Reputation: 1
How to pass hash password from ruby-block to user resource
I am trying to implement a cookbook which would create users by reading passwords from attributes file ( non hash password ex: root@123)
And for this, my cookbook is as follows :
Contents of attributes file ( attributes/attr.rb )
default['my']['instance']['users'] = [ {uid: 1004,user_name:'m1',homedir:'/home/m1',password:'root@111'} {uid: 1003,user_name:'m2',homedir:'/home/m2',password:'root@222'}, {uid: 1002, user_name:'m3',homedir:'/home/m3',password:'root@333'} ]Recipe :
password_hash='' node['my']['instance']['users'].each do |each_user| ruby_block "Generating hash password" do block do require 'digest/sha2' password=each_user['password'] salt=rand(36**8).to_s(36) shadow_hash=password.crypt("$6$" + salt) password_hash=shadow_hash end end user each_user['user_name'] do password "#{password_hash}" home each_user['homedir'] system true action :create manage_home true uid each_user['uid'] end end
After execution of the cookbook, respective users are created appropriately but passwords are set blank.
Looks like the variable which I am trying to access in the password attribute of user resource is not correct.
Please let me how can I resolve this.
Note: In my case, I don't want to use databags.
Upvotes: 0
Views: 459
Answers (3)
Reputation: 4223
The password_hash variable is local scope to your ruby block, and thus not accessible in the user block. You can actually move all that ruby for creating the hash directly into the use block.
Upvotes: 0
Reputation: 343
I think using ruby_bloque is a good practice . you just have to inform the provider change the variable . eg
password_hash=''
node['my']['instance']['users'].each do |each_user|
ruby_block "Generating hash password" do
block do
require 'digest/sha2'
password=each_user['password']
salt=rand(36**8).to_s(36)
shadow_hash=password.crypt("$6$" + salt)
password_hash=shadow_hash
user_resource = resources("user[#{each_user['user_name']}]")
user_resource.password password_hash
end
end
user each_user['user_name'] do
password "#{password_hash}"
home each_user['homedir']
system true
action :create
manage_home true
uid each_user['uid']
end
end
sorry for my english. Best regards.
Upvotes: 0
Reputation: 54267
You don't need to put that code in a ruby_block, just have it in the normal loop and you'll be fine.
Upvotes: 1
Related Questions
- Chef use cookbook_file in ruby block
- Passing the value from a ruby block to a resource in chef
- Chef create a user account with public key access
- Chef, ruby hashes and templates
- How to use a Ruby block to assign variables in chef recipe
- How to include_recipe inside a ruby_block of a chef recipe
- How to call Chef resource inside ruby_block in Chef?
- chef -- pass an attribute hash to a resource
- Chef : Pass parameters to a ruby_block in Chef
- Access chef resources inside ruby block