dnf -y install locmap
$ sudo locmap --enable all
$ sudo locmap --configure all

Usage

You can access the documentation by typing (as root):

# man locmap

You can list enabled modules:

# locmap --list
[Available Modules]
afs            [disabled]
cernbox        [disabled]
cernphone      [disabled]
chrony         [disabled]
cvmfs          [disabled]
eosclient      [disabled]
kerberos       [disabled]
lpadmin        [disabled]
postfix        [disabled]
resolved       [disabled]
ssh            [disabled]
sudo           [disabled]
zoom           [disabled]

You can configure all enabled module with the following command:

# locmap --configure all

You can configure a new module:

# locmap --enable modulename
# locmap --configure modulename

You can disable a module:

# locmap --disable modulename

You can remove root access to the Main Users of LanDB using the --disallow_root. It means that only Resposibles defined in LanDB will have root access.

# locmap --disallow_root --configure modulename
# locmap --disallow_root --configure all

Locmap and Openstack

It easy to run locmap during an openstack installation:

1. Create a script with the above commands, say install.sh.
2. Pass this as user data to openstack create.

   openstack server create --image 'ALMA10 - x86_64' --key-name <mykey> --user-data ~/tmp/install.sh  --flavor m2.small mynode
   

Alternatively, the script can be uploaded via the configuration tab of the "Launch Instance" panel of OpenStack.