How can I use Puppet to Enforce Group Membership?
I've seen a number of examples for adding users to %wheel. These are all variations of the same thing; inserting a user node at the end.
- Quick Tip: Add users to a group with augeas
- How to manage configurations in Linux with Puppet and Augeas
- Puppet Group Management Module
What I need to do is also remove users that are added outside of configuration management. For Puppet to manage the group, only users defined in my Puppet class should be present and any others removed.
Seems like exec'ing a simple Sed command would be much easier, but so many people say to try to stay away from exec.
Of course, I tried referencing the documentation for stock lens 'Group', but the page 404s.