Bug #9506
Puppet 'user' and 'group' providers are case-sensitive on Windows
| Status: | Accepted | Start date: | 09/14/2011 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Josh Cooper |
% Done: | 0% |
|
| Category: | windows | |||
| Target version: | 2.7.x | |||
| Affected Puppet version: | 2.7.6 | Branch: | ||
| Keywords: | windows user password | |||
| Votes: | 1 |
Description
If a ‘user’ resource is created, and specifies membership in the ‘administrators’ group, Puppet will always see this as a change and attempt to sync the resource, usually trying to add the puppet-version group name.
‘Administrators’ is a default group, but can be specified in any case. Either the type or provider (or both) should normalize the user’s group membership such that Puppet doesn’t see [‘Administrator’, ‘administrator’] as distinct values, and always try to re-sync the resource.
Sample.pp:
`group { ‘puppet users’ : ensure => present, }
user{ ‘puppet’ : ensure => present, groups => [‘puppet users’, ‘administrators’ ], }`
puppet apply sample.pp: (create)
notice: /Group[puppet users]/ensure: created notice: /Stage[main]//User[puppet]/ensure: created
puppet apply sample.pp: (again)
err: /Stage[main]//User[puppet]/groups: change from puppet users,Administrators to Administrators,administrators,puppet users failed: Add
OLE error code:80070562 in <Unknown>
<No Description>
HRESULT error code:0x80020009
Exception occurred.
(tries to add an existing group to membership)
Related issues
History
Updated by Cameron Thomas 8 months ago
Also noticed that the same effect occurs with ‘require’ properties, i.e.
$groups = [ ‘Administrators’, ‘SYSTEM, 'Power Users’ ]
group { $groups : ensure => present, }
user { “name” : ensure => present, groups => $groups, membership => minimum, home => “c:\users\$name”, groups => [ “administrators”, “power users”, “system” ], }
Updated by James Turnbull 7 months ago
- Category set to windows
- Status changed from Unreviewed to Needs Decision
- Assignee set to Jacob Helwig
Updated by Jacob Helwig 5 months ago
- Status changed from Needs Decision to Unreviewed
- Assignee deleted (
Jacob Helwig)
The real question is if this is any different from the behavior on other platforms. Unfortunately, I’m not going to have time to investigate this any time soon.
Updated by Josh Cooper 5 months ago
- Status changed from Unreviewed to Accepted
I confirmed that puppet on Centos is case-sensitive, so if a user ‘foo’ exists, puppet will create and manage user ‘Foo’ separately:
$ sudo /usr/sbin/useradd foo
$ tail -1 /etc/passwd
foo:x:504:504::/home/foo:/bin/bash
$ cat user.pp
user { 'Foo':
ensure => 'present',
}
$ sudo env RUBYLIB=$RUBYLIB /home/josh/work/puppet/bin/puppet apply --debug --trace user.pp
...
debug: User[Foo](provider=useradd): Executing '/usr/sbin/useradd -M Foo'
notice: /Stage[main]//User[Foo]/ensure: created
Updated by Josh Cooper 2 months ago
- Parent task deleted (
#8268)
Updated by Josh Cooper 2 months ago
- Assignee set to Josh Cooper
- Affected Puppet version set to 2.7.6
- Keywords set to windows user password