Matthew Finlayson
2010-Jul-13 16:39 UTC
[Puppet Users] Problem with home directories and users from NIS
Puppeteers, My environment has NIS with all my users precreated. I have a module which creates home directories for them along with their authorized key file and a customized bashrc. class hostinghome { createhostinghome { someuser: username => "someuser"; # Of course I actually have a lot more users. } } define createhostinghome ( $username ) { file { "/home/$username" : ensure => directory, mode => 755, owner => "$username", require => [ Service[''ypbind''] ]; "/home/$username/.ssh" : ensure => directory, require => [ File["/home/$username"] ], mode => 755, owner => "$username"; "/home/$username/.bashrc" : ensure => present, source => "puppet:///modules/hostinghome/bashrc", require => [ File["/home/$username"] ], mode => 755, owner => "$username"; "/home/$username/.bash_profile" : ensure => present, source => "puppet:///modules/hostinghome/bash_profile", require => [ File["/home/$username"] ], mode => 755, owner => "$username"; "/home/$username/.ssh/authorized_keys" : ensure => present, source => "puppet:///modules/hostinghome/$username.id_rsa.pub", require => [ File["/home/$username/.ssh"] ], mode => 755, owner => "$username"; } } I also have a module for ypbind which the createhostinghome function requires: class nis::client { include portmap package { ypbind: ensure => latest; } service { ypbind: enable => true, ensure => true, subscribe => [ File["/etc/sysconfig/network"], File["/etc/yp.conf"], File["/etc/nsswitch.conf"] ], require => [Package["ypbind"], Service["portmap"]]; } file { "/etc/yp.conf": mode => 644, owner => root, group => root, ensure => file, content => template("nis/yp.conf.erb"), require => Package["ypbind"]; "/etc/sysconfig/network": mode => 644, owner => root, group => root, ensure => file, content => template("nis/network.erb"); "/etc/nsswitch.conf": mode => 644, owner => root, group => root, ensure => file, content => template("nis/nsswitch.conf.erb"); } exec { "ypdomainname $my_nis_domain": path => "/usr/bin:/usr/sbin:/bin"; } } The createhostinghome function fails on first run every time with the following error: Jul 12 17:14:16 hostname puppetd[3374]: (//nis::client/File[/etc/sysconfig/network]/content) content changed ''{md5}72d98a65b2c24b801e6146823237621b'' to ''unknown checksum''c Jul 12 17:14:17 hostname ypbind: bound to NIS server dns.vmhosted.domainname.com Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind]/ensure) ensure changed ''stopped'' to ''running''e Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind]) Triggering ''refresh'' from 3 dependenciesr Jul 12 17:14:19 hostname ypbind: bound to NIS server dns.vmhosted.domainname.com Jul 12 17:14:19 hostname puppetd[3374]: (//hostinghome/Createhostinghome[someuser]/File[/home/someuser]/ensure) change from absent to directory failed: Could not set directory on ensure: Could not find user someuser at /etc/puppet/modules/hostinghome/manifests/init.pp:66c On the second run the home directories and ownership are set correctly. I''ve played with various require statements as well as before with no success. Any help or suggestions would be appreciated. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
David Schmitt
2010-Jul-14 06:27 UTC
Re: [Puppet Users] Problem with home directories and users from NIS
Hi Matthew, I''ve got no idea what''s happening with NIS there, but here are some tips for improving the rest of your manifest: On 13.07.2010 18:39, Matthew Finlayson wrote:> class hostinghome { > > createhostinghome { > someuser: username => "someuser"; # Of course I actually have a lot > more users. > } > } > > define createhostinghome ( $username ) {You get the "title" as $name for free, so you can remove the $username: define hostinghome() { ... } hostinghome{ [ "user1", "user2", "user3" ]: } Defines define resources, so they should be called like objects, not like actions.> file { > "/home/$username" :When you put a variable in a string, use ${...} to avoid ambiguities with the surroundings: e.g. "blah_$foo_blah" is equivalent to "blah_${foo_blah}", which might not be the intended usage.> ensure => directory, > mode => 755, > owner => "$username",No quotes needed here.> require => [ Service[''ypbind''] ];You can require the whole Class[''nis::client''] here. This reduces your need to track internal changes across modules.> > "/home/$username/.ssh" : > ensure => directory, > require => [ File["/home/$username"] ],The File type automatically requires its parent, so you can drop this require here.> mode => 755, > owner => "$username"; > > "/home/$username/.bashrc" : > ensure => present, > source => "puppet:///modules/hostinghome/bashrc", > require => [ File["/home/$username"] ], > mode => 755, > owner => "$username"; > > "/home/$username/.bash_profile" : > ensure => present, > source => "puppet:///modules/hostinghome/bash_profile", > require => [ File["/home/$username"] ], > mode => 755, > owner => "$username"; > > "/home/$username/.ssh/authorized_keys" : > ensure => present, > source => "puppet:///modules/hostinghome/$username.id_rsa.pub", > require => [ File["/home/$username/.ssh"] ], > mode => 755, > owner => "$username"; > > } > } >> The createhostinghome function fails on first run every time with the > following error: > > Jul 12 17:14:16 hostname puppetd[3374]: > (//nis::client/File[/etc/sysconfig/network]/content) content changed > ''{md5}72d98a65b2c24b801e6146823237621b'' to ''unknown checksum''c > Jul 12 17:14:17 hostname ypbind: bound to NIS server > dns.vmhosted.domainname.com <http://dns.vmhosted.domainname.com> > Jul 12 17:14:18 hostname puppetd[3374]: > (//nis::client/Service[ypbind]/ensure) ensure changed ''stopped'' to > ''running''e > Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind]) > Triggering ''refresh'' from 3 dependenciesr > Jul 12 17:14:19 hostname ypbind: bound to NIS server > dns.vmhosted.domainname.com <http://dns.vmhosted.domainname.com> > Jul 12 17:14:19 hostname puppetd[3374]: > (//hostinghome/Createhostinghome[someuser]/File[/home/someuser]/ensure) > change from absent to directory failed: Could not set directory on > ensure: Could not find user someuser at > /etc/puppet/modules/hostinghome/manifests/init.pp:66c > > On the second run the home directories and ownership are set correctly. > I''ve played with various require statements as well as before with no > success. Any help or suggestions would be appreciated.Since it works on the second run, it might be possible, that puppet pre-loads the users on startup, but I''m not sure. Someone else has any ideas/experiences? Best Regards, David -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Matthew Finlayson
2010-Jul-14 16:09 UTC
Re: [Puppet Users] Problem with home directories and users from NIS
David, thanks a ton for the suggestions. Being the only puppeteer at work doesn''t offer enough code reviews. On Tue, Jul 13, 2010 at 11:27 PM, David Schmitt <david@dasz.at> wrote:> Hi Matthew, > > I''ve got no idea what''s happening with NIS there, but here are some tips > for improving the rest of your manifest: > > > On 13.07.2010 18:39, Matthew Finlayson wrote: > >> class hostinghome { >> >> createhostinghome { >> someuser: username => "someuser"; # Of course I actually have a lot >> more users. >> } >> } >> >> define createhostinghome ( $username ) { >> > > You get the "title" as $name for free, so you can remove the $username: > > define hostinghome() { ... } > > hostinghome{ [ "user1", "user2", "user3" ]: } > > > > Defines define resources, so they should be called like objects, not like > actions. > > > file { >> "/home/$username" : >> > > When you put a variable in a string, use ${...} to avoid ambiguities with > the surroundings: e.g. "blah_$foo_blah" is equivalent to "blah_${foo_blah}", > which might not be the intended usage. > > > ensure => directory, >> mode => 755, >> owner => "$username", >> > > No quotes needed here. > > require => [ Service[''ypbind''] ]; >> > > You can require the whole Class[''nis::client''] here. This reduces your need > to track internal changes across modules. > > > >> "/home/$username/.ssh" : >> ensure => directory, >> require => [ File["/home/$username"] ], >> > > The File type automatically requires its parent, so you can drop this > require here. > > > mode => 755, >> owner => "$username"; >> >> "/home/$username/.bashrc" : >> ensure => present, >> source => "puppet:///modules/hostinghome/bashrc", >> require => [ File["/home/$username"] ], >> mode => 755, >> owner => "$username"; >> >> "/home/$username/.bash_profile" : >> ensure => present, >> source => "puppet:///modules/hostinghome/bash_profile", >> require => [ File["/home/$username"] ], >> mode => 755, >> owner => "$username"; >> >> "/home/$username/.ssh/authorized_keys" : >> ensure => present, >> source => "puppet:///modules/hostinghome/$username.id_rsa.pub", >> require => [ File["/home/$username/.ssh"] ], >> mode => 755, >> owner => "$username"; >> >> } >> } >> >> > The createhostinghome function fails on first run every time with the >> following error: >> >> Jul 12 17:14:16 hostname puppetd[3374]: >> (//nis::client/File[/etc/sysconfig/network]/content) content changed >> ''{md5}72d98a65b2c24b801e6146823237621b'' to ''unknown checksum''c >> Jul 12 17:14:17 hostname ypbind: bound to NIS server >> dns.vmhosted.domainname.com <http://dns.vmhosted.domainname.com> >> >> Jul 12 17:14:18 hostname puppetd[3374]: >> (//nis::client/Service[ypbind]/ensure) ensure changed ''stopped'' to >> ''running''e >> Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind]) >> Triggering ''refresh'' from 3 dependenciesr >> Jul 12 17:14:19 hostname ypbind: bound to NIS server >> dns.vmhosted.domainname.com <http://dns.vmhosted.domainname.com> >> >> Jul 12 17:14:19 hostname puppetd[3374]: >> (//hostinghome/Createhostinghome[someuser]/File[/home/someuser]/ensure) >> change from absent to directory failed: Could not set directory on >> ensure: Could not find user someuser at >> /etc/puppet/modules/hostinghome/manifests/init.pp:66c >> >> On the second run the home directories and ownership are set correctly. >> I''ve played with various require statements as well as before with no >> success. Any help or suggestions would be appreciated. >> > > Since it works on the second run, it might be possible, that puppet > pre-loads the users on startup, but I''m not sure. Someone else has any > ideas/experiences? > > > Best Regards, David > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com<puppet-users%2Bunsubscribe@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.