running user.present only if another user is present

[Steve]

Hello,

I know I can add a user with user.present

steve:

 user.present:

what I would like to do is only add the user if another user is in /etc/passwd. Is there a salt equivalent to if grep joe /etc/passwd?

Thanks,

Steve

[Daniel Wallace]

You could wrap it in jinja and check in salt if the user has any info

{%- if salt['user.info']('otheruser') %}

steve:

  user.present

{%- endif %}

But if you create 'otheruser' in the same state run, it wouldn't create 'steve' because the jinja is all rendered at the beginning.

So 'otheruser' would get created after the jinja check, so you would have to do some other work to have an else statement

to create otheruser and steve at the same time.

--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Daniel Wallace]

Actually, you are probably better off using onlyif.

steve:

  user.present:

    - onlyif: getent passwd 'otheruser'

This will run the onlyif, and only run the steve user.present if the getent returns a 0 exit value, which it won't if the otheruser doesn't exist.

[Steve]

Thanks for the answer

I found check_cmd:

    - check_cmd:

      -  grep 'joe' /etc/passwd

I haven't tried these yet, I wonder if there is a reason to use onlyif over check_cmd? Also, I don't see a mention of user.info. I only see user.present and user.absent. Is there a list of salt options I am missing?

Thanks again,

Steve Cohen

[Steve]

I found the saltstack document for user.info

https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.pw_user.html#salt.modules.pw_user.info

This brings up a different question for us though, is user.info using getent passwd or is it doing a check of /etc/passwd. We are migrating to AD and only want to add users to the servers we don't have AD on so we are looking for non AD servers by looking for local accounts. If user.info checks with getent it won't help us.

Thanks,

Steve 

[Thomas Phipps]

onlyif/unless will keep a state from running if the conditions are not met.

check_cmd still runs the state, but will set the state to fail if the command in check_cmd fails. even if the state ran without issue.

--

Thomas Phipps

Linux/Openstack/Logstash

(702) 518-0131

[Steve]

Thanks Thomas,

I was just testing and just found that out

]salt 'web1-dev.*' state.sls Steve

web1-dev:

----------

          ID: testuser

    Function: user.present

      Result: False

     Comment: check_cmd determined the state failed

     Started: 11:48:00.042696

    Duration: 672.171 ms

     Changes:

              ----------

              fullname:

                  Test User

              gid:

                  10

              groups:

                  - wheel

              home:

                  /rhome/testuser

              homephone:

              name:

                  testuser

              passwd:

                  x

              password:

                  $5$w2ZlhPlT$Y0OGqUDwLQX5KJ5r7cFlGbawYsXu3kmjUYzMNijKTI4

              roomnumber:

              shell:

                  /bin/bash

              uid:

                  32366111

              workphone:

Summary for web1-dev

------------

Succeeded: 0 (changed=1)

Failed:    1

------------

Total states run:     1

ERROR: Minions returned with non-zero exit code