Two things regarding your puppet code.
The define should be in it's own file (named add_user.pp, and located in the <modulename>/manifests/ folder) , rather than in the class file.
Set the define up (change $name to $username, as $name is a reserved variable), and then add the same set of parameters as the define uses to the class. (which in your example would be $modulepath/users/manifests/add.pp to make it work with the autoloader)
If you change the class as follows:
class users::add( $u_name, $u_comment, $u_home, $u_shell, $u_uid, $u_gid, $u_password)
{
users::add_user{ $u_name:
$username => $u_name,
$comment => $u_comment,
$home => $u_home,
$shell => $u_shell,
$uid => $u_uid,
$gid => $u_gid,
$password => $u_password,
}
}
And change the site.pp to:
import "classes/*.pp"
node default{
class { 'add_user':
username => "saga",
comment => "Arun Sag",
gid => "100",
home => "/home/saga",
password => '$1$passwordhash/',
shell => "/bin/bash",
uid => "70960",
}
}
For the yaml, something like this will do it, please refer to the documentation for more details:
---
classes:
users::add:
parameters:
name: some_name
comment: some_comment
home: home_value
shell: /bin/sh
uid: 3990
gid: 3990
password: superstrongpassword
environment:
production
You're using the default location for $ssldir - what's your puppet.conf look like?
The default deployment of Puppet on RHEL derivatives has a puppet.conf with something like the following:
[main]
ssldir = /var/lib/puppet/ssl
If you put this back in place, the SELinux policy shouldn't have a problem with the location of your SSL directory.
Best Answer
Maybe this would be helpful? http://projects.puppetlabs.com/issues/2856
Recurselimit seems to work for /home/user1, but also sets /home to user_home_dir_t.
You could set up a custom fact that returns all home directories in an array (too many users could be a problem here):
Perhaps the best option in this case would be to run restorecon since you seem to have implemented a solution for newly created directories.