Ask Your Question
0

Notice: /Stage[main[/ppusers::dummy/User[dummy]/groups: groups

asked 2014-07-08 04:25:03 -0500

t.duis gravatar image

Notice: /Stage[main[/ppusers::dummy/User[dummy]/groups: groups changed 'dialout,video,dialout,video; to 'dialout,video'

This is on SLES11 SP2 (x64) platform and every run it tries to fix what is not broken.

I have upgraded to PE 3.4.3 (Puppet Enterprise 3.2.3) both agent and server.

Please am i the only with this 'feature'?

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
0

answered 2014-07-14 20:01:43 -0500

Stefan gravatar image

can you please post the output of getent group|grep dummy? It looks like certain groups appear twice in /etc/groups and that's why puppet counts the membership twice. Now when puppet tries to change the group memberships, it will run usermod -G ... but usermod only operates on the first group it finds.

So please check your /etc/groups file. If it does indeed have duplicate group entries, remove them.

edit flag offensive delete link more
0

answered 2014-07-15 02:19:52 -0500

t.duis gravatar image

updated 2014-07-15 02:21:27 -0500

getent group|grep -i video

produces:

video:x:33:weblogic,dummy
video:x:33:weblogic,dummy

So youre right it produces double groups, but in /etc/group there are not double groups and the user is not twice member of the group.

puppet resource user dummy

user { 'dummy':
  ensure           => 'present',
  comment          => 'ssh tunnel',
  gid              => '7115',
  groups           => ['dialout', 'video', 'dialout', 'video'],
  home             => '/opt/ssht1278',
  password         => '!',
  password_max_age => '99999',
  password_min_age => '0',
  shell            => '/bin/false',
  uid              => '1111',
}

Strange 'bug' on CentOS this gives no problem. Response from puppetlabs is is /etc/nsswitch and after changing:

group:  compat files ldap

to:

group: files ldap

fixes this issue. As we are using ldap for IDM accounts we need to test....

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-07-08 04:25:03 -0500

Seen: 368 times

Last updated: Jul 15 '14