Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-1913

Puppet user resource should respect the forcelocal option

    Details

    • CS Priority:
      Reviewed
    • Zendesk Ticket IDs:
      35745
    • Zendesk Ticket Count:
      1

      Description

      Currently, the puppet user type uses `getent` to get information about user resources.

      The problem with this is that `getent` will also report information from LDAP and other remote user management services that are configured in nsswitch.conf, and will report that a user exists even when it does not exist locally (as an entry in /etc/passwd and/or a directory in /home/$username)

      This is especially problematic since we user the useradd suite of commands to actually manage the settings, which of course affect local users/groups only.

      Puppet uses luseradd/etc in an LDAP environment, but should switch to useradd/etc when "forcelocal" is true.

      Puppet's user type should have some way of examining/modifying only local users and groups when the forcelocal option is true.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                redmine.exporter redmine.exporter
              • Votes:
                8 Vote for this issue
                Watchers:
                17 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Zendesk Support