我正在尝试将用户分配到带有清单的多个组,但我遇到了问题.
尝试1:
class usergroup {
group { "user_one":
ensure => present,
gid => 500,
}
group { "user_two":
ensure => present,
gid => 501,
}
group { "dev_site_one":
ensure => present,
gid => 502,
}
group { "dev_site_two":
ensure => present,
gid => 503,
}
group { "dev_site_three":
ensure => present,
gid => 504,
}
user { "user_one":
ensure => present,
uid => 500,
gid => 500,
gid => 502,
gid => 503,
gid => 504,
}
user { "user_two":
ensure => present,
uid => 501,
gid => 501,
}
}
运行这个:
puppet apply --noop ./init.pp
产量:
错误:在节点my_web_server上的/etc/puppet/modules/webserver/manifests/init.pp:159上的用户[user_one]上重复参数'gid'
尝试2:
我试图像这样突破每个gid声明:
class usergroup {
group { "user_one":
ensure => present,
gid => 500,
}
group { "user_two":
ensure => present,
gid => 501,
}
group { "dev_site_one":
ensure => present,
gid => 502,
}
group { "dev_site_two":
ensure => present,
gid => 503,
}
group { "dev_site_three":
ensure => present,
gid => 504,
}
user { "user_one":
ensure => present,
uid => 500,
gid => 500,
}
user { "user_one":
gid => 502,
}
user { "user_two":
ensure => present,
uid => 501,
gid => 501,
}
}
运行这个:
puppet apply --noop ./init.pp
产量:
错误:重复声明:用户[user_one]已在文件/etc/puppet/modules/webserver/manifests/init.pp:156中声明; 无法在节点my_web_server上的/etc/puppet/modules/webserver/manifests/init.pp:160重新声明
...其中160是我尝试将gid 502分配给user_one的地方.
题
有没有办法用Puppet分配多个组,还是我必须手动分配这些组?
roe*_*ijn 14
是的有办法!
看看http://docs.puppetlabs.com/references/latest/type.html#user.
参数gid指定用户的主要组,该主要组必须是唯一的.可以使用groups参数指定其他组.
假设500应该是主要组...
user { "user_one":
ensure => present,
uid => 500,
gid => 500,
groups => [502, 503, 504],
}
......应该做的工作.