Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10320

Secondary group handling causing issues in 6.13.0

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: PUP 6.13.0
    • Fix Version/s: PUP 6.14.0
    • Component/s: Catalog Application
    • Labels:
      None
    • Template:
      PUP Bug Template
    • Agent OS:
      RHEL 7 (x86_64)
    • Master OS:
      CentOS 7
    • Team:
      Night's Watch
    • Story Points:
      2
    • Sprint:
      NW - 2020-03-04
    • Method Found:
      Needs Assessment
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      Hide
      Members parameter of group resource was validated by checking if each user exists before the manifest is applied, causing a manifest containing user creation and group members update with the new user to fail.

      With this change you can add new user and update a group membership with him in the same manifest apply.
      Show
      Members parameter of group resource was validated by checking if each user exists before the manifest is applied, causing a manifest containing user creation and group members update with the new user to fail. With this change you can add new user and update a group membership with him in the same manifest apply.
    • QA Risk Assessment:
      Needs Assessment

      Description

      Puppet Version: 6.13.0
      Puppet Server Version: 6.9.0-1.el7
      OS Name/Version: Centos 7

      Issues with managing users, groups and secondary groups with 6.13.0, issue is not present in 6.12.0.

      Desired Behavior:

       

      Info: Applying configuration version '1582911791'
      Notice: /Stage[main]/Users::Users/Users::Local_user[jsmith]/Accounts::User[jsmith]/Group[jsmith]/ensure: created
      Notice: /Stage[main]/Users::Users/Users::Local_user[jsmith]/Accounts::User[jsmith]/User[jsmith]/ensure: created
      Notice: /Stage[main]/Users::Groups/Users::Virtual_group[dev]/Group[dev]/members: members changed 'auser,another' to ['auser', 'another', 'jsmith'] (corrective)

       

      Actual Behavior:

      Info: Loading facts
      Error: Failed to apply catalog: Parameter members failed on Group[dev]: can't find user for jsmith (file: /etc/puppetlabs/code/environments/production/modules/users/manifests/virtual_group.pp, line: 13)

       

      local_user.pp contains the following code...

      accounts::user { "$title":
        ensure => $ensure,
        shell => $shell,
        comment => $comment,
        home => $home,
        home_mode => $home_mode,
        uid => $uid,
        gid => $gid,
        group => $group,
        create_group => $create_group,
        membership => $membership,
        forcelocal => $forcelocal,
        password => $password,
        locked => $locked,
        sshkeys => $sshkeys,
        purge_sshkeys => $purge_sshkeys,
        managehome => $managehome,
        bashrc_content => $bashrc_content,
        bashrc_source => $bashrc_source,
        bash_profile_content => $bash_profile_content,
        bash_profile_source => $bash_profile_source,
        system => $system,
        ignore_password_if_empty => $ignore_password_if_empty,
        forward_content => $forward_content,
        forward_source => $forward_source,
      {{ }}}

      User[$title] -> Group[$groups.delete($group)]

       

      On 6.12.0 and earlier we see the primary group created, the user and the secondary group, on 6.13.0 this does not occur we get an error that the not yet created user can't be found.

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              ciprian.badescu Ciprian Badescu
              Reporter:
              robb Robert Brooks
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support