Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-1913

Puppet user resource should respect the forcelocal option

    Details

    • CS Priority:
      Reviewed

      Description

      Currently, the puppet user type uses `getent` to get information about user resources.

      The problem with this is that `getent` will also report information from LDAP and other remote user management services that are configured in nsswitch.conf, and will report that a user exists even when it does not exist locally (as an entry in /etc/passwd and/or a directory in /home/$username)

      This is especially problematic since we user the useradd suite of commands to actually manage the settings, which of course affect local users/groups only.

      Puppet uses luseradd/etc in an LDAP environment, but should switch to useradd/etc when "forcelocal" is true.

      Puppet's user type should have some way of examining/modifying only local users and groups when the forcelocal option is true.

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  redmine.exporter redmine.exporter
                • Votes:
                  8 Vote for this issue
                  Watchers:
                  17 Start watching this issue

                  Dates

                  • Created:
                    Updated: