Managing users using puppet

36 views
Skip to first unread message

huhm4n

unread,
Jul 23, 2014, 6:09:39 PM7/23/14
to puppet...@googlegroups.com
How do i make puppet notify me when new users are created? Thanks in advance

Dan White

unread,
Jul 23, 2014, 7:08:07 PM7/23/14
to puppet...@googlegroups.com
Use puppet to create new users. 

On Jul 23, 2014, at 6:09 PM, huhm4n <oj.m...@gmail.com> wrote:

How do i make puppet notify me when new users are created? Thanks in advance

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4567f4ad-946c-4e8f-8c4e-71e04825dcb9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

huhm4n

unread,
Jul 23, 2014, 7:42:55 PM7/23/14
to puppet...@googlegroups.com
I just want to audit the server, like if someone created the user manually, then i'd know. How do i do that?

Xav Paice

unread,
Jul 23, 2014, 8:02:48 PM7/23/14
to puppet...@googlegroups.com
On 24/07/14 11:42, huhm4n wrote:
I just want to audit the server, like if someone created the user manually, then i'd know. How do i do that?

Sounds like you're after something more like aide or Tripwire rather than a config management system.

Each user is a resource, you could regularly run 'puppet resource user' and pipe that to a file, then diff the results.  If you're doing that you probably want to use a proper intrusion detection system because whatever is driving your need to check user accounts would also require a much more thorough check of the system.

Of course, if you wanted to enforce a particular list of users is present, and a particular user(s) is absent, you can do that with Puppet. 




On Wednesday, July 23, 2014 4:08:07 PM UTC-7, Ygor wrote:
Use puppet to create new users. 

On Jul 23, 2014, at 6:09 PM, huhm4n <oj.m...@gmail.com> wrote:

How do i make puppet notify me when new users are created? Thanks in advance
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4567f4ad-946c-4e8f-8c4e-71e04825dcb9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.

Dan White

unread,
Jul 23, 2014, 8:24:34 PM7/23/14
to puppet...@googlegroups.com
Well answered.   Thanks. 

Garrett Honeycutt

unread,
Jul 23, 2014, 9:16:05 PM7/23/14
to puppet...@googlegroups.com
On 7/23/14, 4:42 PM, huhm4n wrote:
> I just want to audit the server, like if someone created the user
> manually, then i'd know. How do i do that?
>
> On Wednesday, July 23, 2014 4:08:07 PM UTC-7, Ygor wrote:
>
> Use puppet to create new users.
>
> On Jul 23, 2014, at 6:09 PM, huhm4n <oj.m...@gmail.com
> <javascript:>> wrote:
>
>> How do i make puppet notify me when new users are created? Thanks
>> in advance
>>

Hi huhm4n,

You could ensure all the users exist by individually modelling them and
then use the resources resource to remove entries that are not managed.
This could be ran in --noop which would inform you that any users not
managed by Puppet would be removed.

user { 'alice': }
user { 'bob': }
...
user { 'root': }

resources { 'user':
purge => true,
}

http://docs.puppetlabs.com/references/stable/type.html#resources

Best regards,
-g


--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +1.206.414.8658
Reply all
Reply to author
Forward
0 new messages