Puppet users - Sep 2011 - run puppet service type with specific user

Hi,

is it possible to use the service resource type with a specific user ?
So that the service is started with that given user instead of the puppet 
user starting it...

Thanks.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/u6nkVpFJ_kcJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

----- Original Message -----
> Hi,
> 
> 
> is it possible to use the service resource type with a specific user
> ?
> So that the service is started with that given user instead of the
> puppet user starting it...
puppet runs as root, your rc script should do the right thing and run
the service as the right user

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Thanks for the reply.

I modified the rc script to run as a user.
But now I''m facing the following problem:
I have to include some nasty puppet code for adding the service before i can 
use the service resource type.
And the service resource type returns ok, but the service is in fact not 
started.
When i do it manually, it requires a password for that user.
So, I tried to manage the user with puppet and provided a password, but get 
the message:
Provider useradd does not support features manages_passwords; not managing 
attribute password 
I know this is a problem with Puppet and CentOS, but I have ruby-shadow and 
shadow-utils installed on my CentOS 6.0 VM.

I also don''t know if this is going to help with starting the service.
I want to use the service type to start the service with a specific user, 
but without asking for a password.

Any help would be appreciated.

Regards.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/9sm5V3MccfoJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

----- Original Message -----
> Thanks for the reply.
> 
> 
> I modified the rc script to run as a user.
> But now I''m facing the following problem:
> I have to include some nasty puppet code for adding the service
> before i can use the service resource type.
> And the service resource type returns ok, but the service is in fact
> not started.
> When i do it manually, it requires a password for that user.
> So, I tried to manage the user with puppet and provided a password,
> but get the message:
> Provider useradd does not support features manages_passwords; not
> managing attribute password
> I know this is a problem with Puppet and CentOS, but I have
> ruby-shadow and shadow-utils installed on my CentOS 6.0 VM.
> 
> 
> I also don''t know if this is going to help with starting the
service.
> I want to use the service type to start the service with a specific
> user, but without asking for a password.
you should use su in your script to switch users to the one the service
should run as.

consider what will happen when your server starts up? the rc script runs
and then what? ask you for a password? thats not good.

the rc script has to do what it should without interaction, its not a puppet
problem.

all you should need to do is copy the working rc script into the init.d dir
and use the service resource to enable it and ensure its running.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

On Sat, Sep 24, 2011 at 04:02:22PM +0100, R.I.Pienaar
wrote:
> 
> 
> ----- Original Message -----
> > Thanks for the reply.
> > 
> > 
> > I modified the rc script to run as a user.
> > But now I''m facing the following problem:
> > I have to include some nasty puppet code for adding the service
> > before i can use the service resource type.
> > And the service resource type returns ok, but the service is in fact
> > not started.
> > When i do it manually, it requires a password for that user.
> > So, I tried to manage the user with puppet and provided a password,
> > but get the message:
> > Provider useradd does not support features manages_passwords; not
> > managing attribute password
> > I know this is a problem with Puppet and CentOS, but I have
> > ruby-shadow and shadow-utils installed on my CentOS 6.0 VM.
> > 
> > 
> > I also don''t know if this is going to help with starting the
service.
> > I want to use the service type to start the service with a specific
> > user, but without asking for a password.
> 
> you should use su in your script to switch users to the one the service
> should run as.
Actually, runuser is better than su for use in init scripts.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Take a look at
http://www.yolinux.com/TUTORIALS/LinuxTutorialInitProcess.html

I forget exactly the usage of the daemon but you need to include the
functions, which is shown at the init script example. If you read that
functions file it will give you an idea of how to use it to start up a
service and have it run as a different user.

On Sat, Sep 24, 2011 at 7:31 AM, Dieter De Meyer
<dieterdemeyer@gmail.com>wrote:
> Thanks for the reply.
>
> I modified the rc script to run as a user.
> But now I''m facing the following problem:
> I have to include some nasty puppet code for adding the service before i
> can use the service resource type.
> And the service resource type returns ok, but the service is in fact not
> started.
> When i do it manually, it requires a password for that user.
> So, I tried to manage the user with puppet and provided a password, but get
> the message:
> Provider useradd does not support features manages_passwords; not managing
> attribute password
> I know this is a problem with Puppet and CentOS, but I have ruby-shadow and
> shadow-utils installed on my CentOS 6.0 VM.
>
> I also don''t know if this is going to help with starting the
service.
> I want to use the service type to start the service with a specific user,
> but without asking for a password.
>
> Any help would be appreciated.
>
> Regards.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/9sm5V3MccfoJ.
>
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Thank you all for the replies.
I will certainly look into it..

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/4uAfGv7esQsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.