search

saltstack-formulas / users-formula

Configure users via pillar
http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
Other
99 stars 361 forks source link

Users/Groups already exist Errors/state failures #167

Closed noelmcloughlin closed 6 years ago

noelmcloughlin commented 6 years ago

Is there any pillar to workaround ERRORS/failed states if users already exist? I want to ensure oracle user, and oracle/dba groups, are present in any database but salt only checks locally

(see also https://github.com/saltstack/salt/issues/45345 and https://github.com/saltstack/salt/issues/45142)

  oracle:
    empty_password: True
    home: /home/oracle
    uid: 501
    shell: /bin/bash
    prime_group:
      name: oracle
   {% if not salt['cmd.run']('getent group oracle', output_loglevel='quiet') %}
      gid: 501
   {% endif %}
    optional_groups:
      - dba
      - oracle

Thanks Noel

noelmcloughlin commented 6 years ago

Something like this (but without failing the state) would be nice-

{% for group in user.get('groups', []) %}
users_{{ name }}_{{ group }}_group:
  cmd.run:
    - name: getent group {{ name }}
    - output_loglevel='quiet'
  group.present:
    - name: {{ group }}
    {% if group == 'sudo' %}
    - system: True
    {% endif %}
    - onfail: 
       - cmd: users_{{ name }}_{{ group }}_group
{% endfor %}
noelmcloughlin commented 6 years ago

https://github.com/saltstack/salt/issues/46361