Looks like a good exercise, but your approach is reinventing a square wheel.
For one thing, the path you are on, once it is all fleshed out will only
work for in one direction to provision a clean system and only systems that
support that particular command.
To manage the full life cycle of these users with your approach will only
lead to a life of pain and emptiness... (ok, I might be exaggerating a
little)
As Paul alluded, Puppet tries really hard to allow you to specify how things
should 'be' instead of worrying about what to do.
What you are trying to do would probably be easier scripted in bash, ruby,
perl, or your favorite procedural language. If you need to run it on
distributed systems, something like capistrano is great. There are certainly
tasks where something more procedural and task oriented might make more
sense, but user management is probably not one of them.
This is a paradigm that many people struggle with initially, because most
are used to thinking procedurally.
The higher level question is: What are you wanting to do that you can't with
Puppet's user type? and what is your overall goal?
If we know that, the functionality might be added to the core, or you can
learn how to extend the functionality of the providers, or there might be
some 'Puppetish' solutions to what you are trying to accomplish.
That probably doesn't seem to answer your question, but you can thank me
later...
On Sun, Oct 19, 2008 at 1:15 PM, Paul Lathrop <[EMAIL PROTECTED]>wrote:
>
> You are running into a common misconception of people new to Puppet. A
> define is not some sort of function. You don't "run" defines. Puppet
> is a declarative language, you are trying to use it like an imperative
> language, and you will be fighting the tool the whole way.
>
> What features do you want that the predefined types don't support?
> Maybe we can help you to understand the Puppet Way to do what you want
> to do. In this example you included, I don't see you getting any
> features that are unsupported by Puppet users/groups.
>
> --Paul
>
>
> On Sun, Oct 19, 2008 at 12:33 AM, schickb <[EMAIL PROTECTED]> wrote:
> >
> > I am working on defining users and groups manually. I know there are
> > basic predefined types, but they don't support all of the features
> > I'll want, and I am learning in the process. I'm a bit stumped when
> > trying to add a user to multiple groups that are defined in an array.
> > Currently I have code similar to that below, but its wrong since I am
> > not handling the $groups array correctly. How can I run add_to_group
> > once for each group?
> >
> >
> > define make_group($desc = "") {
> > exec { "addgroup --gecos \"$desc\" \"$title\"":
> > unless => "grep $title /etc/group",
> > path => "/usr/bin:/usr/sbin:/bin",
> > }
> > }
> >
> > define add_to_group($group) {
> > exec { "adduser $title $group":
> > unless => "groups $title | grep $group",
> > path => "/usr/bin:/usr/sbin:/bin",
> > }
> > }
> >
> > define make_user($fullname, $groups="") {
> > exec { "adduser-$title":
> > command => "adduser --disabled-password --gecos \"$fullname\"
> > \"$title\"",
> > creates => "/home/$title",
> > path => "/usr/bin:/usr/sbin:/bin",
> > }
> >
> > if $groups {
> > add_to_group { $title:
> > group => $groups,
> > require => [Class["all_groups"], Exec["adduser-$title"]],
> > }
> > }
> > }
> >
> > class all_groups {
> > make_group { "sudoers":
> > desc => "users allowed to sudo",
> > }
> > make_group { "admins":}
> > make_group { "another":}
> > }
> >
> >
> > class all_users {
> > make_user { "example":
> > fullname => "Full Name",
> > groups => ["sudoers", "another"],
> > }
> > }
> > >
> >
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
