Puppet is not updating user passwords
173 views
Skip to first unread message
Mike R
Apr 23, 2014, 5:27:18 PM4/23/14
to puppet...@googlegroups.com
I can't get puppet to update the password for any users that I declare, this is my manifest:
I also tried with the md5() function, and with raw password hash. I am on Ubuntu 12.04, using Puppet 2.7.19, Vagrant 1.5.3.
When I check /etc/shadow, all I see is ! (exclamation points where the password should be)
I posted my question to stackoverflow with more details: http://stackoverflow.com/questions/23253271/not-updating-the-user-password
I also looked over this old post https://groups.google.com/forum/#!topic/puppet-users/gXpt-YjROMw
user {'test1':
ensure => present,
password => sha1('vagrant'),
shell => '/bin/bash',
}I also tried with the md5() function, and with raw password hash. I am on Ubuntu 12.04, using Puppet 2.7.19, Vagrant 1.5.3.
When I check /etc/shadow, all I see is ! (exclamation points where the password should be)
test4:!:16183:0:99999:7:::
test3:!:16183:0:99999:7:::
test1:!:16183:0:99999:7:::
test2:!:16183:0:99999:7:::I posted my question to stackoverflow with more details: http://stackoverflow.com/questions/23253271/not-updating-the-user-password
I also looked over this old post https://groups.google.com/forum/#!topic/puppet-users/gXpt-YjROMw
Brian Mathis
Apr 23, 2014, 6:30:07 PM4/23/14
to puppet...@googlegroups.com
The issue you have is that Puppet is not updating the /etc/shadow file, but even once it's doing that correctly, Method 1 still will not work. The sha1() and md5() functions do not produce passwd/shadow compatible values because that is not what they are for. Generating encrypted passwords is more complex than a simple hash of the password.
Method 2 should work, but since it's not, you have something else going on. Have you tried to apply the manifest using debug and/or verbose mode?
I will guess that you're missing the ruby-shadow package, which Puppet needs to manage those files. Check your package provider and/or gem to make sure you have it installed.
❧ Brian Mathis
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4c1b1ad3-2d3f-41dd-8709-7bb3f83c7c21%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mike R
Apr 23, 2014, 8:55:25 PM4/23/14
to puppet...@googlegroups.com
Thanks for the help Brian,
I installed libshadow-ruby1.8 however it still failed to update, however this time I ran in debug mode:
I did notice that there was a another package (libshadow-ruby1.8:i386) but I think that is for 32 bit, I am running 64 bit ubuntu.
I installed libshadow-ruby1.8 however it still failed to update, however this time I ran in debug mode:
vagrant@precise64:/tmp$ sudo puppet apply --verbose --debug main.pp
warning: Could not retrieve fact fqdn
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::User::ProviderUser_role_add: file rolemod does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
debug: /User[test5]: Provider useradd does not support features manages_passwords; not managing attribute password
debug: Creating default schedules
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/run]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state/last_run_report.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/last_run_summary.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state/state.yaml]/mode: mode changed '0640' to '0660'
debug: Finishing transaction 70361834010940
debug: Loaded state in 0.00 seconds
debug: Loaded state in 0.00 seconds
info: Applying configuration version '1398300274'
debug: /Schedule[daily]: Skipping device resources because running on a host
debug: /Schedule[monthly]: Skipping device resources because running on a host
debug: /Schedule[hourly]: Skipping device resources because running on a host
debug: /Schedule[never]: Skipping device resources because running on a host
debug: User[test5](provider=useradd): Executing '/usr/sbin/useradd -s /bin/bash test5'
notice: /User[test5]/ensure: created
debug: /User[test5]: The container Class[Main] will propagate my refresh event
debug: /Schedule[weekly]: Skipping device resources because running on a host
debug: /Schedule[puppet]: Skipping device resources because running on a host
debug: Class[Main]: The container Stage[main] will propagate my refresh event
debug: Finishing transaction 70361834425240
debug: Storing state
debug: Stored state in 0.00 seconds
notice: Finished catalog run in 0.05 seconds
debug: Finishing transaction 70361834090100
debug: Received report to process from precise64
debug: Processing report from precise64 with processor Puppet::Reports::Store
warning: Could not retrieve fact fqdn
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::User::ProviderUser_role_add: file rolemod does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
debug: /User[test5]: Provider useradd does not support features manages_passwords; not managing attribute password
debug: Creating default schedules
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/run]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state/last_run_report.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/last_run_summary.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state/state.yaml]/mode: mode changed '0640' to '0660'
debug: Finishing transaction 70361834010940
debug: Loaded state in 0.00 seconds
debug: Loaded state in 0.00 seconds
info: Applying configuration version '1398300274'
debug: /Schedule[daily]: Skipping device resources because running on a host
debug: /Schedule[monthly]: Skipping device resources because running on a host
debug: /Schedule[hourly]: Skipping device resources because running on a host
debug: /Schedule[never]: Skipping device resources because running on a host
debug: User[test5](provider=useradd): Executing '/usr/sbin/useradd -s /bin/bash test5'
notice: /User[test5]/ensure: created
debug: /User[test5]: The container Class[Main] will propagate my refresh event
debug: /Schedule[weekly]: Skipping device resources because running on a host
debug: /Schedule[puppet]: Skipping device resources because running on a host
debug: Class[Main]: The container Stage[main] will propagate my refresh event
debug: Finishing transaction 70361834425240
debug: Storing state
debug: Stored state in 0.00 seconds
notice: Finished catalog run in 0.05 seconds
debug: Finishing transaction 70361834090100
debug: Received report to process from precise64
debug: Processing report from precise64 with processor Puppet::Reports::Store
I did notice that there was a another package (libshadow-ruby1.8:i386) but I think that is for 32 bit, I am running 64 bit ubuntu.
Mike R
Apr 23, 2014, 9:23:58 PM4/23/14
to puppet...@googlegroups.com
I tested on a different machine with a newer version of puppet (v 3.4.3) and it worked fine there :)
/etc/shadow
test4:$6$plwk1mgalbEBBF$ificPYixcMcaotnm8.aayRDa9GDgBp3OgbrFkkU1ZahT/BAf5JvIkR9WjJZNkhIVcsrFkGY/OAs5ZSMvd0Yl3/:16184:0:99999:7:::
/etc/shadow
test4:$6$plwk1mgalbEBBF$ificPYixcMcaotnm8.aayRDa9GDgBp3OgbrFkkU1ZahT/BAf5JvIkR9WjJZNkhIVcsrFkGY/OAs5ZSMvd0Yl3/:16184:0:99999:7:::
Felix Frank
Apr 25, 2014, 10:57:13 AM4/25/14
to puppet...@googlegroups.com
Well, next question then is: What's the output of `ruby --version`?
On 04/24/2014 02:55 AM, Mike R wrote:
> I installed *libshadow-ruby1.8* however it still failed to update,
On 04/24/2014 02:55 AM, Mike R wrote:
> I installed *libshadow-ruby1.8* however it still failed to update,
> however this time I ran in debug mode:
>
> /vagrant@precise64:/tmp$ sudo puppet apply --verbose --debug main.pp
>
> warning: Could not retrieve fact fqdn
> *debug: Failed to load library 'shadow' for feature 'libshadow'*/
Reply all
Reply to author
Forward
0 new messages