I'm starting to configure systems using Puppet, and I'm having trouble with setting up my user account.
On our CentOS 5.3 server, the sudoers group is 'wheel', gid 10. On our Ubuntu 9.10 server, the group is 'sudo', gid 27. How do I setup the group account so that both boxes get the right group and my user is added to the right group?
I've tried splitting this config into os_vars.pp, virt_groups.pp, and virt_users.pp.
os_vars.pp:
class os_vars {
case $operatingsystem {
centos: {
$os_admin_group = "wheel"
$os_admin_group_gid = "10"
}
ubuntu: {
$os_admin_group = "sudo"
$os_admin_group_gid = "27"
}
}
notice("in os_vars, admin group is: ${os_admin_group}, ${os_admin_group_gid}")
}
virt_groups.pp:
class virt_groups {
include os_vars
notice("in virt_groups, admin group is: ${os_admin_group}, ${os_admin_group_gid}")
@group { $os_admin_group:
gid => $os_admin_group_gid,
ensure => present,
}
}
virt_users.pp:
class virt_users {
include os_vars
notice("in virt_users, admin group is: ${os_admin_group}, ${os_admin_group_gid}")
@user { 'my_user':
home => '/home/my_user',
uid => '500',
groups => [$os_admin_group],
password => $1BigLongEncrypedStuff
gid => '500',
ensure => 'present',
shell => '/bin/bash'
}
}
In os_vars.pp, the variables are set correctly, but they are empty in virt_users.pp and virt_groups.pp.
The variables need to be scoped and quoted. The correct syntax for virt_groups.pp is:
This solves my immediate problem, but still seems like a clunky way of handling what is probably a common puppet issue.
As in previous answer, the variables must be scoped. Don't bother with group ID:s or virtual
sudo/wheelgroups. If the admin group is already present in the system, you don't have to define it.Using the ? selector instead of
casemakes the code a bit less verbose:If the group does not exist and you have to create it with Puppet, it's best to leave GID out to avoid collisions.
systemparameter gives the group an ID from system area: