Puppet users - May 2011 - cannot create www-data user

hello list!

I am having a little trouble with one of my manifests. in my apache
module I attempt to start the httpd service, but it complains that
www-data is a ''bad user''.

 This is what happens if I attempt to start httpd by hand after the
initial puppet run:

[root@puppet yum.repos.d]# service httpd start
Starting httpd: httpd: bad user name www-data
                                                           [FAILED]


It''s rather confusing because I do have www-date defined in a file
called group.pp

[root@puppet yum.repos.d]# ls -l /etc/puppet/manifests/groups/group.pp
-rw-r--r-- 1 puppet puppet 3453 May 10 15:41
/etc/puppet/manifests/groups/group.pp


Which has the user defined like this:

group {
..
group { ''www-data'':
    ensure => ''present'',
    gid => ''33''
}

..
}

It is included in my site.pp file

# site.pp
import "template"
import "nodes"
import "classes/*"
import "groups/*"
import "users/*"
import "os/*"



And I am sure to include it in a class called centos


class  centos {

 include yumrepos
 include group

..

}

which is itself included in a base class template:


node basenode {

    include sshd
    include centos
}

node default inherits basenode {}
node webserver inherits basenode {
  include apache
}

and this is how the node is defined:


node ''puppet.acadaca.net''  inherits webserver {
}


I define the httpd service in
/etc/puppet/modules/apache/manifests/init.pp this way:

   service { "httpd":
   enable => "true",
   ensure => "running",
   hasrestart => "true",
   hasstatus => "true",
   require =>  [$requires,Group["www-data"]],
   }


This is how the puppet run looks:

[root@puppet yum.repos.d]# puppetd -t
info: Loading facts in mysql
info: Loading facts in configured_ntp_servers
info: Loading facts in mysql
info: Loading facts in configured_ntp_servers
info: Caching catalog for puppet.acadaca.net
info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/c5-media.repo]: File
does not exist
info: /Stage[main]/Apache/Tidy[/etc/httpd/conf.d/ssl.conf]: File does not exist
info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/CentOS.repo]: File
does not exist
info: Applying configuration version ''1305056672''
notice: /Stage[main]/Centos/Exec[import webtatic key]/returns:
executed successfully
notice: /Stage[main]/Centos/Exec[import remi key]/returns: executed successfully
notice: /Stage[main]/Centos/Exec[import dag key]/returns: executed successfully
err: /Stage[main]/Apache/Service[httpd]/ensure: change from stopped to
running failed: Could not start Service[httpd]: Execution of
''/sbin/service httpd start'' returned 1:  at
/etc/puppet/modules/apache/manifests/init.pp:260
notice: Finished catalog run in 3.49 seconds


If I add the www-data user by hand:

[root@puppet yum.repos.d]# useradd www-data -g www-data
Creating mailbox file: File exists
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.

The httpd service starts by hand just fine:

[root@puppet yum.repos.d]# service httpd start
Starting httpd:                                            [  OK  ]

And if I stop the httpd service and let puppet try to start it at this
point..it WORKS!!

[root@puppet yum.repos.d]# puppetd -t
info: Loading facts in mysql
info: Loading facts in configured_ntp_servers
info: Loading facts in mysql
info: Loading facts in configured_ntp_servers
info: Caching catalog for puppet.acadaca.net
info: /Stage[main]/Apache/Tidy[/etc/httpd/conf.d/ssl.conf]: File does not exist
info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/CentOS.repo]: File
does not exist
info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/c5-media.repo]: File
does not exist
info: Applying configuration version ''1305056672''
notice: /Stage[main]/Centos/Exec[import webtatic key]/returns:
executed successfully
notice: /Stage[main]/Centos/Exec[import dag key]/returns: executed successfully
notice: /Stage[main]/Centos/Exec[import remi key]/returns: executed successfully
notice: /Stage[main]/Apache/Service[httpd]/ensure: ensure changed
''stopped'' to ''running''
notice: Finished catalog run in 3.96 seconds


How can I automate the creation of the www-data user so that the
service will start automatically? Thank you for your kind attention to
this issue!

Tim





-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

We use CentOS 5.x and by default httpd runs as the apache user and not
www-data.

HTH

Charles
On Tue, May 10, 2011 at 2:59 PM, Tim Dunphy <bluethundr@gmail.com> wrote:
> hello list!
>
> I am having a little trouble with one of my manifests. in my apache
> module I attempt to start the httpd service, but it complains that
> www-data is a ''bad user''.
>
>  This is what happens if I attempt to start httpd by hand after the
> initial puppet run:
>
> [root@puppet yum.repos.d]# service httpd start
> Starting httpd: httpd: bad user name www-data
>                                                           [FAILED]
>
>
> It''s rather confusing because I do have www-date defined in a file
> called group.pp
>
> [root@puppet yum.repos.d]# ls -l /etc/puppet/manifests/groups/group.pp
> -rw-r--r-- 1 puppet puppet 3453 May 10 15:41
> /etc/puppet/manifests/groups/group.pp
>
>
> Which has the user defined like this:
>
> group {
> ..
> group { ''www-data'':
>    ensure => ''present'',
>    gid => ''33''
> }
>
> ..
> }
>
> It is included in my site.pp file
>
> # site.pp
> import "template"
> import "nodes"
> import "classes/*"
> import "groups/*"
> import "users/*"
> import "os/*"
>
>
>
> And I am sure to include it in a class called centos
>
>
> class  centos {
>
>  include yumrepos
>  include group
>
> ..
>
> }
>
> which is itself included in a base class template:
>
>
> node basenode {
>
>    include sshd
>    include centos
> }
>
> node default inherits basenode {}
> node webserver inherits basenode {
>  include apache
> }
>
> and this is how the node is defined:
>
>
> node ''puppet.acadaca.net''  inherits webserver {
> }
>
>
> I define the httpd service in
> /etc/puppet/modules/apache/manifests/init.pp this way:
>
>   service { "httpd":
>   enable => "true",
>   ensure => "running",
>   hasrestart => "true",
>   hasstatus => "true",
>   require =>  [$requires,Group["www-data"]],
>   }
>
>
> This is how the puppet run looks:
>
> [root@puppet yum.repos.d]# puppetd -t
> info: Loading facts in mysql
> info: Loading facts in configured_ntp_servers
> info: Loading facts in mysql
> info: Loading facts in configured_ntp_servers
> info: Caching catalog for puppet.acadaca.net
> info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/c5-media.repo]: File
> does not exist
> info: /Stage[main]/Apache/Tidy[/etc/httpd/conf.d/ssl.conf]: File does not
> exist
> info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/CentOS.repo]: File
> does not exist
> info: Applying configuration version ''1305056672''
> notice: /Stage[main]/Centos/Exec[import webtatic key]/returns:
> executed successfully
> notice: /Stage[main]/Centos/Exec[import remi key]/returns: executed
> successfully
> notice: /Stage[main]/Centos/Exec[import dag key]/returns: executed
> successfully
> err: /Stage[main]/Apache/Service[httpd]/ensure: change from stopped to
> running failed: Could not start Service[httpd]: Execution of
> ''/sbin/service httpd start'' returned 1:  at
> /etc/puppet/modules/apache/manifests/init.pp:260
> notice: Finished catalog run in 3.49 seconds
>
>
> If I add the www-data user by hand:
>
> [root@puppet yum.repos.d]# useradd www-data -g www-data
> Creating mailbox file: File exists
> useradd: warning: the home directory already exists.
> Not copying any file from skel directory into it.
>
> The httpd service starts by hand just fine:
>
> [root@puppet yum.repos.d]# service httpd start
> Starting httpd:                                            [  OK  ]
>
> And if I stop the httpd service and let puppet try to start it at this
> point..it WORKS!!
>
> [root@puppet yum.repos.d]# puppetd -t
> info: Loading facts in mysql
> info: Loading facts in configured_ntp_servers
> info: Loading facts in mysql
> info: Loading facts in configured_ntp_servers
> info: Caching catalog for puppet.acadaca.net
> info: /Stage[main]/Apache/Tidy[/etc/httpd/conf.d/ssl.conf]: File does not
> exist
> info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/CentOS.repo]: File
> does not exist
> info: /Stage[main]/Centos/Tidy[/etc/yum.repos.d/c5-media.repo]: File
> does not exist
> info: Applying configuration version ''1305056672''
> notice: /Stage[main]/Centos/Exec[import webtatic key]/returns:
> executed successfully
> notice: /Stage[main]/Centos/Exec[import dag key]/returns: executed
> successfully
> notice: /Stage[main]/Centos/Exec[import remi key]/returns: executed
> successfully
> notice: /Stage[main]/Apache/Service[httpd]/ensure: ensure changed
> ''stopped'' to ''running''
> notice: Finished catalog run in 3.96 seconds
>
>
> How can I automate the creation of the www-data user so that the
> service will start automatically? Thank you for your kind attention to
> this issue!
>
> Tim
>
>
>
>
>
> --
> GPG me!!
>
> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

> It''s rather confusing because I do have www-date defined in a file
> called group.pp
> 
> Which has the user defined like this:
> 
> group { ''www-data'':
>     ensure => ''present'',
>     gid => ''33''
> }
I don''t see that you have a user resource for the www-data user. What
you''ve defined above is a group resource. It''s common to have
a group
and a user by the same name, but they aren''t the same thing: on most
unix OSes, groups are configured in /etc/group, and users in
/etc/passwd.

When you run useradd manually, you are creating the user. If you write a
user resource in your manifest, like

user { ''www-data'': ensure => present, uid => 48, gid
=> ''www-data'' }

that would also create the user. You''d also want your service resource
to require User[''www-data''] as well as
Group[''www-data''].

Charles Johnson sez:
> We use CentOS 5.x and by default httpd runs as the apache user and not
> www-data.
I believe the www-data user is common in Debian and derivatives (eg
Ubuntu). - Ah, I see the references to CentOS in the manifest. *shrug* 

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.