Asif Iqbal wrote:
> On Wed, Jul 29, 2009 at 1:57 AM, David Schmitt<da...@dasz.at> wrote:
>> Asif Iqbal wrote:
>>> So I think I should start small and simple and it may grow to a
>>> solution that will be really useful to others.
>>>
>>> Lets start w/ real basic.
>>>
>>> I have 300 hosts. I like a push a user to about 100 hosts (dns
>>> resolver type hosts) out of 300 total.
>>>
>>> How do I set that up within puppet ?
>> The very simplest stuff:
>>
>> | node "dns1", ..., "dns100" {
>> | user { "foo": ... }
>> | }
>
> this recipe worked perfect. I have seen the links you posted below and
> I like to use them
> slowly. I will move to that direction gradually.
>
> For now, the user account created perfectly. Here is the complete recipe
>
> (root)@sys-ubuntu:/etc/puppet/manifests# cat site.pp
> # site.pp
> # the .pp extension is default and not needed to add
>
> node "puppet-client1","puppet-client2",..."puppet-client10" {
> user { "testuser":
> ensure => "present",
> uid => "102",
> gid => "1",
> comment => "test user",
> home => "/export/home/testuser",
> shell => "/bin/bash",
> managehome => "true",
> }
> }
>
> How do I add this user to User_Alias TESTUSERS in the sudoers file on
> all these hosts?
> Without puppet I would ssh in to all the hosts and run `visudo' and
> add the user in that User_Alias.
>
> I looked at the puppet recipe where sudeors file is kept in puppet
> server and is pushed to
> the puppet clients. For this I need to edit the sudoers file and my
> recipe depends on it.
> I like it more dynamic. I want puppet client to run the visudo and
> append the user in User_Alias.
> This way even if my environment grows I don't have to manage multiple
> sudoers file on puppet master.
Since there is currently no native sudo type I know of, I'd recommend
using the concatenated_file and concatenated_file_part defines[1] from
my "common" module[2]. Using them you can build your sudoers file on the
nodes from a locally editable header and various parts from your manifests:
class sudo {
concatenated_file { "/etc/sudoers": }
}
class admin1 {
user { admin1: }
concatenated_file_part {
"admin1":
dir => "/etc/sudoers.d",
content => "..."
}
}
node ... {
include admin1
}
Regards, DavidS
[1]http://git.black.co.at/?p=module-common;a=blob;f=manifests/defines/concatenated_file.pp;hb=HEAD
[2]http://git.black.co.at/?p=module-common
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
