Salt: State user.present will fail to create home if user exists and homedir doesn't
Ran into this today, it appears that in one of our installs, the user got created at some point, but their home dir didn't. When I ran the highstate today, it errored out with the following:
local:
ID: xxxxxxx
Function: user.present
Result: False
Comment: These values could not be changed: {'homeDoesNotExist': '/home/xxxxxxx'}
Started: 11:30:43.057275
Duration: 6.189 ms
Changes:
It looks like here the change doesn't get made, but reports it back as a change that is remaining.
https://github.com/saltstack/salt/blob/2014.7/salt/states/user.py#L110
Should the user.add module be called to create the home dir or should user.chhome be modified to create a homedir if one doesn't exist.
calvinhp
All 31 comments
Thanks for the report @calvinhp! Can you post the output of salt --versions-report as well as let us know what OS and OS version you're running?
rallytime
on 9 Dec 2014
The Master:
salt01% salt --versions-report
Salt: 2014.7.0
Python: 2.7.8 (default, Dec 3 2014, 04:17:02)
Jinja2: 2.7.3
M2Crypto: 0.22
msgpack-python: 0.4.2
msgpack-pure: Not Installed
pycrypto: 2.6.1
libnacl: Not Installed
PyYAML: 3.11
ioflo: Not Installed
PyZMQ: 14.3.1
RAET: Not Installed
ZMQ: 4.0.4
Mako: Not Installed
The Minion:
$ salt --versions-report
Salt: 2014.7.0
Python: 2.6.6 (r266:84292, Nov 21 2013, 10:50:32)
Jinja2: 2.2.1
M2Crypto: 0.20.2
msgpack-python: 0.1.13
msgpack-pure: Not Installed
pycrypto: 2.0.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 14.3.1
RAET: Not Installed
ZMQ: 3.2.4
Mako: Not Installed
Thanks! We'll get this fixed up.
rallytime
on 9 Dec 2014
@calvinhp Can you post your user state?
salt.modules.user.chhome already creates the home directory if one doesn't exist when persist is True as it specified -m flag which according to the documentation says If the -m option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist. There is something else going on here. The logic seems to be too complicated.
nmadhok
on 16 Dec 2014
Here is an example of a user state in our salt:
xxxxxxx-user:
user.present:
- name: xxxxxxx
- fullname: xxxxxxx xxxxxxx
- uid: 11976
- gid_from_name: True
- home: /home/xxxxxxx
- shell: /bin/zsh
- groups:
- staff
{% if grains['os_family'] == 'Debian' -%}
- sudo
{% else %}
- wheel
{% endif %}
- require:
- pkg: zsh
Some additional analysis of this issue in #19250
djs52
on 24 Dec 2014
This is still broken in 2014.7.1. It seems odd this is closed in favor of #19250, when #19250 is marked as a duplicate of this bug! This issue still exists:
ID: salt-minion-user-g2prefix
Function: user.present
Name: g2prefix
Result: False
Comment: These values could not be changed: {'homeDoesNotExist': '/home/g2prefix'}
Started: 18:37:16.610962
Duration: 307.768 ms
Changes:
state:
salt-minion-user-g2prefix:
user.present:
- name: g2prefix
- fullname: Salt Owner Account
- password: {redacted}
- shell: /bin/bash
- home: /home/g2prefix
- uid: 4004
- gid: 4004
- require:
- group: salt-minion-group-g2prefix
smithjm
on 4 Feb 2015
@smithjm Thanks for the update. The bug referenced above was indeed closed in favor of this one as it was a duplicate, but this issue is still open. It's a bit confusing with "Closed" label right above your comment, so I can see why this issue would appear closed.
We haven't been abel to get a fix in for this yet, but we will get to it as soon as we can. The extra information and state you provided is definitely helpful!
@nmadhok Were you going to take a crack at this one? No worries if not, just curious.
rallytime
on 4 Feb 2015
I got the same error
salt-call --versions-report
Salt: 2014.7.1
Python: 2.7.3 (default, Dec 18 2014, 19:10:20)
Jinja2: 2.6
M2Crypto: 0.21.1
msgpack-python: 0.1.10
msgpack-pure: Not Installed
pycrypto: 2.4.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 13.0.0
RAET: Not Installed
ZMQ: 3.2.2
Mako: Not Installed
ID: web
Function: user.present
Name: www-data
Result: False
Comment: These values could not be changed: {'homeDoesNotExist': '/var/www'}
Started: 05:46:14.205666
Duration: 17.365 ms
Changes:
----------
shell:
/usr/sbin/nologin
hvnsweeting
on 5 Feb 2015
@rallytime I was going to but haven't gotten the time yet. I will look at the earliest. Last time I looked, I remember the logic needed a drastic change.
nmadhok
on 5 Feb 2015
Confirmed. I just ran into this exact same issue with:
# salt-call --versions
Salt: 2014.7.2
Python: 2.7.5 (default, Feb 11 2014, 07:46:25)
Jinja2: 2.7.2
M2Crypto: 0.21.1
msgpack-python: 0.4.2
msgpack-pure: Not Installed
pycrypto: 2.6.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 14.3.1
RAET: Not Installed
ZMQ: 4.0.4
Mako: Not Installed
SEJeff
on 30 Mar 2015
just throwing in a "me too"
# salt-call --versions-report
Salt: 2014.7.2
Python: 2.6.6 (r266:84292, Jan 22 2014, 01:49:05)
Jinja2: unknown
M2Crypto: 0.20.2
msgpack-python: 0.1.13
msgpack-pure: Not Installed
pycrypto: 2.0.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 2.2.0.1
RAET: Not Installed
ZMQ: 3.2.4
Mako: Not Installed
gmcwhistler
on 2 Apr 2015
this also hit 2015.2
salt --versions-report
Salt: 2015.2.0rc2
Python: 2.7.6 (default, Mar 22 2014, 22:59:56)
Jinja2: 2.7.2
M2Crypto: 0.21.1
msgpack-python: 0.3.0
msgpack-pure: Not Installed
pycrypto: 2.6.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 14.0.1
RAET: Not Installed
ZMQ: 4.0.4
Mako: 0.9.1
Is this fixed in 2015.5? I still have this error
Salt: 2015.5.0-128-gca7729d
Python: 2.7.9 (default, Jan 7 2015, 11:50:42)
Jinja2: 2.7.3
M2Crypto: 0.22
msgpack-python: 0.4.6
msgpack-pure: 0.1.3
pycrypto: 2.6.1
libnacl: Not Installed
PyYAML: 3.11
ioflo: 1.2.1
PyZMQ: 14.6.0
RAET: Not Installed
ZMQ: 4.0.5
Mako: 1.0.1
----------
ID: couchdb_user
Function: user.present
Name: couchdb
Result: False
Comment: These values could not be changed: {'home': '/var/lib/couchdb'}
Started: 14:29:04.011125
Duration: 23.977 ms
Changes:
couchdb_user:
user.present:
- name: {{couchdb.user}}
- fullname: CouchDB Admin
- createhome: False
- home: /var/lib/couchdb
- shell: /bin/bash
- empty_password: True
- system: True
h0jeZvgoxFepBQ2C
on 20 May 2015
@lichtamberg is there any error log when you run that?
anw, this is not exactly the origin error of this issue:
Comment: These values could not be changed: {'homeDoesNotExist': '/home/xxxxxxx'}
New one:
Comment: These values could not be changed: {'home': '/var/lib/couchdb'}
hvnsweeting
on 21 May 2015
+1
Salt: 2015.5.0
Python: 2.7.3 (default, Mar 13 2014, 11:03:55)
Jinja2: 2.6
M2Crypto: 0.21.1
msgpack-python: 0.1.10
msgpack-pure: Not Installed
pycrypto: 2.6
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 13.1.0
RAET: Not Installed
ZMQ: 3.2.3
Mako: 0.7.0
Debian source package: 2015.5.0+ds-1~bpo70+1
ID: www-data
Function: user.present
Result: False
Comment: These values could not be changed: {'home': '/home/www-data'}
Started: 18:36:32.334948
Duration: 25.436 ms
Changes:
amontalban
on 2 Jul 2015
I've got this too.
Salt: 2014.7.5
Python: 2.7.3 (default, Dec 18 2014, 19:10:20)
Jinja2: 2.6
M2Crypto: 0.21.1
msgpack-python: 0.1.10
msgpack-pure: Not Installed
pycrypto: 2.4.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 14.0.1
RAET: Not Installed
ZMQ: 4.0.4
Mako: Not Installed
Debian source package: 2014.7.5+ds-1precise1
DaveQB
on 24 Aug 2015
@DaveQB sure, because the fix is not on that version:
https://github.com/saltstack/salt/commit/c4e95b9f487671ee09252c966de6dca3653e7999
You need 2014.7.6+
hvnsweeting
on 24 Aug 2015
@hvnsweeting
Oh bugger.
Thanks.
DaveQB
on 24 Aug 2015
@DaveQB if you cannot upgrade to higher version for any reason, you can add this module to your states/_states : https://github.com/bclermont/states/blob/master/_states/user.py
It just ports the fix back to use with 2014.7.5
hvnsweeting
on 24 Aug 2015
I am seeing this issue in 2015.5.3. I want to change an existing user's home directory.
ngrennan-inflection
on 25 Aug 2015
@rallytime The logic needs some major refactoring/change. It's not correct.
nmadhok
on 25 Aug 2015
I cannot reproduce this, how did you guys got this problem ?
root@trananhkma:/srv/salt# grep foo /etc/passwd
foo:x:1001:1001::/tmp/foo2:
root@trananhkma:/srv/salt# ls -l /tmp/foo2/
total 0
root@trananhkma:/srv/salt# ls -l /tmp/foo3
ls: cannot access /tmp/foo3: No such file or directory
root@trananhkma:/srv/salt# cat buguser.sls
foo:
user:
- present
- home: /tmp/foo3
local:
----------
ID: foo
Function: user.present
Result: True
Comment: Updated user foo
Started: 11:07:34.981777
Duration: 45.541 ms
Changes:
----------
home:
/tmp/foo3
on version
root@trananhkma:/srv/salt# salt-call --versions-report
Salt: 2015.5.3
Python: 2.7.6 (default, Jun 22 2015, 17:58:13)
Jinja2: 2.8
M2Crypto: 0.21.1
msgpack-python: 0.3.0
msgpack-pure: Not Installed
pycrypto: 2.6.1
libnacl: Not Installed
PyYAML: 3.10
ioflo: Not Installed
PyZMQ: 14.0.1
RAET: Not Installed
ZMQ: 4.0.4
Mako: 1.0.1
Tornado: Not Installed
Debian source package: 2015.5.3+ds-1trusty1
trananhkma
on 30 Aug 2015
Hi Guys,
Has the fix been found? having the same issue in 2016.3.3 as well.
SLS File:
demo user creation:
- user.present:
- name: demouser
- shell: /bin/bash
- home: /tmp/demouser
Output:
[root@saltstack ~]# salt '*' state.highstate
saltminion.example.com:
ID: demo user creation
Function: user.present
Name: demouser
Result: False
Comment: Failed to create new user demouser
Started: 21:21:34.389190
Duration: 312.166 ms
Changes:
Summary for saltminion.example.com
Succeeded: 0
Failed: 1
Total states run: 1
Total run time: 312.166 ms
ERROR: Minions returned with non-zero exit code
User is created but home directory doesn't.
[root@saltminion ~]# grep demouser /etc/passwd
demouser:x:1001:1001::/tmp/demouser:/bin/bash
[root@saltminion ~]# ls -ld /tmp/demouser
ls: cannot access /tmp/demouser: No such file or directory
[root@saltminion ~]#
Dineshramk
on 4 Oct 2016
Hello.
Same problem here:
ID: apache
Function: user.present
Result: False
Comment: These values could not be changed: {'home': '/var/www'}
Started: 07:43:00.152834
Duration: 203.725 ms
Changes:
----------
groups:
- apache
- app
SLS:
apache:
user.present:
- name: apache
- fullname: Apache
- shell: /sbin/nologin
- home: /var/www
- uid: 48
- groups:
- app
service.running:
- name: httpd
- enable: true
- require:
- user: apache
- file: apache config
```
`/etc/passwd` > `apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin`
Problem is, that user Apache is installed with package random data and we need to have this data on all servers identical.
Target data is: `apache:x:48:48:Apache:/var/www:/sbin/nologin`
Fix for us is manually edit this file and reboot server, but it a little unhappy do this on many servers.
[root@3 ~]# salt-call --versions-report
Salt Version:
Salt: 2016.11.9
Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.6.1
docker-py: Not Installed
gitdb: 2.0.3
gitpython: 2.1.9
ioflo: Not Installed
Jinja2: 2.7.2
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.5.1
mysql-python: 1.2.5
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 2.7.5 (default, Aug 4 2017, 00:39:18)
python-gnupg: Not Installed
PyYAML: 3.11
PyZMQ: 15.3.0
RAET: Not Installed
smmap: 2.0.3
timelib: Not Installed
Tornado: 4.2.1
ZMQ: 4.1.4
System Versions:
dist: centos 7.4.1708 Core
machine: x86_64
release: 3.10.0-693.21.1.el7.x86_64
system: Linux
version: CentOS Linux 7.4.1708 Core
```
Best regards.
LHozzan
on 20 Apr 2018
I am still having the same issue of changing an existing user's home directory with 2017.7.5:
nrpe-nagios_user:
user.present:
- name: nagios
- home: /home/nagios
- fullname: 'Nagios System User'
- shell: /bin/bash
- require:
- pkg: nrpe-pkgs
```local:
ID: nrpe-nagios_user
Function: user.present
Name: nagios
Result: False
Comment: These values could not be changed: {'home': '/home/nagios'}
Started: 16:52:04.045301
Duration: 94.0 ms
Changes:
Salt Version:
Salt: 2017.7.5
Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.7.2
docker-py: Not Installed
gitdb: Not Installed
gitpython: Not Installed
ioflo: Not Installed
Jinja2: 2.8.1
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.4.6
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 2.7.14 (default, Jan 31 2018, 02:12:13)
python-gnupg: Not Installed
PyYAML: 3.11
PyZMQ: 14.5.0
RAET: Not Installed
smmap: Not Installed
timelib: Not Installed
Tornado: 4.2.1
ZMQ: 4.0.5
System Versions:
dist: centos 6.9 Final
locale: UTF-8
machine: x86_64
release: 2.6.32-696.23.1.el6.x86_64
system: Linux
version: CentOS 6.9 Final
grep nagios /etc/passwd
nagios:x:498:498:Nagios System User,,,:/var/spool/nagios:/bin/bash
```
Any idea on a fix?
rongshengfang
on 15 May 2018
@saltstack/team-triage can someone take a look at this?
gtmanfred
on 5 Nov 2018
Same here.
users/stack.sls
user_stack:
user.present:
- name: stack
- fullname: stack
- shell: /bin/bash
- home: /opt/stack
- uid: 1333
- gid: 1333
- groups:
- sudo
output
----------
ID: user_stack
Function: user.present
Name: stack
Result: False
Comment: Failed to create new user stack
Started: 15:38:02.059512
Duration: 52.886 ms
Changes:
Version
Salt Version:
Salt: 2018.3.3
Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.5.3
docker-py: Not Installed
gitdb: 2.0.0
gitpython: 2.1.1
ioflo: Not Installed
Jinja2: 2.9.4
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.4.8
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 2.7.13 (default, Sep 26 2018, 18:42:22)
python-gnupg: Not Installed
PyYAML: 3.12
PyZMQ: 16.0.2
RAET: Not Installed
smmap: 2.0.1
timelib: Not Installed
Tornado: 4.4.3
ZMQ: 4.2.1
System Versions:
dist: debian 9.6
locale: UTF-8
machine: x86_64
release: 4.9.0-8-amd64
system: Linux
version: debian 9.6
MightyMaveous
on 3 Jan 2019
Still present in 2019.2.0
$ salt-minion --versions
Salt Version:
Salt: 2019.2.0
Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.6.1
docker-py: Not Installed
gitdb: Not Installed
gitpython: Not Installed
ioflo: Not Installed
Jinja2: 2.10
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: 1.0.7
msgpack-pure: Not Installed
msgpack-python: 0.5.6
mysql-python: 1.3.10
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 2.7.15rc1 (default, Nov 12 2018, 14:31:15)
python-gnupg: 0.4.1
PyYAML: 3.12
PyZMQ: 16.0.2
RAET: Not Installed
smmap: Not Installed
timelib: Not Installed
Tornado: 4.5.3
ZMQ: 4.2.5
System Versions:
dist: Ubuntu 18.04 bionic
locale: UTF-8
machine: x86_64
release: 4.15.0-1032-gcp
system: Linux
version: Ubuntu 18.04 bionic
timwsuqld
on 24 May 2019
I've run into a similar issue, and in the hopes of helping folks stumbling across this bug report, I've documented the steps I took to resolve it.
In brief
Try manually changing the user home directory with usermod and see if any errors are given.
To avoid this confusion, Salt could be more informative on why the values could not be changed.
Problem
----------
ID: app.user-basic
Function: user.present
Name: existing-user
Result: False
Comment: These values could not be changed: {u'home': u'/path/to/new/home'}
Started: 17:40:16.369636
Duration: 20.876 ms
Changes:
admin@box:~$ sudo usermod --home /path/to/new/home existing-user
usermod: user existing-user is currently used by process 18234
# Stop the service if running and changes will be made
app.user-basic.stop-for-changes:
service.dead:
- name: existing-user-service
- prereq:
# Stop service before making changes
- user: app.user-basic
# Set up the user
app.user-basic:
user.present:
- name: existing-user
- system: True
- createhome: False # Handled below
- home: /path/to/new/home
# [...removed other bits of configuration...]
# Start the service
app.service:
service.running:
- name: existing-user-service
- enable: True
Excerpt of Salt call output
----------
ID: app.user-basic.stop-for-changes
Function: service.dead
Name: existing-user-service
Result: True
Comment: Service existing-user-service was killed
Started: 17:45:29.589417
Duration: 100.504 ms
Changes:
----------
existing-user-service:
False
----------
ID: app.user-basic
Function: user.present
Name: existing-user
Result: True
Comment: Updated user existing-user
Started: 17:45:29.693622
Duration: 26.762 ms
Changes:
----------
home:
/path/to/new/home
[...]
----------
ID: app.service
Function: service.running
Name: existing-user-service
Result: True
Comment: Service existing-user-service is already enabled, and is running
Started: 17:45:31.084540
Duration: 121.158 ms
Changes:
----------
existing-user-service:
True
If this does not fix your issue, try manually changing the home directory with usermod. There may be something else going on.
digitalcircuit
on 11 Nov 2019
@digitalcircuit, that looks like the beginning of a fix, but I wonder if further corners are hiding as well. I agree that more articulate reporting that reaches closer to root causes comprises a major portion of the solution.
jfindlay
on 12 Nov 2019
Related issues
layer3switch
路
3Comments
nixjdm
路
3Comments
commutecat
路
3Comments
twangboy
路
3Comments
udf2457
路
3Comments