PE 201502 - puppet does not 'fix' user's homedir group ownership

I created a user and his home dir with correct ownerships

class vm2::groups {
    group { "pupusers":
        ensure => present,
        gid    => 2000,

class vm2::users {
    user { 'user2':
        ensure     => present,
        managehome => true,
        home       => '/home/user2',
        password => '$6$saltsaltsomemore$J5xGdkKq2nIeOz3y6ojiQF3cT0miSKpt0sW03eIfHnCEq6S1YLq9abT7HkPRmW1KnoYg2LiUedyErpX1xNnAh.',
        uid        => '2000',
        gid        => '2000',
        shell      => '/bin/bash',

which gives

drwx------. 2 user2 pupusers 4096 Sep 22 11:35 user2

However, if I login to the node and manually change the homedir group ownership to eg 'dialout', the puppet agent does not correct it(!).

You are managing the /home/user2 directory in Puppet, just the user and group. Remember that Puppet calls system-level tools to perform operations, such as useradd, groupadd, chmod, mkdir, etc.

When you create a user, you need to create a group and then a home directory (if desired). That's what your Puppet code above is doing, and it will maintain that state going forward. If you also want to maintain the state of the home directory, you'll need something like this:

file { '/home/user2':
  ensure => directory,
  owner  => 'user2',
  group  => 'pupusers',
  mode   => '0700',
To quote a certain Mr Simpson : " D'oh !"

PS: is there a 'Solved' tag I can add to this?

Click on the checkmark next to an answer when it's the one you want to accept as a solution. Thank you!

