{ "name": "user", "description": "A convenient Chef LWRP to manage user accounts and SSH keys (this is not the opscode users cookbook)", "long_description": "# chef-user [![Build Status](https://secure.travis-ci.org/fnichol/chef-user.png?branch=master)](http://travis-ci.org/fnichol/chef-user)\n\n## Description\n\nA convenient Chef LWRP to manage user accounts and SSH keys. This is **not**\nthe Opscode *users* cookbook.\n\n* Github: https://github.com/fnichol/chef-user\n* Opscode Community Site: http://community.opscode.com/cookbooks/user\n\n## Usage\n\nSimply include `recipe[user]` in your run\\_list and the `user_account`\nresource will be available.\n\nTo use `recipe[user::data_bag]`, include it in your run\\_list and have a\ndata bag called `\"users\"` with an item like the following:\n\n {\n \"id\" : \"hsolo\",\n \"comment\" : \"Han Solo\",\n \"home\" : \"/opt/hoth/hsolo\",\n \"ssh_keys\" : [\"123...\", \"456...\"]\n }\n\nor a user to be removed:\n\n {\n \"id\" : \"lando\",\n \"action\" : \"remove\"\n }\n\nThe data bag recipe will iterate through a list of usernames defined in\n`node['users']` (by default) and attempt to pull in the user's information\nfrom the data bag item. In other words, having:\n\n node['users'] = ['hsolo']\n\nwill set up the `hsolo` user information and not use the `lando` user\ninformation.\n\n## Requirements\n\n### Chef\n\nTested on 0.10.8 but newer and older version should work just fine. File an\n[issue][issues] if this isn't the case.\n\n### Platform\n\nThe following platforms have been tested with this cookbook, meaning that the\nrecipes run on these platforms without error:\n\n* ubuntu\n* debian\n* mac_os_x\n\n### Cookbooks\n\nThere are **no** external cookbook dependencies.\n\n## Installation\n\nDepending on the situation and use case there are several ways to install\nthis cookbook. All the methods listed below assume a tagged version release\nis the target, but omit the tags to get the head of development. A valid\nChef repository structure like the [Opscode repo][chef_repo] is also assumed.\n\n### From the Opscode Community Platform\n\nTo install this cookbook from the Opscode platform, use the *knife* command:\n\n knife cookbook site install user\n\n### Using Librarian-Chef\n\n[Librarian-Chef][librarian] is a bundler for your Chef cookbooks.\nInclude a reference to the cookbook in a [Cheffile][cheffile] and run\n`librarian-chef install`. To install Librarian-Chef:\n\n gem install librarian\n cd chef-repo\n librarian-chef init\n\nTo use the Opscode platform version:\n\n echo \"cookbook 'user'\" >> Cheffile\n librarian-chef install\n\nOr to reference the Git version:\n\n cat >> Cheffile < 'git://github.com/fnichol/chef-user.git', :ref => 'v0.3.0'\n END_OF_CHEFFILE\n librarian-chef install\n\n### Using knife-github-cookbooks\n\nThe [knife-github-cookbooks][kgc] gem is a plugin for *knife* that supports\ninstalling cookbooks directly from a GitHub repository. To install with the\nplugin:\n\n gem install knife-github-cookbooks\n cd chef-repo\n knife cookbook github install fnichol/chef-user/v0.3.0\n\n### As a Git Submodule\n\nA common practice (which is getting dated) is to add cookbooks as Git\nsubmodules. This is accomplishes like so:\n\n cd chef-repo\n git submodule add git://github.com/fnichol/chef-user.git cookbooks/user\n git submodule init && git submodule update\n\n**Note:** the head of development will be linked here, not a tagged release.\n\n### As a Tarball\n\nIf the cookbook needs to downloaded temporarily just to be uploaded to a Chef\nServer or Opscode Hosted Chef, then a tarball installation might fit the bill:\n\n cd chef-repo/cookbooks\n curl -Ls https://github.com/fnichol/chef-user/tarball/v0.3.0 | tar xfz - && \\\n mv fnichol-chef-user-* user\n\n## Recipes\n\n### default\n\nThis recipe is a no-op and does nothing.\n\n### default\n\nProcesses a list of users with data drawn from a data bag. The default data bag\nis `users` and the list of user account to create on this node is set on\n`node['users']`.\n\n## Attributes\n\n### home_root\n\nThe default parent path of a user's home directory. Each resource can override\nthis value which varies by platform. Generally speaking, the default value is\n`\"/home\"`.\n\n### default_shell\n\nThe default user shell given to a user. Each resource can override this value\nwhich varies by platform. Generally speaking, the default value is\n`\"/bin/bash\"`.\n\n### manage_home\n\nWhether of not to manage the home directory of a user by default. Each resource\ncan override this value. The are 2 valid states:\n\n* `\"true\"`, `true`, or `\"yes\"`: will manage the user's home directory.\n* `\"false\"`, `false`, or `\"no\"`: will not manage the user's home directory.\n\nThe default is `true`.\n\n### create_user_group\n\nWhether or not to to create a group with the same name as the user by default.\nEach resource can override this value. The are 2 valid states:\n\n* `\"true\"`, `true`, or `\"yes\"`: will create a group for the user by default.\n* `\"false\"`, `false`, or `\"no\"`: will not create a group for the user by default.\n\nThe default is `true`.\n\n### ssh_keygen\n\nWhether or not to generate an SSH keypair for the user by default. Each\nresource can override this value. There are 2 valid states:\n\n* `\"true\"`, `true`, or `\"yes\"`: will generate an SSH keypair when the account\n is created.\n* `\"false\"`, `false`, or `\"no\"`: will not generate an SSH keypair when the account\n is created.\n\nThe default is `true`.\n\n### data_bag_name\n\nThe data bag name containing a group of user account information. This is used\nby the `data_bag` recipe to use as a database of user accounts.\n\nThe default is `\"users\"`.\n\n### user_array_node_attr\n\nThe node attributes containing an array of users to be managed. If a nested\nhash in the node's attributes is required, then use a `/` between subhashes.\nFor example, if the users' array is stored in `node['system']['accounts']`),\nthen set `node['user']['user_array_node_attr']` to `\"system/accounts\"`.\n\nThe default is `\"users\"`.\n\n## Resources and Providers\n\n### user_account\n\n**Note:** in order to use the `password` attribute, you must have the\n[ruby-shadow gem][ruby-shadow_gem] installed. On Debian/Ubuntu you can get\nthis by installing the \"libshadow-ruby1.8\" package.\n\n### Actions\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
ActionDescriptionDefault
create\n Create the user, its home directory, .ssh/authorized_keys,\n and .ssh/{id_dsa,id_dsa.pub}.\n Yes
removeRemove the user account. 
modifyModiy the user account. 
manageManage the user account. 
lockLock the user's password. 
unlockUnlock the user's password. 
\n\n### Attributes\n\n\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
AttributeDescriptionDefault Value
usernameName attribute: The name of the user.nil
commentGecos/Comment field.nil
uidThe numeric user id.nil
gidThe primary group id.nil
homeHome directory location.\"#{node['user']['home_root']}/#{username}
shellThe login shell.node['user']['default_shell']
passwordShadow hash of password.nil
system_userWhether or not to create a system user.false
manage_homeWhether or not to manage the home directory.true
create_group\n Whether or not to to create a group with the same name as the user.\n node['user']['create_group']
ssh_keys\n A String or Array of SSH public keys to populate the\n user's .ssh/authorized_keys file.\n []
ssh_keygenWhether or not to generate an SSH keypair for the user.node['user']['ssh_keygen']
\n\n#### Examples\n\n##### Creating a User Account\n\n user_account 'hsolo' do\n comment 'Han Solo'\n ssh_keys ['3dc348d9af8027df7b9c...', '2154d3734d609eb5c452...']\n home '/opt/hoth/hsolo'\n end\n\n##### Locking a User Account\n\n user_account 'lando' do\n action :lock\n end\n\n##### Removing a User account\n\n user_account 'obiwan' do\n action :remove\n end\n\n## Development\n\n* Source hosted at [GitHub][repo]\n* Report issues/Questions/Feature requests on [GitHub Issues][issues]\n\nPull requests are very welcome! Make sure your patches are well tested.\nIdeally create a topic branch for every separate change you make.\n\n## License and Author\n\nAuthor:: [Fletcher Nichol][fnichol] () [![endorse](http://api.coderwall.com/fnichol/endorsecount.png)](http://coderwall.com/fnichol)\n\nCopyright 2011, Fletcher Nichol\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n[chef_repo]: https://github.com/opscode/chef-repo\n[cheffile]: https://github.com/applicationsonline/librarian/blob/master/lib/librarian/chef/templates/Cheffile\n[kgc]: https://github.com/websterclay/knife-github-cookbooks#readme\n[librarian]: https://github.com/applicationsonline/librarian#readme\n[ruby-shadow_gem]: https://rubygems.org/gems/ruby-shadow\n\n[repo]: https://github.com/fnichol/chef-user\n[issues]: https://github.com/fnichol/chef-user/issues\n", "maintainer": "Fletcher Nichol", "maintainer_email": "fnichol@nichol.ca", "license": "Apache 2.0", "platforms": { "ubuntu": ">= 0.0.0", "debian": ">= 0.0.0", "mac_os_x": ">= 0.0.0", "suse": ">= 0.0.0" }, "dependencies": { }, "recommendations": { }, "suggestions": { }, "conflicting": { }, "providing": { }, "replacing": { }, "attributes": { }, "groupings": { }, "recipes": { "user": "This recipe is a no-op and does nothing.", "user::data_bag": "Processes a list of users with data drawn from a data bag." }, "version": "0.3.0" }