John/Garret, thanks but the hash-type isn't specific to os&release, it is manually defined/altered by the sysadmin.
Does that help any? To be more detailed, I might have something like the following: CentOS-6.X. 12 nodes all hash=sha-512, Solaris 10u6 13 nodes all hash=bsdmd5, but... Solaris 10u6 4 nodes all hash=sha-512, AND Solaris 10u11 8 nodes all hash=bsdbf, but... Solaris 10u11 3 nodes all hash=sha-512. I can see where you might say, then patch and augment all up to Solaris 10u11 with hash=sha-512; I work in a secured VERY BUSY environment so it's not quite that simple. Thank you both, On Feb 10, 2016 7:13 PM, "John Warburton" <jwarbur...@gmail.com> wrote: > Warron > > Use the operatingsystemrelease fact and decide the hash to use based on > that. > > It will spit out something like 10_u9 by reading /etc/release. This isn't > too bad, but if you patch a server built as u9 with a current patch set, > the actual OS will be u11 no matter what /etc/release says, so beware > > You can look at projects.puppetlabs.com/issues/11082 you can see the > mapping between 1/06 (I hear ya) and the update number. There is a link to > the Oracle document that maps that out too > > John > > On Thursday, 11 February 2016, Warron French <warron.fre...@gmail.com> > wrote: > >> Hello, I was hoping someone could help with answering this question, for >> the following scenario. >> >> On our network we have some OLD ( I mean 1/06, up to 1/09) Solaris 10 >> SPARC servers and workstations along with newer Solaris 10 SPARC servers >> (running even the lastest revisions, like 1/13); and we have CentOS servers >> and workstations. >> >> The password hashing algorithm is different between the OLD Solaris 10 >> SPARC servers and workstations versus the newer *recently rebuilt* Solaris >> 10 1/13 SPARC servers and workstations; the *older ones *run with *MD5* >> for password hashing, we don't want that. Even some of the Solaris 10 >> machines that running the newer Solaris 10 1/13 (build a couple of years >> ago) might be running with the MD5 hashing algorithm. *All* of our >> CENTOS systems though, thank goodness, are running with the sha-512 (yay!). >> >> >> Anyway, we have a potential project to use puppet to populate/generate *LOCAL >> *(not AD/LDAP) accounts across all of our systems and want our passwords >> for each of the accounts added to be the same; but of course, if the >> *password* attribute given to the *user* resource in the puppet code is >> of an incorrect hash-type, then that account will not work properly. >> >> That is why I am asking for help, to achieve this particular goal. >> >> Thank you in advance, >> Warron >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/ccd6ba2d-6f0e-45b7-9946-e99ec9cd78fe%40googlegroups.com >> <https://groups.google.com/d/msgid/puppet-users/ccd6ba2d-6f0e-45b7-9946-e99ec9cd78fe%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > John Warburton > Ph: 0417 299 600 > Email: jwarbur...@gmail.com > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CAAJLFxXmSU-H20DhyUTxRYwWT56nHVbJLd1qkGYfx4GB-8AWHQ%40mail.gmail.com > <https://groups.google.com/d/msgid/puppet-users/CAAJLFxXmSU-H20DhyUTxRYwWT56nHVbJLd1qkGYfx4GB-8AWHQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAJdJdQkwh4Xcq%3DJPBf6vNyebNKNj-UjuiKMDuK0mp6o1%3DriGYg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
