zarb-ml/mageia-sysadm/2010-November/000774.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [Mageia-sysadm] [393] extract a sshuser definition
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5B393%5D%20extract%20a%20sshuser%20definition&In-Reply-To=%3C20101122132117.8B95F3FC50%40valstar.mageia.org%3E">
   <META NAME="robots" CONTENT="index,nofollow">
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="000773.html">
   <LINK REL="Next"  HREF="000775.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[Mageia-sysadm] [393] extract a sshuser definition</H1>
    <B>root at mageia.org</B> 
    <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5B393%5D%20extract%20a%20sshuser%20definition&In-Reply-To=%3C20101122132117.8B95F3FC50%40valstar.mageia.org%3E"
       TITLE="[Mageia-sysadm] [393] extract a sshuser definition">root at mageia.org
       </A><BR>
    <I>Mon Nov 22 14:21:17 CET 2010</I>
    <P><UL>
        <LI>Previous message: <A HREF="000773.html">[Mageia-sysadm] [392] Fix host access to posixAccount attrs
</A></li>
        <LI>Next message: <A HREF="000775.html">[Mageia-sysadm] Puppet Report for valstar.mageia.org
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#774">[ date ]</a>
              <a href="thread.html#774">[ thread ]</a>
              <a href="subject.html#774">[ subject ]</a>
              <a href="author.html#774">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>Revision: 393
Author:   blino
Date:     2010-11-22 14:21:17 +0100 (Mon, 22 Nov 2010)
Log Message:
-----------
extract a sshuser definition

Modified Paths:
--------------
    puppet/modules/buildsystem/manifests/init.pp

Modified: puppet/modules/buildsystem/manifests/init.pp
===================================================================
--- puppet/modules/buildsystem/manifests/init.pp	2010-11-22 13:20:26 UTC (rev 392)
+++ puppet/modules/buildsystem/manifests/init.pp	2010-11-22 13:21:17 UTC (rev 393)
@@ -3,6 +3,8 @@
     class base {
 	$build_login = &quot;iurt&quot;
 	$build_home_dir = &quot;/home/$build_login&quot;
+        $sched_login = &quot;schedbot&quot;
+	$sched_home_dir = &quot;/home/$sched_login&quot;
 
 	include ssh::auth
 	ssh::auth::key { $build_login: } # declare a key for build bot: RSA, 2048 bits
@@ -37,38 +39,42 @@
 
     }
 
-    class iurtuser {
-        group {&quot;$build_login&quot;: 
+    define sshuser($user, $homedir, $comment) {
+        group {&quot;$user&quot;: 
             ensure =&gt; present,
         }
 
-        user {&quot;$build_login&quot;:
+        user {&quot;$user&quot;:
             ensure =&gt; present,
-            comment =&gt; &quot;System user used to run build bots&quot;,
+            comment =&gt; $comment,
             managehome =&gt; true,
-            gid =&gt; $build_login,
+            gid =&gt; $user,
             shell =&gt; &quot;/bin/bash&quot;,
-            notify =&gt; Exec[&quot;unlock$build_login&quot;],
+            notify =&gt; Exec[&quot;unlock$user&quot;],
         }
 
         # set password to * to unlock the account but forbid login through login
-        exec { &quot;unlock$build_login&quot;:
-            command =&gt; &quot;usermod -p '*' $build_login&quot;,
+        exec { &quot;unlock$user&quot;:
+            command =&gt; &quot;usermod -p '*' $user&quot;,
             refreshonly =&gt; true,
         }
 
-        file { $build_home_dir:
+        file { $homedir:
             ensure =&gt; &quot;directory&quot;,
         }
 
-        file { &quot;$build_home_dir/.ssh&quot;:
+        file { &quot;$homedir/.ssh&quot;:
             ensure =&gt; &quot;directory&quot;,
             mode   =&gt; 600,
-            owner  =&gt; $build_login,
-            group  =&gt; $build_login,
+            owner  =&gt; $user,
+            group  =&gt; $user,
         }
     }
 
+    class iurtuser {
+        sshuser($build_login, $build_home_dir, &quot;System user used to run build bots&quot;)
+    }
+
     class iurt {
         include sudo
         include iurtuser
-------------- next part --------------
An HTML attachment was scrubbed...
URL: &lt;/pipermail/mageia-sysadm/attachments/20101122/18e75430/attachment.html&gt;
</PRE>


<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
	<LI>Previous message: <A HREF="000773.html">[Mageia-sysadm] [392] Fix host access to posixAccount attrs
</A></li>
	<LI>Next message: <A HREF="000775.html">[Mageia-sysadm] Puppet Report for valstar.mageia.org
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#774">[ date ]</a>
              <a href="thread.html#774">[ thread ]</a>
              <a href="subject.html#774">[ subject ]</a>
              <a href="author.html#774">[ author ]</a>
         </LI>
       </UL>

<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>