On a vagrant box precise64 (ubuntu 12.04)
While creating a user resource with Chef, the home directory is not created:
My recipe:
user "myuser" do
supports :manage_home => true
shell "/bin/bash"
home "/home/myuser"
comment "Created by Chef"
password "myencryptedpassword"
system true
provider Chef::Provider::User::Useradd
action :create
end
When I authenticate:
$ su - myuser
Password:
No directory, logging in with HOME=/
Update - The workaround for precise64 (Ubuntu 12.04 64bit)
directory "/home/myuser" do
owner "myuser"
group "myuser"
mode 00755
action :create
end
While system users usually don't have a home dir, chef will create the home dir even for system users if you specify home
. I've tried it, and cannot reproduce the issue.
What is going on is a little bit hidden in the documentation. The chef documentations says:
system | Use to create a system user. This attribute may be used with useradd as the provider to create a system user which passes the -r flag to useradd.
If have a look at the man page of useradd:
-r, --system
Create a system account.
System users will be created with no aging information in /etc/shadow,
and their numeric identifiers are chosen in the SYS_UID_MIN-SYS_UID_MAX
range, defined in >/etc/login.defs, instead of UID_MIN-UID_MAX
(and their GID counterparts for the creation of groups).
Note that useradd will not create a home directory for such an user,
regardless of the default setting in /etc/login.defs (CREATE_HOME).
You have to specify the -m options if you want a home directory for
a system account to be created.
However, it seems like chef is passing the -m
option explicitly if you specify a home dir. I could not reproduce this issue therefore.
Did you add the home attribute to the recipe after the user was already created? When I was first hacking around with creating a system user, I didn't add the :manage_home and home bits to the recipe until after I had run the recipe and verified that the user was created. Subsequent runs of the recipe after adding home directory management and the home attribute didn't actually work until I deleted the user and run the recipe again.
I assume that useradd won't execute again if the user already exists, so adding -m via the recipe wouldn't happen unless and until the user is deleted and the recipe re-runs against a clean system and sends useradd -rm.
I was able to reproduce this problem and work around it.
The hint was in the chef docs for the user resource.
"[homedir] will be created unless CREATE_HOME in /etc/login.defs is set to no". On a fresh Ubuntu install that line did not exist. Perhaps it defaults to no if missing.
In /etc/login.defs I added:
CREATE_HOME yes
Once that was added my chef run would complete and create the homedir allowing my to then modify contents of the user homedir. This method may be simpler than manually creating homedirs for each user.