Just checking in on this. I see Dan's comment in the ticket: "See above,
we need to make this non-breaking for Chef 11.x and then make it the
default in 12."
From my perspective, the issue is new (or existing) Chef users are or
become used to simply declaring a resource, and finding that "by magic" the
user directory was created. This is expected behaviour for a Red Hat user.
When they then try to create a user on any other system, they discover
that because manage_home is false, the directory isn't created. Which is a
shock.
The documentation for this is particularly poor. Firstly, the manage_home
convenience method isn't even documented. Secondly, the
'supported_features' documentation doesn't really make it explicit that
unless you add the (cryptic) ``supports :manage_home => true` you won't
get the user directory created.
I agree that the resource should behave the same by default on all
platforms. An alternative solution is to make the default of manage_home
to be "true", and to document clearly that if you don't want the user
directory to be created, explicitly declare it in the resource.
This has the advantage of not requiring thousands of RHEL users to have to
update all their recipes to add "manage_home true", but means that anyone
who created a user and didn't want a home directory would have to add an
explicit "manage_home false".
Which has the biggest impact? Or do we philosophically say: "Just because
RHEL alone creates user directories by default, doesn't mean that should
inform the behaviour of Chef"?
S.
See above, we need to make this non-breaking for Chef 11.x and then make it
the default in 12.
On 30 January 2013 15:59, John Alberts john.m.alberts@gmail.com wrote:
I think having manage_home behave differently per platform would be
confusing and lead to more code changes on the user side in order to
account for different platforms. While I sort of understand Mike's point,
I don't necessarily agree. Since I use data bags for users and loop
through to create the users I have one line to change to accommodate this
behavior change in Chef. Definitely not a big deal.
John
On Wed, Jan 30, 2013 at 9:31 AM, Bryan McLellan btm@loftninjas.orgwrote:
On Mon, Jan 28, 2013 at 3:47 PM, Mike miketheman@gmail.com wrote:
I, for one using RedHat/CentOS/Amazon Linux, expect a user's account
creation to always have a home directory created, unless the following
is true:
- A 'system' user account is created (useradd -r)
- Explicitly override with 'manage_home false' (effectively 'useradd
-M')
That's exactly what I was asking. The problem is, there's currently no
way to use the user resource on these system and have it not create a
home directory, even explicitly. This is because manage_home defaults
to false already. Thus it is broken in two ways,
-
The user resource is different by default on redhat than other
platforms
-
You can't use it to create user without two home directories
The goal of the ticket was to fixed #2, but it does change #1 too. If
the expectation of Redhat users, particularly ones who are new to how
Chef works now, expect home directories to always be created, then an
alternative would be to apply this fix, but also set manage_home to
default to true on those platforms. We could do this by platform,
platform_family, or be more hack-ish and look for a /etc/login.defs
with this value set.
Don't break my Chef.
If this is included in Chef 11 - as it probably should be, as it's a
logical bug, considering the default value of :manage_home is false,
then this should be lit up in lights, painted across the sky, shouted
across the rooftops.
Please understand we're not trying to break you, but find the best
possible outcome to fix this bug and provide a Chef that produces the
least surprises to new users.
Bryan
--
John Alberts
--
Stephen Nelson-Smith,
Founder, Principal Consultant,
Atalanta Systems Ltd,
Web: http://agilesysadmin.net
Twitter: @lordcope
Skype: atalanta.systems
Direct: +44 (0) 1329 550203
Mobile: +44 (0) 7917 101919
Atalanta Systems: The Agile Infrastructure Enablers
http://atalanta-systems.com