Bug #5781
closed
User management (5.0 optional homedir seems to work only for first user
Description
I have two rules assigning different users to a certain node.
The one sets up a non-privileged (in theory) account, and the other sets up two admin users.
They have their home directories set to a path outside /home.
An ncf technique will also set up symlinks to there from /home.
The result is that, it works for one of them.
Agent:
rudder-agent-2.11.4.rc1.git201410100407-1.SLES.11
Technique: 5.0
rudder-techniques-2.11.5.rc1.git201411160438-1.SLES.11
@
/home:
total 12
drwxr-xr-x 5 admpaulo users 4096 Nov 17 23:52 admpaulo
lrwxrwxrwx 1 root root 16 Nov 17 23:52 floadm > /data/admins/flo 5 admflo users 4096 Nov 17 23:52 flo
drwxr-xr-x 6 floh users 4096 Sep 16 23:17 floh
lrwxrwxrwx 1 root root 18 Nov 17 23:52 pauloadm -> /data/admins/paulo
drwxr-xr-x 5 vagrant wheel 4096 Aug 8 19:06 vagrant
rudderc2:/var/rudder/cfengine-community/inputs # ls -l /data/admins/
total 4
drwx-----
@
In the above, the directory "admpaulo" should not be there, instead it should be in /data/admins.
I'm pretty sure the "user home dir" setting is lost for this user.
homelinks_adm;;file_create_symlink_/home/floadm;;7b5e11f3-0836-45b4-9c2e-bf9b92a0c2286;;Create symlink (force overwrite);;/home/floadm@11c7cbf3-eb93-4555-b4cf-c3e5f1d6db70@
homelinks_adm;;file_create_symlink_/home/pauloadm;;7b5e11f3-0836-45b4-9c2e-bf9b92a0c2286;;Create symlink (force overwrite);;/home/pauloadm@11c7cbf3-eb93-4555-b4cf-c3e5f1d6db70@
homelinks_adm;;permissions_/data/admins/flo;;7b5e11f3-0836-45b4-9c2e-bf9b92a0c2286;;Permissions dirs;;/data/admins/flo@11c7cbf3-eb93-4555-b4cf-c3e5f1d6db70@
homelinks_adm;;permissions_/data/admins/paulo;;7b5e11f3-0836-45b4-9c2e-bf9b92a0c2286;;Permissions dirs;;/data/admins/paulo
Files
Updated by Florian Heigl over 10 years ago
Hopefully not broken output.
@ rudderc2:/ # ls l /home /data/admins/ 5 admflo users 4096 Nov 17 23:52 flo
/data/admins/:
total 4
drwx-----
/home:
total 12
drwxr-xr-x 5 admpaulo users 4096 Nov 17 23:52 admpaulo
lrwxrwxrwx 1 root root 16 Nov 17 23:52 floadm -> /data/admins/flo
drwxr-xr-x 6 floh users 4096 Sep 16 23:17 floh
lrwxrwxrwx 1 root root 18 Nov 17 23:52 pauloadm -> /data/admins/paulo
drwxr-xr-x 5 vagrant wheel 4096 Aug 8 19:06 vagrant @
Updated by Matthieu CERDA over 10 years ago
- Status changed from New to Discussion
- Assignee set to Florian Heigl
- Priority changed from N/A to 5 (lowest)
Hello florian!
I see here:
homelinks_adm;;file_create_symlink_/home/floadm;;7b5e11f3-0836-45b4-9c2e-bf9b92a0c228@11c7cbf3-eb93-4555-b4cf-c3e5f1d6db70@6;;Create symlink (force overwrite);;/home/floadm homelinks_adm;;file_create_symlink_/home/pauloadm;;7b5e11f3-0836-45b4-9c2e-bf9b92a0c228@11c7cbf3-eb93-4555-b4cf-c3e5f1d6db70@6;;Create symlink (force overwrite);;/home/pauloadm
You create /home/floadm and /home/pauloadm, but the users are:
"usergroup_user_login[1]" string => "admflo";
"usergroup_user_login[2]" string => "admpaulo";
Is that intended?
Also:
"usergroup_user_home_perso[1]" string => "false";
"usergroup_user_home_perso[2]" string => "true";
"usergroup_user_home_perso[3]" string => "true";
"usergroup_user_home[1]" string => "/data/admins/flo";
"usergroup_user_home[2]" string => "/data/admins/paulo";
"usergroup_user_home[3]" string => "";
The definition of user_home_perso is:
<NAME>USERGROUP_USER_HOME_PERSONNALIZE</NAME>
<DESCRIPTION>Use the default home directory</DESCRIPTION>
Which means you specify that you want admflo (1, "false") to use a user-defined home directory (/data/admins/flo), but admpaulo's (2) setting is "true" which means "Use the default user directory".
It looks like you forgot to tick the option to use a personnalized home directory for admpaulo by mistake :)
Can you tell me if this is the problem ?
Thanks in advance.
Updated by Florian Heigl over 10 years ago
Well spotted!
I had been in error with the checkboxes.
Sorry about this, can be closed.
Updated by Matthieu CERDA over 10 years ago
- Status changed from Discussion to Rejected
- % Done changed from 0 to 100
All right, happy I could help you :)
Rejecting this ticket.