opendev/system-config
Code Issues Proposed changes

Extend user creation with more granularity

Browse Source 
Changes:
   groups now a variable with a preset, since there may be instances
   where sudo/admin will NOT be desired.
   home now entirely a variable, defaults to previous action, but
   handles cases where created user may not belong in /home
   managed home flag, defaulted to enabled.

No impact to current functionality.  Allows for more granular changes
in the future. Typo fix for managehome.

Change-Id: Id0921f5b28ea0ffd2230d94e87673e6b39ac060e
This commit is contained in:
Aaron Greengrass 2014-01-23 13:25:46 -08:00
parent ecc5bafba6
commit 0c7862f3a4
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
modules/user/manifests/virtual/localuser.pp
View File

@ -1,8 +1,16 @@
# usage
#
# user::virtual::localuser['username']
define user::virtual::localuser( define user::virtual::localuser(
$realname, $realname,
$sshkeys = '', $groups = [ 'sudo', 'admin', ],
$shell = '/bin/bash' $sshkeys = '',
$shell = '/bin/bash',
$home = "/home/${title}",
$managehome = true
) { ) {
group { $title: group { $title:
ensure => present, ensure => present,
} }
@ -11,20 +19,17 @@ define user::virtual::localuser(
ensure => present, ensure => present,
comment => $realname, comment => $realname,
gid => $title, gid => $title,
groups => [ groups => $groups,
'sudo', home => $home,
'admin', managehome => $managehome,
],
home => "/home/${title}",
managehome => true, # creates home directory, does not manage it
membership => 'minimum', membership => 'minimum',
require => Group[$title],
shell => $shell, shell => $shell,
require => Group[$title],
} }
file { "${title}_sshdir": file { "${title}_sshdir":
ensure => directory, ensure => directory,
name => "/home/${title}/.ssh", name => "${home}/.ssh",
owner => $title, owner => $title,
group => $title, group => $title,
mode => '0700', mode => '0700',
@ -36,7 +41,7 @@ define user::virtual::localuser(
content => $sshkeys, content => $sshkeys,
group => $title, group => $title,
mode => '0400', mode => '0400',
name => "/home/${title}/.ssh/authorized_keys", name => "${home}/.ssh/authorized_keys",
owner => $title, owner => $title,
require => File["${title}_sshdir"], require => File["${title}_sshdir"],
} }