Hi all, I''m using "users/group" type for user/group creation. But how to remove user secondary groups? Is delete / recreate the only solution? Cheers, Arnau --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Nov 17, 2008, at 6:12 AM, Arnau Bria wrote:> > Hi all, > > I''m using "users/group" type for user/group creation. > > But how to remove user secondary groups? > > Is delete / recreate the only solution?What do you mean? Just specify the list of groups you want the user to have, then set ''membership'' to ''inclusive''. This will set the user up so it''s only in specified groups. Is that what you wanted? -- There is nothing worse than aggressive stupidity. -- Johann Wolfgang von Goethe --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Mon, 17 Nov 2008 17:24:27 -0600 Luke Kanies wrote: Hi Luke,> > Is delete / recreate the only solution? > > What do you mean?# id arnaubria uid=63003(arnaubria) gid=31401(grid) groups=31401(grid) user { "arnaubria": ensure => present, gid => "31401", home => "/nfs/pic.es/user/a/arnaubria", name => arnaubria, provider => useradd, uid => "63003", } Now I add: groups => [ "paco" ] # id arnaubria uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco) Which is correct. Now I remove groups "paco", so my user will belong to only grid group again: # id arnaubria uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco) Wrong. So, do I have to delete my user and recreate again?? TIA, Arnau --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
You''ll want to use the membership parameter to achieve this, check the type ref. Regards, Aj On 18/11/2008, at 9:57 PM, Arnau Bria <arnaubria@pic.es> wrote:> > On Mon, 17 Nov 2008 17:24:27 -0600 > Luke Kanies wrote: > Hi Luke, > >>> Is delete / recreate the only solution? >> >> What do you mean? > > # id arnaubria > uid=63003(arnaubria) gid=31401(grid) groups=31401(grid) > user { "arnaubria": > ensure => present, > gid => "31401", > home => "/nfs/pic.es/user/a/arnaubria", > name => arnaubria, > provider => useradd, > uid => "63003", > } > > Now I add: > groups => [ "paco" ] > > # id arnaubria > uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco) > > Which is correct. > > Now I remove groups "paco", so my user will belong to only grid group > again: > > # id arnaubria > uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco) > > Wrong. > > So, do I have to delete my user and recreate again?? > > > TIA, > Arnau > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, 19 Nov 2008 00:27:24 +1300 Aj Aj wrote:> > You''ll want to use the membership parameter to achieve this, check > the type ref.I''ve done. But I don''t know how membership could help me I''ve tried with both values: inclusive, minimum. user { "arnaubria": ensure => present, gid => "31401", home => "/nfs/pic.es/user/a/arnaubria", name => arnaubria, provider => useradd, uid => "63003", membership => minimum, groups => [ "paco" ], } then I change to: user { "arnaubria": ensure => present, gid => "31401", home => "/nfs/pic.es/user/a/arnaubria", name => arnaubria, provider => useradd, uid => "63003", membership => minimum, } My user still belongs to 2 groups: id arnaubria uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco) I''d like to remove seoncdary group paco. *I''ve tried membership => inclusive too.> Regards, > > AjCheers, Arnau --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
I tried it on a whim and I had to have the groups option set for the user
even if I didn''t want him to belong to groups beyond his primary group.
So I
did something like this.
user { "arnaubria":
ensure => present,
gid => "31401",
home => "/nfs/pic.es/user/a/arnaubria",
name => arnaubria,
provider => useradd,
uid => "63003",
groups => "",
membership => minimum,
groups => [ "paco" ],
}
adding the groups => "" caused puppet to remove my user from all
groups
other than the one specified in gid.
Hope that helps,
--dn
On Tue, Nov 18, 2008 at 6:08 AM, Arnau Bria <arnaubria@pic.es> wrote:
>
> On Wed, 19 Nov 2008 00:27:24 +1300
> Aj Aj wrote:
>
> >
> > You''ll want to use the membership parameter to achieve this,
check
> > the type ref.
> I''ve done. But I don''t know how membership could help me
>
> I''ve tried with both values: inclusive, minimum.
>
> user { "arnaubria":
> ensure => present,
> gid => "31401",
> home => "/nfs/pic.es/user/a/arnaubria",
> name => arnaubria,
> provider => useradd,
> uid => "63003",
> membership => minimum,
> groups => [ "paco" ],
> }
>
> then I change to:
> user { "arnaubria":
> ensure => present,
> gid => "31401",
> home => "/nfs/pic.es/user/a/arnaubria",
> name => arnaubria,
> provider => useradd,
> uid => "63003",
> membership => minimum,
> }
>
>
> My user still belongs to 2 groups:
> id arnaubria
> uid=63003(arnaubria) gid=31401(grid) groups=31401(grid),502(paco)
>
> I''d like to remove seoncdary group paco.
>
>
> *I''ve tried membership => inclusive too.
>
> > Regards,
> >
> > Aj
> Cheers,
> Arnau
>
> >
>
--
--dn
http://www.cordump.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---