manage /etc/passwd and /etc/group

854 views
Skip to first unread message

stefanero

unread,
Mar 31, 2011, 10:27:48 AM3/31/11
to Puppet Users
Hi again,

I am trying to add the following to my /etc/passwd and /etc/group
files

+:::::
and
+:::

this is for ldap search on the servers.

I am note quite sure on howto do this, I tryed with the following code

augeas{
"groups ldap":
context => "/files/etc/group",
changes => [
"ins group after group[last()]",
"set group[last()] '+'",
"set group[. = '+']/id :",
],
}

well this did not quite work out :)

puppet-agent[8348]: (/Stage[main]/Ldappam/Augeas[groups ldap]) Could
not evaluate: Error sending command 'ins' with params ["group",
"after", "/files/etc/group/group[last()]"]/Error sending command 'ins'
with params ["group", "after", "/files/etc/group/group[last()]"]

also I am missing the onlyif statement, but I could not figure out on
howto do this...

so if anyone has a working example I would be quite happy.
I also tryed with the group / user type reference, but this did not
work either for me.

thnx for the help
stefanero

stefanero

unread,
Apr 1, 2011, 4:20:37 AM4/1/11
to Puppet Users
Hi,

well another try I did was


augeas{
"groups ldap":
context => "/files/etc/group",
changes => [
"ins + after *[last()]",
"set +/password :",
"set +/gid :",
"set +/user :",
],
}

which looked reasonable to me, but well ... did not work :)

cu
stefanero

Adam Heinz

unread,
Apr 1, 2011, 11:25:01 AM4/1/11
to puppet...@googlegroups.com
augtool> ins + after /files/etc/group/*[last()]
augtool> set /files/etc/group/+/password :
augtool> set /files/etc/group/+/gid :
augtool> set /files/etc/group/+/user :
augtool> save
Saving failed
augtool> print /augeas/files/etc/group/error
/augeas/files/etc/group/error = "put_failed"
/augeas/files/etc/group/error/path = "/files/etc/group(root)"
/augeas/files/etc/group/error/lens =
"/usr/share/augeas/lenses/dist/group.aug:43.17-.40"
/augeas/files/etc/group/error/message = "Short iteration"

So, clearly augeas is unhappy.  Lens excerpts:

let word = /[A-Za-z0-9][A-Za-z0-9_.-]*/
let user      = [ label "user" . store word ]
let user_list = Build.opt_list user comma
let params    = [ label "password" . store word    . colon ]
                . [ label "gid"      . store integer . colon ]
                . user_list?
let entry     = Build.key_value_line word colon params

So it looks like gid needs to be an integer and you can't use + as a word.

augtool> ins foo after /files/etc/group/*[last()]
augtool> set /files/etc/group/foo/password bar
augtool> set /files/etc/group/foo/gid 12345
augtool> set /files/etc/group/foo/user[0] baz
augtool> set /files/etc/group/foo/user[0] quux
augtool> print /files/etc/group/foo
Saved 1 file(s)

Hope this helps.

Adam Heinz

unread,
Apr 1, 2011, 11:26:49 AM4/1/11
to puppet...@googlegroups.com
Small copy/paste error:

> augtool> print /files/etc/group/foo
> Saved 1 file(s)

Was actually:

augtool> save
Saved 1 file(s)

stefanero

unread,
Apr 4, 2011, 9:20:27 AM4/4/11
to Puppet Users
Okey,

thank you for this information, so augeas cannot handle this type of
requests.

cu
stefanero

John Warburton

unread,
Apr 4, 2011, 9:02:17 PM4/4/11
to puppet...@googlegroups.com
On 4 April 2011 23:20, stefanero <stef...@gmail.com> wrote:
Okey,

thank you for this information, so augeas cannot handle this type of
requests.

I noted this a few years ago, and so did a simple line append. (http://projects.puppetlabs.com/projects/1/wiki/Simple_Text_Patterns)

You may want to file a feature request with the Augeas people to get it to understand netgroups in the password file

John
Reply all
Reply to author
Forward
0 new messages