I'm fighting with a ticklish issue. We have some groups and users that only
belong on some systems. So we made all users virtual and then realize them in
classes specific to those system types. This works quite well for the users,
but not for the groups. When you specify a user, you have to list all the
groups they are in.
groups => ['support',ops','dev'],
Obviously some groups aren't realized on all systems, so this produces an
error when usermod is run.
'/usr/sbin/usermod -G support,ops,dev jrhett' returned 6: usermod:
unknown group dev
usermod: unknown group dev
So I tried to get smarter, and put logic to add the group to each member under
the appropriate class
Class users::dev inherits users {
User['jrhett'] { groups +> ['dev'] }
}
This works… almost. It works for all instances where the user is only
subclassed once. But if I do the same technique in multiple classes I get
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Parameter 'groups' is already set on User_and_key[jrhett] by
#<Puppet::Resource::Type:0x7f4feed2d828> at
/etc/puppet/modules/users/manifests/support.pp:22; cannot redefine at
/etc/puppet/modules/users/manifests/dev.pp:27 on node s2-d1.company.com
So how can this be achieved, short of using an exec with an unless doing
another exec to determine if the group exists?
--
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
