[augeas-devel] Achieving idempotent behavior with augeas and Puppet for managing /etc/group
Mol, Xavier (SCC)
xavier.mol at kit.edu
Mon May 6 07:07:51 UTC 2019
Hello Scham.
> Is there any better way to handle this situation?
Better than what? You didn't provide a valid/complete suggestion - your example is a syntactically incorrect Puppet resource. And even
though you haven't mentioned the Puppet version you're working with, I'll assume that it is at least Puppet 3.x with future parser
enabled or newer, otherwise you'd need to perform nasty iteration by means of custom Puppet resources.
You have the choice to either loop over all your users and declare a new Augeas resource for all of them individually[1], or generate
the set of Augeas changes as a single array[2], whichever you prefer.
Ciao,
Xavier.
1) Iterate over array of users and add them all to mytestgroup. I use the defnode Augeas command in order to avoid duplicating users,
but you can find solutions easily with indexing for Augeas, too (see next example).
each($users) |$u| {
augeas { "Add user $u into local group called mytestgroup":
context => '/files/etc/group/mytestgroup',
changes => [
"defnode this user[. = '${u}'] '${u}'",
"set \$this '${u}'",
],
}
2) Generate array with all changes for a single augeas resource.
augeas { 'add remote users into local group called mytestgroup':
context => '/files/etc/group/mytestgroup',
changes => map($users) |$i, $u| {
"set user[${i}] '${u}'", # Danger! Users are duplicated when $users shrinks!
},
}
PS: I trust in you, that you can come up with suitable code for deleting users now. ;-)
-----Original Message-----
From: augeas-devel-bounces at redhat.com <augeas-devel-bounces at redhat.com> On Behalf Of Soham Chakraborty
Sent: Sunday, May 5, 2019 5:48 PM
To: augeas-devel at redhat.com
Subject: [augeas-devel] Achieving idempotent behavior with augeas and Puppet for managing /etc/group
Hi,
I have a requirement where I need to add few users into a particular group. I am using Puppet and this is very much doable with the
following code:
augeas { 'add remote users into local group called mytestgroup':
context => '/files/etc/group/mytestgroup',
changes => [
"set user[1] usera",
"set user[2] userb",
],
}
What I am wondering is that is there any way to better manage this for ongoing maintenance. Such as looping over the users and keeping
the names of the users in an array. Also if some user leaves, I have to remove that user from /etc/group as well. In that scenario, is
that possible to have another array in the same manifest?
Something like this:
augeas { 'add remote users into local group called mytestgroup':
users = ['user1', 'user2', 'user3']
del_users = ['user4', 'user5', 'user6']
context => '/files/etc/group/mytestgroup',
<some code to add users>
<some code to remove users>
I am not sure about that <some code to add/remove users> part. From my googling, I didn't come across too many examples.
Is there any better way to handle this situation?
Thanks,
_______________________________________________
augeas-devel mailing list
augeas-devel at redhat.com
https://www.redhat.com/mailman/listinfo/augeas-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7544 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20190506/1933bf3f/attachment.p7s>
More information about the augeas-devel
mailing list