I've written a define to replace the shell of system accounts with /
dev/null:
define preventLogin2systemaccts (){
user{ $title:
shell => "/dev/null" ,
}
}
Invoking this define like this works:
$systemAccts = ["daemon", "bin"]
preventLogin2systemaccts{ $systemAccts : }
However, I'd li
I may have answered by own question, but it still seems like there
might be a better way.
Here's what I came up with:
# Secure Configuration Control 1.
# Change the shell for system accounts to /dev/null. System accounts
# are accounts with UIDs less than 500 but greater than 0.
#
# Excepti
I was under the impression that "generate" is run on the puppetmaster, but I'm
not sure. You might want to check to see if your user list is coming from the
server.
On Aug 29, 2010, at 12:27 PM, bonobo wrote:
> I may have answered by own question, but it still seems like there
> might be a bet
Patrick writes:
'generate' is run on the puppetmaster; there isn't actually an easy way to
query this on the client other than using a custom fact.
Daniel
> I was under the impression that "generate" is run on the puppetmaster, but
> I'm not sure. You might want to check to see if your
I have used a simple fact to (very) naively determine "real" users. It runs on
each client:
$ cat localusers.rb
Facter.add("localusers") do
setcode do
%x{USERS=`/bin/getent passwd | /bin/grep /home | /bin/awk -F: \'{print
$1}\'`; echo $USERS | sed -e \'s/ /,/g\'}.chomp
end
en
I tried that:
diff_args = -ubB -I \\\$HeadURL
and still get:
err: ...: Failed to retrieve current state of resource: Could not find
value for $HeadURL
Does anyone knows what kind of code parses this? Is it passed through
the shell? How many "levels of quoting" does it go through before
reaching
On Thu, Aug 26, 2010 at 9:58 AM, Douglas Garstang
wrote:
> Anyone know if there's a plan to allow definitions to be used in
> external nodes? Not having that ability is a major pain in the ass. It
> really means that all that really works with external nodes is really
> simple cases of a single pi
On Fri, Aug 27, 2010 at 2:12 PM, Frederik Wagner wrote:
>
> Alternatively: It seems not to be possible to set the stage
> metaparameter with a default value in a class definition?!
>
> something like this wont run in Stage "pre":
>
> stage{ pre: before => Stage[main] }
> class someclass ($stage=pr
Bryan Horstmann-Allen writes:
> I have used a simple fact to (very) naively determine "real" users. It runs on
> each client:
>
> $ cat localusers.rb
> Facter.add("localusers") do
> setcode do
> %x{USERS=`/bin/getent passwd | /bin/grep /home | /bin/awk -F: \'{print
> $1}\'`; echo $
