Ask Your Question

How can I have puppet use a local (on the master) password hash for users?

asked 2014-09-10 11:09:22 -0600

Belmin Fernandez gravatar image

We define users as such:

user { 'belmin':
    ensure          => present,
    uid             => 308,
    comment         => 'Belmin Fernandez',
    managehome      => true,
    password        => '$6$NrtZpXEauUqjdRh0$vE9oJwbNTSWVCGrlDe4KHXFB0KXY7hszSas3v0DZvhUej4SIb/WLfaCy.lmSU7Hh8AAvAbPuDRai2p1X9mDcM0',

I want to define a type that will look in the /etc/shadow local to the puppet master and, if the user is there, use that password hash instead. Something like:

define our_user ($user = $title, $uid, $fullname, $default_hash) {

    $shadow_hash = get_hash_from_local_shadown_somehow

    if $shadow_hash == '' {
        $shadow_hash = $default_hash

    user { $user:
        ensure          => present,
        uid             => $uid,
        comment         => $fullname,
        managehome      => true,
        password        => $shadow_hash,

What would get_hash_from_local_shadown_somehow be in this case? I see the file function in puppet but unsure how to utilize that to address this since I'll need some more text processing.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2014-09-10 11:54:14 -0600

llowder gravatar image

You can use the generate() function to that.

You'd basically create a script that does whatever processing you need, then $shadow_hash = generate('/path/to/script').

edit flag offensive delete link more


This is what I needed! Thank you.

Belmin Fernandez gravatar imageBelmin Fernandez ( 2014-09-10 12:11:02 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2014-09-10 11:09:22 -0600

Seen: 39 times

Last updated: Sep 10 '14