[chef] Re: How to pass hash password from ruby-block to user resource

[Tensibai Zhaoying < >]

Brief answer, you should use lazy attribute for the password attribute of the user resource.

Something like password lazy {password_hash }

Without it the var is evaluated at compile time and so is nil as the ruby block did not run.

And you should use the each_user var in the ruby block name to avoid overriding it on each iteration.

Don't hesitate to tell if it's unclear :)

---- 
  a écrit ----



Hi All,

I am trying to implement a cookbook which would create users by reading
passwords from attributes file ( non hash password ex: root@123)

And for this, my cookbook is as follows :

1. Contains of attributes file ( attributes/attr.rb )

default['my']['instance']['users']=[{uid:
1004,user_name:'m1',homedir:'/home/m1',password:'root@111'},{uid:
1003,user_name:'m2',homedir:'/home/m2',password:'root@222'},{uid: 1002,
user_name:'m3',homedir:'/home/m3',password:'root@333'}]

2. Recipe : 

password_hash=''
node['my']['instance']['users'].each do |each_user|
    ruby_block "Generating hash password" do
	block do
	    require 'digest/sha2'
	    password=each_user['password']
	    salt=rand(36**8).to_s(36)
	    shadow_hash=password.crypt("$6$" + salt)
	    password_hash=shadow_hash
	end
    end

    user each_user['user_name'] do
	password "#{password_hash}"
	home each_user['homedir']
	system true
	action :create
	manage_home true
	uid each_user['uid']
    end
end


After execution of the cookbook, respective users are created appropriately but
passwords are set blank.

Looks like the variable which I am trying to access in the password attribute
of user resource is not correct.

Please let me how can I resolve this.

Note : In my case, I dont want to use databags

Thanks,
Pratik