We have a need to have the same login accounts exist on several old/legacy
systems internally (older systems, won't be connected to LDAP for a variety
of reasons). Reading around, it seemed like a simple task to do, using the
virtual users and realize functions:
@user { "username":
require => Group['staff'],
ensure => present,
uid => 4444,
gid => 90,
password => '$1$OMITTED.',
groups => "wheel",
shell => '/bin/bash',
home => '/home/username',
managehome => true,
}
file { "/home/username":
ensure => directory,
recurse => false,
purge => false,
owner => 6332,
group => 90,
require => User['username'],
}
# Realize users
Group <| title == staff |> -> User <| title == username |>
It works for 4 out of 5 users; the other, puppet doesn't transfer the
"password" into the shadow file. I've pored over and there are no typos.
The hash is the correct length. Instead, the shadow password for this
user ends up being "!!". I remove the user from passwd, shadow and the
homeir and this still happens, regardless. The hash ends in a / (slash)
and I wonder if that might be tripping Puppet up. That's the only thing I
can think of.
Also, if you happen to change the password field, that doesn't get updated
forward, which is not the behavior I expected.
Thanks.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/f9f9504b-757f-4024-807c-1f76d47c7eef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
