On Jun 24, 9:13 am, Nathan Clemons <nat...@livemocha.com> wrote: > I'm wondering if the User provider has the capability to look up accounts > via NIS. It's been a long time since I've used NIS, however, so I don't know > if this is the problem for sure.
The default provider for RedHat / Fedora / CentOS does not recognize NIS users. I don't know about other providers, but I suspect that most don't recognize them. I use a custom provider here that assumes the "compat" scheme for specifying NIS users in /etc/passwd. If you're using NIS the other (default) way then no User provider can manage NIS users because there is no local representation to manage. With that said, it's not obvious that any User provider is involved at all. A provider would come into the mix if you were managing the "nagios" user itself, but it doesn't look like you're doing that. Perhaps since user 'nagios' is unmanaged, however, Ssh_authorized_key is using the default User provider to check for its existence. That's not exactly right, but I can't think of anything better. If it is a provider issue and you're using NIS in the default manner, then you could perhaps write a simple(-ish) povider that enumerates existing users without any ability to modify them or create new ones. You would then add this to your manifest: user { "nagios": provider => "nisuser", ensure => "present", before => Ssh_authorized_key [ "nagios@login2" ] } That's a significant amount of work, however, especially given that it is not clear whether it would actually solve the problem. But if you've been itching to try creating a custom provider then here's an excuse. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.