Commit Graph

19 Commits

Author SHA1 Message Date
Ian Wienand 1cfbbf5acd Allow to specify different key types
Allow to specify different key types for ed25519, for example

Depends-On: Ie842b25d38541e85cebfc0d11043aec836980173
Change-Id: I2a625c4dbb72f3ae1f9644636d635033be817465
2016-07-14 12:00:36 +10:00
Andrey Nikitin b6e7dc409e Order of the class parameters is refactored
Order and intendation of those parameters are changed
to follow Puppet Style Guide recommendation [0].
Moreover, it will allow to an user to find much faster
a variable in a list of variables.

[0]. https://docs.puppetlabs.com/guides/style_guide.html

Change-Id: I237739d3ab679d961a7e8e6980af6893321b702b
2016-03-21 19:05:32 +03:00
Colleen Murphy fbc9ce6954 Add Gemfile and puppet 4 checks
In anticipation of puppet 4, start trying to deal with puppet 4 things
that can be helpfully predicted by puppet lint plugins. Fix arrow
alignment errors now caught by the bundle-installed puppet-lint.

This patch makes $users::virtual::localuser::sshkeys a required
parameter to fix the puppet-lint-empty_string-check error. If left as
empty string and the default is used, the ssh_authorized_key resource
will still create the authorized_key entry but with an empty key, which
is not useful.

Change-Id: Ica35f012f3af74159fc8b2ae5df60d11d4c15f33
2015-08-14 11:39:11 -07:00
Yolanda Robla 5ccba2b630 Add a sane default value for key_id
When key_id is not set, that is defaulting to blank,
and is causing duplication errors if two users don't have
it set. Defaulting to user title, to ensure that this
key will be unique per user.

Change-Id: Ie79e461483af9c44d53bb1ca5ed64687b4723f68
2015-06-25 16:57:11 +02:00
Yolanda Robla fb91550906 Ensure home and home/.ssh folders are created
When creating a new user, ensure that the home folder, and the
.ssh one is created with the right ownership and
permissions.

Change-Id: I25167179a1573c4dbbc4a8703f5bb200af9709f5
2015-03-19 11:10:32 +01:00
Ramy Asselin d81a5441d3 Add puppet module files for puppet-user
Change-Id: Id50f3165e5cda70ed7e5af914d304d9c0de1b507
2015-01-30 13:26:09 +00:00
Jenkins 1848aaec44 Merge "Remove hardcoded commands" 2014-12-19 14:29:30 +00:00
Ivan Udovichenko cf5e4e94da Remove hardcoded commands
Add more modern and convenient way to remove users and directories.

Change-Id: I4bc0e7ced93a0c6b3faf7f65e5036ed0cd9bee89
Counter: 2
2014-12-12 11:43:37 +00:00
Clark Boylan 6bcfaf4f54 Make localuser gid and uid required params
Before we had set gid and uid to unset by default. Which if not
overridden will have puppet try to set the gid and uid values to
'unset'. This should be an error as 'unset' is not a number. We don't
have this error because we always override these values when creating
localusers. But for completeness and better error messages remove the
default values so that puppet requires users to have proper gid and uid
values.

Change-Id: I14667912b9239ea1c56123c18b0c13834f9c3cb6
2014-12-09 09:50:30 -08:00
James E. Blair d25c47cbd7 Manage UID/GID with puppet
Set uid and gid values for users that puppet creates so they are
consistent across all systems.  Pick some arbitrary values for them
and set them for all current users.  Remove users who haven't been
around for a while (their ssh keys should all be removed at this
point).

I do not know what puppet will do with existing users (whether it
will attempt to change their entries or not), so do not merge this
change until all existing servers have been updated.

Change-Id: Id77e767af792f41fe2f8551953a2cf621323b373
2014-10-19 10:56:17 -07:00
Jeremy Stanley e7cdec3736 Stop over-managing user SSH keyfiles
* modules/user/manifests/virtual/localuser.pp: This reverts part of
0d82c62 which was providing a temporary transition correcting
permissions and ownership as well as removing the results of a
previous failed implementation of keyfile management. Unfortunately
that also caused nodepool images to no longer set up accounts
correctly, but reverting the transitional bits fixes that issue.

Change-Id: Ic3e7f0a3b82bbc8a23707b88f9fe381e9d70e356
2014-04-30 20:11:16 +00:00
Monty Taylor ff3de251c9 Fix ssh key error and also remove duplicates
We need specific key ids for keys, and if the key id changes, we need
a way to delete old ones. We also need the file to be writable by at
least the user so that puppet doesn't complain.

Change-Id: I5718b80d844d5f95149d0e23d98960879955c43c
2014-04-29 10:08:24 -07:00
Monty Taylor ac74cc2a0b Move to using ssh_authorized_key type
There is a builtin type for adding authorized_keys. We started
using it for the restricted access for the puppet triggering key,
and it seems to make sense to be consistent across the board.

Change-Id: I76ffb0136c58c05fa7c8abb793cb8e3b03cb5f6c
2014-04-15 20:24:23 -07:00
Aaron Greengrass ad2e15883b Extend user creation with more granularity
Changes:
   groups now a variable with a preset, since there may be instances
   where sudo/admin will NOT be desired.
   home now entirely a variable, defaults to previous action, but
   handles cases where created user may not belong in /home
   managed home flag, defaulted to enabled.

No impact to current functionality.  Allows for more granular changes
in the future. Typo fix for managehome.

Change-Id: Id0921f5b28ea0ffd2230d94e87673e6b39ac060e
2014-02-10 07:57:01 -08:00
Aaron Greengrass ac00daa653 Extend user module, add 'disable user'
This patch adds the user::virtual::disable function to the user module.
This will allow puppet to remove a user, ssh keys, and screen sessions
while preserving the user home directory.

This patch adds future functionality without impacting the currently
configured infrastructure.

Change-Id: I2933e6857094398f86c2a7e6eaabe9898a1d3078
2014-01-23 11:50:13 -08:00
Paul Belanger e47c09dbd8 Create localuser.pp
This is a sytle guide update for puppet.  Including definations within a
class is not recommented.

Change-Id: Id108d61dade1f99350691627236f1a13c12c10bc
Signed-off-by: Paul Belanger <paul.belanger@polybeacon.com>
Reviewed-on: https://review.openstack.org/14986
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
2012-11-10 23:50:17 +00:00
Clark Boylan 83efccbafe Kill trailing whitespace.
Killed trailing whitespace in the puppet repo files using
`sed -r 's/\s+$//'`. Skip binary files and html templates for lodgeit
and mailman.

Change-Id: Ib43493161d8f0e8fae1426b22fb1737832ca14cd
Reviewed-on: https://review.openstack.org/12969
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
2012-10-05 23:27:31 +00:00
Monty Taylor 3ada86c34f Rework all of the slaves for virtualenv.
Includes:
  Fixing jenkins sudoers from jeblair
  Removing tarmac depend from jeblair
  Remove wheel group from jeblair

Change-Id: I86ec23f7aeafc31cc70b0f3a648739bb7316fc61
2011-10-13 11:53:33 -04:00
James E. Blair 516534ae37 Refactor user definitions.
Change-Id: If8e05e03a32c6d850ff9a9b1b55be0ae61de35fb
2011-09-14 21:30:31 +00:00