diff options
-rw-r--r-- | cloudinit/config/cc_users_groups.py | 3 | ||||
-rw-r--r-- | cloudinit/config/schema.py | 2 | ||||
-rw-r--r-- | doc/examples/cloud-config-user-groups.txt | 6 | ||||
-rw-r--r-- | tests/cloud_tests/testcases/base.py | 4 | ||||
-rw-r--r-- | tests/cloud_tests/testcases/examples/including_user_groups.py | 6 | ||||
-rw-r--r-- | tests/cloud_tests/testcases/examples/including_user_groups.yaml | 7 | ||||
-rw-r--r-- | tests/cloud_tests/testcases/modules/user_groups.py | 6 | ||||
-rw-r--r-- | tests/cloud_tests/testcases/modules/user_groups.yaml | 7 |
8 files changed, 32 insertions, 9 deletions
diff --git a/cloudinit/config/cc_users_groups.py b/cloudinit/config/cc_users_groups.py index b80d1d36..f363000d 100644 --- a/cloudinit/config/cc_users_groups.py +++ b/cloudinit/config/cc_users_groups.py @@ -15,7 +15,8 @@ options, see the ``Including users and groups`` config example. Groups to add to the system can be specified as a list under the ``groups`` key. Each entry in the list should either contain a the group name as a string, or a dictionary with the group name as the key and a list of users who should -be members of the group as the value. +be members of the group as the value. **Note**: Groups are added before users, +so any users in a group list must already exist on the system. The ``users`` config key takes a list of users to configure. The first entry in this list is used as the default user for the system. To preserve the standard diff --git a/cloudinit/config/schema.py b/cloudinit/config/schema.py index bb291ff8..ca7d0d5b 100644 --- a/cloudinit/config/schema.py +++ b/cloudinit/config/schema.py @@ -74,7 +74,7 @@ def validate_cloudconfig_schema(config, schema, strict=False): try: from jsonschema import Draft4Validator, FormatChecker except ImportError: - logging.warning( + logging.debug( 'Ignoring schema validation. python-jsonschema is not present') return validator = Draft4Validator(schema, format_checker=FormatChecker()) diff --git a/doc/examples/cloud-config-user-groups.txt b/doc/examples/cloud-config-user-groups.txt index 9c5202f5..0554d1f7 100644 --- a/doc/examples/cloud-config-user-groups.txt +++ b/doc/examples/cloud-config-user-groups.txt @@ -1,8 +1,8 @@ # Add groups to the system -# The following example adds the ubuntu group with members foo and bar and -# the group cloud-users. +# The following example adds the ubuntu group with members 'root' and 'sys' +# and the empty group cloud-users. groups: - - ubuntu: [foo,bar] + - ubuntu: [root,sys] - cloud-users # Add users to the system. Users are added after groups are added. diff --git a/tests/cloud_tests/testcases/base.py b/tests/cloud_tests/testcases/base.py index bb545ab9..b2b5b4b1 100644 --- a/tests/cloud_tests/testcases/base.py +++ b/tests/cloud_tests/testcases/base.py @@ -72,6 +72,10 @@ class CloudTestCase(unittest.TestCase): result = self.get_status_data(self.get_data_file('result.json')) self.assertEqual(len(result['errors']), 0) + def test_no_warnings_in_log(self): + """Warnings should not be found in the log.""" + self.assertNotIn("WARN", self.get_data_file('cloud-init.log')) + class PasswordListTest(CloudTestCase): """Base password test case class.""" diff --git a/tests/cloud_tests/testcases/examples/including_user_groups.py b/tests/cloud_tests/testcases/examples/including_user_groups.py index 67af527b..93b7a82d 100644 --- a/tests/cloud_tests/testcases/examples/including_user_groups.py +++ b/tests/cloud_tests/testcases/examples/including_user_groups.py @@ -40,4 +40,10 @@ class TestUserGroups(base.CloudTestCase): out = self.get_data_file('user_cloudy') self.assertRegex(out, r'cloudy:x:[0-9]{3,4}:') + def test_user_root_in_secret(self): + """Test root user is in 'secret' group.""" + user, _, groups = self.get_data_file('root_groups').partition(":") + self.assertIn("secret", groups.split(), + msg="User root is not in group 'secret'") + # vi: ts=4 expandtab diff --git a/tests/cloud_tests/testcases/examples/including_user_groups.yaml b/tests/cloud_tests/testcases/examples/including_user_groups.yaml index 0aa7ad21..469d03c3 100644 --- a/tests/cloud_tests/testcases/examples/including_user_groups.yaml +++ b/tests/cloud_tests/testcases/examples/including_user_groups.yaml @@ -8,7 +8,7 @@ cloud_config: | #cloud-config # Add groups to the system groups: - - secret: [foobar,barfoo] + - secret: [root] - cloud-users # Add users to the system. Users are added after groups are added. @@ -24,7 +24,7 @@ cloud_config: | - name: barfoo gecos: Bar B. Foo sudo: ALL=(ALL) NOPASSWD:ALL - groups: cloud-users + groups: [cloud-users, secret] lock_passwd: true - name: cloudy gecos: Magic Cloud App Daemon User @@ -49,5 +49,8 @@ collect_scripts: user_cloudy: | #!/bin/bash getent passwd cloudy + root_groups: | + #!/bin/bash + groups root # vi: ts=4 expandtab diff --git a/tests/cloud_tests/testcases/modules/user_groups.py b/tests/cloud_tests/testcases/modules/user_groups.py index 67af527b..93b7a82d 100644 --- a/tests/cloud_tests/testcases/modules/user_groups.py +++ b/tests/cloud_tests/testcases/modules/user_groups.py @@ -40,4 +40,10 @@ class TestUserGroups(base.CloudTestCase): out = self.get_data_file('user_cloudy') self.assertRegex(out, r'cloudy:x:[0-9]{3,4}:') + def test_user_root_in_secret(self): + """Test root user is in 'secret' group.""" + user, _, groups = self.get_data_file('root_groups').partition(":") + self.assertIn("secret", groups.split(), + msg="User root is not in group 'secret'") + # vi: ts=4 expandtab diff --git a/tests/cloud_tests/testcases/modules/user_groups.yaml b/tests/cloud_tests/testcases/modules/user_groups.yaml index 71cc9da3..22b5d706 100644 --- a/tests/cloud_tests/testcases/modules/user_groups.yaml +++ b/tests/cloud_tests/testcases/modules/user_groups.yaml @@ -7,7 +7,7 @@ cloud_config: | #cloud-config # Add groups to the system groups: - - secret: [foobar,barfoo] + - secret: [root] - cloud-users # Add users to the system. Users are added after groups are added. @@ -23,7 +23,7 @@ cloud_config: | - name: barfoo gecos: Bar B. Foo sudo: ALL=(ALL) NOPASSWD:ALL - groups: cloud-users + groups: [cloud-users, secret] lock_passwd: true - name: cloudy gecos: Magic Cloud App Daemon User @@ -48,5 +48,8 @@ collect_scripts: user_cloudy: | #!/bin/bash getent passwd cloudy + root_groups: | + #!/bin/bash + groups root # vi: ts=4 expandtab |