It's a long-winded summary better explained by the steps to reproduce, but the gist of it is this:
If a file exists, and is not a file managed by Puppet, and you try to write to it from the "content" attribute (such as an ERb template) and not "source", replace => 'true' doesn't work. If you remove the file and run Puppet so that it creates it, subsequent runs will update the file, but not until Puppet creates it initially. This doesn't seem like the right behavior.
Steps to reproduce on CentOS 5:
- Ensure file /etc/pam.d/system-auth exists.
- Try to create /etc/pam.d/system-auth from an ERb template (content => template(...)). Specify replace => 'true' in the file definition.
- Run Puppet on the client; the file is not overwritten.
- Rename or delete /etc/pam.d/system-auth.
- Run Puppet a second time on the Client; the file is written.
- Update the template on the server.
- Run Puppet a third time; the file is overwritten.
It feels like the right behavior should be that the file is overwritten on the first run as well.
