我正在使用 puppet 用户模块,它能够创建用户并将他们添加到正确的组,但是我已将一个用户移动到另一个组并且 puppet 将该用户移动至远程服务器上的该组,但没有从前一个组中删除该用户?
define account ($ensure = present, $password = '!!', $groups = [], $shell = '/bin/bash', $dotfile = false, $key = false) {
$username = $name
# Default user settings
user { "$username":
ensure => $ensure,
gid => $username,
password => $password,
groups => $groups,
comment => ",,,",
home => "/home/$username",
shell => $shell,
allowdupe => false,
managehome => true,
}
# Default group settings
group { "$username":
ensure => $ensure,
allowdupe => false,
}
# Ordering of dependencies, just in case
case $ensure {
present: {
User <| title == "$username" |> {
require => Group["$username"]
}
}
absent: { Group <| title == "$username" |> { require => User["$username"] } }
}
file { "/home/${username}":
ensure => $ensure ? {
present => directory,
absent => absent,
},
owner => $username,
group => $username,
mode => 644,
require => User["${username}"],
}
file { "/home/${username}/.ssh":
ensure => directory,
owner => $username,
group => $username,
mode => 700,
require => File["/home/${username}"],
}
if ($key != false) {
ssh_authorized_key { "${name}_key":
key => $key,
type => "ssh-rsa",
user => $name,
}
}
}
答案1
这是为了防止从系统组中删除用户而设计的。
您可以使用 membership => inclusive 属性来解决这个问题。