Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-1913

Puppet user resource should respect the forcelocal option

    XMLWordPrintable

Details

    • Reviewed
    • 35745
    • 1

    Description

      Currently, the puppet user type uses `getent` to get information about user resources.

      The problem with this is that `getent` will also report information from LDAP and other remote user management services that are configured in nsswitch.conf, and will report that a user exists even when it does not exist locally (as an entry in /etc/passwd and/or a directory in /home/$username)

      This is especially problematic since we user the useradd suite of commands to actually manage the settings, which of course affect local users/groups only.

      Puppet uses luseradd/etc in an LDAP environment, but should switch to useradd/etc when "forcelocal" is true.

      Puppet's user type should have some way of examining/modifying only local users and groups when the forcelocal option is true.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              redmine.exporter redmine.exporter
              Votes:
              8 Vote for this issue
              Watchers:
              18 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support