[PUP-9562] User resource does not respect forcelocal for the comment parameter Created: 2019/03/14  Updated: 2019/03/14

Status: Open
Project: Puppet
Component/s: Types and Providers
Affects Version/s: PUP 5.5.10
Fix Version/s: None

Type: Bug Priority: Minor
Reporter: Jarret Lavallee Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Puppet 5.5.x with LDAP configured on EL 5.x

Team: Platform Core
Sprint: Platform Core Grooming
Method Found: Customer Feedback


A user resource configured with forcelocal will still try to sync the comment with the external directory services. It does use the `lusermod` to modify the local `/etc/passwd` to the comment specified in the user resource, but it compares the `in_sync` with the external directory services, meaning that it always updates the comment on catalog compilation.

1. Configure an agent with LDAP
2. Ensure nsswitch.conf has LDAP before `files` for `passwd`
3. Add a user to LDAP with a comment. Below is an example user.


4. Apply the following manifest on the agent multiple times and observe that it tries to update the comment every time.

  ensure => present,
  forcelocal => true,
  comment => 'local comment',
  uid => '510',
  gid => '10',

Expected Behavior:
The agent should check the local passwd file for the comment as per https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider/user/useradd.rb#L58-L72

Generated at Tue Aug 20 10:05:25 PDT 2019 using JIRA 7.7.1#77002-sha1:e75ca93d5574d9409c0630b81c894d9065296414.