Issue #6009 has been updated by Jacob Helwig.
This was merged in commit:3478190ce9b8f28c0e36c8102342471eda2ca446 ---------------------------------------- Bug #6009: directory service group provider behaves erratically if members is a nested list https://projects.puppetlabs.com/issues/6009 Author: Clay Caviness Status: Closed Priority: Normal Assignee: Daniel Pittman Category: OSX Target version: 2.6.5 Affected Puppet version: Keywords: Branch: https://github.com/puppetlabs/puppet/tree/2.6.next The directory service group provider falls apart and behaves erratically if the members attribute is a nested list. It should be a simple fix, just making sure to add a `.flatten` at the right points in the provider. Examples: nestedgroups.pp: $r = ["root"] $a = ["daemon", "crc"] $n = ["nobody"] group { "testgroup": ensure => present, members => [$r, $a, $n] } Applied via: `$ sudo /usr/bin/puppet --debug --trace --evaltrace ~/nestedmembership.pp`: [...] debug: Puppet::Type::Group::ProviderDirectoryservice: Executing '/usr/bin/dscl -plist . -list /Groups' debug: //Group[testgroup]: Changing ensure debug: //Group[testgroup]: 1 change(s) debug: Puppet::Type::Group::ProviderDirectoryservice: Executing '/usr/bin/dscl -plist . -list /Groups' debug: Group[testgroup](provider=directoryservice): Executing '/usr/bin/dscl -plist . -create /Groups/testgroup GeneratedUID CDB826EE-7DE6-4D2E-A43A-BC237EE84A4A' debug: Group[testgroup](provider=directoryservice): Executing 'dseditgroup -o edit -n . -a root testgroup' debug: Group[testgroup](provider=directoryservice): Executing 'dseditgroup -o edit -n . -a daemon crc testgroup' /Library/Ruby/Site/1.8/puppet/util/errors.rb:51:in `fail' /Library/Ruby/Site/1.8/puppet/provider/nameservice/directoryservice.rb:470:in `add_members' /Library/Ruby/Site/1.8/puppet/provider/nameservice/directoryservice.rb:464:in `each' /Library/Ruby/Site/1.8/puppet/provider/nameservice/directoryservice.rb:464:in `add_members' /Library/Ruby/Site/1.8/puppet/provider/nameservice/directoryservice.rb:427:in `create' /Library/Ruby/Site/1.8/puppet/provider/nameservice/directoryservice.rb:423:in `each' /Library/Ruby/Site/1.8/puppet/provider/nameservice/directoryservice.rb:423:in `create' /Library/Ruby/Site/1.8/puppet/type/group.rb:22:in `set_present' /Library/Ruby/Site/1.8/puppet/property.rb:109:in `send' /Library/Ruby/Site/1.8/puppet/property.rb:109:in `call_valuemethod' /Library/Ruby/Site/1.8/puppet/property.rb:298:in `set' /Library/Ruby/Site/1.8/puppet/property.rb:363:in `sync' /Library/Ruby/Site/1.8/puppet/transaction/change.rb:54:in `go' /Library/Ruby/Site/1.8/puppet/transaction/change.rb:72:in `forward' /Library/Ruby/Site/1.8/puppet/transaction.rb:120:in `apply_changes' /Library/Ruby/Site/1.8/puppet/transaction.rb:113:in `collect' /Library/Ruby/Site/1.8/puppet/transaction.rb:113:in `apply_changes' /Library/Ruby/Site/1.8/puppet/transaction.rb:85:in `apply' /Library/Ruby/Site/1.8/puppet/transaction.rb:247:in `eval_children_and_apply_resource' /Library/Ruby/Site/1.8/puppet/util.rb:418:in `thinmark' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /Library/Ruby/Site/1.8/puppet/util.rb:417:in `thinmark' /Library/Ruby/Site/1.8/puppet/transaction.rb:246:in `eval_children_and_apply_resource' /Library/Ruby/Site/1.8/puppet/transaction.rb:199:in `eval_resource' /Library/Ruby/Site/1.8/puppet/transaction.rb:292:in `evaluate' /Library/Ruby/Site/1.8/puppet/util.rb:418:in `thinmark' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /Library/Ruby/Site/1.8/puppet/util.rb:417:in `thinmark' /Library/Ruby/Site/1.8/puppet/transaction.rb:291:in `evaluate' /Library/Ruby/Site/1.8/puppet/transaction.rb:285:in `collect' /Library/Ruby/Site/1.8/puppet/transaction.rb:285:in `evaluate' /Library/Ruby/Site/1.8/puppet/resource/catalog.rb:142:in `apply' /Library/Ruby/Site/1.8/puppet/application/puppet.rb:132:in `main' /Library/Ruby/Site/1.8/puppet/application.rb:226:in `send' /Library/Ruby/Site/1.8/puppet/application.rb:226:in `run_command' /Library/Ruby/Site/1.8/puppet/application.rb:217:in `run' /Library/Ruby/Site/1.8/puppet/application.rb:306:in `exit_on_fail' /Library/Ruby/Site/1.8/puppet/application.rb:217:in `run' /usr/bin/puppet:71 err: //Group[testgroup]/ensure: change from absent to present failed: Could not add daemoncrc to group: testgroup, Execution of 'dseditgroup -o edit -n . -a daemon crc testgroup' returned 64: Group not found. debug: Finishing transaction 2190913080 with 1 changes This is happening because `dseditgroup -o edit -n . -a daemon crc testgroup` is trying to add user daemon to group crc, which doesn't exist, and testgroup is an ignored extra argument. nestedgroups.pp: $r = ["root"] $a = ["crc", "daemon"] $n = ["nobody"] group { "testgroup": ensure => present, members => [$r, $a, $n] } Applied via: `$ sudo /usr/bin/puppet --debug --trace --evaltrace ~/nestedmembership.pp`: [...] debug: Puppet::Type::Group::ProviderDirectoryservice: Executing '/usr/bin/dscl -plist . -list /Groups' debug: //Group[testgroup]: Changing ensure debug: //Group[testgroup]: 1 change(s) debug: Puppet::Type::Group::ProviderDirectoryservice: Executing '/usr/bin/dscl -plist . -list /Groups' debug: Group[testgroup](provider=directoryservice): Executing '/usr/bin/dscl -plist . -create /Groups/testgroup GeneratedUID C37B337F-B5B8-482C-AE4F-3F44B6F06882' debug: Group[testgroup](provider=directoryservice): Executing 'dseditgroup -o edit -n . -a root testgroup' debug: Group[testgroup](provider=directoryservice): Executing 'dseditgroup -o edit -n . -a crc daemon testgroup' debug: Group[testgroup](provider=directoryservice): Executing 'dseditgroup -o edit -n . -a nobody testgroup' notice: //Group[testgroup]/ensure: created debug: Time for triggering 1 events to edges: 4.60147857666016e-05 debug: Finishing transaction 2190918000 with 1 changes This creates `testgroup` with: $ dscl . -read /Groups/testgroup GroupMembership GroupMembership: root nobody .. So no daemon or crc, but that's because the line Executing 'dseditgroup -o edit -n . -a crc daemon testgroup' means that it's adding user crc to **group daemon**, and testgroup is just an extraneous argument. $ dscl . -read /Groups/daemon GroupMembership GroupMembership: root crc -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
