Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Solaris support #67

Open
deric opened this issue Jan 12, 2017 · 4 comments
Open

Solaris support #67

deric opened this issue Jan 12, 2017 · 4 comments
Labels
enhancement needs tests
Milestone
1.6

Comments

@deric
Copy link
Owner

deric commented Jan 12, 2017

Support group management on Solaris, which doesn't have gpasswd.
@deric deric added this to the 1.6 milestone Jan 12, 2017
@deric deric mentioned this issue Jan 12, 2017
Closed
@redno2
Copy link

redno2 commented Jan 18, 2017
edited by deric
Loading

Thanks to open enhancement!
Just a question, why you don't use directly usermod instead of gpasswd? usermod is on whole Linux/Unix system, and you can manage group of users whit it.
On Solaris I need to modify the gpasswd.rb (I'm not an Ruby expert...) to use like this:

  • Change primary group of user foo to group bob
    usermod -g bob foo
  • Add user foo to only group bob
    usermod -G bob foo
  • Remove all secondary group of user foo
    usermod -G '' foo
  • Setup all groups to user foo
    usermod -G bob,other,postgres,X foo

I'll change the ruby code, I need call whole groups for a specific user.

@deric
Copy link
Owner Author

deric commented Jan 18, 2017

Good question. If I recall it correctly the original motivation was to replace group management functionality which isn't really working in Puppet. I found an alternative implementation of group management and from that I started verifying if something like that would actually work. I ended up using gpasswd and it seems to be working. There was no reason to replace it.

Anyway we have an API and the underlying implementation could be changed or there might use different commands for each platform. The puppet's implementation also doesn't support all features on Solaris. The hardest part is testing and making sure that a small change won't break existing installations.

Solaris uses different kernel than other Linux distributions, thus we can't use automated Docker tests. Probably using VirtualBox will be necessary.

@deric deric mentioned this issue Jan 24, 2017
Closed
@deric
Copy link
Owner Author

deric commented Jun 2, 2017

@redno2 I've refactored group provider to work with usermod. The effort is currently tracked in 1.6 branch.

The problematic part is ensuring explicit members of a given group. This is nice:

usermod -G bob,other,postgres,X foo

but the management currently works in an inverse way. For given group e.g. postgres set all members. Which I don't know how to do with usermod without generating too many unnecessary changes.

@deric
Copy link
Owner Author

deric commented Jun 4, 2017

Btw. according to Puppet docs on Solaris provider user_role_add is used. Best solution would be not to override provider and just use provider shipped with Puppet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement needs tests
Projects
None yet
Milestone
1.6
Development

No branches or pull requests
2 participants
@deric @redno2