1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
# Created by Jeff McCune on 2007-07-22
# Copyright (c) 2007. All rights reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation (version 2 of the License)
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston MA 02110-1301 USA
require 'puppet/provider/nameservice/directoryservice'
Puppet::Type.type(:user).provide :directoryservice, :parent => Puppet::Provider::NameService::DirectoryService do
desc "User management using DirectoryService ... Fin. ;)"
# JJM: DirectoryService can manage passwords.
# This needs to be a special option to dscl though (-passwd)
has_feature :manages_passwords
# JJM: comment matches up with the /etc/passwd concept of an user
options :comment, :key => "realname"
options :password, :key => "passwd"
autogen_defaults :home => "/var/empty", :shell => "/usr/bin/false"
verify :gid, "GID must be an integer" do |value|
value.is_a? Integer
end
verify :uid, "UID must be an integer" do |value|
value.is_a? Integer
end
def autogen_comment
return @resource[:name].capitalize
end
# The list of all groups the user is a member of. Different
# user mgmt systems will need to override this method.
# JJM: FIXME: Override this method...
def groups
groups = []
# user = @resource[:name]
# # Retrieve them all from netinfo
# open("| #{command(:nireport)} / /groups name users") do |file|
# file.each do |line|
# name, members = line.split(/\s+/)
# next unless members
# next if members =~ /NoValue/
# members = members.split(",")
#
# if members.include? user
# groups << name
# end
# end
# end
groups.join(",")
end
# This is really lame. We have to iterate over each
# of the groups and add us to them.
def groups=(groups)
# case groups
# when Fixnum:
# groups = [groups.to_s]
# when String
# groups = groups.split(/\s*,\s*/)
# else
# raise Puppet::DevError, "got invalid groups value %s of type %s" % [groups.class, groups]
# end
# # Get just the groups we need to modify
# diff = groups - (@is || [])
#
# data = {}
# open("| #{command(:nireport)} / /groups name users") do |file|
# file.each do |line|
# name, members = line.split(/\s+/)
#
# if members.nil? or members =~ /NoValue/
# data[name] = []
# else
# # Add each diff group's current members
# data[name] = members.split(/,/)
# end
# end
# end
#
# user = @resource[:name]
# data.each do |name, members|
# if members.include? user and groups.include? name
# # I'm in the group and should be
# next
# elsif members.include? user
# # I'm in the group and shouldn't be
# setuserlist(name, members - [user])
# elsif groups.include? name
# # I'm not in the group and should be
# setuserlist(name, members + [user])
# else
# # I'm not in the group and shouldn't be
# next
# end
# end
end
end
|
