Hi,
I have a class to add users to all the host servers. We are in
the process to have a coexisting user which belongs in NIS & as well as
/etc/passwd.
We have NIS clients (yp running) on all host servers.
So when running puppet is fails to add or modify user, bcos the user
already exists in NIS.
Eg: A user pcruise is an existing NIS user.
When using useradd or puppet(which in turn does useradd/usermod) fails
bcos it finds already a user in NIS.
So is there any way I can have a user belong to NIS & /etc/passwd.
NOTE: I know its more of a UNIX question rather then puppet.
Thanks for any info.
--
Deepak
_______________________________________________
Puppet-users mailing list
Puppet-users@madstop.com
https://mail.madstop.com/mailman/listinfo/puppet-users
"Deepak Naidu" <dnaidu@silverspringnet.com> writes:> We have NIS clients (yp running) on all host servers.> So when running puppet is fails to add or modify user, bcos the user > already exists in NIS.> Eg: A user pcruise is an existing NIS user.> When using useradd or puppet(which in turn does useradd/usermod) fails > bcos it finds already a user in NIS.> So is there any way I can have a user belong to NIS & /etc/passwd.> NOTE: I know its more of a UNIX question rather then puppet.This is another problem that would be fixed with a Puppet user type that manages /etc/passwd directly without using the host useradd / adduser abstraction. (We didn''t run into this problem, but we ran into the converse: we want to enable user purging, but some of our hosts have additional sources of users, mostly LDAP, and user purging should only affect the local users, not the additional user sources.) useradd / adduser just isn''t quite smart enough. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
>>This is another problem that would be fixed with a Puppet user type that >>manages /etc/passwd directly without using the host useradd / adduser >>abstraction.I am using user type, see below, but it fails(bcos it useradd command). So Russ, what other user type is there aprt from this one. I am wrong in understanding the usertype user. define auser ($group, $fullname, $uid) { user { "$name": ensure => present, comment => "$fullname", gid => "$group", groups => $ingroups, membership => minimum, uid => "$uid", shell => "/bin/bash", home => "/home/$name", } ====================== class auser { fssn_user {"user1": group => "g1", fullname => "user1", uid => "2000", } ======================= -----Original Message----- From: puppet-users-bounces@madstop.com on behalf of Russ Allbery Sent: Mon 10/15/2007 9:34 PM To: Puppet User Discussion Subject: Re: [Puppet-users] Useradd & NIS issue if the user exist "Deepak Naidu" <dnaidu@silverspringnet.com> writes:> We have NIS clients (yp running) on all host servers.> So when running puppet is fails to add or modify user, bcos the user > already exists in NIS.> Eg: A user pcruise is an existing NIS user.> When using useradd or puppet(which in turn does useradd/usermod) fails > bcos it finds already a user in NIS.> So is there any way I can have a user belong to NIS & /etc/passwd.> NOTE: I know its more of a UNIX question rather then puppet.This is another problem that would be fixed with a Puppet user type that manages /etc/passwd directly without using the host useradd / adduser abstraction. (We didn''t run into this problem, but we ran into the converse: we want to enable user purging, but some of our hosts have additional sources of users, mostly LDAP, and user purging should only affect the local users, not the additional user sources.) useradd / adduser just isn''t quite smart enough. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/> _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users
"Deepak Naidu" <dnaidu@silverspringnet.com> writes:>>> This is another problem that would be fixed with a Puppet user type >>> that manages /etc/passwd directly without using the host useradd / >>> adduser abstraction.> So Russ, what other user type is there aprt from this one. I am wrong in > understanding the usertype user.There isn''t any other right now. My point is that I think it would be good to have one. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
<Derek.Whayman@barclayscapital.com>
2007-Oct-16 07:36 UTC
Re: Useradd & NIS issue if the user exist
Um, yes we''ve had to write our own /etc/passwd-mananging custom type for other reasons - actually not too hard if you inherit ParsedFile. (i) useradd is dog-slow if you have a big LDAP directory for passwd as it enumerates every single entry and (ii) actually we needed to put in those +@netgroup entries with the ''+:x:::not in a permitted netgroup'' row at the end. Point (ii) needs a little extra jiggery-pokery, i.e. overloading flush_target so it stores that final row at the end of the array of records rather than wherever. I am still seriously considering writing a library to be preloaded with LD_PRELOAD to spoof /etc/nsswitch.conf [passwd: files] so useradd behaves (!) This is also a perennial problem when installing RPMs as they each take an age when they call useradd. Derek -----Original Message----- From: puppet-users-bounces@madstop.com [mailto:puppet-users-bounces@madstop.com] On Behalf Of Russ Allbery Sent: 16 October 2007 05:35 To: Puppet User Discussion Subject: Re: [Puppet-users] Useradd & NIS issue if the user exist "Deepak Naidu" <dnaidu@silverspringnet.com> writes:> We have NIS clients (yp running) on all host servers.> So when running puppet is fails to add or modify user, bcos the user > already exists in NIS.> Eg: A user pcruise is an existing NIS user.> When using useradd or puppet(which in turn does useradd/usermod) fails> bcos it finds already a user in NIS.> So is there any way I can have a user belong to NIS & /etc/passwd.> NOTE: I know its more of a UNIX question rather then puppet.This is another problem that would be fixed with a Puppet user type that manages /etc/passwd directly without using the host useradd / adduser abstraction. (We didn''t run into this problem, but we ran into the converse: we want to enable user purging, but some of our hosts have additional sources of users, mostly LDAP, and user purging should only affect the local users, not the additional user sources.) useradd / adduser just isn''t quite smart enough. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/> _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users ------------------------------------------------------------------------ For important statutory and regulatory disclosures and more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Barclays Capital is the investment banking division of Barclays Bank PLC, a company registered in England (number 1026167) with its registered office at 1 Churchill Place, London, E14 5HP. This email may relate to or be sent from other members of the Barclays Group. ------------------------------------------------------------------------