Problem with duplicate params

[mike]

Hello,

I've create my user from Hiera but now wish configure secondary group (setting groups value) but i've problem when the secondary group not exists in the node and run puppet agent:

  

[..............]

Error 400 on SERVER: Duplicate declaration: Group[test] is already declared in file /etc/puppet/modules/users/manifests/add_user.pp:11; cannot redeclare at /etc/puppet/modules/users/manifests/add_user.pp:11 on node master.example.com

Error: Could not set groups on user[foo]: Execution of '/usr/sbin/usermod -G admin,test foo' returned 6: usermod: group 'test' does not exist

[..............]

My hiera class:

[..............]

classes:

     - users

users:

  foo:

    uid:  9001

    user: 'foo'

    realname: 'Foo'

    shell:  '/bin/bash'

    groups: [admin, test]

[..............]

And my class:

[..............]

define users::add_user (

        $uid    = '',

        $user   = '',

        $realname = '',

        $shell = '',

        $groups = []

){

 

#### I setting this params for create groups

     group {$groups:

        ensure => present,

     }

    user { $user:

            uid    => $uid,

            managehome  => true,

            comment  => $realname,

            shell    => $shell,

            groups => $groups,

    }

[..............]

But when i create the group manually in the node and comment params "group" from my class, i dont have problem.

Comment

[.............]

     #group {$groups:

      #  ensure => present,

     #}

[.............]

[root@master manifests]# groupadd test

[root@master manifests]# puppet agent --test 

Info: Retrieving pluginfacts

Info: Retrieving plugin

Info: Caching catalog for master.example.com

Info: Applying configuration version '1401226860'

Notice: /Stage[main]/Users/Users::Add_user[foo]/User[foo]/groups: groups changed 'admin' to 'admin,test'

Notice: Finished catalog run in 0.42 seconds

My question

¿How validate that secondary group exists or create if necessary?

Thanks.

[José Luis Ledesma]

The problem is that you have more than one user in the same group, so you are declaring the same group more than one time.

The solution could be make use of virtual resources for your groups and realize them when needed, or make use of the "evil" defined function.

Regards,

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/cbf86284-5f9a-4de8-946b-7d179342d23b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Toni Schmidbauer]

At Tue, 27 May 2014 12:07:30 -0700 (PDT),

Mike wrote:
> Error 400 on SERVER: Duplicate declaration: Group[test] is already
> declared in file /etc/puppet/modules/users/manifests/add_user.pp:11;
> cannot redeclare at /etc/puppet/modules/users/manifests/add_user.pp:11
> on node master.example.com

any chance you have defined a second user that uses the same group?

your defined type is not going to work in that case for sure. Remember
you can only declare a resource once in any manifest that gets applied
to particular node.

with your code in users::add_user if you define a second user 'bar'
that uses the same secondary group 'test', you are going to define the
resource group { 'test': } a second time, which will fail with a
duplicate declaration error.

You could check if the group test is already defined:

if !defined(Group['test']) {
group { 'test':}
}

but for this to work you have to move the creation of the secondary group
into a separate defined type (which i would recommend nevertheless):

define users::add_group {
group,

if !defined(Group[$group]) {
group { $group:
ensure => present,
}
}
}

this has the additional advantage that you could extend the defined
type users::add_group with more parameters (ensure, gid, you name it).

hth
toni
--
Don't forget, there is no security | toni at stderr dot at
-- Wulfgar | Toni Schmidbauer

[jcbollinger]

On Wednesday, May 28, 2014 5:20:19 AM UTC-5, Jose Luis Ledesma wrote:

The problem is that you have more than one user in the same group, so you are declaring the same group more than one time.

Yes.

 

The solution could be make use of virtual resources for your groups and realize them when needed

Yes.

Alternatively, create a separate list of required groups in your data, and manage those concretely, in a class.  Have your users::add_user definition 'include' that class, or even 'require' it.

 

, or make use of the "evil" defined function.

Not so easy in this case, even if defined() weren't evil, because there may be multiple secondary groups.  Probably that could be handled with the help of the future parser, but that's still experimental.

John

[Miguel Angel Coa M.]

Hi everyone,

I understand the problem and solved create the new subclass add_group and calling it  from my  add_users with include (include 'users::add_group') 

Thanks.

--
You received this message because you are subscribed to a topic in the Google Groups "Puppet Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/dRs5pGntL6c/unsubscribe.
To unsubscribe from this group and all its topics, send an email to puppet-users...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/2f2976f2-ef14-4b23-a8dc-97f1308847a1%40googlegroups.com.