[chef] Data bags and 'users' community cookbook


Chronological Thread 
  • From: Fabien Delpierre < >
  • To:
  • Subject: [chef] Data bags and 'users' community cookbook
  • Date: Fri, 18 Apr 2014 15:28:20 -0400

Hi there,
I need to start managing user accounts for a number of Linux VMs, so I set up a data bag with just one user (me), to start. I'm new to data bags, just started messing around with them earlier today, but I think I get the hang of it as it's pretty simple.

I'm also trying to use this community cookbook:

I got it working fine and it created the user from my data bag, with but one problem: in the JSON file containing my user's data, I said that my user should be a member of the wheel group, but the user was not added to the wheel group. There's no warning or error that I can see when I run chef-client, it just doesn't do anything with the groups I listed in the JSON file.

Here's my JSON file:
{
"id": "fd1",
"password": "<snip>",
"ssh_keys": [ "<snip>" ],
"groups": [ "sysadmin", "wheel", "test" ],
"shell": "/bin/bash",
"comment": "Fabien Delpierre",
"email": "<snip>",
"uid": "2001",
"home": "/home/fdelpierre"
}

As you can see I tried adding the user to a "test" group but nothing happened either, although I can imagine that's because there is no group called "test" on the system. Of course the wheel group does exist.

Looking at the README for the cookbook, there are bits that seem relevant to what I'm trying to do but I just don't understand what I'm supposed to do. Here's the excerpt from the docs that I'm struggling with:
--
If you have different requirements, for example:
  • You want to search a different data bag specific to a role such as mail. You may change the data_bag searched.
    • data_bag mail
  • You want to search for a different group attribute named postmaster. You may change the search_group attribute. This attribute defaults to the LWRP resource name.
    • search_group postmaster
  • You want to add the users to a security group other than the lightweight resource name. You may change the group_name attribute. This attribute also defaults to the LWRP resource name.
    • group_name wheel

Putting these requirements together our recipe might look like this:

ruby users_manage "postmaster" do data_bag "mail" group_name "wheel" group_id 10 end

--

So looking at the default recipe of the users cookbook, it looks like it's saying it's the place to add this sort of stuff -- so I added the following bits to it:

users_manage "sysadmin" do
data_bag "users"
group_name "wheel"
group_id 10
end

But of course that also did nothing.

It's probably something dumb but I've been messing around with this all afternoon today and I can't figure it out. Every time I get what I think is a bright idea, I make my tweak, re-run chef-client and nothing happens, it's rather frustrating.

Thanks!


  • [chef] Data bags and 'users' community cookbook, Fabien Delpierre, 04/18/2014

Archive powered by MHonArc 2.6.16.

§