similar to: User's and managing expired passwords

Hi how do I tell with user type to use userdel with -r short of using exec type? i have a user account called `foo'' so i created a test puppet file local to the system called test.pp # cat test.pp user {"foo": ensure => absent, managehome => true, } when I apply it on solaris or linux the userdel does not use the `-r'' switch

hi, all Its a very common use-case to set common password for user/s on all nodes, i like to know if there is any Type or Function or Recipe available in puppet which support this case? I have tried following approach but it didn''t worked; I am reading the password (md5 hash) stored in a file called "/myuserpwd.file" Approach 1: ----------------- $password =

So I have been trying to run puppet once in my kickstart %post scripts but every time it detaches and daemonizes even though I have explicitly stated otherwise. Am I missing something? # rpm -q puppet puppet-0.24.8-1 # /usr/sbin/puppetd --onetime --no-daemonize --verbose --debug debug: Creating default schedules debug: Failed to load library ''shadow'' for feature

I am experiencing a curious event, and wondering if others have seen this... As well, I have a question related to it. Today, I noticed my puppet summary report from Foreman this morning, that 60 of my 160 hosts all stopped reporting at nearly the exact same time, and have not since restarted. Investigating, it appears that my puppetmaster temporarily ran out of disk space on the /var

I thought I''d put this out there for anyone to save anyone who''s running 0.22.4 on AMD64 hosts a whole world of hurt. Basically, the libshadow-ruby1.8 package that Puppet (as of 0.22.4) relies on is broken for AMD64 in both Debian (Sarge+) and Ubuntu (all releases). The problem is basically just some non-portable code. I''ve reported the bug into Debian with a patch, so

user {''username'': uid => 501, gid => ''staff'', comment => ''comment'', ensure => present, home => ''/Users/sysop'', shell =>

Hi Damien, I noticed you merged a couple of ifdefs in the fix for bug #442. The cvs comment says "Fix Bug #442 for PAM case". The code is now roughly: #if !defined(USE_PAM) && defined(HAVE_SHADOW_H) && \ !defined(DISABLE_SHADOW) && defined(HAS_SHADOW_EXPIRE) spw = getspnam(pw->pw_name); passwd = spw->sp_pwdp; #else passwd =

Hi! I''m trying to set password for a user. I do the following: user { "username": password => ''*'', } And when I run puppet agent nothing happens. The password remains the same. But if I create a new user which doesn''t exist yet, the password is set without any problems. Is this a normal behaviour of ''user'' type? --

[root]# /etc/init.d/puppet once -v {irrelevant output skipped} err: Could not retrieve configuration: Invalid parameter ''"password"'' for type ''user'' at /etc/puppet/manifests/classes/serverAdminAuth.pp:42 puppet-0.22.4-1.el5.rf (rpm) RHEL 5 i386 # snippet from serverAdminAuth.pp User { ensure => present,

I see in the changelog that: You now must specify an environment and you are required to specify the valid environments for your site. (#911) Does this mean that the puppetmaster has to be updated before clients work correctly? I ask because I''m testing out a client upgrade to 0.24.0 (server is still 0.23.2) and this is what I''m seeing: [~]% sudo /foo/bin/puppetd

Trying to fire up Puppet 0.24.7 on an Ubuntu 6.06 x64 machine (yes, I know it''s obsolete, but we have a pile of machines), I get this failure: ---------------------------- # /etc/init.d/puppet start * Starting puppet configuration management tool /usr/lib/ruby/1.8/x86_64-linux/shadow.so: [BUG] Segmentation fault ruby 1.8.4 (2005-12-24) [x86_64-linux] /etc/init.d/puppet: line 35:

I'm looking at the password aging and account lock checks in auth.c:allowed_user(), and specifically their behaviour on HP-UX. First, should this code be ifdef'd away if we're using PAM? Next: /* Check account expiry */ if ((spw->sp_expire > 0) && (days > spw->sp_expire)) return 0; If I lock an account by entering too many incorrect passwords, sp_expire

# cat iddmi.pp class iddmi { # define pkg variable $pkg = $hardwareisa ? { "sparc" => "Iddmi_SunOS_sparc.pkg", "i386" => "Iddmi_SunOS_i386.pkg", default => undef, } $ftpsystems = "ftp.example.net/download" # define path deafult for exec Exec { path =>

Hi, installing puppet at my first site was quite easy (not w/o problems, but still). At the second site, I''ve run into something more serious. First things first - I install puppetmaster on existing server, used to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to coexist on the same machine). The thing is, I need to puppet this baby, so I''m running into a

How are people handling password expirations in (non-pam) openssh? I'm currently running a program in the various startup scripts that reports to the user when their password will expire and runs passwd if that date is getting close. How are other people dealing with this? Is anyone working on integrating password changing into openssh? Is doing so even desired, since it's fairly trivial

Hello I have a puppetmasterd installation running on a Mac OS X 10.6.3 Server with puppet installed via macports. Earlier today it was happily signing requests, before I upgraded puppet from 0.24.8 to 0.25.4. Now I get "Invalid argument": bash-3.2# puppetca --sign bouti.carbonplanet.com bouti.carbonplanet.com err: Could not call sign: Invalid argument The only mention I can find on

Getting this error: err: Could not call list: header too long when running puppetca commands on master. There is not a disk space issue. On the puppet master server, /var filled up to 100% during the night. Now it''s fine, down to 25% used. I rebooted server too Any fixes? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To

Hi Experts, I remember we had this discussion before, but could find it. Can I run a command to generate a "Compiled catalog" for a specific node (on the master node)? And apply this on the client node? What are the limitations for doing this? Basically we have special handling for the webserver/CA part of puppet. Thank you very much! -Yushu

I''m trying to get Puppet to run on ESX v3.0.1. Being that ESX doesn''t come with ruby, I installed v1.8.6 under /opt/ruby/ruby-1.8.6 and linked the bin to /usr/bin. facter installed and runs without issue. However, when I try to install puppet, I get: - Could not load openssl; cannot install Is this due to the way I installed ruby or something else? Thanks, Clif

I have used SSHD from openssh-3.7.1p1 on HP-UX 11:11. It works correctly and the entry in the logfile is: Sep 24 07:01:20 garm sshd[6625]: Accepted password for japs from 192.38.97.131 port 2463 Next I have upgraded to openssh-3.7.1p2 and restarted SSHD. It does not accept the password any more and the entries in the logfile are: Sep 24 12:21:38 garm sshd[19542]: User japs not allowed because