[CentOS] PUPPET - group IDS

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[CentOS] PUPPET - group IDS

Ian Diddams
hope thus comes under the remit of this mailking list...



We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID
eg 
user1 with UID 1000user 2 with UID 1001
but I would like them BOTH to share the GID of 2000
I've tried the following
accounts::groups:    jointgroup:        gid: '2000'
accounts::users:
    user1:        uid: '1000'        gid: '2000'        home: '/home/user1'        shell: '/bin/bash'        password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
    user2:        uid: '1001'        gid: '200'        home: '/home/user2'        shell: '/bin/bash'        password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
But when I trfy and use this puppet agent -tv complains when trying to create user2 that GID 2000 is slready used .

how may I manage this?
(Obvs I could have all users with their own GID and add users to a seperate group m... but this is just tidier to my mind?
cheersdidds
_______________________________________________
CentOS mailing list
[hidden email]
https://lists.centos.org/mailman/listinfo/centos
Reply | Threaded
Open this post in threaded view
|

Re: [CentOS] PUPPET - group IDS

Paul Heinlein
On Wed, 19 Apr 2017, Ian Diddams wrote:

> hope thus comes under the remit of this mailking list...
>
>
>
> We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID
> eg 
> user1 with UID 1000user 2 with UID 1001
> but I would like them BOTH to share the GID of 2000
> I've tried the following
> accounts::groups:    jointgroup:        gid: '2000'
> accounts::users:
>     user1:        uid: '1000'        gid: '2000'        home: '/home/user1'        shell: '/bin/bash'        password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
>     user2:        uid: '1001'        gid: '200'        home: '/home/user2'        shell: '/bin/bash'        password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
> But when I trfy and use this puppet agent -tv complains when trying to create user2 that GID 2000 is slready used .
>
> how may I manage this?

I haven't used the "allowdupe" option, so I don't know if it works for
GIDs, but supposedly this works:

   user { 'user1':
     uid => 1000, gid => 2000, ...,
     allowdupe => true
   }

   user { 'user2':
     uid => 1001, gid => 2000, ...,
     allowdupe => true
   }

In YAML-ese, I guess you'd just add

accounts::users:
   user1:
     allowdupe: 'true'

--
Paul Heinlein <> [hidden email] <> http://www.madboa.com/
_______________________________________________
CentOS mailing list
[hidden email]
https://lists.centos.org/mailman/listinfo/centos
Reply | Threaded
Open this post in threaded view
|

Re: [CentOS] PUPPET - group IDS

Leroy Tennison
I'm not familiar with the syntax you're using but the below worked for me using 'puppet apply grp-usr.pp' on my laptop where grp-usr.pp contained:

group { 'poc':
        ensure  =>      present,
        gid     =>      '1002'
}

user { 'one':
        ensure  =>      present,
        uid     =>      '1005',
        gid     =>      '1002',
        require =>      Group['poc']
}

user { 'two':
        ensure  =>      present,
        uid     =>      '1006',
        gid     =>      '1002',
        require =>      Group['poc']
}

The run produced no errors and

grep poc /etc/group

produced:

poc:x:1002:

with

egrep 'one|two' /etc/passwd

producing (with a couple of extraneous entries):

nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
whoopsie:x:109:116::/nonexistent:/bin/false
two:x:1006:1002::/home/two:
one:x:1005:1002::/home/one:



----- Original Message -----
From: "Paul Heinlein" <[hidden email]>
To: "centos" <[hidden email]>
Sent: Wednesday, April 19, 2017 4:20:08 PM
Subject: Re: [CentOS] PUPPET - group IDS

On Wed, 19 Apr 2017, Ian Diddams wrote:

> hope thus comes under the remit of this mailking list...
>
>
>
> We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID
> eg 
> user1 with UID 1000user 2 with UID 1001
> but I would like them BOTH to share the GID of 2000
> I've tried the following
> accounts::groups:    jointgroup:        gid: '2000'
> accounts::users:
>     user1:        uid: '1000'        gid: '2000'        home: '/home/user1'        shell: '/bin/bash'        password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
>     user2:        uid: '1001'        gid: '200'        home: '/home/user2'        shell: '/bin/bash'        password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
> But when I trfy and use this puppet agent -tv complains when trying to create user2 that GID 2000 is slready used .
>
> how may I manage this?

I haven't used the "allowdupe" option, so I don't know if it works for
GIDs, but supposedly this works:

   user { 'user1':
     uid => 1000, gid => 2000, ...,
     allowdupe => true
   }

   user { 'user2':
     uid => 1001, gid => 2000, ...,
     allowdupe => true
   }

In YAML-ese, I guess you'd just add

accounts::users:
   user1:
     allowdupe: 'true'

--
Paul Heinlein <> [hidden email] <> http://www.madboa.com/
_______________________________________________
CentOS mailing list
[hidden email]
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
[hidden email]
https://lists.centos.org/mailman/listinfo/centos