Puppet module to manage groups not working

groupspuppet

I have configured a module to set up a new group using the following documentation: https://puppet.com/docs/puppet/latest/types/group.html.

[root@puppetmaster ~]# cat /etc/puppet/modules/change-groups/manifests/init.pp 
class change-groups {

    group { "newgroup":
        gid => 3651,
        members => "user1,user2",
    }

}

Unfortunately I do get an error message. What could be the reason?

info: /Group[newgroup]: Provider groupadd does not support features manages_members; not managing attribute members

Best Answer

Based on the documentation:

Manage groups. On most platforms this can only create groups. Group membership must be managed on individual users.

On some platforms such as OS X, group membership is managed as an attribute of the group, not the user record. Providers must have the feature ‘manages_members’ to manage the ‘members’ property of a group record

This is notoriously not working on Linux platforms that use groupadd/groupmod/groupdel to edit groups - see upstream issue #1298.

There is an alternative group provider by the Portland State University that can edit the group file.

Another option is to use Augeas to manage the group file.

Related Topic