In case anyone encountered this. I got creative with my puppet module and created a couple of functions to accomplish the creation/deletion of virtual user accounts within puppet
ftp_userinit is called before the users are initiated. This allows puppet to clear out the users that are there and start fresh. An example of how to call this would be something like this:
Code:
class ftp::users{
#initiate the pam module, clear unused user accounts
ftpuser_init{ 'init': }
######################################################
# FTP USER ACCOUNTS ARE DEFINED HERE! #
######################################################
ftpuser{ 'someuser1':
require => ftpuser_init['init'],
homefolder => "/home/ftpuser/ftp.user1directory.com",
username => "someuser1",
password => "someusers1pass",
}
ftpuser{ 'someuser2':
require => ftpuser_init['init'],
homefolder => "/home/ftpuser/ftp.user2directory.com",
username => "someuser2",
password => "someusers2pass",
}
}
I hope this is helpful for anyone else looking at a way to deploy new ftp users without relying solely on individual system security.
Last edited by colbyshores; 11-29-2013 at 06:19 PM..
Reason: Please use code tags, not icode tags for code blocks. Thanks.
I use puppet to deploy servers as well as LDAP. System Pam does not work well with this configuration eliminating the possibility of simply creating FTP users within puppet its self. I needed to create virtual users. The problem is that virtual user accounts relying on that pam module are hashed. This does not allow a user group's accounts to be rolled out to multiple machines.
I asked if clear text was an option because these accounts only have access to specific folders and certainly not the password file. After some work I created a few functions in puppet that exist entirely within puppet that operate each machine as if I where in front of it. The password files are able to be created, proper configuration and everything is working as it should now.
Im sure I am not the only person that has run in to password issues using LDAP in a Puppet configuration even if it is not related to FTP. That is why I posted a solution for virtual users.
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Hi
I need to display the binary text of an clearn text which is sent as input to the shell script (c shell);
ex: I will pass "HELLO" as input, and i should get the binary format of the text
Thanks in advance
Mohan (1 Reply)
Hi all,
I am working on USB data monitoring on Fedora Core 9. Kernel 2.6.25 has a built-in module (the one that isn't loadable, but compiles and links statically with the kernel during compilation) to snoop USB data. It is in <kernel_source_code>/drivers/usb/mon/.
I need to know if I can... (0 Replies)
hi, i want to use module Text::Wrap.
this module provides the option $Text::Wrap::tabstop to change the tabstop from 8 blanks to any nummer.
i want to set it to 30 blanks. but when i change the nummer of blanks nothing happens.
Text::Wrap::tabstop = 30;
$wtd = wrap("","\t",$1);
or do i... (3 Replies)
I have Apache 2 webserver as delivered with the Solaris 10 installation.
How to verify if Apache is configured with loadable module support?
Or if needs to be recompiled with loadable module support. (2 Replies)
ey everyone,
I have been working on an application for a while, and would like others to
be able to add modules for it. The problem is, I don't know how to implement
them.
I am using the dlopen() library set. I understand how to load modules into t
he program and how to execute the code.... (5 Replies)
