On Wed, Jul 29, 2009 at 12:35 PM, David Schmitt<da...@dasz.at> wrote:
>
> Asif Iqbal wrote:
>> On Wed, Jul 29, 2009 at 1:57 AM, David Schmitt<da...@dasz.at> wrote:
>>> Asif Iqbal wrote:
>>>> So I think I should start small and simple and it may grow to a
>>>> solution that will be really useful to others.
>>>>
>>>> Lets start w/ real basic.
>>>>
>>>> I have 300 hosts. I like a push a user to about 100 hosts (dns
>>>> resolver type hosts) out of 300 total.
>>>>
>>>> How do I set that up within puppet ?
>>> The very simplest stuff:
>>>
>>> | node "dns1", ..., "dns100" {
>>> | user { "foo": ... }
>>> | }
>>
>> this recipe worked perfect. I have seen the links you posted below and
>> I like to use them
>> slowly. I will move to that direction gradually.
>>
>> For now, the user account created perfectly. Here is the complete recipe
>>
>> (root)@sys-ubuntu:/etc/puppet/manifests# cat site.pp
>> # site.pp
>> # the .pp extension is default and not needed to add
>>
>> node "puppet-client1","puppet-client2",..."puppet-client10" {
>> user { "testuser":
>> ensure => "present",
>> uid => "102",
>> gid => "1",
>> comment => "test user",
>> home => "/export/home/testuser",
>> shell => "/bin/bash",
>> managehome => "true",
>> }
>> }
>>
>> How do I add this user to User_Alias TESTUSERS in the sudoers file on
>> all these hosts?
>> Without puppet I would ssh in to all the hosts and run `visudo' and
>> add the user in that User_Alias.
>>
>> I looked at the puppet recipe where sudeors file is kept in puppet
>> server and is pushed to
>> the puppet clients. For this I need to edit the sudoers file and my
>> recipe depends on it.
>> I like it more dynamic. I want puppet client to run the visudo and
>> append the user in User_Alias.
>> This way even if my environment grows I don't have to manage multiple
>> sudoers file on puppet master.
>
> Since there is currently no native sudo type I know of, I'd recommend
> using the concatenated_file and concatenated_file_part defines[1] from
> my "common" module[2]. Using them you can build your sudoers file on the
> nodes from a locally editable header and various parts from your manifests:
>
>
> class sudo {
> concatenated_file { "/etc/sudoers": }
> }
>
> class admin1 {
> user { admin1: }
> concatenated_file_part {
> "admin1":
> dir => "/etc/sudoers.d",
> content => "..."
> }
> }
>
> node ... {
> include admin1
> }
I am little lost. I dont see my user `testuser' here. I guess `admin1'
could be `testuser' instead if I want
to be consistent with my initial recipe?
Also what would go in the content => .. so that I can append user
`testuser' to the following entry
User_Alias TESTUSERS = user1, user2
in the sudoers file
>
>
>
>
> Regards, DavidS
>
> [1]http://git.black.co.at/?p=module-common;a=blob;f=manifests/defines/concatenated_file.pp;hb=HEAD
> [2]http://git.black.co.at/?p=module-common
>
> >
>
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
