Issue #8081 has been updated by eric sorenson. Status changed from Needs Decision to Needs More Information Assignee changed from eric sorenson to Andreas Kuntzagk
I don't think this requires code changes in Puppet. I've certainly used puppet to configure user-owned home directories and dot-files when the users were not in /etc/passwd, though I used ldap rather than NIS. The thing I found though, was that changing nsswitch.conf and restarting nscd introduced a race in puppet, where the init.d restarts would return back to puppet before the service was actually working, causing exactly this error. If this is still an issue for you, can you see if something like this is going on with NIS by adding a `restart => /usr/local/bin/myrestartscript` attribute on the Service[nis] resource which calls out to the real restart script and does a little sleep/retry loop on `id nagios` ? ---------------------------------------- Feature #8081: Need user provider to work with NIS https://projects.puppetlabs.com/issues/8081#change-66445 Author: Andreas Kuntzagk Status: Needs More Information Priority: Normal Assignee: Andreas Kuntzagk Category: Target version: Affected Puppet version: 2.6.8 Keywords: Branch: have this resource definition: ssh_authorized_key { "nagios@login2": key => [REDACTED] user => "nagios", type => "ssh-dss", require => Service['nis'], } This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by puppet and configured before the key. I still get an "User does not exist". daemon.log: ... Jun 17 14:00:57 node016 puppet-agent[1109]: (/Stage[main]/All/File[/localhome/nagios/]/ensure) created Jun 17 14:12:53 node016 puppet-agent[1109]: (/Stage[main]//Ssh_authorized_key[root@node002]/ensure) created Jun 17 14:15:14 node016 puppet-agent[1109]: (/Stage[main]//File[/etc/idmapd.conf]/content) content changed '{md5}3e94f238294cc61b047e7ae50115dffc' to '{md5}6d9c69f38eca81ab0f879c2771d5d543' Jun 17 14:15:14 node016 puppet-agent[1109]: (/Stage[main]//Service[idmapd]/ensure) ensure changed 'stopped' to 'running' Jun 17 14:15:14 node016 puppet-agent[1109]: (/Stage[main]//Service[idmapd]) Triggered 'refresh' from 1 events Jun 17 14:15:41 node016 puppet-agent[1109]: (/Stage[main]/All/File[/etc/yp.conf]/ensure) defined content as '{md5}9c23d37f431c0788c212d3c0ab8a48af' Jun 17 14:15:58 node016 puppet-agent[1109]: (/Stage[main]/All/All::Append_if_no_such_line[sudoers_nagios_smartctl]/Exec[/bin/echo 'nagios ALL=(root) NOPASSWD: /usr/sbin/smartctl' >> '/etc/sudoers']/returns) executed su ccessfully Jun 17 14:17:03 node016 puppet-agent[1109]: (/Stage[main]//Package[nis]/ensure) ensure changed 'purged' to 'latest' Jun 17 14:17:39 node016 puppet-agent[1109]: (/Stage[main]/All/File[/etc/nsswitch.conf]/content) content changed '{md5}295c15c4bdac80e50b37689ef08f359c' to '{md5}250a1851aec43bcc5f73e8a01b2141bd' Jun 17 14:17:43 node016 puppet-agent[1109]: (/Stage[main]/All/Service[nis]) Triggered 'refresh' from 4 events Jun 17 14:17:50 node016 puppet-agent[1109]: (/Stage[main]//Ssh_authorized_key[nagios@login2]/ensure) created Jun 17 14:17:50 node016 puppet-agent[1109]: (/Stage[main]//Ssh_authorized_key[nagios@login2]) Could not evaluate: User 'nagios' does not exist Jun 17 14:18:06 node016 puppet-agent[1109]: (/Whit[last]) Dependency Ssh_authorized_key[nagios@login2] has failures: true ... This is the info I got on ML: Its just using the Ruby Etc library to do the lookup according to puppet/util/posix.rb. Which won't match NIS accounts. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
