The module fails to add a user to a group if the user does not exist.

The module fails to indicate that it has failed and instead issues a notice of change.

The notice of change is not true stating:

members changed 'user1,user2,user3 to ['user1', 'user2', 'user3', 'notexist']

Where notexist is a username that does not exist.

Using a check for the username like bash/gnu id $user would ensure the user exists or fail before attempting to manage the group. Otherwise, I'm not sure this module is working as expected.

FYI, I filed a ticket with puppet about the breakage in version 5.5.7.
Here is the ticket for puppet: https://tickets.puppetlabs.com/browse/PUP-9265
It looks like they might fix the behavior. Will the latest version (v.1.0.6) of the gpasswd module work if the original behavior is restored?

Thanks,
Jason

Puppetserver version 7.11
Puppet Agent version 7.24
Client and Server both RHEL8

Installed the gpasswd module:

/opt/puppetlabs/bin/puppet module install --target-dir /etc/puppetlabs/code/modules onyxpoint-gpasswd --version 1.1.2
/opt/puppetlabs/bin/puppet module list

...
├── onyxpoint-gpasswd (v1.1.2)
...

But debug runs show this:
Debug: /Group[puppet]: Provider gpasswd does not support features manages_local_users_and_groups; not managing attribute forcelocaDebug: /Group[puppet]: Provider gpasswd does not support features manages_local_users_and_groups; not managing attribute forcelocal

manifest has this for the group call:

group { 'testkrbusers':
          ensure  => present,
          gid     => 610,
          members => $access_members,
 }

where access-members is an array pulled in via puppet-ldapquery.

Do I need to add another directive or what else might I be missing ?

Hi there,

I want to try using your gpasswd module, but it seems to break the command 'puppet resource gorup ', which I need to work in my environment. I'm using pe-puppet-3.7.3.3-1.pe.el6.noarch

Any chance this can be fixed?

Output:

grep labr_prd /etc/group

labr_prd:!:236:labr_prd

puppet resource group labr_prd

Error: Could not run: undefined method `-' for nil:NilClass

i have had to attempt to uninstall it but it doesn't seem to go away. now all of my group resources are making up gid's when im trying to pass them in. this is bad.

in addition, i never got the group members to update at all using the gpasswd provider. manage_members will now not go away in my organization

If I create a members list and change the order in hiera, every puppet run will send a notice.

For example, with a group called "example_group"

Heira:

groups::example_group:
  - user1
  - user2

Reverse the order of those and I get this every run:

Notice: /Stage[main]/Groups/Groups::System/Group[example_group]/members: members changed 'user1,user2' to 'user2,user1'

Similarly, if you insert a "-user3" at the top of the list, you get a notice every time.

To be clear, the group has the correct membership, it's just that gpasswd simply does it's thing and doesn't care about order.

Scott

Notice: /Stage[main]/User::Jenkins/Group[xxx-xxxx]/members: current_value jenkinsuismail, should be jenkinsmanagehometrueensurepresent (noop)

It seems like this should support Debian, if it works on Ubuntu; is that a possibility?

The module does respect the values from login.defs (at least on RHEL Systems)

/etc/login.defs:

(...)
SYS_GID_MIN	201
SYS_UID_MIN	201
SYS_GID_MAX	499
SYS_UID_MAX	499

My Group-Ressource:

group { 'testgroup':
        ensure          => present,
        name            => 'testgroup',
         system          => true,                                                                                                                                                                          
         auth_membership => true,
        members         => ['user1', 'user2']
} 

Result:

# getent group pc
testgroup:x:992:user1,user2

Expected result:
GID in range between 201 and 499

Version is 1.1.2 and puppet 6 (latest)

There are cases where you want a group but need no members defined, for example when they have the group as their primary GID.

For example, a group "mygroup" where I put root in it, then try to remove it so it's empty I get this notice:
Group[mygroup]/members: members changed root to (corrective)

And no change, so it runs every time.

Hi,

Thanks for this module, it hits a spot that needs scratching in our infrastructure. We tried to roll it out but it seems there is a symlink defined to a location that doesn't exist in our infrastructure:
gpasswd/spec/fixtures/modules/gpasswd -> /etc/puppet/modules/onyxpoint-gpasswd
I'm not sure what it's for, but it's breaking our installation:
[xx@xx7 ~]$ puppet module --modulepath /tmp/modules install --version=0.1.0 --ignore-dependencies onyxpoint-gpasswd
Notice: Preparing to install into /tmp/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
Error: No such file or directory - /tmp/modules/gpasswd/spec/fixtures/modules/gpasswd
Error: Try 'puppet help module install' for usage
[xx@xx7 ~]$
[root@zd007 ~]# ls -la /tmp/modules/gpasswd/spec/fixtures/modules/gpasswd
lrwxrwxrwx 1 root root 37 Jun 30 15:25 /tmp/modules/gpasswd/spec/fixtures/modules/gpasswd -> /etc/puppet/modules/onyxpoint-gpasswd
[xx@xx7 ~]$

[xx@xx7 ~]$ ls -la /tmp/modules/gpasswd/spec/fixtures/modules/gpasswd
lrwxrwxrwx 1 xx xx 37 Jun 30 15:25 /tmp/modules/gpasswd/spec/fixtures/modules/gpasswd -> /etc/puppet/modules/onyxpoint-gpasswd
[xx@xx7 ~]$

Any hints would be appreciated :)

Hello All,

When Puppet runs automatically on its own, I am seeing the following errors:

Could  not autoload puppet/type/group: Could not autoload  puppet/provider/group/gpasswd: uninitialized constant  Puppet::Type::Group::ProviderGroupadd
Did you mean?  Puppet::Type::Group::ProviderFeatures

Failed to apply catalog: Could not autoload puppet/type/group: Could not autoload puppet/provider/group/gpasswd: uninitialized constant Puppet::Type::Group::ProviderGroupadd
Did you mean? Puppet::Type::Group::ProviderFeatures

Could not autoload puppet/provider/group/gpasswd: uninitialized constant Puppet::Type::Group::ProviderGroupadd
Did you mean? Puppet::Type::Group::ProviderFeatures

I am using the following for group membership:

  group { 'groupname':
    ensure   => present,
    members  => lookup('groups::members'),
    provider => 'gpasswd'
  }

It also appears that Puppet runs are failing every second time - every 20 minutes A Puppet run appears to start, which also doesn't seem right.

Running on Ubuntu Server 16.04 LTS

Any idea what the issue could be?