Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
PUP 5.5.10
-
Puppet 5.5.x with LDAP configured on EL 5.x
-
Night's Watch
-
5
-
NW - 2019-10-16, NW - 2019-10-30, NW - 2019-11-13
-
Customer Feedback
-
34145
-
1
-
Bug Fix
-
Description
A user resource configured with forcelocal will still try to sync the comment with the external directory services. It does use the `lusermod` to modify the local `/etc/passwd` to the comment specified in the user resource, but it compares the `in_sync` with the external directory services, meaning that it always updates the comment on catalog compilation.
Reproduction:
1. Configure an agent with LDAP
2. Ensure nsswitch.conf has LDAP before `files` for `passwd`
3. Add a user to LDAP with a comment. Below is an example user.
testuser:*:510:10:test:/home/test:/bin/bash
|
4. Apply the following manifest on the agent multiple times and observe that it tries to update the comment every time.
user{'test':
|
ensure => present,
|
forcelocal => true,
|
comment => 'local comment',
|
uid => '510',
|
gid => '10',
|
}
|
Expected Behavior:
The agent should check the local passwd file for the comment as per https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider/user/useradd.rb#L58-L72
Attachments
Issue Links
- relates to
-
-
- Resolved
-