circular dependency between user/home and parent directory owned by that user

[David Portabella]

For illustrating purposes,

I need a david user with home directory /haha/david,

and at the same time, the directory /haha also needs to be owned by david.

this code does not work,

because user requires the /haha directory, and the /haha directory requires the david user,

so we have a circular dependency,

and it seems that puppet does not know how to handle this.

user {'david':

  ensure      => present,

  home        => '/haha/david',

  managehome  => true

}

file {'/haha':

  ensure => directory,

  owner  => 'david'

}

how to solve this?

[Arpin Dominique (Nter)]

Hi,

 

Simple :

 

User[‘david’]->File[‘/haha’]

 

Ref: http://docs.puppetlabs.com/learning/ordering.html

 

 

 

Dominique Arpin

Tél. Interne: 140-4156

Tél. 514 285.2929 Poste: 140-4156

De : puppet...@googlegroups.com [mailto:puppet...@googlegroups.com] De la part de David Portabella
Envoyé : 30 janvier, 2014 11:28
À : puppet...@googlegroups.com
Objet : [Puppet Users] circular dependency between user/home and parent directory owned by that user

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/da03b929-db57-4964-acf9-060beec69d2c%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Mise en garde concernant la confidentialité : Le présent message, comprenant tout fichier qui y est joint, est envoyé à l'intention exclusive de son destinataire; il est de nature confidentielle et peut constituer une information protégée par le secret professionnel. Si vous n'êtes pas le destinataire, nous vous avisons que toute impression, copie, distribution ou autre utilisation de ce message est strictement interdite. Si vous avez reçu ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur par retour de courriel et supprimer le courriel. Merci!

Confidentiality Warning: This message, including any attachment, is sent only for the use of the intended recipient; it is confidential and may constitute privileged information. If you are not the intended recipient, you are hereby notified that any printing, copying, distribution or other use of this message is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email, and delete it. Thank you!

[David Portabella]

again,

it is a circular dependency.

what you are saying is to first create user and then file.

but to create the user, we need the file first also.

[Peter Romfeld]

hi, im still new to puppet, but from linux logic cant you just first ensure file is there with (deployment)-group permissions -> create user (with same group) -> change permissions

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/021d8313-7665-44d3-82fd-fe9be08490c9%40googlegroups.com.

[Dan White]

Actually, simpler than that.
Using the stdlib puppet-forge module, I can say

$homedirdir = dirname ( $userhome )

and then

            exec { "mkdir-${username}":
                command => "/bin/mkdir -p ${homedirdir}",
                unless  => "test -d ${homedirdir}",
            }

When the user resource is created, this combination creates the directory with the proper permissions.

            user { $username:
                ensure     => present,
                home       => $userhome,
                require => Exec["mkdir-${username}"],
                ....
            }

“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”  (Bill Waterson: Calvin & Hobbes)

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/C2F62CDF5915D0458F0528664315BAE732344C13%40MTL1EXC01.scqmtl.loto-quebec.com.

[Andrey Kozichev]

Something like managehome => false ?

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/021d8313-7665-44d3-82fd-fe9be08490c9%40googlegroups.com.

[jcbollinger]

On Thursday, January 30, 2014 10:51:20 AM UTC-6, David Portabella wrote:

again,

it is a circular dependency.

what you are saying is to first create user and then file.

but to create the user, we need the file first also.

An explicit relationship between the two resources takes precedence over the autorequire that would otherwise establish a relationship in the opposite direction.  There should no longer be a cycle in the relationship graph.

It may nevertheless be the case that applying the catalog fails because the User provider can't handle the non-existence of the home directory's parent directory.  That would be quite reasonable, and not really an issue with Puppet itself.  It would arise from the behavior of the system tools (e.g. useradd) that Puppet relies upon.  You ought to be able to work around that by setting managehome => false as Andrew suggested, coupled with managing the declared home directory via Puppet.

Nobody has yet asked, however, why you want to configure things this way.  The fact that it's tricky to do with Puppet is a reflection of the fact that it is weird and non-standard in general (and not straightforward to do manually).  If user 'david' is going to own /haha, then why shouldn't that be his home directory instead of a subdirectory of it?


John