{"id":303,"date":"2014-05-26T06:28:40","date_gmt":"2014-05-25T21:28:40","guid":{"rendered":"http:\/\/seedslight.com\/wp\/?p=303"},"modified":"2014-05-26T06:30:55","modified_gmt":"2014-05-25T21:30:55","slug":"chef11%e3%81%a7%e3%83%a6%e3%83%bc%e3%82%b6%e3%83%bc%e3%81%ae%e8%bf%bd%e5%8a%a0%e3%81%a8%e3%82%b0%e3%83%ab%e3%83%bc%e3%83%97%e3%81%b8%e3%81%ae%e3%83%a1%e3%83%b3%e3%83%90%e3%83%bc%e7%99%bb%e9%8c%b2","status":"publish","type":"post","link":"https:\/\/seedslight.com\/wp\/archives\/303","title":{"rendered":"Chef11\u3067\u30e6\u30fc\u30b6\u30fc\u306e\u8ffd\u52a0\u3068\u30b0\u30eb\u30fc\u30d7\u3078\u306e\u30e1\u30f3\u30d0\u30fc\u767b\u9332"},"content":{"rendered":"

\u5c11\u3057\u305a\u3064Chef\u306e\u30ce\u30a6\u30cf\u30a6\u304c\u305f\u307e\u3063\u3066\u304d\u305f\u306e\u3067\u3001\u5099\u5fd8\u9332\u3002
\nuser\u8ffd\u52a0\u306e\u6642\u306b\u3001\u4eca\u307e\u3067\u306fchef\u3092\u4f7f\u3063\u3066\u3044\u308b\u3068\u3044\u3063\u3066\u3082\u3001\u30b7\u30a7\u30eb\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4fbf\u5229\u306b\u56de\u3059\u3060\u3051\u3060\u3063\u305f\u72b6\u614b\u3002
\n\u8ffd\u52a0\u3082\u5909\u66f4\u3082\u6d41\u305b\u308b\u3063\u3066\u3044\u3046\u8a18\u8ff0\u3092\u898b\u3066\u3001chef\u306e\u63d0\u4f9b\u3057\u3066\u3044\u308buser\u8ffd\u52a0\u3084\u5909\u66f4\u3092\u5168\u9762\u7684\u306b\u53d6\u308a\u5165\u308c\u3066\u307f\u305f\u3002<\/p>\n

\u3067\u3082\u3001chef\u30b5\u30fc\u30d0\u307e\u3067\u306e\u904b\u7528\u306f\u3067\u304d\u3066\u3044\u306a\u3044\u306e\u3067\u3001chef-solo\u3092\u4f7f\u3063\u3066\u3044\u3066\u3001databag\u306f\u4f7f\u3063\u3066\u3044\u306a\u3044\u3002<\/p>\n

\u53c2\u8003\u306b\u3057\u305fURL<\/h3>\n

Chef\u516c\u5f0f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306euser http:\/\/docs.opscode.com\/resource_user.html<\/a><\/p>\n

Chef\u516c\u5f0f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306egroup\u3000http:\/\/docs.opscode.com\/resource_group.html<\/a><\/p>\n

Chef \u3092\u59cb\u3081\u308b #3 \u2013 \u30e6\u30fc\u30b6\u4f5c\u6210\u3092\u81ea\u52d5\u5316\u3059\u308b \u301c Data Bags \u3092\u4f7f\u3063\u3066\u307f\u308b \u301c http:\/\/dev.classmethod.jp\/cloud\/aws\/chef-user-create-data-bags\/<\/a>
\nDatabag\u306f\u4f7f\u308f\u306a\u3044\u3051\u308c\u3069\u3001\u6c17\u306b\u306a\u308b\u306e\u3067\u30fb\u30fb\u30fb<\/p>\n

\u5b9f\u73fe\u3057\u305f\u3044\u3053\u3068<\/h3>\n

\u30fb\u4f5c\u6210\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\/home \u76f4\u4e0b\u3067\u306f\u306a\u304f\u3001\/home\/staff\/\u76f4\u4e0b\u306b\u3002
\n\u30fb2\u30e6\u30fc\u30b6\u30fc\u4f5c\u308b\u3002rebine,tk
\n\u30fb\u57fa\u672c\u30b0\u30eb\u30fc\u30d7\u306fwheel\u306b\u5165\u3063\u3066\u3044\u3066\u3001usermod -G \u3067\u3044\u3064\u3082\u306f\u6307\u5b9a\u3057\u3066\u3044\u308b\u8ffd\u52a0\u30b0\u30eb\u30fc\u30d7\u306bApache(rpm\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb) \u3092\u5165\u308c\u305f\u3044\u3002
\n\u30fb\u30d1\u30b9\u30ef\u30fc\u30c9\u30ed\u30b0\u30a4\u30f3\u306f\u3055\u305b\u306a\u3044\u4ee3\u308f\u308a\u306b\u3001\u4e8b\u524d\u306b\u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u5165\u308c\u3066\u3042\u308b\u516c\u958b\u9375\u3092\u5165\u308c\u305f\u3044\u3002<\/p>\n

\u4f5c\u3063\u305fcookbook<\/h3>\n

cookbook adduser<\/h4>\n
\r\n.\/attributes\r\n.\/attributes\/default.rb\r\n.\/files\/default\/rebine\r\n.\/files\/default\/rebine\/authorized_keys\r\n.\/files\/default\/tk\r\n.\/files\/default\/tk\/authorized_keys\r\n.\/recipes\r\n.\/recipes\/default.rb\r\n<\/pre>\n
tree\u3092\u5165\u308c\u3066\u306a\u304b\u3063\u305f\u306e\u3067\u3001find\u3067\u69cb\u6210\u7269\u5217\u6319\u3002<\/p>\n
recipe<\/h4>\n
\r\ndirectory '#{node[:useradd][:staffdir]}' do\r\n  owner \"root\"\r\n  group \"root\"\r\n  mode  00755\r\n  action :create\r\nend\r\n\r\nuser 'rebine' do\r\n  comment  'rebine'\r\n  uid      501\r\n  gid      10\r\n  home     \"\/home\/staff\/rebine\"\r\n  shell    '\/bin\/bash'\r\n  password nil\r\n  supports :manage_home => true\r\n  action   [:create, :manage]\r\nend\r\n\r\nuser 'tk' do\r\n  comment  'tk'\r\n  uid      502\r\n  gid      10\r\n  home     \"\/home\/staff\/tk\"\r\n  shell    '\/bin\/bash'\r\n  password nil\r\n  supports :manage_home => true\r\n  action   [:create, :manage]\r\nend\r\n\r\ngroup 'apache' do\r\n  action :modify\r\n  members node[:useradd][:staff]\r\n  append true\r\nend\r\n\r\nnode[:useradd][:staff].each do |staff_name|\r\n\r\n\r\n  directory \"#{node[:useradd][:staffdir]}\/#{staff_name}\/.ssh\" do\r\n    owner \"#{staff_name}\"\r\n    group \"wheel\"\r\n    mode  00700\r\n    action :create\r\n  end\r\n\r\n  cookbook_file \"#{node[:useradd][:staffdir]}\/#{staff_name}\/.ssh\/authorized_keys\" do\r\n    source \"#{staff_name}\/authorized_keys\"\r\n    owner \"#{staff_name}\"\r\n    group \"wheel\"\r\n    mode 0600\r\n  end\r\n\r\n\r\nend\r\n\r\ncookbook_file \"\/etc\/ftpusers\" do\r\n  source \"ftpusers\"\r\n  owner \"root\"\r\n  group \"root\"\r\n  mode 0644\r\nend\r\n<\/pre>\n
#{node[:useradd][:staffdir]} \u3068\u3044\u3046\u306e\u306f\u3001\/home\u76f4\u4e0b\u306b\u305a\u3089\u3063\u3068\u4e26\u3079\u305f\u304f\u306a\u304b\u3063\u305f\u306e\u3067\u3001\u308f\u3056\u308f\u3056\u5225\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u4f5c\u3063\u3066\u308b\u3002
\ngroup apache \u306frpm\u3067\u5165\u308c\u305f\u5f8c\u3092\u60f3\u5b9a\u3057\u3066\u3044\u308b\u306e\u3067\u3001:modify \u306b\u3002\u3068\u306f\u3044\u3048\u3001Apache\u3092\u5148\u306b\u5165\u308c\u306a\u3044\u30ec\u30b7\u30d4\u306e\u6642\u306b\u306f[:create :modify]\u3092\u3057\u3066\u308b\u3002
\n\u3042\u3068\u3001\u516c\u958b\u9375\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306f\u3069\u3046\u3057\u3066\u3082Databag\u304c\u3089\u307f\u306b\u306a\u308b\u306e\u3067\u3001\u4f5c\u6210\u3059\u308b\u30ec\u30b7\u30d4\u306b\u3057\u305f\u3002
\nftpusers\u3092\u4e0a\u66f8\u304d\u3057\u3066\u3044\u308b\u306e\u306f\u3001\u8907\u6570\u30e6\u30fc\u30b6\u30fc\u304c\u767b\u9332\u3055\u308c\u3066\u3044\u308b\u30b0\u30eb\u30fc\u30d7\u306e\u30e6\u30fc\u30b6\u30fc\u3092\u8ffd\u52a0\u3059\u308b\u3068\u3001\u5fc5\u305a\u3053\u306e\u30d5\u30a1\u30a4\u30eb\u306e\u4fee\u6b63\u304c\u6c42\u3081\u3089\u308c\u305f\u306e\u3067\u3001FTP\u306f\u4f7f\u308f\u306a\u304f\u306a\u3063\u3066\u304d\u305f\u3093\u3060\u3051\u308c\u3069\u3001\u540d\u6b8b\u3068\u3057\u3066\u3002<\/p>\n
attributes<\/h4>\n
\r\nset[:useradd][:staff] = [ \"rebine\" , \"tk\"]\r\nset[:useradd][:staffdir] = \"\/home\/staff\"\r\nset[:useradd][:uid][:rebine] = \"501\"\r\nset[:useradd][:uid][:tk] = \"502\"\r\n<\/pre>\n
files<\/h4>\n
.\/files\/default\/rebine\/authorized_keys
\n\u3053\u308c\u306f\u5358\u7d14\u306b\u516c\u958b\u9375\u3092\u5165\u308c\u3066\u3042\u308b\u3060\u3051\u306a\u306e\u3067\u5272\u611b\u3002<\/p>\n
\u5b9f\u884c\u4f8b<\/h3>\n
\r\nStarting Chef Client, version 11.10.0\r\nCompiling Cookbooks...\r\nConverging 9 resources\r\nRecipe: useradd::default\r\n  * directory[#{node[:useradd][:staffdir]}] action create (up to date)\r\n  * user[rebine] action create (up to date)\r\n  * user[rebine] action manage (up to date)\r\n  * user[tk] action create (up to date)\r\n  * user[tk] action manage (up to date)\r\n  * group[apache] action modify (up to date)\r\n  * directory[\/home\/staff\/rebine\/.ssh] action create (up to date)\r\n  * cookbook_file[\/home\/staff\/rebine\/.ssh\/authorized_keys] action create (up to date)\r\n  * directory[\/home\/staff\/tk\/.ssh] action create (up to date)\r\n  * cookbook_file[\/home\/staff\/tk\/.ssh\/authorized_keys] action create\r\n    - create new file \/home\/staff\/tk\/.ssh\/authorized_keys\r\n    - update content in file \/home\/staff\/tk\/.ssh\/authorized_keys from none to ec6194\r\n        --- \/home\/staff\/tk\/.ssh\/authorized_keys   2014-05-24 19:47:43.999194281 +0900\r\n        +++ \/tmp\/.authorized_keys20140524-8028-vwf7cc   2014-05-24 19:47:44.000194281 +0900\r\n        @@ -1 +1,4 @@\r\n        +ssh-dss AAAAB3NzaC1kc3MAAACBALpyxq (\u7565)\r\n        +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQ (\u7565)\r\n        +ssh-dss AAAAB3NzaC1kc3MAAACBALQT5N (\u7565)\r\n    - change mode from '' to '0600'\r\n    - change owner from '' to 'tk'\r\n    - change group from '' to 'wheel'\r\n\r\n  * cookbook_file[\/etc\/ftpusers] action create (up to date)\r\n\r\nRunning handlers:\r\nRunning handlers complete\r\n\r\nChef Client finished, 1\/11 resources updated in 0.569500971 seconds\r\n<\/pre>\n
\u3053\u308c\u306f\u3001\u3059\u3067\u306brebine\u304c\u5b58\u5728\u3057\u3066\u3044\u3066\u3001\u65b0\u305f\u306btk\u3092\u8ffd\u52a0\u3057\u305f\u3068\u304d\u306b\u53d6\u308c\u305f\u51fa\u529b\u7d50\u679c\u3002<\/p>\n
\u5931\u6557\u4f8b<\/h4>\n
\r\nStarting Chef Client, version 11.10.0\r\nCompiling Cookbooks...\r\nConverging 9 resources\r\nRecipe: useradd::default\r\n  * directory[#{node[:useradd][:staffdir]}] action create (up to date)\r\n  * user[rebine] action create (up to date)\r\n  * user[rebine] action manage (up to date)\r\n  * user[tk] action create (up to date)\r\n  * user[tk] action manage (up to date)\r\n  * group[apache] action modify (up to date)\r\n  * directory[[\"\/home\/staff\"]\/rebine\/.ssh] action create\r\n    * Parent directory [\"\/home\/staff\"]\/rebine does not exist, cannot create [\"\/home\/staff\"]\/rebine\/.ssh\r\n================================================================================\r\nError executing action `create` on resource 'directory[[\"\/home\/staff\"]\/rebine\/.ssh]'\r\n================================================================================\r\n\r\n\r\nChef::Exceptions::EnclosingDirectoryDoesNotExist\r\n------------------------------------------------\r\nParent directory [\"\/home\/staff\"]\/rebine does not exist, cannot create [\"\/home\/staff\"]\/rebine\/.ssh\r\n\r\n\r\nResource Declaration:\r\n---------------------\r\n# In \/usr\/chef-repo\/cookbooks\/useradd\/recipes\/default.rb\r\n\r\n 58:   directory \"#{node[:useradd][:staffdir]}\/#{staff_name}\/.ssh\" do\r\n 59:     owner \"#{staff_name}\"\r\n 60:     group \"wheel\"\r\n 61:     mode  00700\r\n 62:     action :create\r\n 63:   end\r\n 64: \r\n\r\n\r\n\r\nCompiled Resource:\r\n------------------\r\n# Declared in \/usr\/chef-repo\/cookbooks\/useradd\/recipes\/default.rb:58:in `block in from_file'\r\n\r\ndirectory(\"[\"\/home\/staff\"]\/rebine\/.ssh\") do\r\n  provider Chef::Provider::Directory\r\n  action [:create]\r\n  retries 0\r\n  retry_delay 2\r\n  path \"[\\\"\/home\/staff\\\"]\/rebine\/.ssh\"\r\n  cookbook_name :useradd\r\n  recipe_name \"default\"\r\n  owner \"rebine\"\r\n  group \"wheel\"\r\n  mode 448\r\nend\r\n\r\n\r\n\r\n\r\nRunning handlers:\r\n[2014-05-24T19:46:34+09:00] ERROR: Running exception handlers\r\nRunning handlers complete\r\n\r\n[2014-05-24T19:46:34+09:00] ERROR: Exception handlers complete\r\n[2014-05-24T19:46:34+09:00] FATAL: Stacktrace dumped to \/tmp\/chef-solo\/cache\/chef-stacktrace.out\r\nChef Client failed. 0 resources updated in 0.519964345 seconds\r\n[2014-05-24T19:46:34+09:00] ERROR: directory[[\"\/home\/staff\"]\/rebine\/.ssh] (useradd::default line 58) had an error: Chef::Exceptions::EnclosingDirectoryDoesNotExist: Parent directory [\"\/home\/staff\"]\/rebine does not exist, cannot create [\"\/home\/staff\"]\/rebine\/.ssh\r\n[2014-05-24T19:46:34+09:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)\r\n<\/pre>\n
\u3053\u306e\u5931\u6557\u306f\u4f55\u304b\u3068\u3044\u3046\u3068\u3001chef\u306e0.10 \u6642\u4ee3\u306eattributes\u306e\u8a18\u8ff0\u3067[]\u3092\u5168\u3066\u306e\u5024\u306b\u5165\u308c\u3066\u3001\u914d\u5217\u306b\u3057\u3066\u3044\u305f\u304b\u3089\u3002<\/p>\n
\r\nset[:useradd][:staffdir] = [\"\/home\/staff\"]\r\n\u3000\u2193\r\nset[:useradd][:staffdir] = \"\/home\/staff\"\r\n<\/pre>\n
\u4eca\u306f\u3053\u306e\u3088\u3046\u306b\u4fee\u6b63\u3057\u305f\u306e\u3067\u3001\u51fa\u3066\u3044\u306a\u3044\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u5c11\u3057\u305a\u3064Chef\u306e\u30ce\u30a6\u30cf\u30a6\u304c\u305f\u307e\u3063\u3066\u304d\u305f\u306e\u3067\u3001\u5099\u5fd8\u9332\u3002 user\u8ffd\u52a0\u306e\u6642\u306b\u3001\u4eca\u307e\u3067\u306fchef\u3092\u4f7f\u3063\u3066\u3044\u308b\u3068\u3044\u3063\u3066\u3082\u3001\u30b7\u30a7\u30eb\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u4fbf\u5229\u306b\u56de\u3059\u3060\u3051\u3060\u3063\u305f\u72b6\u614b\u3002 \u8ffd\u52a0\u3082\u5909\u66f4\u3082\u6d41\u305b\u308b\u3063\u3066\u3044\u3046\u8a18\u8ff0\u3092\u898b\u3066\u3001chef\u306e\u63d0\u4f9b\u3057\u3066\u3044 […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[85],"tags":[86],"class_list":["post-303","post","type-post","status-publish","format-standard","hentry","category-chef","tag-chef11"],"_links":{"self":[{"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/posts\/303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/comments?post=303"}],"version-history":[{"count":0,"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/posts\/303\/revisions"}],"wp:attachment":[{"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/media?parent=303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/categories?post=303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/seedslight.com\/wp\/wp-json\/wp\/v2\/tags?post=303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}