[chef] Re: Restriction of shell access for new user on a linux box

[ANGELA EBIRIM < >]

Hi Mandi,

Silly me!

That was indeed the problem. Didn't realise that you were restricted in what you could put in the comment field.

Thanks again.

Sent from iCloud

On Mar 23, 2015, at 11:55 AM, mandi walls < > wrote:

exit code 3 is invalid argument for option.

my guess would be the comment you have - there's a colon in your string "chef created service user: svc_goagent".

colon is the delimiter for the passwd file and wouldn't be permitted in the user data.

On Mon, Mar 23, 2015 at 2:27 PM, ANGELA EBIRIM < " data-mce-href="mailto: "> > wrote:

Hello everyone,

Has anyone had experience of restricting access for a particular user using the user resource in Chef?

I'm trying to create a service user who will have restricted access on a linux box.

I have done the following:-

     user user do

supports :manage_home => true

  comment  "chef created service user: #{user}"

home "/home/#{user}"

shell '/sbin/nologin'

action :create

end

but have been unsuccessful. 

I noticed that during the chef run the following output was generated when an attempt was made to create a service user: 

Ran ["useradd", "-c", "chef created service user: svc_goagent", "-s", "/sbin/nologin", "-d", "/home/svc_goagent", "-m", "svc_goagent"] returned 3 and not 0.

Any ideas?

Many thanks

Sent from iCloud

--

Mandi Walls

" data-mce-href="mailto: ">

@lnxchk