search for: virt_all_users

Hi all, I''m a new puppet user and I''m running into some weirdness around creating users on solaris. (puppet version 0.23.2) The virt_all_users way of managing users seems pretty reasonable, but I don''t see how to deal with user specific groups with that. I have: class virt_all_users { @user { "seph": ensure => "present", uid => "1001", gid => "100...

...functions/etc to all the servers just fine). However, when I specify the following (see nodes.pp, specifically), it applies firewall/firewall_mail2.pp to mail2 as well as any other server configured as a puppetd client. --- BEGIN templates.pp --- # templates.pp node basenode { include virt_all_users, my_users, dns, sudoers, package_management, base_packages } node default inherits basenode {} --- END templates.pp --- --- BEGIN nodes.pp --- # nodes.pp node ''mail2.clientdomain.com'' inherits baseno...

...ing puppet configs, and I''m seeing an odd behavior in that it is trying to set the groups for the users each time, despite them already being set. The list of groups it is setting for the user contains each group twice, in what seems to be a random order, like this: notice: //default/virt_all_users/User[cmanly]/groups: groups changed ''sysadmin,oracle,feeds,vrtsadm,devel,backup'' to ''backup,devel,oracle,sysadmin,sysadmin,oracle,feeds,vrtsadm ,devel,backup,feeds,vrtsadm'' Any suggestions? I''m not sure even where to begin. This is Solaris 10, BTW....

I''ve spent the last week or two poring over the documentation and setting up my first puppet environment, and while I''ve figured out how to do most of what I want to do with it, I have some questions that I haven''t been able to find answers for... * Can I match parts of a facter fact? In particular I have hostnames that include the environment as part of the

Hi, I have several Debian servers with puppet 0.23.2. Part of my manifest looks like this: class virt_all_users { @group { "andy": ensure => "present", gid => "1000" } @user { "andy": ensure => "present", uid => "1000",...

I would like to write up brief tutorial/documentation on how to manage /etc/passwd using puppet. While this may seem pretty straight forward to some...the documentation is not. We have been able to create a manifest that defines all of our users "virtually" and are able to "realize" users and add them to the system(s) running puppetd. Is there a way to simply realize all users

...tabase systems, with htdocs and mysql primary group set as applicable. The R&D developer is the ''web developer'' for only a few systems, but the web developer team doesn''t work on those systems, so he has a separate userid. Initially, I set out to handle this with the virt_all_users class from the wiki:PuppetBestPractice page and some bits from wiki:Authorized_keysRecipe. I encountered a bug in the realize function (bug id #787, fixed in 0.24.0), and instead rewrote with normal resources in classes only included on the systems where those users were needed. This was ''...

...es with spaces. I know this horribly ugly, but compatibility with windows clients seems to demand groups like "Domain Users" and "Domain Computers", and puppet chokes on them even though the underlying OS handles them at least well enough to allow Samba to work. err: //basenode/virt_all_users/User[testser]/groups: change from test,Domain Users,admin to Domain Users,admin failed: Invalid value Domain Users,admin: Groups must be comma-separated I''ve tried removing the ''verify :groups, "Groups must be comma-separated"'' check; when I do this puppet clai...

Using audit2allow, I was able to create a policy module for selinux: audit2allow -i /var/log/audit/audit.log -M mysqld (creates mysqld.pp and mysqld.te) I want to distribute this to all my puppet clients. I can easily put this file in /etc/selinux/targeted/modules/active/modules But even after reboot, although I can see the module listed: semodule -l ... it doesn''t seem to actually