User story #3844open
User creation in user technique without useradd
There's 3 enhancements to the technique.
- Add an optional UID
- Add an optional default GID
- Force local user creation without useradd usage
A bit more details about the last point:
Sometimes a user account could exists on the network LDAP/NIS/etc... but you may need to have this account locally with a different ID for administration sake - LDAP/NIS down or such.
useradd cannot be used in this case as it will detect the network user account and will refuse creation, and technique will anyway detect that the user account exists.
I thus added a "Force local user creation" checkbox which when checked will create user using file editing - /etc/password, /etc/shadow, and homedir creation. No reporting on the homedir creation.
I tried to be the least intrusive as possible to not mess techniques other functions and from my testing, everything is correctly working.
I believe that it still requires thorough testing :)
Please find the pull request below:
The following changes since commit 448504f682d5c70a6d56bd78d3e4425de9338724:
userManagement: Duplicate 2.0 > 3.0 (2013-08-15 07:52:14 +0200)
are available in the git repository at:
for you to fetch changes up to 4101b4792cbb25900ebc241624a76b25d001f901:
userManagement: Fix ifvar detection (2013-08-15 13:46:48 +0200)
userManagement: Add new options for setting user ID in metadata.xml
userManagement: Add options for setting user default group ID in metadata.xml
userManagement: Add option to force local user creation
userManagement: Add user home dir creation for locally forced users
userManagement: Fixing syntax
userManagement: Fix perms to match rudder cfengine_stdlib.cf FnCall
userManagement: Fix ifvar detection
techniques/systemSettings/userManagement/userManagement/3.0/metadata.xml | 39 +++++++++++++++++++++++++++++++++++
techniques/systemSettings/userManagement/userManagement/3.0/userManagement.st | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 136 insertions(+)
Updated by Vincent MEMBRÉ over 7 years ago
- Status changed from New to 13
- Assignee set to Vincent MEMBRÉ
Good job and many many thanks for your work coredumb!
I'll create a pull request from your repository.
Our development process is for a user story is:
- Create an user story issue describing the feature
- Create Implementation tickets, one for each subtask you need (they can be added later)
- Create a branch dedicated to this feature on your repository (basically we name them ust_UST#/implem_Implem#/a_Description_of_the_branch
- Once your job is done, we create a pull request based on this branch that can be reviewed and accepted.
That procedure should be documented in our website, I'll update it soon.
Updated by Dennis Cabooter over 6 years ago
I really get in trouble with different uid/gid for the same user and share the same nfs mount. Today I had to correct uids and gids and permissions manually on 8 nodes, which is really annoying. And I noticed because users came to me to complain they have no access. Is there something I can help with or is there a reason why it's still not implemented?
Updated by François ARMAND about 6 years ago
- Assignee set to Benoît PECCATTE
Some more precision on that one: the "force local user accound creation" is the most important part.
The idea is to be able to force the addition of the user / uid / gid in /etc/passwd and /etc/shadow whatever useradd is telling.
The expected behaviour is to have the user added even if the given uid (or gid) exists. It is totally possible to have two differents users with the same uid, even if there would be several strange things happening - that's ok, it's an advanced feature, user will know how to deal with that. Perhaps it would be nice to have some kind of report for the case where the uid is already present (perhaps even an error, as long as the user is added - or pehaps it's an other check that all uids are different that should be always done).
The gid part just have to be done.
Updated by Alexis MOUSSET almost 2 years ago
- Subject changed from Technique enhancement proposal: userManagement with uid/gid and user creation without useradd to User creation in user technique without useradd
- Assignee deleted (
- Target version changed from 588 to 5.0.13