I solve this problem. Thank you.
By one pass the next task solved:
1) creating-change groups
2) creating-change users
3) remove users
4) remove groups
Groups and Users list are virtual in class.
The construction must be next:
if $fqdn =~ /ru-msk-tes-front.russia.test/ {
Group <| title == 'prot' or title == 'sysadmins' |>
-> User <| title == 'prot' |>{ groups => ['prot', 'sysadmins'],
before => Group['admins', 'developers', 'brauser', 'noname', 'pepers',
'redeyes', 'test_group1', 'test_group2', 'admin', 'vakov', 'omenko',
'harev', 'sky'] }
-> User <| title == 'admin' or title == 'vakov' or title == 'omenko'
or title == 'harev' or title == 'sky' |>{ ensure => 'absent', managehome =>
'false', } -> Group <| title == 'admins' or title == 'developers' or
title == 'brauser' or title == 'noname' or title == 'pepers' or title ==
'redeyes' or title == 'test_group1' or title == 'test_group2' or title ==
'admin' or title == 'vakov' or title == 'omenko' or title == 'harev' or
title == 'sky' |>{ ensure => 'absent' }
}
пятница, 15 февраля 2013 г., 19:34:39 UTC+4 пользователь jcbollinger
написал:
>
>
>
> On Friday, February 15, 2013 12:35:59 AM UTC-6, Vlados Vlados wrote:
>>
>> Please help.
>> I using virtual resource @user and @group.
>>
>> If i using next construction i get error with cycles
>> class users {
>> Group <| ENABLED_GROUPS |> -> User <| ENABLED_USERS' |> -> User
>> <| DISABLED_USERS' |> -> Group <| DISABLED_GROUPS |>
>> }
>>
>> This construction good, but puppet don't want change gid before delete
>> vacant group.
>> class users {
>> Group <| ENABLED_GROUPS |> -> User <| ENABLED_USERS' |>
>> User <| DISABLED_USERS' |> -> Group <| DISABLED_GROUPS |>
>> }
>>
>>
>> I think, firstly, gid must apply to user. Then delete vacant group.
>>
>> I got error
>> Notice: /Stage[main]/Users::Groups_list/Group[shvakov]/ensure: created
>> Notice: /Stage[main]/Users::Groups_list/Group[developers]/ensure: removed
>>
>> Error: Could not delete group admins: Execution of '/usr/sbin/groupdel
>> admins' returned 8: groupdel: cannot remove the primary group of user
>> 'shvakov'
>> Error: /Stage[main]/Users::Groups_list/Group[admins]/ensure: change from
>> present to absent failed: Could not delete group admins: Execution of
>> '/usr/sbin/groupdel admins' returned 8: groupdel: cannot remove the primary
>> group of user 'shvakov'
>>
>> Notice: /Stage[main]/Users::Users_list/User[shvakov]/gid: gid changed
>> '1888800000' to '10110'
>> Notice: Finished catalog run in 3.32 seconds
>>
>> How change gid before delete group?
>>
>>
>
> Something along the lines of your first approach should work, though I'm
> not sure you need to separate the Users into enabled and disabled
> collections. The key is to get the ordering relationships set up
> correctly, so the thing to look at is the dependency cycle(s) that Puppet
> reported. You didn't show that, so I can't give you specific advice, but
> there are several possible problems there, including:
>
> 1. the selection predicates in your collections might not be correctly
> partitioning the groups and / or users into disjoint sets;
> 2. you may elsewhere be declaring relationships among the users and
> groups that close a cycle when combined with the ones here;
> 3. the chain operators, or their combination with collections, may be
> failing to correctly overrule the automatic relationship Puppet generates
> between managed users and their managed primary group (i.e. there may be a
> bug here).
>
> These resources may be helpful:
>
> - http://docs.puppetlabs.com/learning/ordering.html
> -
> http://docs.puppetlabs.com/puppet/3/reference/lang_relationships.html(note
> especially the comments about what collectors do and don't collect)
>
>
> Good luck,
>
> John
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
