The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Feature #5432

Use AIX native commands to manage users and groups

Added by Hector Rivas almost 4 years ago. Updated over 3 years ago.

Status:ClosedStart date:12/01/2010
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:provider
Target version:2.7.0
Affected Puppet version:development Branch:https://github.com/keymon/puppet/tree/feature/master/5432
Keywords:AIX user provider group community patch

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com

This issue is currently not available for export. If you are experiencing the issue described below, please file a new ticket in JIRA. Once a new ticket has been created, please add a link to it that points back to this Redmine ticket.


Description

Specific providers should be created for AIX to manage users and groups.

AIX bases the authentication management on a set of commands: mkuser, rmuser, chuser, lsuser, mkgroup, rmgroup, chgroup, lsgroup, etc.


Related issues

Related to Puppet - Bug #6936: AIX user provider fails if a gid is specified instead of ... Closed 04/01/2011 12/31/2011
Duplicated by Puppet - Bug #5396: "Could not find a default provider for user" in AIX using... Duplicate 11/25/2010

History

#1 Updated by Hector Rivas almost 4 years ago

Proposed providers in https://github.com/keymon/puppet/tree/feature/master/5432

#2 Updated by James Turnbull almost 4 years ago

  • Status changed from Unreviewed to Needs Decision
  • Assignee set to Nigel Kersten

#3 Updated by Nigel Kersten almost 4 years ago

  • Status changed from Needs Decision to Accepted
  • Assignee deleted (Nigel Kersten)

#4 Updated by Matt Robinson almost 4 years ago

  • Status changed from Accepted to In Topic Branch Pending Review
  • Keywords changed from AIX user provider group to AIX user provider group community patch
  • Branch set to https://github.com/keymon/puppet/tree/feature/master/5432

#5 Updated by Hector Rivas almost 4 years ago

In the proposed code the user and group types where extended with:

  • feature: :manages_aix_lam

  • newparam(ia_load_module): authentication module to use in user and group AIX providers.

  • newproperty(“attributes”): AIX attributes that are not managed by puppet directely.

It uses the AIX commands to manage the resources.

A new “provider super-class” is created puppet::provider::AixObject. This superclass implement basic functionality to parse the typical AIX command output.

Notes:

  • AIX users can have expiry date defined with minute granularity, but puppet does not allow it. There is a ticket open for that (#5431)

  • AIX maximum password age is in WEEKs, not days.

#6 Updated by Nigel Kersten almost 4 years ago

  • Target version set to 2.6.5

#7 Updated by Paul Berry over 3 years ago

  • Target version changed from 2.6.5 to 2.7.x

This patch is a new feature, it’s fairly large, and it’s based on the 2.7 codebase. Postponing until 2.7.

#8 Updated by Michael Stahnke over 3 years ago

Paul Berry wrote:

This patch is a new feature, it’s fairly large, and it’s based on the 2.7 codebase. Postponing until 2.7.

IMHO, this is a bug fix. I was able to manage users in 2.6.1 on AIX. Since 2.6.2 puppet is not usable on AIX. The way it is fixed under the hood isn’t of concern to me (right now), I just would like my existing manifests/modules to work.

This under 2.6.5rc1

err: Could not create resources for managing Puppet's files and directories in sections [:main, :ssl, :agent]: Could not find a default provider for user     

#9 Updated by Jesse Wolfe over 3 years ago

  • Status changed from In Topic Branch Pending Review to Merged - Pending Release

I’ve merged this to next as of commit:1a7f0dc6c4bfe4ce716ddfd918be181c8d682229

Nigel, do you have any commentary on the state of AIX in 2.6.x ?

#10 Updated by Parker Johnson over 3 years ago

I've been eagerly awaiting this patch!  I just checked out from source and gave it a try
on an AIX6.1 TL4 host.  Most of this works, but if you specify a gid instead of a group name,
the manifest errors.  I'd be happy to submit this as a bug.

[root@sfcloudap001 puppet]# cat modules/test/manifests/init.pp 
class test {

  group{'test_g':
    ensure => present,
    gid => 6969,
  }

  user{'test_u':
    ensure => present,
    uid => 99,
    gid => 6969,
    home => "/tmp/",
  }
}


[root@autobuild /]# puppet agent --test
warning: iconv doesn't seem to support UTF-8/UTF-16 conversions
info: Caching catalog for autobuild.gid.gap.com
info: Applying configuration version '1301604374'
notice: /Stage[main]/Test/Group[test_g]/ensure: created
err: /Stage[main]/Test/User[test_u]/ensure: change from absent to present failed:
Could not set 'present on ensure: undefined method `groupname_by_id' for # at /etc/puppet/modules/test/manifests/init.pp:13
notice: Finished catalog run in 2.89 seconds
[root@autobuild /]# 

#11 Updated by Jesse Wolfe over 3 years ago

Parker, thank you very much for the testing! Please do file a ticket for the problem you discovered, if you haven’t already.

#12 Updated by Parker Johnson over 3 years ago

Bug filed! Due date is end of the year :)

http://projects.puppetlabs.com/issues/6936

#13 Updated by Rob Braden over 3 years ago

I agree that this should be considered a bug instead of a new feature, as users are working under 2.6.1

#14 Updated by Parker Johnson over 3 years ago

The “user” provider for for AIX mysteriously disappeared between releases 2.6.1 and 2.6.2 (see below). That provider was missing from 2.6.2 to present release (2.6.7).

Then I believe Hector’s patch was applied to trunk. I’d been waiting for it (and didn’t want to backrev), so was eager to try it and found a few minor bugs.

-Park

Parker:Downloads Parker$ tar xzf puppet-2.6.1.tar.gz ; grep -R aix puppet-2.6.1 | grep "user" | wc
      18     124    1828

Parker:Downloads Parker$ tar xzf puppet-2.6.2.tar.gz ; grep -R aix puppet-2.6.2 | grep "user" | wc
       0       0       0
 

#15 Updated by James Turnbull over 3 years ago

  • Status changed from Merged - Pending Release to Closed
  • Target version changed from 2.7.x to 2.7.0

Also available in: Atom PDF