Forge Home

root

root account module

7,487 downloads

205 latest version

5.0 quality score

Version information

  • 5.1.2 (latest)
  • 5.1.1
  • 5.1.0
  • 5.0.0
  • 4.6.0
  • 4.5.0
  • 4.4.0
  • 4.3.0
  • 4.2.0
  • 4.1.1
  • 4.1.0
  • 4.0.0
released Jun 21st 2022
This version is compatible with:
  • Puppet Enterprise 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x
  • Puppet >= 6.0.0 < 8.0.0
  • , , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'treydock-root', '5.1.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add treydock-root
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install treydock-root --version 5.1.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: root

Documentation

treydock/root — version 5.1.2 Jun 21st 2022

puppet-root

Puppet Forge Build Status

Table of Contents

  1. Overview
  2. Usage - Configuration options
  3. Reference - Parameter and detailed reference to all options
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Overview

This module manages the Linux root user.

Puppet 6 has soft dependencies on the following modules:

Usage

root

include ::root

Manage root and define mailaliases, ssh_authorized_keys and set a password.

root::mailaliases:
  - 'root@example.com'
root::password: '$1$Bp8B.dWo$DUVekjsAsU0ttWZmS37P5'
root::ssh_authorized_keys:
  - 'ssh-rsa somelonghash== user@fqdn'

Authorized keys can also be set using a hash.

root::ssh_authorized_keys:
  user@fqdn:
    type: 'ssh-rsa'
    key: 'somelonghash=='

To export a system's root RSA key

root::export_key: true

To collect exported root RSA keys from multiple tags

root::collect_exported_keys: true
root::collect_exported_keys_tags:
  - "${::domain}"
  - 'foo'

Add Kerberos principals to /root/.k5login:

root::kerberos_login_principals:
  - user1@EXAMPLE.COM
  - user2@EXAMPLE.COM

Add Kerberos principals and commands to /root/.k5users. Note that user3 and user4 will not have commands defined. The examples also illustrate defining commands as strings or arrays.

root::kerberos_users_commands:
  user1@EXAMPLE.COM:
    - /bin/systemctl
    - /bin/cat
  user2@EXAMPLE.COM: /bin/systemctl /bin/cat
  user3@EXAMPLE.COM: ''
  user4@EXAMPLE.COM: []

If a different module manages Kerberos for root, disable Kerberos in this module:

root::manage_kerberos: false

Set an automatic logout for idle interactive shells (in seconds):

root::logout_timeout: 600

Reference

http://treydock.github.io/puppet-module-root/

Limitations

This module has been tested on:

  • RedHat & CentOS 6 x86_64
  • RedHat & CentOS 7 x86_64

Development

Testing

Testing requires the following dependencies:

  • rake
  • bundler

Install gem dependencies

bundle install

Run unit tests

bundle exec rake test

If you have Vagrant >= 1.2.0 installed you can run system tests

bundle exec rake acceptance