Hi,
I''m trying to add a user to a group. I''ve added the groups I
would like
the user to appear in using the groups attribute:
@users::virtual::localuser { "myuser":
uid => "3000",
groups => [ "sudo", "adm", "mygroup",
],
sshkey => "AAAA",
}
I''ve defined localuser as:
class users::virtual {
define localuser ($uid, $groups=[], $sshkey="") {
user { $title:
ensure => "present",
uid => $uid,
gid => "users",
groups => $groups,
shell => "/bin/bash",
home => "/home/$title",
comment => $realname,
managehome => true,
}
ssh_authorized_key { $title:
ensure => "present",
type => "ssh-rsa",
key => "$sshkey",
user => "$title",
require => User["$title"],
name => "$title",
}
}
}
It seems to work for creating a new user, but if I add a new group the user
is not added to that group. I can see that "mygroup" already exists
on the
machine:
$ grep mygroup /etc/group
mygroup:x:200:
Any ideas what I might be doing wrong? I''m running Puppet 2.7.11 on
Ubuntu
12.04.
Thanks,
Ben
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/Y6cfteHqg8UJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
If I remove the virtualization aspect then it works. Any idea why that might stop the groups from being applied? On Thursday, October 25, 2012 1:01:08 PM UTC-7, Ben McCann wrote:> > Hi, > > I''m trying to add a user to a group. I''ve added the groups I would like > the user to appear in using the groups attribute: > > @users::virtual::localuser { "myuser": > uid => "3000", > groups => [ "sudo", "adm", "mygroup", ], > sshkey => "AAAA", > } > > I''ve defined localuser as: > > class users::virtual { > > define localuser ($uid, $groups=[], $sshkey="") { > user { $title: > ensure => "present", > uid => $uid, > gid => "users", > groups => $groups, > shell => "/bin/bash", > home => "/home/$title", > comment => $realname, > managehome => true, > } > > ssh_authorized_key { $title: > ensure => "present", > type => "ssh-rsa", > key => "$sshkey", > user => "$title", > require => User["$title"], > name => "$title", > } > } > > } > > > It seems to work for creating a new user, but if I add a new group the > user is not added to that group. I can see that "mygroup" already exists > on the machine: > $ grep mygroup /etc/group > mygroup:x:200: > > Any ideas what I might be doing wrong? I''m running Puppet 2.7.11 on > Ubuntu 12.04. > > Thanks, > Ben > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/bVYPcqDPzdQJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On Thu, Oct 25, 2012 at 4:23 PM, Ben McCann <benjamin.j.mccann@gmail.com>wrote:> If I remove the virtualization aspect then it works. Any idea why that > might stop the groups from being applied?When you mark the resource as virtual, are you also realizing it somewhere else in your manifests? Without realizing a virtual or an exported resource it will never be added to the configuration catalog. -Jeff -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Yes, I am realizing it:
Users::Virtual::Localuser <| gid == users |>
If I go onto the host and delete the user (sudo userdel myuser) then puppet
will create a new user and that user will be a member of all the groups I
desire:
notice:
/Stage[main]/Users/Users::Virtual::Localuser[myuser]/User[myuser]/ensure:
created
notice: Finished catalog run in 0.43 second
However, if I delete the user from the group (sudo gpasswd -d myuser
mygroup) and rerun then puppet does not re-add the group membership:
notice: Finished catalog run in 0.34 seconds
This seems like a bug in puppet perhaps?
Thanks,
Ben
On Thu, Oct 25, 2012 at 4:26 PM, Jeff McCune <jeff@puppetlabs.com> wrote:
> On Thu, Oct 25, 2012 at 4:23 PM, Ben McCann
<benjamin.j.mccann@gmail.com>wrote:
>
>> If I remove the virtualization aspect then it works. Any idea why that
>> might stop the groups from being applied?
>
>
> When you mark the resource as virtual, are you also realizing it somewhere
> else in your manifests? Without realizing a virtual or an exported
> resource it will never be added to the configuration catalog.
>
> -Jeff
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
about.me/benmccann
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
On Thu, Oct 25, 2012 at 4:34 PM, Ben McCann <ben@benmccann.com> wrote:> Yes, I am realizing it: > Users::Virtual::Localuser <| gid == users |> > > If I go onto the host and delete the user (sudo userdel myuser) then > puppet will create a new user and that user will be a member of all the > groups I desire: > notice: > /Stage[main]/Users/Users::Virtual::Localuser[myuser]/User[myuser]/ensure: > created > notice: Finished catalog run in 0.43 second > > However, if I delete the user from the group (sudo gpasswd -d myuser > mygroup) and rerun then puppet does not re-add the group membership: > notice: Finished catalog run in 0.34 seconds > > This seems like a bug in puppet perhaps? >That does seem like a bug. Could you please file it at http://projects.puppetlabs.com/projects/puppet ? -Jeff -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Stefan Schulte
2012-Oct-25 23:59 UTC
Re: [Puppet Users] Re: Trouble adding a user to a group
On Thu, Oct 25, 2012 at 04:34:26PM -0700, Ben McCann wrote:> Yes, I am realizing it: > Users::Virtual::Localuser <| gid == users |> > > If I go onto the host and delete the user (sudo userdel myuser) then puppet > will create a new user and that user will be a member of all the groups I > desire: > notice: > /Stage[main]/Users/Users::Virtual::Localuser[myuser]/User[myuser]/ensure: > created > notice: Finished catalog run in 0.43 second > > However, if I delete the user from the group (sudo gpasswd -d myuser > mygroup) and rerun then puppet does not re-add the group membership: > notice: Finished catalog run in 0.34 seconds > > This seems like a bug in puppet perhaps? > > Thanks, > BenAre you sure you have not defined the user resource a second time in another location? Because Users::Virtual::Localuser <| gid == users |> will realize nothing because your localuser define does not have a gid parameter (the user resource inside the define does, but that does not matter here). -Stefan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
That''s not it. I changed it to Users::Virtual::Localuser <| |> and the problem is still happening. On Thu, Oct 25, 2012 at 4:59 PM, Stefan Schulte < stefan.schulte@taunusstein.net> wrote:> On Thu, Oct 25, 2012 at 04:34:26PM -0700, Ben McCann wrote: > > Yes, I am realizing it: > > Users::Virtual::Localuser <| gid == users |> > > > > If I go onto the host and delete the user (sudo userdel myuser) then > puppet > > will create a new user and that user will be a member of all the groups I > > desire: > > notice: > > /Stage[main]/Users/Users::Virtual::Localuser[myuser]/User[myuser]/ensure: > > created > > notice: Finished catalog run in 0.43 second > > > > However, if I delete the user from the group (sudo gpasswd -d myuser > > mygroup) and rerun then puppet does not re-add the group membership: > > notice: Finished catalog run in 0.34 seconds > > > > This seems like a bug in puppet perhaps? > > > > Thanks, > > Ben > > Are you sure you have not defined the user resource a second time in > another location? Because > > Users::Virtual::Localuser <| gid == users |> > > will realize nothing because your localuser define does not have a gid > parameter (the user resource inside the define does, but that does not > matter here). > > -Stefan > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- about.me/benmccann -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Definitely seems like a bug. I added the Puppet Ubuntu repo and upgraded to puppet 3.0.1 and it works now. I''m not going to bother filing it since it seems like it''s since been fixed. On Thursday, October 25, 2012 5:01:11 PM UTC-7, Ben McCann wrote:> > That''s not it. I changed it to Users::Virtual::Localuser <| |> and the > problem is still happening. > > > On Thu, Oct 25, 2012 at 4:59 PM, Stefan Schulte < > stefan.schulte@taunusstein.net> wrote: > >> On Thu, Oct 25, 2012 at 04:34:26PM -0700, Ben McCann wrote: >> > Yes, I am realizing it: >> > Users::Virtual::Localuser <| gid == users |> >> > >> > If I go onto the host and delete the user (sudo userdel myuser) then >> puppet >> > will create a new user and that user will be a member of all the groups >> I >> > desire: >> > notice: >> > >> /Stage[main]/Users/Users::Virtual::Localuser[myuser]/User[myuser]/ensure: >> > created >> > notice: Finished catalog run in 0.43 second >> > >> > However, if I delete the user from the group (sudo gpasswd -d myuser >> > mygroup) and rerun then puppet does not re-add the group membership: >> > notice: Finished catalog run in 0.34 seconds >> > >> > This seems like a bug in puppet perhaps? >> > >> > Thanks, >> > Ben >> >> Are you sure you have not defined the user resource a second time in >> another location? Because >> >> Users::Virtual::Localuser <| gid == users |> >> >> will realize nothing because your localuser define does not have a gid >> parameter (the user resource inside the define does, but that does not >> matter here). >> >> -Stefan >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > > > -- > about.me/benmccann >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/Ud80yc5cxMgJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Stefan Schulte
2012-Oct-26 18:34 UTC
Re: [Puppet Users] Re: Trouble adding a user to a group
On Thu, Oct 25, 2012 at 05:11:34PM -0700, Ben McCann wrote:> Definitely seems like a bug. I added the Puppet Ubuntu repo and upgraded > to puppet 3.0.1 and it works now. I''m not going to bother filing it since > it seems like it''s since been fixed. > >One question though: Do any of the groups you want to assign have the same gid? -Stefan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Nope, all groups have different gids. On Fri, Oct 26, 2012 at 11:34 AM, Stefan Schulte < stefan.schulte@taunusstein.net> wrote:> On Thu, Oct 25, 2012 at 05:11:34PM -0700, Ben McCann wrote: > > Definitely seems like a bug. I added the Puppet Ubuntu repo and upgraded > > to puppet 3.0.1 and it works now. I''m not going to bother filing it > since > > it seems like it''s since been fixed. > > > > > > One question though: Do any of the groups you want to assign have the > same gid? > > -Stefan > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- about.me/benmccann -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.