A puppet module designed to ease the management of user accounts.
Currently supports:
- Creation/Removal of accounts (via the "ensure" parameter)
- Account creation w/UID control
- Setting the login shell
- Dedicated Group creation w/GID control (optional)
- Home directory creation ( and optionally management via /etc/skel )
- Support for system users
- SSH key management (optional)
Notes/Drawbacks:
- Does not currently support multiple ssh keys per account. (coming soon-ish)
- Does not automatically create arbitrary extra groups. Use the native group type for this.
A brief usage summary with examples follows. For full documentation of all parameters, see the inline puppet docs:
$ puppet doc /etc/puppet/modules/account/manifests/init.pp
Standard usage of this defined type would probably look something like this:
account {
'sysadmin':
home_dir => '/opt/sysadmin',
groups => [ 'sudo', 'users' ],
ssh_key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArfQmMkvtWRnwas3DIti9qAuSFQXKcE0kdp5f42PP8l2kTytJPPWp5T/q8PXDQ2d2X5KplMCMDiUQkchqhmDp840jsqBQ9iZPejAjv3w2kITgScFNymAcErtzX52iw4lnUyjZzomCW8G3YthQMaRm2NkI4wcVcjzq+SKyTfzrBoH21RgZlfcx+/50AFRrarpYqel9W5DuLmmShHxD8clPS532Z/1X+1jCW2KikUhdo98lxYTIgFno05lwFOS9Ry89UyBarn1Ecp1zXpIBE7dMQif3UyLUTU9zCVIoZiJj4iO5lemSSV0v8GL97qclBUVJpaCpc4ebR7bhi0nQ28RcxQ==',
comment => 'SysAdmin user',
}
The type can also be virtualized and realized later (see the official documentation for more information on this pattern):
@account { 'sysadmin': groups => [ 'sudo', 'users' ] }
For use with hiera, one could define a nested hash of account resources in a hiera data file (this example assumes you use YAML):
---
accounts:
sysadmin:
home_dir: /opt/sysadmin
ssh_key: AAAAB3NzaC1yc2EAAAABIwAAAQEArfQmMkvtWRnwas3DIti9qAuSFQXKcE0kdp5f42PP8l2kTytJPPWp5T/q8PXDQ2d2X5KplMCMDiUQkchqhmDp840jsqBQ9iZPejAjv3w2kITgScFNymAcErtzX52iw4lnUyjZzomCW8G3YthQMaRm2NkI4wcVcjzq+SKyTfzrBoH21RgZlfcx+/50AFRrarpYqel9W5DuLmmShHxD8clPS532Z/1X+1jCW2KikUhdo98lxYTIgFno05lwFOS9Ry89UyBarn1Ecp1zXpIBE7dMQif3UyLUTU9zCVIoZiJj4iO5lemSSV0v8GL97qclBUVJpaCpc4ebR7bhi0nQ28RcxQ==
groups:
- sudo
- users
appadmin:
home_dir: /opt/appadmin
groups:
- users
And then use the create_resources function in a puppet manifest:
$accounts = hiera_hash('accounts')
create_resources('account', $accounts)
Please use the github issues functionality to report any bugs or requests for new features.
Feel free to fork and submit pull requests (or use git's own functionality to mail me patches) for potential contributions.
Unit TestsSubmit module to PuppetForgeSupport for removing accounts
- Tray Torrance (torrancew) - Author
- Facundo Guerrero (guerremdq) - Support for 'comment' parameter
- YuviPanda (yuvipanda) - Bugfix
- Justin Lambert (jlambert121) - Support for configurable home directory permissions, puppet-lint
- sauce (eshkay) - Solaris support