puppet 用户模块未更新服务器上的 /etc/group

puppet 用户模块未更新服务器上的 /etc/group

我正在使用 puppet 用户模块,它能够创建用户并将他们添加到正确的组,但是我已将一个用户移动到另一个组并且 puppet 将该用户移动至远程服务器上的该组,但没有从前一个组中删除该用户?

define account ($ensure = present, $password = '!!', $groups = [], $shell = '/bin/bash', $dotfile = false, $key = false) {
    $username = $name
    # Default user settings
    user { "$username":
        ensure     => $ensure,
        gid        => $username,
        password   => $password,
        groups     => $groups,
        comment    => ",,,",
        home       => "/home/$username",
        shell      => $shell,
        allowdupe  => false,
        managehome => true,
    }

    # Default group settings
    group { "$username":
        ensure    => $ensure,
        allowdupe => false,
    }

    # Ordering of dependencies, just in case
    case $ensure {
        present: {
                User <| title == "$username" |> {
                           require =>  Group["$username"]
                }
        }
        absent: { Group <| title == "$username" |> { require => User["$username"] } }
    }

    file { "/home/${username}":
        ensure  => $ensure ? {
                present => directory,
                absent  => absent,
                },
        owner   => $username,
        group   => $username,
        mode    => 644,
        require   => User["${username}"],
   }

   file { "/home/${username}/.ssh":
        ensure  => directory,
        owner   => $username,
        group   => $username,
        mode    => 700,
        require => File["/home/${username}"],
   }

   if ($key != false) {
     ssh_authorized_key { "${name}_key":
       key => $key,
       type => "ssh-rsa",
       user => $name,
     }
   }
}

答案1

这是为了防止从系统组中删除用户而设计的。

您可以使用 membership => inclusive 属性来解决这个问题。

更多信息:http://projects.puppetlabs.com/issues/7241

相关内容