group "sensu" do
action :modify
members "vagrant"
append true
not_if node['ec2']
end
You could also use chef sugar (https://github.com/sethvargo/chef-sugar) to check and see if you're using vagrant
group "sensu" do
action :modify
members "vagrant"
append true
only_if { vagrant? }
end
https://github.com/sethvargo/chef-sugar#vagrant
Mike G.
New Context
I agree on both counts.
Etc.endpwent
is required; I missed that. And, I also agree that this probably isn’t the right tool for the job. I think the first solution posed is better.As far as nsswitch goes, it looks like the Ruby library interacts with the glibc function of the same name, whose documentation does imply that it’ll look in NIS, LDAP, etc. So…maybe?
Matt
On Sun, Mar 1, 2015 at 11:42 PM, Kevin Keane Subscription < " target="_blank"> > wrote:Looking over the documentation, I think this code has a file handle leak; you are supposed to call Etc.endpwent() to close the file.
It looks to me like the Etc module is too low-level to be appropriate for this use case. Also, the documentation is not clear on whether it uses nsswitch, or reads /etc/passwd directly. Using nsswitch would pick up users from sources like LDAP, winbindd or other sources.
Kevin Keane
The NetTech
Our values: Privacy, Liberty, Justice
See https://www.4nettech.com/corp/the-nettech-values.html
-----Original message-----
From: Matthew Moretti < " target="_blank"> >
Sent: Sunday 1st March 2015 19:54
To: " target="_blank">
Subject: [chef] Re: Re: Re: Re: How to detect user does exist?Documentation for Ruby’s ‘Etc’ module is here. You could use it in place of your shell guard like so:
group "sensu" do action :modify members "vagrant" append true only_if { Etc.getpwnam('vagrant') rescue false } end
The “rescue” is required because
.getpwnam
raises an exception if the user can’t be found. If you want to avoid the sin of in-line “rescue”, this is a bit better:group "sensu" do action :modify members "vagrant" append true only_if do begin Etc.getpwnam('vagrant') rescue ArgumentError false end end end
I’ll be honest, I prefer the “getent passwd vagrant” solution more. It’s easier to read, and isn’t any less efficient or more platform dependent than the Ruby solution as far as I can tell.
Matt Moretti
On Sun, Mar 1, 2015 at 8:47 PM, Anthony Kong < " title="This external link will open in a new window" target="_blank"> > wrote:Hi Mark,Can you shed more light on it? Do you have a url to the documentation or some example?Cheers,Tony Kongblog: www.ahwkong.comlinkedin: www.linkedin.com/in/anthonykongDon’t EVER make the mistake that you can design something better than what you get from ruthless massively parallel trial-and-error with a feedback cycle. That’s giving your intelligence much too much credit.
- Linus TorvaldsOn Mon, Mar 2, 2015 at 4:12 AM, Mark Pimentel < " title="This external link will open in a new window" target="_blank"> > wrote:For a more ruby-esque way you can use the built-in method Etc.
On Feb 28, 2015 5:56 PM, "Eric Helgeson" < " title="This external link will open in a new window" target="_blank"> > wrote:Hey Anthony,
You can use a guard in this case to check and execute the resource 'only_if' the condition is true. You can use ruby or specify a command.
```
$ cat test.rb
group "sensu" doaction :modifymembers "vagrant"append trueonly_if "getent passwd vagrant"
end
$ chef-apply test.rb
Recipe: (chef-apply cookbook)::(chef-apply recipe)
* group[sensu] action modify (skipped due to only_if)
```Grabbed the guard form this post - http://stackoverflow.com/questions/24856339/chef-initialize-new-linux-user-if-it-doesnt-already-existHTHOn Sat, Feb 28, 2015 at 4:42 PM, Anthony Kong < " title="This external link will open in a new window" target="_blank"> > wrote:HiI have this definition on my cookbookgroup "sensu" do
action :modify
members "vagrant"
append true
end
it will throw an exception when I run it on ec2 because there is no user vagrantHow can I avoid the exception? Is there any way to detect the user exist? I have checked the doc https://docs.chef.io/resource_group.html but there is nothing obviousCheers,
Archive powered by MHonArc 2.6.16.