I''ve got a module that manages user id''s, ssh-keys, and passwords. The passwords are fetched from a text file containing userid and password hashes, with the terms separated by a space. My manifest (which seems to work fine, short of the function: user { $username: comment => "$email", home => "/home/$username", shell => "/bin/bash", uid => $uid, password => getpw($username) } My function # getpw.rb # module Puppet::Parser::Functions newfunction(:getpw, :type => :rvalue, :doc => "Given $username, return hashed pw") do |args| username = args[0] self.interp.newfile("/root/pwhash") File.open("/root/pwhash").each { |line| puts line.split('' '')[1] if line =~ /username/ } end end Notes: pwhash file is readable by puppet, I''ve even tried with the file in a different location. The function seems to be loaded correctly in Puppet irb(main):001:0> require ''puppet'' => true irb(main):002:0> require ''/etc/puppet/modules/users/lib/puppet/parser/functions/getpw.rb'' => true irb(main):003:0> Puppet::Parser::Functions.function(:getpw) => "function_getpw""function_getpw" The error I get when running from a client: err: /Stage[main]/snip::Add_user[bag_ppro]/User[bg]/password: change from $1$qA8nXJHg$fvTThNTyd9jLyzp952fRT0 to false failed: Got a nil value for should at /etc/puppet/modules/users/manifests/definitions/adduser.pp:12 notice: /Stage[main]/users/users::Add_user[bg]/Group[bg]: Dependency User[bg] has failures: true Any suggestions? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Jan 7, 9:09 am, bg <greenbr...@gmail.com> wrote:> I''ve got a module that manages user id''s, ssh-keys, and passwords. The > passwords are fetched from a text file containing userid and passwordbg, Not exactly a suggestion for your specific issue but I wanted to make sure you are aware of the generate function. http://docs.puppetlabs.com/references/2.6.3/function.html#generate (that link was just handy but generate predates 2.6.X). I have a similar define for managing users and the password property looks like this password => generate(''/site/bin/grabass.rb'', ''-u'', "$name"), /site/bin/grabass.rb is executed on the puppet master and returns the results to the agent. Regarding your getpw function it just about seems like the getpw function is returning "nil" instead of a crypt string which could be part of the problem. HTH. Deet. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Jan 7, 2011, at 9:09 AM, bg wrote:> I''ve got a module that manages user id''s, ssh-keys, and passwords. The passwords are fetched from a text file containing userid and password hashes, with the terms separated by a space. > > My manifest (which seems to work fine, short of the function: > > user { $username: > comment => "$email", > home => "/home/$username", > shell => "/bin/bash", > uid => $uid, > password => getpw($username) > } > > My function > > # getpw.rb > # > module Puppet::Parser::Functions > newfunction(:getpw, :type => :rvalue, :doc => "Given $username, return hashed pw") do |args| > username = args[0] > self.interp.newfile("/root/pwhash") > File.open("/root/pwhash").each { |line| > puts line.split('' '')[1] if line =~ /username/ > } > end > end > > Notes: > pwhash file is readable by puppet, I''ve even tried with the file in a different location. > The function seems to be loaded correctly in Puppet > > irb(main):001:0> require ''puppet'' > => true > irb(main):002:0> require ''/etc/puppet/modules/users/lib/puppet/parser/functions/getpw.rb'' > => true > irb(main):003:0> Puppet::Parser::Functions.function(:getpw) > => "function_getpw""function_getpw" > > The error I get when running from a client: > err: /Stage[main]/snip::Add_user[bag_ppro]/User[bg]/password: change from $1$qA8nXJHg$fvTThNTyd9jLyzp952fRT0 to false failed: Got a nil value for should at /etc/puppet/modules/users/manifests/definitions/adduser.pp:12 > notice: /Stage[main]/users/users::Add_user[bg]/Group[bg]: Dependency User[bg] has failures: true > > Any suggestions?I don''t know much about ruby, but it looks like you''re printing the value to standard out instead of returning the value like you want to. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks for the suggestion Deet, I got it working with something along those lines, except using a shell script, as my Ruby skills are weak, which led to my initial problems. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
That was my guess, I''m sure I''ll the error in my ways as I become more fluent in Puppet. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.