Hello,
from the doc it seems that the User type has a provider of
''pw'' for
FreeBSD. It seems the provider does not allow dupelicate, does not
allow to manage the homedir and to manage password.
in the code the duplicate uid is set so it seems the doc is out of
date on this :)
- manage home directory, i don''t really understand what is that
parameter. The docs says ''allow to manage home directory'' so i
will make
a guess as it means that if we purge the user it purge the directory, if
so then:
(aqadmin)> pw user add help
....
-d directory home directory
-m [ -k dir ] create and set up home
(aqadmin)> pw user del help
...
-r remove home & contents
so to create this is -m and to destroy this is -r
- password. This one is tricky as the pw command does not allow
specificaly to give the password on the command line encrypted. It
requires the chpass utility:
chpass [-a list] [-p encpass] [-e expiretime] [-s newshell] [user]
it is installed on all my freeBSD servers but i don''t know if this is
the same package and if this is by default :)
So here is what i think for the provider:
puppet-0.22.4/lib/puppet/provider/user/pw.rb
add line:
+ has_features :manages_homedir, :allows_duplicates
change this command (+ on the lines addedd)
def addcmd
cmd = [command(:pw), "useradd", @model[:name]]
@model.class.validproperties.each do |property|
next if property == :ensure
# the value needs to be quoted, mostly because -c might
# have spaces in it
if value = @model.should(property) and value != ""
cmd << flag(property) << value
end
end
if @model[:allowdupe] == :true
cmd << "-o"
end
+ if @model.managehome?
+ cmd << "-m"
+ end
return cmd
end
i see that the provider user [:allowdupe] == :true while the linux one
use allowdupe? so i don''t know which is best... Also i do not see
where
is the command to delete a user so perhaps user purging is not set.
Also i do not know how to add a parameter for this provider to define
the freeBSD user class (-L ...) of the user. Could be handy to make this
available :)
--
Cordialement,
Ghislain
_______________________________________________
Puppet-users mailing list
Puppet-users@madstop.com
https://mail.madstop.com/mailman/listinfo/puppet-users
On Jun 11, 2007, at 3:10 AM, ADNET Ghislain wrote:> Hello, > > from the doc it seems that the User type has a provider of ''pw'' > for FreeBSD. It seems the provider does not allow dupelicate, does > not allow to manage the homedir and to manage password. > > > in the code the duplicate uid is set so it seems the doc is out of > date on this :) > > - manage home directory, i don''t really understand what is that > parameter. The docs says ''allow to manage home directory'' so i will > make a guess as it means that if we purge the user it purge the > directory, if so then: > > (aqadmin)> pw user add help > .... > -d directory home directory > -m [ -k dir ] create and set up home > > (aqadmin)> pw user del help > ... > -r remove home & contents > > > so to create this is -m and to destroy this is -r > > > > - password. This one is tricky as the pw command does not allow > specificaly to give the password on the command line encrypted. It > requires the chpass utility: > > chpass [-a list] [-p encpass] [-e expiretime] [-s newshell] [user] > > > it is installed on all my freeBSD servers but i don''t know if this > is the same package and if this is by default :) > > So here is what i think for the provider: > > puppet-0.22.4/lib/puppet/provider/user/pw.rb > > add line: > > + has_features :manages_homedir, :allows_duplicates > > > change this command (+ on the lines addedd) > > def addcmd > cmd = [command(:pw), "useradd", @model[:name]] > @model.class.validproperties.each do |property| > next if property == :ensure > # the value needs to be quoted, mostly because -c might > # have spaces in it > if value = @model.should(property) and value != "" > cmd << flag(property) << value > end > end > > if @model[:allowdupe] == :true > cmd << "-o" > end > > + if @model.managehome? > + cmd << "-m" > + end > > return cmd > end > > > i see that the provider user [:allowdupe] == :true while the linux > one use allowdupe? so i don''t know which is best... Also i do not > see where is the command to delete a user so perhaps user purging > is not set.Can you file this as a patch on an enhancement request? You''re correct about what ''managehome'' means. It looks like you''ve got the right stuff for adding the dir at user creation time, you just need to also add the -r option or whatever at user removal time.> Also i do not know how to add a parameter for this provider to > define the freeBSD user class (-L ...) of the user. Could be handy > to make this available :)What is this feature? I''ve not encountered it before. -- Finn''s Law: Uncertainty is the final test of innovation. --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
Luke Kanies a écrit :> On Jun 11, 2007, at 3:10 AM, ADNET Ghislain wrote: > > >> Hello, >> >> from the doc it seems that the User type has a provider of ''pw'' >> for FreeBSD. It seems the provider does not allow dupelicate, does >> not allow to manage the homedir and to manage password. >> >> >> in the code the duplicate uid is set so it seems the doc is out of >> date on this :) >> >> - manage home directory, i don''t really understand what is that >> parameter. The docs says ''allow to manage home directory'' so i will >> make a guess as it means that if we purge the user it purge the >> directory, if so then: >> >> (aqadmin)> pw user add help >> .... >> -d directory home directory >> -m [ -k dir ] create and set up home >> >> (aqadmin)> pw user del help >> ... >> -r remove home & contents >> >> >> so to create this is -m and to destroy this is -r >> >> >> >> - password. This one is tricky as the pw command does not allow >> specificaly to give the password on the command line encrypted. It >> requires the chpass utility: >> >> chpass [-a list] [-p encpass] [-e expiretime] [-s newshell] [user] >> >> >> it is installed on all my freeBSD servers but i don''t know if this >> is the same package and if this is by default :) >> >> So here is what i think for the provider: >> >> puppet-0.22.4/lib/puppet/provider/user/pw.rb >> >> add line: >> >> + has_features :manages_homedir, :allows_duplicates >> >> >> change this command (+ on the lines addedd) >> >> def addcmd >> cmd = [command(:pw), "useradd", @model[:name]] >> @model.class.validproperties.each do |property| >> next if property == :ensure >> # the value needs to be quoted, mostly because -c might >> # have spaces in it >> if value = @model.should(property) and value != "" >> cmd << flag(property) << value >> end >> end >> >> if @model[:allowdupe] == :true >> cmd << "-o" >> end >> >> + if @model.managehome? >> + cmd << "-m" >> + end >> >> return cmd >> end >> >> >> i see that the provider user [:allowdupe] == :true while the linux >> one use allowdupe? so i don''t know which is best... Also i do not >> see where is the command to delete a user so perhaps user purging >> is not set. >> > > Can you file this as a patch on an enhancement request? > >as a patch i am not sure to know how to do this... i''> You''re correct about what ''managehome'' means. It looks like you''ve > got the right stuff for adding the dir at user creation time, you > just need to also add the -r option or whatever at user removal time. > >hummm yes but i could not find the removal part in the provider...>> Also i do not know how to add a parameter for this provider to >> define the freeBSD user class (-L ...) of the user. Could be handy >> to make this available :) >> > > What is this feature? I''ve not encountered it before.yes, you can define a user class in login.conf (see man login.conf for details): DESCRIPTION login.conf contains various attributes and capabilities of login classes. A login class (an optional annotation against each record in the user account database, /etc/master.passwd) determines session accounting, resource limits and user environment settings. It is used by various programs in the system to set up a user''s login environment and to enforce policy, accounting and administrative restrictions. It also pro vides the means by which users are able to be authenticated to the system and the types of authentication available. and then put the user in this class. This set quite a lot of thing for the user like timezone, lang setting, ressource limits, umask etc.... so in freeBSD it could be handy but realy i don''t know how to add this simple thing to the provider. -- Cordialement, Ghislain _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users
do you have any docs about writing type and providers ? i really do not see in useradd.rb or pw.rb how they manage to delete user for exemple ? -- Cordialement, Ghislain _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users
On Jun 15, 2007, at 1:41 AM, ADNET Ghislain wrote:> do you have any docs about writing type and providers ? > i really do not see in useradd.rb or pw.rb how they manage to > delete user for exemple ?I haven''t yet written a document describing them, partially because I had not until recently come up with a clean API definition. However, that wouldn''t have helped you much in this case. In order to avoid massive code duplication, most of the code for user and group providers is in respective base classes. So, for pw, look in puppet/provider/nameservice/pw.rb for the deletecmd method, which is what''s used to build up the command line that deletes uesrs and groups. Note that the same method is used for users and groups, so you should override the method in the user/pw.rb and modify it there. -- The world tolerates conceit from those who are successful, but not from anybody else. -- John Blake --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com