4

我正在尝试使用清单将用户分配到多个组,但我遇到了困难。

尝试1: 

class usergroup {

  group { "user_one":
      ensure => present,
      gid => 500,
  }
  group { "user_two":
      ensure => present,
      gid => 501,
  }
  group { "dev_site_one":
      ensure => present,
      gid => 502,
  }
  group { "dev_site_two":
      ensure => present,
      gid => 503,
  }
  group { "dev_site_three":
      ensure => present,
      gid => 504,
  }

  user { "user_one":
      ensure => present,
      uid => 500,
      gid => 500,
      gid => 502,
      gid => 503,
      gid => 504,
  }
  user { "user_two":
      ensure => present,
      uid => 501,
      gid => 501,
  }

}

运行这个:

puppet apply --noop ./init.pp

产量:

错误:节点 my_web_server 上 /etc/puppet/modules/webserver/manifests/init.pp:159 上的用户 [user_one] 的重复参数“gid”

尝试2:

我试图像这样分解每个 gid 声明:

class usergroup {

  group { "user_one":
      ensure => present,
      gid => 500,
  }
  group { "user_two":
      ensure => present,
      gid => 501,
  }
  group { "dev_site_one":
      ensure => present,
      gid => 502,
  }
  group { "dev_site_two":
      ensure => present,
      gid => 503,
  }
  group { "dev_site_three":
      ensure => present,
      gid => 504,
  }

  user { "user_one":
      ensure => present,
      uid => 500,
      gid => 500,
  }
  user { "user_one":
      gid => 502,
  }
  user { "user_two":
      ensure => present,
      uid => 501,
      gid => 501,
  }

}

运行这个:

puppet apply --noop ./init.pp

产量:

错误:重复声明:用户 [user_one] 已在文件 /etc/puppet/modules/webserver/manifests/init.pp:156 中声明;无法在节点 my_web_server 上的 /etc/puppet/modules/webserver/manifests/init.pp:160 重新声明

...其中 160 是我尝试将 gid 502 分配给 user_one 的位置。

问题

有没有办法用 Puppet 分配多个组,还是我必须手动分配这些组?

4

2 回答 2

14

是的,有办法!

看看http://docs.puppetlabs.com/references/latest/type.html#user

参数gid指定用户的主要组,该组必须是唯一的。可以使用groups参数指定其他组。

假设500应该是主要组...

user { "user_one":
    ensure => present,
    uid => 500,
    gid => 500,
    groups => [502, 503, 504],
}

...应该做的工作。

于 2013-09-11T21:30:43.053 回答
0

如果你愿意,你也可以使用组名,看下面。

group { "group_one": 
        ensure => present, 
        gid => 500,}

group { "group_two":
         ensure => present,
         gid => 501,}

 user { "user_one":
         ensure => present,
         comment => 'New user being created',   
         uid => 505,   
         groups => ["group_one","group_two"],}
于 2018-05-10T16:42:19.220 回答