The overhead of explicity realising the resources would be too great.
Specifically what I am trying to achive is disabling accounts on existing
hosts, while preventing them from being created when new hosts are turned
up. So when a user leaves the company the account would be disabled by
locking the password and disabling the shell, and if new host was turned up
tomorrow I would not want the account created there.
On Friday, 1 June 2012 15:55:22 UTC+1, Ygor wrote:
>
> Use a virtual resource ?
>
> It will not be created unless you explicitly realize it.
>
> You can centrally manage a collection of virtual users on your Puppet
> Master,
> creating only those you want on the nodes you want them on.
>
> Does that satisfy your requirement ?
>
> “Sometimes I think the surest sign that intelligent life exists elsewhere
> in the universe is that none of it has tried to contact us.”
> Bill Waterson (Calvin & Hobbes)
>
> ----- GriffaA10 <alan.griffi...@interoute.com> wrote:
> > I'm on Centos 5 - which I assume would behave the same as Fedora. From
> my
> > testing it would seem that the default behaviour for user type is to
> create
> > if absent. I tried looking at the Puppet source to see if this behaviour
> > can be easily modified, but as someone who doesn't know Ruby I couldn't
> get
> > a handle on it.
> >
> > On Friday, 1 June 2012 13:54:23 UTC+1, Luke Bigum wrote:
> > >
> > > On Fedora the behaviour between types is different. A file resource is
> > > not created if it doesn't exist:
> > >
> > > notice: Finished catalog run in 0.08 seconds
> > > biguml@biguml-laptop:~$ ls -ld /tmp/woof
> > > ls: cannot access /tmp/woof: No such file or directory
> > >
> > > biguml@biguml-laptop:~$ cat test.pp
> > > file { '/tmp/woof':
> > > owner => 'biguml',
> > > }
> > >
> > > A user resource is created:
> > >
> > > debug: User[woof](provider=useradd): Executing '/usr/sbin/useradd -s
> > > /bin/false -M woof'
> > > notice: /Stage[main]//User[woof]/ensure: created
> > > notice: Finished catalog run in 0.42 seconds
> > >
> > > biguml@biguml-laptop:~$ cat test.pp
> > > user { 'woof':
> > > shell => '/bin/false'
> > > }
> > >
> > > I'm not sure if this is a bug or feature.
> > >
> > > As for trying to get the behaviour that you want, it's a bit difficult
> > > without having Facts for all your existing users or using an Exec
> > > resource.
> > >
> > > -Luke
> > >
> > > On 01/06/12 13:43, Luke Bigum wrote:
> > > > Hi Alan,
> > > >
> > > > What OS / provider? At first guess I'd say it's a side affect of the
> > > > commands the provider is using to change user attributes (useradd
> > > > instead of usermod?). If you run puppet with --debug you might get
> > > > output from the provider to see what it's doing.
> > > >
> > > > -Luke
> > > >
> > > > On 31/05/12 17:25, GriffaA10 wrote:
> > > >> Hi,
> > > >>
> > > >> I have certain situations where I want to manage user attributes,
> if
> > > >> the user already exists on a system, but not actually create them
> if
> > > >> they are missing. Is there a way to do this?
> > > >>
> > > >> I tried removing the explicit "ensure => present", but this seems
> to
> > > >> have no effect (i.e. missing users still created).
> > > >>
> > > >> I am running 2.7.9.
> > > >>
> > > >> Thanks,
> > > >>
> > > >> Alan
> > > >> --
> > > >> You received this message because you are subscribed to the Google
> > > >> Groups "Puppet Users" group.
> > > >> To view this discussion on the web visit
> > > >> https://groups.google.com/d/msg/puppet-users/-/_3XFEWaz7SQJ.
> > > >> To post to this group, send email to puppet-users@googlegroups.com.
>
> > > >> To unsubscribe from this group, send email to
> > > >> puppet-users+unsubscr...@googlegroups.com.
> > > >> For more options, visit this group at
> > > >> http://groups.google.com/group/puppet-users?hl=en.
> > > >
> > > >
> > >
> > >
> > > --
> > > Luke Bigum
> > >
> > > Information Systems
> > > Ph: +44 (0) 20 3192 2520
> > > luke.bi...@lmax.com | http://www.lmax.com
> > > LMAX, Yellow Building, 1A Nicholas Road, London W11 4AN
> > >
> > >
> > > FX and CFDs are leveraged products that can result in losses exceeding
> > > your deposit. They are not suitable for everyone so please ensure you
> > > fully understand the risks involved. The information in this email is
> not
> > > directed at residents of the United States of America or any other
> > > jurisdiction where trading in CFDs and/or FX is restricted or
> prohibited
> > > by local laws or regulations.
> > >
> > > The information in this email and any attachment is confidential and
> is
> > > intended only for the named recipient(s). The email may not be
> disclosed
> > > or used by any person other than the addressee, nor may it be copied
> in
> > > any way. If you are not the intended recipient please notify the
> sender
> > > immediately and delete any copies of this message. Any unauthorised
> > > copying, disclosure or distribution of the material in this e-mail is
> > > strictly forbidden.
> > >
> > > LMAX operates a multilateral trading facility. Authorised and
> regulated
> > > by the Financial Services Authority (firm registration number 509778)
> and
> > > is registered in England and Wales (number 06505809).
> > > Our registered address is Yellow Building, 1A Nicholas Road, London,
> W11
> > > 4AN.
> > >
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> > To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/W52mIF64uKoJ.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
> >
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/8rCqI48n8XQJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
