Problem with home directories and users from NIS

118 views
Skip to first unread message

Matthew Finlayson

unread,
Jul 13, 2010, 12:39:36 PM7/13/10
to puppet...@googlegroups.com
Puppeteers,

My environment has NIS with all my users precreated. I have a module which creates home directories for them along with their authorized key file and a customized bashrc.

class hostinghome {

  createhostinghome {
    someuser: username => "someuser"; # Of course I actually have a lot more users.
  }      
                              
}

define createhostinghome ( $username ) {
    file {
      "/home/$username" :
        ensure => directory,
        mode => 755,
        owner => "$username",
        require => [ Service['ypbind'] ];

      "/home/$username/.ssh" :
        ensure => directory,
        require => [ File["/home/$username"] ],
        mode => 755,
        owner => "$username";

      "/home/$username/.bashrc" :
        ensure => present,
        source => "puppet:///modules/hostinghome/bashrc",
        require => [ File["/home/$username"] ],
        mode => 755,
        owner => "$username";

      "/home/$username/.bash_profile" :
        ensure => present,
        source => "puppet:///modules/hostinghome/bash_profile",
        require => [ File["/home/$username"] ],
        mode => 755,
        owner => "$username";

      "/home/$username/.ssh/authorized_keys" :
        ensure => present,
        source => "puppet:///modules/hostinghome/$username.id_rsa.pub",
        require => [ File["/home/$username/.ssh"] ],
        mode => 755,
        owner => "$username"; 

    }
}

I also have a module for ypbind which the createhostinghome function requires:

class nis::client {
include portmap
package { 
ypbind: ensure => latest;
}

service { 
ypbind: 
enable => true, 
ensure => true,
subscribe => [ File["/etc/sysconfig/network"], File["/etc/yp.conf"], File["/etc/nsswitch.conf"] ],
require => [Package["ypbind"], Service["portmap"]];
}

file { 
"/etc/yp.conf":
mode => 644, owner => root, group => root,
ensure => file,
content => template("nis/yp.conf.erb"),
require => Package["ypbind"];
"/etc/sysconfig/network":
mode => 644, owner => root, group => root,
ensure => file,
content => template("nis/network.erb");

"/etc/nsswitch.conf":
mode => 644, owner => root, group => root,
ensure => file,
content => template("nis/nsswitch.conf.erb");
}
exec { "ypdomainname $my_nis_domain": path => "/usr/bin:/usr/sbin:/bin"; }
}

The createhostinghome function fails on first run every time with the following error:

Jul 12 17:14:16 hostname puppetd[3374]: (//nis::client/File[/etc/sysconfig/network]/content) content changed '{md5}72d98a65b2c24b801e6146823237621b' to 'unknown checksum'c
Jul 12 17:14:17 hostname ypbind: bound to NIS server dns.vmhosted.domainname.com
Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind]/ensure) ensure changed 'stopped' to 'running'e
Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind]) Triggering 'refresh' from 3 dependenciesr
Jul 12 17:14:19 hostname ypbind: bound to NIS server dns.vmhosted.domainname.com
Jul 12 17:14:19 hostname puppetd[3374]: (//hostinghome/Createhostinghome[someuser]/File[/home/someuser]/ensure) change from absent to directory failed: Could not set directory on ensure: Could not find user someuser at /etc/puppet/modules/hostinghome/manifests/init.pp:66c

On the second run the home directories and ownership are set correctly. I've played with various require statements as well as before with no success. Any help or suggestions would be appreciated.

David Schmitt

unread,
Jul 14, 2010, 2:27:00 AM7/14/10
to puppet...@googlegroups.com
Hi Matthew,

I've got no idea what's happening with NIS there, but here are some tips
for improving the rest of your manifest:

On 13.07.2010 18:39, Matthew Finlayson wrote:
> class hostinghome {
>
> createhostinghome {
> someuser: username => "someuser"; # Of course I actually have a lot
> more users.
> }
> }
>
> define createhostinghome ( $username ) {

You get the "title" as $name for free, so you can remove the $username:

define hostinghome() { ... }

hostinghome{ [ "user1", "user2", "user3" ]: }

Defines define resources, so they should be called like objects, not
like actions.


> file {
> "/home/$username" :

When you put a variable in a string, use ${...} to avoid ambiguities
with the surroundings: e.g. "blah_$foo_blah" is equivalent to
"blah_${foo_blah}", which might not be the intended usage.

> ensure => directory,
> mode => 755,
> owner => "$username",

No quotes needed here.

> require => [ Service['ypbind'] ];

You can require the whole Class['nis::client'] here. This reduces your
need to track internal changes across modules.

>
> "/home/$username/.ssh" :
> ensure => directory,
> require => [ File["/home/$username"] ],

The File type automatically requires its parent, so you can drop this
require here.

> mode => 755,
> owner => "$username";
>
> "/home/$username/.bashrc" :
> ensure => present,
> source => "puppet:///modules/hostinghome/bashrc",
> require => [ File["/home/$username"] ],
> mode => 755,
> owner => "$username";
>
> "/home/$username/.bash_profile" :
> ensure => present,
> source => "puppet:///modules/hostinghome/bash_profile",
> require => [ File["/home/$username"] ],
> mode => 755,
> owner => "$username";
>
> "/home/$username/.ssh/authorized_keys" :
> ensure => present,
> source => "puppet:///modules/hostinghome/$username.id_rsa.pub",
> require => [ File["/home/$username/.ssh"] ],
> mode => 755,
> owner => "$username";
>
> }
> }
>

> The createhostinghome function fails on first run every time with the


> following error:
>
> Jul 12 17:14:16 hostname puppetd[3374]:
> (//nis::client/File[/etc/sysconfig/network]/content) content changed
> '{md5}72d98a65b2c24b801e6146823237621b' to 'unknown checksum'c
> Jul 12 17:14:17 hostname ypbind: bound to NIS server

> dns.vmhosted.domainname.com <http://dns.vmhosted.domainname.com>


> Jul 12 17:14:18 hostname puppetd[3374]:
> (//nis::client/Service[ypbind]/ensure) ensure changed 'stopped' to
> 'running'e
> Jul 12 17:14:18 hostname puppetd[3374]: (//nis::client/Service[ypbind])
> Triggering 'refresh' from 3 dependenciesr
> Jul 12 17:14:19 hostname ypbind: bound to NIS server

> dns.vmhosted.domainname.com <http://dns.vmhosted.domainname.com>


> Jul 12 17:14:19 hostname puppetd[3374]:
> (//hostinghome/Createhostinghome[someuser]/File[/home/someuser]/ensure)
> change from absent to directory failed: Could not set directory on
> ensure: Could not find user someuser at
> /etc/puppet/modules/hostinghome/manifests/init.pp:66c
>
> On the second run the home directories and ownership are set correctly.
> I've played with various require statements as well as before with no
> success. Any help or suggestions would be appreciated.

Since it works on the second run, it might be possible, that puppet
pre-loads the users on startup, but I'm not sure. Someone else has any
ideas/experiences?


Best Regards, David

Matthew Finlayson

unread,
Jul 14, 2010, 12:09:36 PM7/14/10
to puppet...@googlegroups.com
David, thanks a ton for the suggestions. Being the only puppeteer at work doesn't offer enough code reviews.



--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.


Reply all
Reply to author
Forward
0 new messages