On Wed, Feb 8, 2012 at 11:30 AM, wernerbahlke <werner.bah...@gmail.com> wrote:
> Hi,
>
> I want to create a user with a random password. Is there a way to only
> execute the manifest once when the user does not exist but not once
> the user is created?
>
> I know how to create a random password and can use generate to execute
> this function (or make it a custom fact provided I get this fact
> executed).
>
> So far I call an add_user method define in a users module out of my
> base class. Here is the code:
>
> include users
>
> users::add_user { 'testuser':
> name => 'testuser',
> uid => '777',
> password => generate('/usr/local/bin/new_hash'),
> shell => '/bin/csh',
> groups => 'testuser',
> }
>
> But alas this will get executed every time the client runs since the
> password will have changed due to the new generate call.
>
> One work-around I could think of is to create the user on the client
> (FreeBSD) using an exec calling the makepassword and pw command.
>
> Then I could check for existance of the user in the masterpasswd file
> with an unless check.
>
> But I much prefer do this with Puppet natively.
>
> Any suggestions will be greatly appreciated.
I was testing Steve Shipway's secret server module, there's a fact
that returns all the user password age to determine whether or not to
update the user password in secret server. You can see if something
similar would be useful:
https://github.com/nanliu/puppet-ss/blob/tb/hiera/lib/facter/ss_passwd_age.rb
Thanks,
Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
