Hi, currently we''re confused and quite unhappy with the Puppet user management. It is possible to create users, make sure they''re present and so on. But: if you''d like to delete an user completely this seems not be possible. Setting the directive "ensure" to "absent" deletes the user from /etc/passwd/shadow/group - but the $HOME directory still exists. What is wrong here? Regards, Michael -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Christopher Wood
2011-Sep-08 15:18 UTC
Re: [Puppet Users] deleting users / purge their homedir
On Thu, Sep 08, 2011 at 04:48:09AM -0700, michaelkrieg wrote:> Hi, > > currently we''re confused and quite unhappy with the Puppet user > management. It is possible to create users, make sure they''re present > and so on. But: if you''d like to delete an user completely this seems > not be possible. Setting the directive "ensure" to "absent" deletes > the user from /etc/passwd/shadow/group - but the $HOME directory still > exists. > > What is wrong here?Have you tried to use managehome => true when you set ensure => absent? http://docs.puppetlabs.com/references/stable/type.html#user-3 (Also check that your provider supports homedir management?)> Regards, > Michael > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
The user resource won''t clean up home directories directories for you. In fact there was a feature request to rename the attribute for this very reason: http://projects.puppetlabs.com/issues/7002 It was originally pegged in the original managehome feature request many years back but never made it in: http://projects.puppetlabs.com/issues/432 I''d raise a ticket on it if you feel its important. For now, you can always manage the home directory yourself. Its not uncommon for users to create their own user management defined resource that wraps user (and other site specific user bits). This resource would also manage the home directory using a file resource and therefore allow removal. Of course this is purely a work-around but probably worth mentioning in any ticket that is raised. ken. On Thu, Sep 8, 2011 at 4:18 PM, Christopher Wood <christopher_wood@pobox.com> wrote:> On Thu, Sep 08, 2011 at 04:48:09AM -0700, michaelkrieg wrote: >> Hi, >> >> currently we''re confused and quite unhappy with the Puppet user >> management. It is possible to create users, make sure they''re present >> and so on. But: if you''d like to delete an user completely this seems >> not be possible. Setting the directive "ensure" to "absent" deletes >> the user from /etc/passwd/shadow/group - but the $HOME directory still >> exists. >> >> What is wrong here? > > Have you tried to use managehome => true when you set ensure => absent? > > http://docs.puppetlabs.com/references/stable/type.html#user-3 > > (Also check that your provider supports homedir management?) > >> Regards, >> Michael >> >> -- >> You received this message because you are subscribed to the Google Groups "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. >> >> > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > >-- "Join us for PuppetConf, September 22nd and 23rd in Portland, OR: http://bit.ly/puppetconfsig" -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Christopher Wood
2011-Sep-08 15:35 UTC
Re: [Puppet Users] deleting users / purge their homedir
On Thu, Sep 08, 2011 at 04:31:38PM +0100, Ken Barber wrote:> The user resource won''t clean up home directories directories for you. > In fact there was a feature request to rename the attribute for this > very reason: > > http://projects.puppetlabs.com/issues/7002 > > It was originally pegged in the original managehome feature request > many years back but never made it in: > > http://projects.puppetlabs.com/issues/432 > > I''d raise a ticket on it if you feel its important.After a few career trips to backups because somebody accidentally purged a userid, I will never use automatic home directory purging in anything I set up. If anybody else wants to open that particular chainsaw-juggling ticket, that is their issue and not mine. Thank you, though. ;)> For now, you can always manage the home directory yourself. Its not > uncommon for users to create their own user management defined > resource that wraps user (and other site specific user bits). This > resource would also manage the home directory using a file resource > and therefore allow removal. > > Of course this is purely a work-around but probably worth mentioning > in any ticket that is raised. > > ken. > > On Thu, Sep 8, 2011 at 4:18 PM, Christopher Wood > <christopher_wood@pobox.com> wrote: > > On Thu, Sep 08, 2011 at 04:48:09AM -0700, michaelkrieg wrote: > >> Hi, > >> > >> currently we''re confused and quite unhappy with the Puppet user > >> management. It is possible to create users, make sure they''re present > >> and so on. But: if you''d like to delete an user completely this seems > >> not be possible. Setting the directive "ensure" to "absent" deletes > >> the user from /etc/passwd/shadow/group - but the $HOME directory still > >> exists. > >> > >> What is wrong here? > > > > Have you tried to use managehome => true when you set ensure => absent? > > > > http://docs.puppetlabs.com/references/stable/type.html#user-3 > > > > (Also check that your provider supports homedir management?) > > > >> Regards, > >> Michael > >> > >> -- > >> You received this message because you are subscribed to the Google Groups "Puppet Users" group. > >> To post to this group, send email to puppet-users@googlegroups.com. > >> To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > >> For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > >> > >> > > > > -- > > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > > > > > > > > -- > "Join us for PuppetConf, September 22nd and 23rd in Portland, OR: > http://bit.ly/puppetconfsig" > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.