1 class base_installation::users (
2 $users = $base_installation::system_users,
3 ) inherits base_installation {
4 ensure_packages('ruby-shadow')
7 purge_ssh_keys => ["/root/.ssh/authorized_keys"],
11 config_file_replace => false,
12 # Missing in the sudo package, should no be mandatory
18 content => "%wheel ALL=(ALL) ALL"
24 user { "${user[username]}:${user[userid]}":
25 name => $user[username],
28 groups => $user[groups],
30 system => !!$user[system],
31 home => "/home/${user[username]}",
32 notify => Exec["remove_password:${user[username]}:${user[userid]}"],
33 purge_ssh_keys => true
36 exec { "remove_password:${user[username]}:${user[userid]}":
37 command => "/usr/bin/chage -d 0 ${user[username]} && /usr/bin/passwd -d ${user[username]}",
38 onlyif => "/usr/bin/test -z '${user[password]}'",
42 if has_key($user, "keys") {
43 $user[keys].each |$key| {
44 ssh_authorized_key { "${user[username]}@${key[host]}":
45 name => "${user[username]}@${key[host]}",
46 user => $user[username],
47 type => $key[key_type],
51 if has_key($key, "root_command") {
52 ssh_authorized_key { "${user[username]}@${key[host]}:root":
53 name => "${user[username]}@${key[host]}:root",
56 "command=\"${key[root_command]}\"",
61 type => $key[key_type],