hope thus comes under the remit of this mailking list...
We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID eg user1 with UID 1000user 2 with UID 1001 but I would like them BOTH to share the GID of 2000 I've tried the following accounts::groups: jointgroup: gid: '2000' accounts::users: user1: uid: '1000' gid: '2000' home: '/home/user1' shell: '/bin/bash' password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' user2: uid: '1001' gid: '200' home: '/home/user2' shell: '/bin/bash' password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' But when I trfy and use this puppet agent -tv complains when trying to create user2 that GID 2000 is slready used .
how may I manage this? (Obvs I could have all users with their own GID and add users to a seperate group m... but this is just tidier to my mind? cheersdidds
On Wed, 19 Apr 2017, Ian Diddams wrote:
hope thus comes under the remit of this mailking list...
We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID eg user1 with UID 1000user 2 with UID 1001 but I would like them BOTH to share the GID of 2000 I've tried the following accounts::groups: jointgroup: gid: '2000' accounts::users: user1: uid: '1000' gid: '2000' home: '/home/user1' shell: '/bin/bash' password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' user2: uid: '1001' gid: '200' home: '/home/user2' shell: '/bin/bash' password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' But when I trfy and use this puppet agent -tv complains when trying to create user2 that GID 2000 is slready used .
how may I manage this?
I haven't used the "allowdupe" option, so I don't know if it works for GIDs, but supposedly this works:
user { 'user1': uid => 1000, gid => 2000, ..., allowdupe => true }
user { 'user2': uid => 1001, gid => 2000, ..., allowdupe => true }
In YAML-ese, I guess you'd just add
accounts::users: user1: allowdupe: 'true'
I'm not familiar with the syntax you're using but the below worked for me using 'puppet apply grp-usr.pp' on my laptop where grp-usr.pp contained:
group { 'poc': ensure => present, gid => '1002' }
user { 'one': ensure => present, uid => '1005', gid => '1002', require => Group['poc'] }
user { 'two': ensure => present, uid => '1006', gid => '1002', require => Group['poc'] }
The run produced no errors and
grep poc /etc/group
produced:
poc:x:1002:
with
egrep 'one|two' /etc/passwd
producing (with a couple of extraneous entries):
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin whoopsie:x:109:116::/nonexistent:/bin/false two:x:1006:1002::/home/two: one:x:1005:1002::/home/one:
----- Original Message ----- From: "Paul Heinlein" heinlein@madboa.com To: "centos" centos@centos.org Sent: Wednesday, April 19, 2017 4:20:08 PM Subject: Re: [CentOS] PUPPET - group IDS
On Wed, 19 Apr 2017, Ian Diddams wrote:
hope thus comes under the remit of this mailking list...
We use puppet, and Im trying to come up with "code" that will create two user accounts with a shared groiup ID eg user1 with UID 1000user 2 with UID 1001 but I would like them BOTH to share the GID of 2000 I've tried the following accounts::groups: jointgroup: gid: '2000' accounts::users: user1: uid: '1000' gid: '2000' home: '/home/user1' shell: '/bin/bash' password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' user2: uid: '1001' gid: '200' home: '/home/user2' shell: '/bin/bash' password: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' But when I trfy and use this puppet agent -tv complains when trying to create user2 that GID 2000 is slready used .
how may I manage this?
I haven't used the "allowdupe" option, so I don't know if it works for GIDs, but supposedly this works:
user { 'user1': uid => 1000, gid => 2000, ..., allowdupe => true }
user { 'user2': uid => 1001, gid => 2000, ..., allowdupe => true }
In YAML-ese, I guess you'd just add
accounts::users: user1: allowdupe: 'true'
-
Ian Diddams -
Leroy Tennison -
Paul Heinlein