Project

General

Profile

Actions
Copy link

Bug #8599

closed

UserManagement 6.0 fails to add user if the user's default group already exists

Added by Florian Heigl over 8 years ago. Updated over 8 years ago.

Status:
Released
Priority:
3
Assignee:
Alexis Mousset
Category:
Techniques
Target version:
2.11.23
Pull Request:
https://github.com/Normation/rudder-t...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Trying to add an admin user failed on Debian 8.
I called the user "adm", didn't specify a group.
It'd autocreate the user's group, but that one exists in the OS as a default group.

00##39ea9877-30b2-4aa7-b125-cd4885bfe145#The sudoers file did not require any modification
R: @sudoParameters@result_success@32377fd7-02fd-43d0-aab7-28460a91347b@03ebfa0f-2262-45ac-937c-011f30199e2d@10@Permissions@adm@2016-06-23 20:18:58+00:00##39ea9877-30b2-4aa7-b125-cd4885bfe145@#The user adm is already present
rudder info: Executing 'no timeout' ... '/usr/sbin/useradd m -c "adm user" -s /bin/bash adm'
error: Finished command related to promiser '/usr/sbin/useradd' - an error occurred, returned 9
notice: Q: "...in/useradd -m": useradd: group adm exists - if you want to add this user to that group, use -g.
rudder info: Last 1 quoted lines were generated by promiser '/usr/sbin/useradd -m -c "adm user" -s /bin/bash adm'
rudder info: Completed execution of '/usr/sbin/useradd -m -c "adm user" -s /bin/bash adm'
R: @userGroupManagement@result_error@32377fd7-02fd-43d0-aab7-28460a91347b@0c146e04-683a-457c-a55e-ce8b13757f91@10@Users@adm@2016-06-23 20:18:58+00:00##39ea9877-30b2-4aa7-b125-cd4885bfe145@#The user adm ( adm user ) could not be added to the system
R: @userGroupManagement@result_success@32377fd7-02fd-43d0-aab7-28460a91347b@0c146e04-683a-457c-a55e-ce8b13757f91@10@Password@adm@2016-06-23 20:18:58+00:00##39ea9877-30b2-4aa7-b125-cd4885bfe145@#The user adm ( adm user ) password change is not required
error: Method 'check_usergroup_user_parameters' failed in some repairs
R: @sshKeyDistribution@result_success@07434a81-71bc-4627-8a0f-68bf51af8aec@0555c3b6-eb5b-4086-9b07-f3efe162d7a8@0@SSH key@referent access key root@2016-06-23 20:18:58+00:00##39ea9877-30b2-4aa7-b125-cd4885bfe145@#SSH key "referent access key root" for user root was correct
R: @sshKeyDistribution@result_error@07434a81-71bc-4627-8a0f-68bf51af8aec@0555c3b6-eb5b-4086-9b07-f3efe162d7a8@0@SSH key@referent access key adm@2016-06-23 20:18:58+00:00##39ea9877-30b2-4aa7-b125-cd4885bfe145@#The user adm does NOT exist on this machine, not adding SSH key
R: @Common@log_info@hasPolicyServer-root@common-root@5@common@EndRun@2016-06-23 20:18:58+00:00##39ea9877-30b2-4aa7-b125-cd4885bfe145@#End execution with config [-2093806050]@

Reason...
root@tn2-omd:~# /usr/sbin/useradd -m -c "adm user" -s /bin/bash adm
useradd: group adm exists - if you want to add this user to that group, use -g.

This technique is not "idempotent" if the user's private group exists.

I see some options:
  • Useful message in case of return 9
  • Open Debian bug (makes no sense since non-automated caller of the command would see the message and just throw in -g)
  • make it use -g if needed
  • add info to the online help (it says optional so I'd assume it should be optional, right?)
  • tell me to just not do that
  • switch to any non-Linux OS

Whatever case, please kindly ;-) add a test case for group collisions.

Related issues 3 (0 open3 closed)

Related to Rudder - Bug #2584: Technique "User Management": Does not work if group already existRejectedBenoît PECCATTEActions
Related to Rudder - Bug #4270: Technique User management: cannot create an user if a group using the same name laready existsReleasedMatthieu CERDA2014-06-11Actions
Related to Rudder - Bug #8585: Reporting for usermanagement in case of Policy to apply to this account "check only" is missing the Password component reportReleasedAlexis Mousset2016-06-21Actions
Actions
Copy link

Also available in: Atom PDF