Project

General

Profile

Actions

Bug #4270

closed

Technique User management: cannot create an user if a group using the same name laready exists

Added by Fabrice FLORE-THÉBAULT over 10 years ago. Updated about 9 years ago.

Status:
Released
Priority:
3
Assignee:
Matthieu CERDA
Category:
Techniques
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

If a group with the same name as the user already exists, then the creation of the user will fail.

How to reproduce (tested on Centos 5):

  1. Define a user/group name (example: zabbix)
  2. On the test node, have the group already present
  3. On the test node, have the user absent
  4. On the rudder serrver, create a directive based on the User management 2.0 technique, for user with same name as the group
  5. On the test node, see the directive fail:
!! Finished command related to promiser "/usr/sbin/useradd" -- an error occurred (returned 9)
Q: "...in/useradd -m -": useradd: group zabbix exists - if you want to add this user to that group, use -g.

Why it is unexpected behaviour

There is no way to create a user if the group with same name exists.
The user creation directive doesn't show any information about a group name.
As a consequence, the behaviour of the directive should not be bound to any group name.

What should be correct behaviour

I see two solutions:

Make the technique capable to create the user if the group already exists.

  1. /usr/sbin/useradd need to add the user to a primary group.
  2. Standard behaviour is to create a group with same name as the user. -> respect this behaviour.
  3. If the group already exists, then use the -g option to force the group.

Make binding with primary group visible and configurable in the policy template.

  1. Add an optional field with "Primary group name (if different as the user name)"

Subtasks 1 (0 open1 closed)

Bug #5000: No report for password section if group definition error occurs in userManagement 3.0 TechniqueReleasedNicolas CHARLES2014-06-11Actions

Related issues 3 (0 open3 closed)

Related to Rudder - Bug #2584: Technique "User Management": Does not work if group already existRejectedBenoît PECCATTEActions
Related to Rudder - Bug #5149: In User Management Technique v3.0, if the group is not defined, the user is not created because it tries to insert it in group ""ReleasedNicolas CHARLES2014-06-26Actions
Related to Rudder - Bug #8599: UserManagement 6.0 fails to add user if the user's default group already existsReleasedAlexis Mousset2016-06-23Actions
Actions

Also available in: Atom PDF