[chef] Re: Re: Re: Re: CHEF-2205: manage_home on Redhat


Chronological Thread 
  • From: Stephen Nelson-Smith < >
  • To:
  • Subject: [chef] Re: Re: Re: Re: CHEF-2205: manage_home on Redhat
  • Date: Thu, 30 May 2013 17:46:55 +0100

Just checking in on this.  I see Dan's comment in the ticket: "See above, we need to make this non-breaking for Chef 11.x and then make it the default in 12."

From my perspective, the issue is new (or existing) Chef users are or become used to simply declaring a resource, and finding that "by magic" the user directory was created.  This is expected behaviour for a Red Hat user.  When they then try to create a user on any other system, they discover that because manage_home is false, the directory isn't created.  Which is a shock.  

The documentation for this is particularly poor.  Firstly, the manage_home convenience method isn't even documented.  Secondly, the 'supported_features' documentation doesn't really make it explicit that unless you add the (cryptic)   ``supports :manage_home => true` you won't get the user directory created.

I agree that the resource should behave the same by default on all platforms.  An alternative solution is to make the default of manage_home to be "true", and to document clearly that if you don't want the user directory to be created, explicitly declare it in the resource.

This has the advantage of not requiring thousands of RHEL users to have to update all their recipes to add "manage_home true", but means that anyone who created a user and didn't want a home directory would have to add an explicit "manage_home false".

Which has the biggest impact?  Or do we philosophically say: "Just because RHEL alone creates user directories by default, doesn't mean that should inform the behaviour of Chef"?

S.




See above, we need to make this non-breaking for Chef 11.x and then make it the default in 12.



On 30 January 2013 15:59, John Alberts < " target="_blank"> > wrote:
I think having manage_home behave differently per platform would be confusing and lead to more code changes on the user side in order to account for different platforms.  While I sort of understand Mike's point, I don't necessarily agree.  Since I use data bags for users and loop through to create the users I have one line to change to accommodate this behavior change in Chef.  Definitely not a big deal.

John



On Wed, Jan 30, 2013 at 9:31 AM, Bryan McLellan < " target="_blank"> > wrote:
On Mon, Jan 28, 2013 at 3:47 PM, Mike < " target="_blank"> > wrote:
> I, for one using RedHat/CentOS/Amazon Linux, expect a user's account
> creation to always have a home directory created, unless the following
> is true:
> - A 'system' user account is created (useradd -r)
> - Explicitly override with 'manage_home false' (effectively 'useradd -M')

That's exactly what I was asking. The problem is, there's currently no
way to use the user resource on these system and have it not create a
home directory, even explicitly. This is because manage_home defaults
to false already. Thus it is broken in two ways,

1) The user resource is different by default on redhat than other platforms

2) You can't use it to create user without two home directories

The goal of the ticket was to fixed #2, but it does change #1 too. If
the expectation of Redhat users, particularly ones who are new to how
Chef works now, expect home directories to always be created, then an
alternative would be to apply this fix, but also set manage_home to
default to true on those platforms. We could do this by platform,
platform_family, or be more hack-ish and look for a /etc/login.defs
with this value set.

> Don't break my Chef.
>
> If this is included in Chef 11 - as it probably should be, as it's a
> logical bug, considering the default value of :manage_home is false,
> then this should be lit up in lights, painted across the sky, shouted
> across the rooftops.

Please understand we're not trying to break you, but find the best
possible outcome to fix this bug and provide a Chef that produces the
least surprises to new users.

Bryan



--
John Alberts



--
Stephen Nelson-Smith,
Founder, Principal Consultant,
Atalanta Systems Ltd,
Web: http://agilesysadmin.net
Twitter: @lordcope
Skype: atalanta.systems
Direct: +44 (0) 1329 550203
Mobile: +44 (0) 7917 101919

Atalanta Systems: The Agile Infrastructure Enablers
http://atalanta-systems.com


  • [chef] Re: Re: Re: Re: CHEF-2205: manage_home on Redhat, Stephen Nelson-Smith, 05/30/2013

Archive powered by MHonArc 2.6.16.

§