On Apr 15, 3:34 pm, hyzhang <[email protected]> wrote: > I try to create a user account for example test1 and set the password > for it. Both puppet master and client are CentOS 5.5. > > My code on master: > > class localaccountmgmt { > user { 'test1': > allowdupe => 'true', > ensure => 'present', > gid => '60', > home => '/opt/home/test1', > shell => '/bin/bash', > uid => '120', > managehome => 'true', > password => '$1$E/GiXjje$cd3/noPMwSCtyaD9QFG0s0' > } > > group { 'group1': > ensure => 'present', > gid => '10', > members => 'test1,test2,test3, test4' > } > > } > > The password is a encrypted version of the real password that I copied > from the /etc/shadow for the same user from another machine. > > I restarted puppet daemon from my puppet test client. the test1 user > and its home directory and group group1 are created successfully. But > the password is not working. And the group group1 does not have any > members.
Do read the reference on resource types (http://docs.puppetlabs.com/ references/latest/type.html) when you're having trouble with specific resources in your manifests (if not sooner). If you do so now, you will see that most Group providers do not manage group membership; this is reflective of differences in system-specific auth infrastructure. On most systems, including CentOS, secondary group membership is specified on a per-user basis via User's "groups" property. Do consult the type reference here, especially about the difference between the "gid" and "groups" properties. As for the password, do you have package "ruby-shadow" installed on the client, before starting puppetd? You probably need it to enable Puppet to actually manage passwords. If it's missing then puppetd will emit a warning message at startup (maybe just when --debug output is enabled), but it will still run successfully in most respects. Also, I would be surprised if Puppet's --debug output did not have something illuminating to say specifically about why it was unable to set the particular password. If you need further assistance, then the debug-level log output from the client will probably help us help you. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
