Monday, January 27, 2014

User Management

Now, that we have seen what directory and file structure should be in puppet management. Lets, discuss about user management - creation of local user on client, which is a daily/frequent task of system admin.

Lets change directory to /etc/puppet/modules and create folder accounts with a sub-folder manifests i.e /etc/puppet/modules/accounts/manifests.

We will be creating two files init.pp and system.pp. Please be careful with directory and file names as they hold the key to run your configuration in an appropriate way.

Create and edit file - /etc/puppet/modules/accounts/manifests/system.pp


define accounts::system ($comment,$password) {
user { $title:
       ensure => 'present',
       shell => '/bin/bash',
       managehome => true,
     }
}


In the above file we have defined type accounts::system, which is done in order to ensure that every user should get home, shell as defined and not the default which is created by useradd utility. We also included variable for comment and password as these variables varies user to user and cannot be constant.

For example : If we try to create user on ubuntu via useradd utility manually, we will end up having /bin/sh as its shell until explicitly defined using -s option. 


Create and edit file - /etc/puppet/modules/accounts/manifests/init.pp


class accounts {
   
   @accounts::system { 'demo':
       comment      => 'demo users',
       password     => '*',
   }
}


Now that the defined type is done, we can use it to actually create the system user resources.We repeat as many times as necessary to create a system accounts::system resource for each user account you want to manage within Puppet.


Once we are done with these configuration, we just then have to realize it in nodes.

Edit file /etc/puppet/manifests/nodes/client2.pp

node 'client2.puppet.com' {
    include accounts
    realize (Accounts::System['demo'])
    }

Apply changes on the master to take effect.

On master server : CentOS


papply 
Notice: Compiled catalog for server.puppet.com in environment production in 0.05 seconds
Notice: Finished catalog run in 0.06 seconds


Let move on to client to fetch changes.

On client server : Ubuntu


pagent 
Info: Retrieving plugin
Info: Caching catalog for client2.puppet.com
Info: Applying configuration version '1390898484'
Notice: /Stage[main]/Accounts/Accounts::System[demo]/User[demo]/ensure: created
Notice: Finished catalog run in 0.67 seconds

No comments:

Post a Comment