Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10237

User resource with allowdupe executes usermod -o without -u {uid} argument

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Won't Fix
    • Affects Version/s: PUP 6.3.0
    • Fix Version/s: None
    • Component/s: Types and Providers
    • Labels:
      None
    • Template:
      PUP Bug Template
    • Agent OS:
      Ubuntu 16.10 (i386, amd64)
    • Master OS:
      Ubuntu 16.04 (amd64)
    • Team:
      Night's Watch
    • Story Points:
      2
    • Sprint:
      NW - 2020-02-05
    • Method Found:
      Needs Assessment
    • Release Notes:
      Not Needed
    • QA Risk Assessment:
      Needs Assessment

      Description

      Puppet Version: 5.4.0
      Puppet Server Version: 6.3.0
      OS Name/Version: Ubuntu 18.04

      I need to ensure a user with the same uid as another existing user but a different name.
      Creating the second user is done correctly, but when the second user's password is changed, puppet says it has changed the user's password successfully while in fact it has not changed the password.
      Any subsequent runs will also result in puppet reporting a change while actual password is never changed.

      Desired Behavior:

      When the user already exists the password is changed successfully with the option allowdupe.

      Actual Behavior:

      puppet code:

      # ensure first user
      user { 'user1name': 
        ensure   => present,
        uid      => $uid, 
        gid      => $uid,
        home     => $homedir, 
        shell    => $user1[shell], 
        password => $user1[password] 
      }
       
      # ensure second user with allowdupe and same uid
      user { 'user2name':
        ensure    => present,
        uid       => $uid,
        gid       => $uid,
        allowdupe => true,
        home      => $homedir,
        shell     => $user2[shell],
        password  => $user2[password],
        require   => [File[$homedir], Group[$user2[group]]]
      }

      Puppet output with --debug flag:

      Debug: Executing: '/usr/sbin/usermod -p $6$rounds=5000$viVABC4ghFf32fu7$WynOf/iDV93iipWfANkKAomDTCqBk9IZK/NihhJaeuMuSDrzUVfFqg91/V9lWr2GK1D/E2.bqNJzUpMK2Xest1 -o user2name'
      Notice: /Stage[pre]/Xroles::Users::Pre/User[user2name]/password: changed password
      Debug: /User[user2name]: The container Class[Xroles::Users::Pre] will propagate my refresh event

      Manually executing the usermod command as logged by puppet results in the error: 

      usermod: -o flag is only allowed with the -u flag

      It seems that the -u flag is missing from the command that is being executed to edit the user password.

      Or is it possible that I am declaring my resource(s) in the wrong way?

      If there is an issue in the code it will most likely be in:

      /lib/puppet/provider/user/useradd.rb 

        Attachments

          Activity

            People

            Assignee:
            luchian.nemes Luchian Nemes
            Reporter:
            vanoostrum Theo van Oostrum
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support