Error message

The spam filter installed on this site is currently unavailable. Per site policy, we are unable to accept new submissions until that problem is resolved. Please try resubmitting the form in a couple of minutes.

using augeas to add a user to the system

The scenario is that users are controlled by sssd and you want to add a user locally for those times when your connection to your password backend goes down. Useradd won't let you do it though, cause the user already exists. I figured augeas would be the perfect way to do that but I kept hitting a problem, augeas would fail.


augtool> save
error: Failed to execute command
saving failed (run 'print /augeas//error' for details)
augtool> print /augeas//error
/augeas/files/etc/passwd/error = "put_failed"
/augeas/files/etc/passwd/error/path = "/files/etc/passwd/tuphill"
/augeas/files/etc/passwd/error/lens = "/usr/share/augeas/lenses/dist/passwd.aug:33.18-41.21:"
/augeas/files/etc/passwd/error/message = "Failed to match \n { /password/ = /([^\\001-\\004\\n:]+)?/ }{ /uid/ = /[0-9]+/ }{ /gid/ = /[0-9]+/ }{ /name/ = /([^\\001-\\004\\n:]+)?/ }{ /home/ = /([^\\001-\\004\\n:]+)?/ }{ /shell/ = /([^\\001-\\004\\t\\n ][^\\001-\\004\\n]*[^\\001-\\004\\t\\n ]|[^\\001-\\004\\t\\n ])?/ }\n with tree\n { \"shell\" = \"/bin/bash\n\" } { \"name\" = \"tuphill\" } { \"password\" = \"x\" } { \"uid\" = \"500\" }"

After a bit of staring I realized the answer was right in front of me, the order in which you add the fields to the record is important. The lens has the order set but when I add to the record using augtool, the order is just whatever I happened to do...so the following is the correct way to get everything in order.

augtool> ins tuphill after /files/etc/passwd/*[last()]
augtool> set /files/etc/passwd/tuphill/password x
augtool> set /files/etc/passwd/tuphill/uid 500
augtool> set /files/etc/passwd/tuphill/gid 500
augtool> set /files/etc/passwd/tuphill/name tuphill
augtool> set /files/etc/passwd/tuphill/home /home/tuphill
augtool> set /files/etc/passwd/tuphill/shell /bin/bash
augtool> save
Saved 1 file(s)

Now I can get rid of my stopping of sssd before adding the user. Next is to rewrite this as a defined type in puppet so I can just do something like

aug_user {'tuphill':
uid => 500,
gid => 500,
password => 'x',
home => '/home/tuphill',
shell => '/bin/bash'

Wordpress category: 
Wordpress tag: 

Add new comment

Markdown

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.