In our environment, we have a non standard /etc/skel directory. The content of that directory is managed via puppet. How do I guarantee, that the content of that directory is on the system before a user is created. Do I need a require attribute on every user creation statement in every puppet module we have? Does someone know an easier way? BR, Rene --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Rene wrote:> In our environment, we have a non standard /etc/skel directory. The > content of that directory is managed via puppet. How do I guarantee, > that the content of that directory is on the system before a user is > created. Do I need a require attribute on every user creation > statement in every puppet module we have? Does someone know an > easier way?You could use a resource default to add that requirement to user resources: User { require => File[''/etc/skel''] } -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ After one look at this planet any visitor from outer space would say "I want to see the manager." -- William S. Burroughs
An alternate, non Puppet method is to add a pam_mkhomedir module to /etc/pam.d/system-auth (on a RedHat machine at least) by including the following line:- session required /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel umask=0022 This has the effect of creating a homedir if one does not exist and pulling in the contents of /etc/skel Cheers Paul 2009/6/10 Todd Zullinger <tmz@pobox.com>> Rene wrote: > > In our environment, we have a non standard /etc/skel directory. The > > content of that directory is managed via puppet. How do I guarantee, > > that the content of that directory is on the system before a user is > > created. Do I need a require attribute on every user creation > > statement in every puppet module we have? Does someone know an > > easier way? > > You could use a resource default to add that requirement to user > resources: > > User { > require => File[''/etc/skel''] > } > > -- > Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp<http://www.pobox.com/%7Etmz/pgp> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > After one look at this planet any visitor from outer space would say > "I want to see the manager." > -- William S. Burroughs > >-- Paul Matthews ---------------------------------------------------------------------- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, Jun 10, 2009 at 12:08 PM, paul matthews < paulsmatthews@googlemail.com> wrote:> An alternate, non Puppet method is to add a pam_mkhomedir module to > /etc/pam.d/system-auth (on a RedHat machine at least) by including the > following line:- > > session required /lib/security/$ISA/pam_mkhomedir.so > skel=/etc/skel umask=0022 > > This has the effect of creating a homedir if one does not exist and pulling > in the contents of /etc/skel > > Cheers > Paul > > That''s what I did for our linux machines. They all authenticate with ldap,and when somebody logs into a machine for the first time, it will create the home dir. Very easy solution. -lsd --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Very nice solution. Thanks a lot. BR Rene On Jun 10, 6:08 pm, paul matthews <paulsmatth...@googlemail.com> wrote:> An alternate, non Puppet method is to add a pam_mkhomedir module to > /etc/pam.d/system-auth (on a RedHat machine at least) by including the > following line:- > > session required /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel > umask=0022 > > This has the effect of creating a homedir if one does not exist and pulling > in the contents of /etc/skel > > Cheers > Paul > > 2009/6/10 Todd Zullinger <t...@pobox.com> > > > > > Rene wrote: > > > In our environment, we have a non standard /etc/skel directory. The > > > content of that directory is managed via puppet. How do I guarantee, > > > that the content of that directory is on the system before a user is > > > created. Do I need a require attribute on every user creation > > > statement in every puppet module we have? Does someone know an > > > easier way? > > > You could use a resource default to add that requirement to user > > resources: > > > User { > > require => File[''/etc/skel''] > > } > > > -- > > Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL:www.pobox.com/~tmz/pgp<http://www.pobox.com/%7Etmz/pgp> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > After one look at this planet any visitor from outer space would say > > "I want to see the manager." > > -- William S. Burroughs > > -- > Paul Matthews > ------------------------------------------------------------------------~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---