I''ve got a module that manages user id''s, ssh-keys, and
passwords. The
passwords are fetched from a text file containing userid and password
hashes, with the terms separated by a space.
My manifest (which seems to work fine, short of the function:
user { $username:
comment => "$email",
home => "/home/$username",
shell => "/bin/bash",
uid => $uid,
password => getpw($username)
}
My function
# getpw.rb
#
module Puppet::Parser::Functions
newfunction(:getpw, :type => :rvalue, :doc => "Given $username,
return
hashed pw") do |args|
username = args[0]
self.interp.newfile("/root/pwhash")
File.open("/root/pwhash").each { |line|
puts line.split('' '')[1] if line =~ /username/
}
end
end
Notes:
pwhash file is readable by puppet, I''ve even tried with the file in a
different location.
The function seems to be loaded correctly in Puppet
irb(main):001:0> require ''puppet''
=> true
irb(main):002:0> require
''/etc/puppet/modules/users/lib/puppet/parser/functions/getpw.rb''
=> true
irb(main):003:0> Puppet::Parser::Functions.function(:getpw)
=> "function_getpw""function_getpw"
The error I get when running from a client:
err: /Stage[main]/snip::Add_user[bag_ppro]/User[bg]/password: change from
$1$qA8nXJHg$fvTThNTyd9jLyzp952fRT0 to false failed: Got a nil value for
should at /etc/puppet/modules/users/manifests/definitions/adduser.pp:12
notice: /Stage[main]/users/users::Add_user[bg]/Group[bg]: Dependency
User[bg] has failures: true
Any suggestions?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
On Jan 7, 9:09 am, bg <greenbr...@gmail.com> wrote:> I''ve got a module that manages user id''s, ssh-keys, and passwords. The > passwords are fetched from a text file containing userid and passwordbg, Not exactly a suggestion for your specific issue but I wanted to make sure you are aware of the generate function. http://docs.puppetlabs.com/references/2.6.3/function.html#generate (that link was just handy but generate predates 2.6.X). I have a similar define for managing users and the password property looks like this password => generate(''/site/bin/grabass.rb'', ''-u'', "$name"), /site/bin/grabass.rb is executed on the puppet master and returns the results to the agent. Regarding your getpw function it just about seems like the getpw function is returning "nil" instead of a crypt string which could be part of the problem. HTH. Deet. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Jan 7, 2011, at 9:09 AM, bg wrote:> I''ve got a module that manages user id''s, ssh-keys, and passwords. The passwords are fetched from a text file containing userid and password hashes, with the terms separated by a space. > > My manifest (which seems to work fine, short of the function: > > user { $username: > comment => "$email", > home => "/home/$username", > shell => "/bin/bash", > uid => $uid, > password => getpw($username) > } > > My function > > # getpw.rb > # > module Puppet::Parser::Functions > newfunction(:getpw, :type => :rvalue, :doc => "Given $username, return hashed pw") do |args| > username = args[0] > self.interp.newfile("/root/pwhash") > File.open("/root/pwhash").each { |line| > puts line.split('' '')[1] if line =~ /username/ > } > end > end > > Notes: > pwhash file is readable by puppet, I''ve even tried with the file in a different location. > The function seems to be loaded correctly in Puppet > > irb(main):001:0> require ''puppet'' > => true > irb(main):002:0> require ''/etc/puppet/modules/users/lib/puppet/parser/functions/getpw.rb'' > => true > irb(main):003:0> Puppet::Parser::Functions.function(:getpw) > => "function_getpw""function_getpw" > > The error I get when running from a client: > err: /Stage[main]/snip::Add_user[bag_ppro]/User[bg]/password: change from $1$qA8nXJHg$fvTThNTyd9jLyzp952fRT0 to false failed: Got a nil value for should at /etc/puppet/modules/users/manifests/definitions/adduser.pp:12 > notice: /Stage[main]/users/users::Add_user[bg]/Group[bg]: Dependency User[bg] has failures: true > > Any suggestions?I don''t know much about ruby, but it looks like you''re printing the value to standard out instead of returning the value like you want to. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks for the suggestion Deet, I got it working with something along those lines, except using a shell script, as my Ruby skills are weak, which led to my initial problems. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
That was my guess, I''m sure I''ll the error in my ways as I become more fluent in Puppet. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.