I'm attempting to assign users to multiple groups with a manifest, but am running into walls.
Attempt 1:
class usergroup {
group { "user_one":
ensure => present,
gid => 500,
}
group { "user_two":
ensure => present,
gid => 501,
}
group { "dev_site_one":
ensure => present,
gid => 502,
}
group { "dev_site_two":
ensure => present,
gid => 503,
}
group { "dev_site_three":
ensure => present,
gid => 504,
}
user { "user_one":
ensure => present,
uid => 500,
gid => 500,
gid => 502,
gid => 503,
gid => 504,
}
user { "user_two":
ensure => present,
uid => 501,
gid => 501,
}
}
Running this:
puppet apply --noop ./init.pp
Yields:
Error: Duplicate parameter 'gid' for on User[user_one] at /etc/puppet/modules/webserver/manifests/init.pp:159 on node my_web_server
Attempt 2:
I tried to break out each gid declaration like so:
class usergroup {
group { "user_one":
ensure => present,
gid => 500,
}
group { "user_two":
ensure => present,
gid => 501,
}
group { "dev_site_one":
ensure => present,
gid => 502,
}
group { "dev_site_two":
ensure => present,
gid => 503,
}
group { "dev_site_three":
ensure => present,
gid => 504,
}
user { "user_one":
ensure => present,
uid => 500,
gid => 500,
}
user { "user_one":
gid => 502,
}
user { "user_two":
ensure => present,
uid => 501,
gid => 501,
}
}
Running this:
puppet apply --noop ./init.pp
Yields:
Error: Duplicate declaration: User[user_one] is already declared in file /etc/puppet/modules/webserver/manifests/init.pp:156; cannot redeclare at /etc/puppet/modules/webserver/manifests/init.pp:160 on node my_web_server
...where 160 is where I try to assign gid 502 to user_one.
Question
Is there a way to assign multiple groups with Puppet, or do I have to hand-assign these groups?
Yes there is a way!
Have a look at http://docs.puppetlabs.com/references/latest/type.html#user.
The parameter gid specifies the user's primary group which must be unique. Additional groups can be specified with the groups parameter.
Assuming that 500 should be the primary group ...
user { "user_one":
ensure => present,
uid => 500,
gid => 500,
groups => [502, 503, 504],
}
... should do the job.