我是厨师新手。请帮助!我已经尝试过
I'm new to chef. Kindly help! I have tried this
user "newuser" do password: xyz end和
user 'newuser' do comment 'A random user' uid '1234567' gid '1234567' home '/home/saxuser' shell '/bin/bash' password 'newpassword' end推荐答案
user 资源的正确格式如下:
The correct format for the user resource is the following:
user "newuser" do password crypt_password end请记住密码必须为影子格式:
Keep in mind that the password must be in shadow format:
密码阴影哈希。此属性要求安装红宝石阴影。这是Debian软件包的一部分:libshadow-ruby1.8。
The password shadow hash. This property requires that ruby-shadow be installed. This is part of the Debian package: libshadow-ruby1.8.
请参见 密码影子哈希部分,了解如何生成影子密码:
See the Password Shadow Hash section to see how to generate the shadow password:
$ openssl passwd -1 "theplaintextpassword"要从食谱生成影子密码,可以使用 openssl 烹饪助手来生成盐:
To generate the shadow password from the cookbook, you can use the openssl cookbook helpers to generate the salt:
Chef::Recipe.send(:include, OpenSSLCookbook::RandomPassword) password = 'xyz' salt = random_password(length: 10) crypt_password = password.crypt("$6$#{salt}") user 'newuser' do password crypt_password end别忘了在您的ru中包含 openssl 食谱n列表。
Don't forget to include the openssl cookbook in your run list.
无论如何,请记住,每次厨师运行都会产生不同的盐,所以也许这不是最佳的使用方法。
Anyway, keep in mind that this will generate a different salt in each chef run, so maybe it's not the best approach to use.
我还建议您阅读关于信息管理的诺亚帖子了解使用Chef管理密码的适当方法。
I also encourage you to read Noah's post about secrets management to learn appropriate ways to manage passwords with Chef.
更多推荐
如何编写厨师食谱以自动在节点中创建新用户和密码?
发布评论