The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Adding a User and their Home directory

This might help someone. If you’re using a version higher than 0.22.1, this is probably fixed already, so you can simply check the reference to see how you should add a homedir directly from the user {} declaration. Otherwise, you can use this component:

define user_homedir ($group, $fullname, $ingroups) {
  user { "$name":
    ensure => present,
    comment => "$fullname",
    gid => "$group",
    groups => $ingroups,
    membership => minimum,
    shell => "/bin/bash",
    home => "/home/$name",
    require => Group[$group],
  }

  exec { "$name homedir":
    command => "/bin/cp -R /etc/skel /home/$name; /bin/chown -R $name:$group /home/$name",
    creates => "/home/$name",
    require => User[$name],
  }
}

You can use it like this:

user_homedir { "donkeyman":
  group => "donkeys",
  fullname => "Equus Asinus",
  ingroups => ["animalia", "chordata", "mammalia", "perissodactyla", "equidae", "equus"],
}

Adding a User, Home directory, and a password hash

This might help someone else. If you’re using a higher version, this could be fixed already, you can check the reference to see how you should add a homedir directly and hash from the user {} declaration. Otherwise, you can use this component:

define user_homedir_hash ($fullname, $myuid, $hash) {
  user { "$name":
    uid => "$myuid",
    comment => "$fullname",
    home => "/home/$name"
  }

  exec { "$name homedir":
    command => "cp -R /etc/skel /home/$name; chown -R $name /home/$name",
    path => "/bin:/usr/sbin",
    creates => "/home/$name",
    require => User[$name],
  }

  # Notice, this is for FreeBSD, it doesn't work on Linux. See below
  exec { "$name hash":
    command => "echo '$hash' | pw user mod $name -H /dev/stdin",
    onlyif => "pw usermod help 2>&1 | grep -q H\ fd && grep -q '$name:\*:' /etc/master.passwd",
    path => "/bin:/usr/sbin:/usr/bin",
    require => User[$name],
  }
}

Notes: I found that different systems put binarys in other locations, I used path to sort this out. I also removed every option I didn’t need to set.

Usefulness: This is obviously an extension to the pw provider used by FreeBSD, I’m sure the concept can be extended to other providers that are missing features. This code should be safe on all non-pw systems.

You can use it like this:

user_homedir_hash { "donkeyman":
  fullname => "Equus Asinus",
  myuid => 71830,
  hash => 'balhblahblah'
}

Other code: This code I’ve used to insert passwords when there is no OS support for managing hashes. It could be helpful as part of other puppet providers. The down side is that it was written in TCL/expect.

send "PS1=ttaany\r"

    proc nupasswd {username PASSWD_HASH REAL_NAME} {
        send "EDITOR=ed vipw\r"
        expect "EDITOR=ed vipw\r"
        send "/^$username\::/\n"
        expect {
          "\\?" {
            send "q\r"
            expect "q\r"
            expect "ttaany"
            return 1
          }
          $REAL_NAME
        }
        sleep 1
        send ".,s%::%:$PASSWD_HASH\:%1\n"
        expect ".,s%::%:$PASSWD_HASH\:%1"
        sleep 1
        send ".\n"
        expect "."
        expect "$PASSWD_HASH"
        sleep 1
        send "w\n"
        expect "w"
        sleep 1
        send "q\n"
        expect "q"
        expect "vipw"
        expect "ttaany"
    }

suse.rb.patch Magnifier (900 Bytes) Jeff Falgout, 04/27/2007 10:05 pm