help-cfengine
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: User management

From: Michael Chesterton
Subject: Re: User management
Date: Wed, 28 Sep 2005 19:13:42 +1000
User-agent: Gnus/5.110004 (No Gnus v0.4) Emacs/21.4 (gnu/linux) 
Jamie Wilkinson <jaq@spacepants.org> writes:

>>user" and "cfengine manage users".
>
> For system users:
>
> groups:
>
>    user_X_exists = ( ReturnsZero(/bin/sh -c "/usr/bin/id -u X >& /dev/null")
> )
>
> shellcommands:
>
>    !user_X_exists.redhat::
>
>      "/usr/sbin/useradd -r -c X -s /sbin/nologin -d / -M -g nobody X
>
>    !user_X_exists.debian::
>
>      "/usr/sbin/adduser --system --gecos X --shell /bin/false --home /
> --no-create-home --disabled-login --disabled-password --group nobody X"

I'm having fun learning cfengine, here's a slightly different
way for kicks.

module:users
#!/bin/sh
  /usr/bin/getent passwd |\
    /usr/bin/awk -F: '{print "+user_" $1 "_exists"}' |\
     sed 's/-/_/g'


control:

AddInstallable  = ( user_user1_exists user_user2_exists )
actionsequence  = ( module:users shellcommands  )


shellcommands:

   !user_user1_exists.redhat::

     "/usr/sbin/useradd -r -c X -s /sbin/nologin -d / -M -g nobody X

...

It seems to work without addinstallable, but the docs say to use it, so
I do, otherwise there is a little less typing.

Now I got to work out where my in-reply-to header is.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]