Feature #1942
Red Hat systems should use gpasswd instead of usermod for group changes
| Status: | Accepted | Start date: | 02/06/2009 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | Red Hat | |||
| Target version: | - | |||
| Affected Puppet version: | 0.24.7 | Branch: | ||
| Keywords: | usermod,useradd,gpasswd,user management,group management | |||
| Votes: | 0 |
Description
Most Red Hat Enterprise Linux, at least releases 4 and 5, ship gpasswd-utility which allows management of entries in /etc/group which is exactly what usermod does. However, gpasswd has one big advantage over usermod: gpasswd does not require an entry for user to be added/deleted from a group to have an entry in /etc/passwd.
In an environment which relies on (e.g.) some bizarre LDAP setup (I’m forced to live with one at work), there might not be entries in /etc/passwd for users which are still require to have various rights granted by entries in /etc/group. So there might be a user called ‘foo’ who has not an entry in /etc/passwd, yet the same user needs to be in group ‘bar’ in /etc/group as the group ‘baz’ is used to control who are allowed to use ‘sudo’-command in the system.
Now I could of course just rewrite necessary bits and pieces on useradd.rb locally, but this seems to be a thing that might be useful for Puppet-community in general (well, at least to those who run RHEL). So, thus a feature request.
History
Updated by James Turnbull over 3 years ago
- Category set to Red Hat
- Status changed from Unreviewed to Needs More Information
- Assignee set to Puppet Community
- Target version set to 4
Happy to consider a patch.
Updated by James Turnbull over 3 years ago
Added some Red Hat'y people for comment to the ticket.
Updated by Sean Millichamp over 3 years ago
Completely agree. gpasswd is the way to do it.
I have had situations as an admin where I have had this exact use case before. It would be good if it were possible to support it in Puppet.
Updated by James Turnbull over 3 years ago
- Status changed from Needs More Information to Accepted
Then happy to take a patch.
Updated by James Turnbull almost 3 years ago
- Assignee deleted (
Puppet Community)
Updated by William Van Hevelingen 11 months ago
Debian and Solaris version here not sure if it works on Redhat based systems
- https://github.com/pdxcat/pdxcat-group
- http://forge.puppetlabs.com/pdxcat/group
Updated by James Turnbull 9 months ago
- Target version deleted (
4)