Technique User management: cannot create an user if a group using the same name laready exists
If a group with the same name as the user already exists, then the creation of the user will fail.
How to reproduce (tested on Centos 5):¶
- Define a user/group name (example: zabbix)
- On the test node, have the group already present
- On the test node, have the user absent
- On the rudder serrver, create a directive based on the User management 2.0 technique, for user with same name as the group
- On the test node, see the directive fail:
!! Finished command related to promiser "/usr/sbin/useradd" -- an error occurred (returned 9) Q: "...in/useradd -m -": useradd: group zabbix exists - if you want to add this user to that group, use -g.
Why it is unexpected behaviour¶
There is no way to create a user if the group with same name exists.
The user creation directive doesn't show any information about a group name.
As a consequence, the behaviour of the directive should not be bound to any group name.
What should be correct behaviour¶
I see two solutions:
Make the technique capable to create the user if the group already exists.¶
- /usr/sbin/useradd need to add the user to a primary group.
- Standard behaviour is to create a group with same name as the user. -> respect this behaviour.
- If the group already exists, then use the
-goption to force the group.
Make binding with primary group visible and configurable in the policy template.¶
- Add an optional field with "Primary group name (if different as the user name)"
Updated by Nicolas CHARLES almost 6 years ago
- if group not there, fail, don't create group and complain loudly. Group management will handle that
- offer possibility to create group, with groupid, if group not there (don't force)
Updated by Vincent MEMBRÉ almost 6 years ago
- Status changed from Pending release to Released