Hi list, I am familiar with virt_users and virt_groups but thought it might be easier in our environment to describe our users on our node like shown here:
http://itand.me/using-puppet-to-manage-users-passwords-and-ss To that end I changed things a bit and have the following code: /etc/puppet/modules/users/manifests/definitions/add_user.pp define add_user($uid,$pword,$groups) { include virt_users include virt_groups if tagged(dba) { realize( Group["postgres"]) } if tagged(www) { realize( Group ["hw-datarx"], Group["hw-datarw"]) } if tagged("build") { realize( Group["hitw"], Group["hwbackup"], Group["hitw-tasks"], Group["hw-datarx"] ) realize( User["hitw"], User["hwbackup"], User["feeds"], User["hwsrc"] ) } $username = $title user { $username: comment => "puppet created account for $username", home => "/home/$username", shell => "/bin/bash", uid => $uid, password => $pword, groups => $groups, } group { $username: gid => $uid, require => User[$username] } file { "/home/$username": ensure => directory, owner => $username, group => $username, mode => 750, require => [User[$username], Group[$username]], source => "puppet:///modules/users/home/$username" } file { "/home/$username/.ssh": ensure => directory, owner => $username, group => $username, mode => 700, require => File["/home/$username/"] } file { "/home/$username/.ssh/authorized_keys": ensure => file, owner => $username, group => $username, mode => 600, require => File["/home/$username/"], source => "puppet:///modules/users/home/$username/.ssh/ authorized_keys" } } This seemed pretty good because I could manage certain files out of the home directories and assign them to groups. I then describe a user to create like so: class buildManagers { add_user { bobj: pword => 'removed', uid => removed, groups => [ 'hitw', 'hitw-tasks' ] } } Which I then include on my node: node blah inherits blah.blah { include buildManagers } This all works a treat. Now to the problem I have. I want to be able to install all the users described in buildManagers but maybe change one or two of the groups one of the users has on a per node basis. If I describe my node as: node blah inherits blah.blah { include buildManagers add_user { bobj: .... groups => ['hitw', 'hitw-tasks', 'anothergroup'] } I get that the user is already defined. Basically what if I want bobj to be described one way on one host, a different way on another and everything else has the default account? Is there a way around this without scrapping the way I set out to do it? Can I override just their account on one or two nodes somehow without effecting the way I would normally describe them? I'm using puppet 25.5. Cheers, DenMat -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
