Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109056 uid=9827(109056) gid=9999(uxadmin) groups=9999(uxadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109052 su: warning: cannot change directory to /home/109052: Permission denied -bash: /home/109052/.bash_profile: Permission denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

$ ll

total 32 drwx------ 3 109052 uxadmin 4096 Apr 2 05:24 109052

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109052 "3__109052"

$ pwd

/home

$ ll

total 32 drwx------ 3__109052 uxadmin 4096 Apr 2 05:24 109052

*added underscore above for high-lite "3__109052"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052]/owner: owner changed '109052' to '109052' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh]/owner: owner changed '109052' to '109052' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh/authorized_keys]/owner: owner changed '109052' to '109052'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

realize (adminkeys::virtual["109052"]) @adminkeys::virtual {"109052": admin => "109052", }

}

virtual.pp

define adminkeys::virtual ($admin) {

file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'uxadmin', mode => 0700, }

file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'uxadmin', mode => '0700', }

file { "/home/${admin}/.ssh/authorizedkeys" : ensure => present, owner => "$admin", group => 'uxadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

keys are stored under module files folder:

$ ll modules/adminkeys/files/

total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109052

Thanks for your help!

Regards, Gans

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109056 uid=9827(109056) gid=9999(uxadmin) groups=9999(uxadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109052 su: warning: cannot change directory to /home/109052: Permission denied -bash: /home/109052/.bash_profile: Permission denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

$ ll

total 32 drwx------ 3 109052 uxadmin 4096 Apr 2 05:24 109052

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109052 "3__109052"

$ pwd

/home

$ ll

total 32 drwx------ 3__109052 uxadmin 4096 Apr 2 05:24 109052

*added underscore above for high-lite "3__109052"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052]/owner: owner changed '109052' to '109052' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh]/owner: owner changed '109052' to '109052' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh/authorized_keys]/owner: owner changed '109052' to '109052'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

realize (adminkeys::virtual["109052"]) @adminkeys::virtual {"109052": admin => "109052", }

}

virtual.pp

define adminkeys::virtual ($admin) {

file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'uxadmin', mode => 0700, }

file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'uxadmin', mode => '0700', }

file { "/home/${admin}/.ssh/authorizedkeys" : ensure => present, owner => "$admin", group => 'uxadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

keys are stored under module files folder:

$ ll modules/adminkeys/files/

total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109052

Thanks for your help!

Regards, Gans

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109056 uid=9827(109056) 109052 uid=9827(109052) gid=9999(uxadmin) groups=9999(uxadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109052 su: warning: cannot change directory to /home/109052: Permission denied -bash: /home/109052/.bash_profile: Permission denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

$ ll

total 32 drwx------ 3 109052 uxadmin 4096 Apr 2 05:24 109052

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109052 "3__109052"

$ pwd

/home

$ ll

total 32 drwx------ 3__109052 uxadmin 4096 Apr 2 05:24 109052

*added underscore above for high-lite "3__109052"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052]/owner: owner changed '109052' to '109052' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh]/owner: owner changed '109052' to '109052' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh/authorized_keys]/owner: owner changed '109052' to '109052'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

realize (adminkeys::virtual["109052"]) @adminkeys::virtual {"109052": admin => "109052", }

}

virtual.pp

define adminkeys::virtual ($admin) {

file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'uxadmin', mode => 0700, }

file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'uxadmin', mode => '0700', }

file { "/home/${admin}/.ssh/authorizedkeys" : ensure => present, owner => "$admin", group => 'uxadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

keys are stored under module files folder:

$ ll modules/adminkeys/files/

total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109052

Thanks for your help!

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109052 uid=9827(109052) gid=9999(uxadmin) groups=9999(uxadmin)109056 uid=9827(109056) gid=9999(sysadmin) groups=9999(sysadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109052 109056 su: warning: cannot change directory to /home/109052: /home/109056: Permission denied -bash: /home/109052/.bash_profile: /home/109056/.bash_profile: Permission denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

$ ll

total 32 drwx------ 3 109052 uxadmin 109056 sysadmin 4096 Apr 2 05:24 109052109056

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109052 "3__109052"109056 "3__109056"

$ pwd

/home

$ ll

total 32 drwx------ 3__109052 uxadmin 3__109056 sysadmin 4096 Apr 2 05:24 109052 109056

*added underscore above for high-lite "3__109052""3__109056"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052]/owner: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056]/owner: owner changed '109052' '109056' to '109052' '109056' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh]/owner: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh]/owner: owner changed '109052' '109056' to '109052' '109056' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109052]/File[/home/109052/.ssh/authorized_keys]/owner: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh/authorized_keys]/owner: owner changed '109052' '109056' to '109052''109056'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

realize (adminkeys::virtual["109052"]) (adminkeys::virtual["109056"]) @adminkeys::virtual {"109052": {"109056": admin => "109052", "109056", }

}

virtual.pp

define adminkeys::virtual ($admin) {

file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'uxadmin', 'sysadmin', mode => 0700, }

file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'uxadmin', 'sysadmin', mode => '0700', }

file { "/home/${admin}/.ssh/authorizedkeys" : ensure => present, owner => "$admin", group => 'uxadmin', 'sysadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

keys are stored under module files folder:

$ ll modules/adminkeys/files/

total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109052authorized_keys.109056

Thanks for your help!

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109056 uid=9827(109056) gid=9999(sysadmin) groups=9999(sysadmin)gid=1999(sysadmin) groups=1999(sysadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109056 su: warning: cannot change directory to /home/109056: Permission denied -bash: /home/109056/.bash_profile: Permission denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

$ ll

total 32 drwx------ 3 109056 sysadmin 4096 Apr 2 05:24 109056

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109056 "3__109056"

$ pwd

/home

$ ll

total 32 drwx------ 3__109056 sysadmin 4096 Apr 2 05:24 109056

*added underscore above for high-lite "3__109056"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056]/owner: owner changed '109056' to '109056' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh]/owner: owner changed '109056' to '109056' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh/authorized_keys]/owner: owner changed '109056' to '109056'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

realize (adminkeys::virtual["109056"]) @adminkeys::virtual {"109056": admin => "109056", }

}

virtual.pp

define adminkeys::virtual ($admin) {

file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'sysadmin', mode => 0700, }

file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'sysadmin', mode => '0700', }

file { "/home/${admin}/.ssh/authorizedkeys" : ensure => present, owner => "$admin", group => 'sysadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

keys are stored under module files folder:

$ ll modules/adminkeys/files/

total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109056

Thanks for your help!

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109056 109056

uid=9827(109056) gid=1999(sysadmin) groups=1999(sysadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109056 109056

su: warning: cannot change directory to /home/109056: Permission denied -bash: /home/109056/.bash_profile: Permission denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

$ ll

total 32 drwx------ 3 109056 sysadmin 4096 Apr 2 05:24 109056

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109056 "3__109056"

$ pwd

/home

$ ll

total 32 drwx------ 3__109056 sysadmin 4096 Apr 2 05:24 109056

*added underscore above for high-lite "3__109056"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056]/owner: owner changed '109056' to '109056' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh]/owner: owner changed '109056' to '109056' Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh/authorized_keys]/owner: owner changed '109056' to '109056'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

realize (adminkeys::virtual["109056"]) @adminkeys::virtual {"109056": admin => "109056", }

}

virtual.pp

define adminkeys::virtual ($admin) {

file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'sysadmin', mode => 0700, }

file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'sysadmin', mode => '0700', }

file { "/home/${admin}/.ssh/authorizedkeys" : ensure => present, owner => "$admin", group => 'sysadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

keys are stored under module files folder:

$ ll modules/adminkeys/files/

total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109056

Thanks for your help!

Numerical Unix/Linux User account is treated different on setting file permissions by puppet 3.7.3

Hello All,

We use puppet 3.7.3 community version, and all UNIX user accounts are managed though Centrify on AD.

I wrote a puppet module to create Unix Administrator's SSH key management on Linux machine (since all Unix admins home directories are local to the machine). We do have some Unix user names on numerical.

example :

$ id 109056

109056 uid=9827(109056) gid=1999(sysadmin) groups=1999(sysadmin)

groups=1999(sysadmin)

puppet will create /home/109056, .ssh, authorized_keys for all Unix Admins in the organization.

it does it well for all user accounts with alphabets, *no issues here.

but if the UNIX user Id on nuberical, then it treated something else. so we have permission issue.

$ sudo su - 109056

109056 su: warning: cannot change directory to /home/109056: Permission denied -bash: /home/109056/.bash_profile: Permission denied

denied

the below home directory was created when users login for the first time without puppet involvement (*that works fine)

$ pwd

/home

pwd /home $ ll

ll total 32 drwx------ 3 109056 sysadmin 4096 Apr 2 05:24 109056

109056

this one below was created by puppet, the home dir & the user's SSH keys after provisioning ( you can see the number got right aligned, i can see 2 spaces in-front of 109056 "3__109056"

$ pwd

/home

pwd /home $ ll

ll total 32 drwx------ 3__109056 sysadmin 4096 Apr 2 05:24 109056

109056

*added underscore above for high-lite "3__109056"

I don't know what is different in the below user change by puppet:

Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056]/owner: owner changed '109056' to '109056'
Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh]/owner: owner changed '109056' to '109056'
Notice: /Stage[main]/adminkeys/adminkeys::Virtual[109056]/File[/home/109056/.ssh/authorized_keys]/owner: owner changed '109056' to '109056'

'109056'

Note: have tried single quote / double quote on $admin variable, no difference.

init.pp

class adminkeys {

{ realize (adminkeys::virtual["109056"]) @adminkeys::virtual {"109056": admin => "109056", }

}

} }

virtual.pp

define adminkeys::virtual ($admin) {

{ file { "/home/${admin}" : ensure => directory, owner => "$admin", group => 'sysadmin', mode => 0700, }

} file { "/home/${admin}/.ssh" : ensure => directory, owner => "$admin", group => 'sysadmin', mode => '0700', }

} file { "/home/${admin}/.ssh/authorizedkeys" "/home/${admin}/.ssh/authorized_keys" : ensure => present, owner => "$admin", group => 'sysadmin', mode => '0600', source => "puppet:///modules/adminkeys/authorizedkeys.${admin}", }

}

"puppet:///modules/adminkeys/authorized_keys.${admin}", } }

keys are stored under module files folder:

$ ll modules/adminkeys/files/

modules/adminkeys/files/ total 20 -rw-r--r-- 1 root root 1803 Mar 19 15:18 authorized_keys.109056

authorized_keys.109056

Thanks for your help!