Here''s what I want to do. I have a lot of machines, various installs of linux. With puppet, I want to be able to get a list of all users. add the .ssh keys for a few ''trusted'' users/ Determine which of those users are not ''admin'' accounts (like ''bin'' or ''gnats'') keep the admin accounts, keep the trusted users, disable login for everyone else. I''ve figured out how to get puppet to add .ssh keys for a few trusted users. Is there a class that will do the rest of the steps? thanks. -dan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Digant C Kasundra
2008-May-19 20:29 UTC
[Puppet Users] Re: I want to control the users on a set of machines
--On Monday, May 19, 2008 12:29:39 AM -0700 dan <dan.holliman@gmail.com> wrote:> Determine which of those users are not ''admin'' accounts (like ''bin'' or > ''gnats'') > keep the admin accounts, keep the trusted users, disable login for > everyone else.Puppet has a different approach to this. It will manage the users on a system and can purge users it doesn''t know about. So, with: resource { user: purge => true } ... Puppet will remove users it doesn''t know about EXCEPT for the admin accounts (users below a certain uid number. I can''t remember the number off hand. The wiki also shows how to select what min uid you want if you want something other than the default). -- Digant C Kasundra <digant@stanford.edu> Technical Lead, ITS Unix Systems and Applications, Stanford University --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
hajducko@gmail.com
2008-May-21 21:07 UTC
[Puppet Users] Re: I want to control the users on a set of machines
It''s 500 It can be controlled via the ''unless_system_user'' option in the resources type -- sh On May 19, 1:29 pm, Digant C Kasundra <dig...@stanford.edu> wrote:> --On Monday, May 19, 2008 12:29:39 AM -0700 dan <dan.holli...@gmail.com> > wrote: > > > Determine which of those users are not ''admin'' accounts (like ''bin'' or > > ''gnats'') > > keep the admin accounts, keep the trusted users, disable login for > > everyone else. > > Puppet has a different approach to this. It will manage the users on a > system and canpurgeusers it doesn''t know about. So, with: > > resource { user:purge=> true } > > ... Puppet will remove users it doesn''t know about EXCEPT for the admin > accounts (users below a certain uid number. I can''t remember the number > off hand. The wiki also shows how to select what min uid you want if you > want something other than the default). > > -- > Digant C Kasundra <dig...@stanford.edu> > Technical Lead, ITS Unix Systems and Applications, Stanford University--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---