You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
On a Puppet run on a clean Debian install it seems that Puppet will create the ocfletsencrypt user as a local system user (since presumably LDAP NSS isn't up yet)
This is a problem because the uid fo ocfletsencrypt must match the uid in LDAP, as the ocfletsencrypt user is used for updating certificates stored over NFS in a directory owned by the LDAP ocfletsencrypt user/uid.
It seems in 80d294b, forcelocal => false was added to try to stop this from happening, but evidently it doesn't forbid creating a local user.
The text was updated successfully, but these errors were encountered:
On a Puppet run on a clean Debian install it seems that Puppet will create the
ocfletsencryptuser as a local system user (since presumably LDAP NSS isn't up yet)puppet/modules/ocf/manifests/ssl/setup.pp
Lines 9 to 12 in f54d123
This is a problem because the uid fo
ocfletsencryptmust match the uid in LDAP, as theocfletsencryptuser is used for updating certificates stored over NFS in a directory owned by the LDAPocfletsencryptuser/uid.It seems in 80d294b,
forcelocal => falsewas added to try to stop this from happening, but evidently it doesn't forbid creating a local user.The text was updated successfully, but these errors were encountered: