Re: User management

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: User management

From:	Jamie Wilkinson
Subject:	Re: User management
Date:	Wed, 28 Sep 2005 09:55:14 +1000
User-agent:	Mutt/1.5.6+20040907i

This one time, at band camp, Matthew Palmer wrote:
>This *feels* like a dirty hack to me; there has to be a more cfengine way,
>but I'm not sure which method would be nicest.  Any suggestions?  Google
>(surprisingly) didn't give me much love with queries like "cfengine create
>user" and "cfengine manage users".

For system users:

groups:

   user_X_exists = ( ReturnsZero(/bin/sh -c "/usr/bin/id -u X >& /dev/null")
)

shellcommands:

   !user_X_exists.redhat::

     "/usr/sbin/useradd -r -c X -s /sbin/nologin -d / -M -g nobody X

   !user_X_exists.debian::

     "/usr/sbin/adduser --system --gecos X --shell /bin/false --home /
--no-create-home --disabled-login --disabled-password --group nobody X"

I do it with macros, so I don't have to type all that crap for every system
user I need, and so things like home directory and default group can be
changed easily.

In a perfect world, this idiom would turn into a users: section, but alas
I've not yet had the time to write a patch.

For humans, I use LDAP, and cfengine just takes care of configuring the auth
system.

[Prev in Thread]

Current Thread

[Next in Thread]

User management, Matthew Palmer, 2005/09/27
- Re: User management, Jamie Wilkinson <=
  - Re: User management, Tim Nelson, 2005/09/27
    - Re: User management, Jamie Wilkinson, 2005/09/28
  - Re: User management, Matt Palmer, 2005/09/28
  - Re: User management, Michael Chesterton, 2005/09/28
- RE: User management, Martin, Jason H, 2005/09/27
  - RE: User management, Eric Sorenson, 2005/09/27
  - Re: User management, Matthew Palmer, 2005/09/27

Prev by Date: Directories action - only create if parents exist
Next by Date: RE: User management
Previous by thread: User management
Next by thread: Re: User management
Index(es):
- Date
- Thread