Bug #4270
closedTechnique User management: cannot create an user if a group using the same name laready exists
Description
If a group with the same name as the user already exists, then the creation of the user will fail.
How to reproduce (tested on Centos 5):¶
- Define a user/group name (example: zabbix)
- On the test node, have the group already present
- On the test node, have the user absent
- On the rudder serrver, create a directive based on the User management 2.0 technique, for user with same name as the group
- On the test node, see the directive fail:
!! Finished command related to promiser "/usr/sbin/useradd" -- an error occurred (returned 9) Q: "...in/useradd -m -": useradd: group zabbix exists - if you want to add this user to that group, use -g.
Why it is unexpected behaviour¶
There is no way to create a user if the group with same name exists.
The user creation directive doesn't show any information about a group name.
As a consequence, the behaviour of the directive should not be bound to any group name.
What should be correct behaviour¶
I see two solutions:
Make the technique capable to create the user if the group already exists.¶
- /usr/sbin/useradd need to add the user to a primary group.
- Standard behaviour is to create a group with same name as the user. -> respect this behaviour.
- If the group already exists, then use the
-g
option to force the group.
Make binding with primary group visible and configurable in the policy template.¶
- Add an optional field with "Primary group name (if different as the user name)"
Updated by Fabrice FLORE-THÉBAULT about 11 years ago
I guess it can be really annoying if you have both a User and a Group directives, and the Group policy gets applied first.
Updated by Matthieu CERDA about 11 years ago
- Category set to Techniques
- Status changed from New to In progress
- Assignee set to Matthieu CERDA
- Priority changed from N/A to 2
- Target version set to 2.4.13
Wow, such bug report, very complete.
Taking care of this!
Updated by Matthieu CERDA about 11 years ago
- Target version changed from 2.4.13 to 2.6.10
Retargetting.
Updated by Matthieu CERDA about 11 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Matthieu CERDA to Jonathan CLARKE
- % Done changed from 0 to 100
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/259
PR available
Updated by Jonathan CLARKE almost 11 years ago
- Status changed from Pending technical review to Discussion
- Assignee changed from Jonathan CLARKE to Matthieu CERDA
Updated by Vincent MEMBRÉ almost 11 years ago
- Target version changed from 2.6.10 to 2.6.11
Updated by Vincent MEMBRÉ almost 11 years ago
- Target version changed from 2.6.11 to 2.6.12
Updated by Vincent MEMBRÉ almost 11 years ago
- Target version changed from 2.6.12 to 2.6.13
Updated by Vincent MEMBRÉ over 10 years ago
- Target version changed from 2.6.13 to 2.6.14
Updated by Nicolas CHARLES over 10 years ago
Two possiblities:
- if group not there, fail, don't create group and complain loudly. Group management will handle that
- offer possibility to create group, with groupid, if group not there (don't force)
Updated by Matthieu CERDA over 10 years ago
- Status changed from Discussion to Pending release
Applied in changeset commit:8572e048dfdc711a352890194b954875735b5123.
Updated by Nicolas CHARLES over 10 years ago
Applied in changeset commit:daa7455a4a3bb64e387239a8222ab1b74fbec2b2.
Updated by Vincent MEMBRÉ over 10 years ago
- Subject changed from User management 2.0 directive fail to create a user on centos if group with same name already exists. to Technique User management: cannot create an user if a group using the same name laready exists
Updated by Vincent MEMBRÉ over 10 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder versions that were released today.
- 2.6.14 (announcement , changelog)
- 2.9.6 (announcement , changelog)
- 2.10.2 (announcement , changelog)
- Download information: https://www.rudder-project.org/site/get-rudder/downloads/
Updated by Benoît PECCATTE almost 10 years ago
- Project changed from 24 to Rudder
- Category changed from Techniques to Techniques
Updated by François ARMAND over 8 years ago
- Related to Bug #8599: UserManagement 6.0 fails to add user if the user's default group already exists added