I need to start managing user accounts for a number of Linux VMs, so I set
up a data bag with just one user (me), to start. I’m new to data bags, just
started messing around with them earlier today, but I think I get the hang
of it as it’s pretty simple.
I’m also trying to use this community cookbook:
I got it working fine and it created the user from my data bag, with but
one problem: in the JSON file containing my user’s data, I said that my
user should be a member of the wheel group, but the user was not added to
the wheel group. There’s no warning or error that I can see when I run
chef-client, it just doesn’t do anything with the groups I listed in the
Here’s my JSON file:
“ssh_keys”: [ “” ],
“groups”: [ “sysadmin”, “wheel”, “test” ],
“comment”: “Fabien Delpierre”,
As you can see I tried adding the user to a “test” group but nothing
happened either, although I can imagine that’s because there is no group
called “test” on the system. Of course the wheel group does exist.
Looking at the README for the cookbook, there are bits that seem relevant
to what I’m trying to do but I just don’t understand what I’m supposed to
do. Here’s the excerpt from the docs that I’m struggling with:
If you have different requirements, for example:
- You want to search a different data bag specific to a role such as
mail. You may change the data_bag searched.
- data_bag mail
- You want to search for a different group attribute named postmaster.
You may change the search_group attribute. This attribute defaults to the
LWRP resource name.
- search_group postmaster
- You want to add the users to a security group other than the
lightweight resource name. You may change the group_name attribute. This
attribute also defaults to the LWRP resource name.
- group_name wheel
Putting these requirements together our recipe might look like this:
ruby users_manage “postmaster” do data_bag “mail” group_name "wheel"
group_id 10 end
So looking at the default recipe of the users cookbook, it looks like it’s
saying it’s the place to add this sort of stuff – so I added the following
bits to it:
users_manage “sysadmin” do
But of course that also did nothing.
It’s probably something dumb but I’ve been messing around with this all
afternoon today and I can’t figure it out. Every time I get what I think is
a bright idea, I make my tweak, re-run chef-client and nothing happens,
it’s rather frustrating.