Also, is there maybe a way to ensure a specific entry in a file. In this
case, can you ensure there is a entry for the oracle user in the
/etc/shadow file with manually giving it all the entries including the
password hash.
Thanks,
-J
On Thursday, December 20, 2012 3:48:19 PM UTC-8, Jagga Soorma wrote:
>
> Thanks for your response Keiran. I am trying to use just that resource
> but can't seem to get it to work. Here is what my class looks like:
>
> class oracle_password {
> user { 'oracle':
> ensure => 'present',
> password => '$1$etSqP2ht$3sjFIsw7q7Vxs5qc5sju//'
> }
> }
>
> [root@testrhel home]# grep -i oracle /etc/shadow
> [root@testrhel home]#
>
> Now once this resource is applied my assumption is there should be a
> /etc/shadow file entry for the oracle account but that never happens:
>
> [root@testrhel home]# puppet agent -t
> Info: Retrieving plugin
> Info: Caching catalog for testrhel.gene.com
> Info: Applying configuration version '1356045773'
> /Stage[main]/Oracle_password/User[oracle]/password: created password
> Finished catalog run in 0.99 seconds
> [root@testrhel home]#
>
> [root@testrhel home]# grep -i oracle /etc/shadow
> [root@testrhel home]#
>
> Sorry but you might receive a similar message twice. Forgot to reply to
> this post.
>
> Thanks,
> -J
>
> On Thursday, December 20, 2012 3:37:30 PM UTC-8, Keiran Sweet wrote:
>>
>> Hi There,
>> The user provider allows you to manage the value of the password hash in
>> the shadow file.
>>
>> You can see all the options available for this provider via 'puppet
>> describe user'.
>>
>> An example would be something like:
>>
>> user { username:
>> ensure => present,
>> password => 'password_hash_here',
>> }
>>
>> To quote the puppet documentation:
>> **password** - The user's password, in whatever encrypted format the
>> local system requires.
>>
>> To get all this working as you want, you may need to ensure that your
>> operating systems authentication configuration (ie, PAM) checks for
>> authentication in the right order, ie, local passwords, then kerberos, and
>> you should test this carefully to make sure you dont get undesired results.
>>
>> Hope this helps,
>>
>> K
>>
>>
>> On Thursday, December 20, 2012 11:04:47 PM UTC, Jagga Soorma wrote:
>>>
>>> Hi Guys,
>>>
>>> I am new to puppet and trying to figure out what is the best way to
>>> manage a password for a specific user in the /etc/shadow file. Most of my
>>> users are being authenticated to kerberos but there is a need to set a
>>> local password for this one account. What would be the best method to do
>>> this via puppet? I have built my own rpm's in the past using the chpasswd
>>> command but that seems like a lot more work to build a rpm everytime the
>>> password changes. Was hoping there was a easier/better way to do this via
>>> puppet.
>>>
>>> Thanks,
>>> -J
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/btqLH8nto_MJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
