I was under the impression that "generate" is run on the puppetmaster, but I'm
not sure. You might want to check to see if your user list is coming from the
server.
On Aug 29, 2010, at 12:27 PM, bonobo wrote:
> I may have answered by own question, but it still seems like there
> might be a better way.
>
> Here's what I came up with:
>
> # Secure Configuration Control 1.
>
> # Change the shell for system accounts to /dev/null. System accounts
> # are accounts with UIDs less than 500 but greater than 0.
> #
> # Exceptions:
> # - Accounts with the shells the /sbin/shutdown, /bin/sync, /sbin/
> halt.
> # - The nx account (used by FreeNX for remote deskttop access).
>
> define preventLogin2SystemAccts (){
> user{ $title:
> shell => "/dev/null" ,
> }
> }
>
> $systemAccts = generate("/etc/puppet/scripts/
> list.system.accounts.sh" )
> $systemAcctsArray = split( $systemAccts, '[,]')
> preventLogin2SystemAccts{ $systemAcctsArray : }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
