Puppet Class: scap::user

Defined in:
modules/scap/manifests/user.pp

Overview

SPDX-License-Identifier: Apache-2.0

Class: scap::user

Sets up a scap account used by the scap deployment tool to update itself on target hosts via rsync



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# File 'modules/scap/manifests/user.pp', line 5

class scap::user {
  $uid = assert_type(Admin::UID::System::Global, 919)
  $gid = assert_type(Admin::UID::System::Global, $uid)
  $home_dir = assert_type(Stdlib::Unixpath, '/var/lib/scap')

  file { $home_dir:
    ensure => directory,
    owner  => $uid,
    group  => $gid,
    mode   => '0755',
  }

  systemd::sysuser { 'scap':
    id          => "${uid}:${gid}",
    description => 'used to install the scap deployment tool',
    # Changing the home here requires updating the location of the staging dir for scap installs at class scap::master
    # and the symlink created at class scap (init.pp file)
    home_dir    => $home_dir,
    require     => File[$home_dir]
  }

  ssh::userkey { 'scap':
    content => secret('keyholder/scap.pub'),
  }
}