extended type __user: parameter state, system, remove-home new

cdist/conf/type/__user/TODO

@@ -1,2 +0,0 @@
-- delete users
-

cdist/conf/type/__user/gencode-remote

@@ -2,6 +2,7 @@
 #
 # 2011 Steven Armstrong (steven-cdist at armstrong.cc)
 # 2011 Nico Schottelius (nico-cdist at schottelius.org)
+# 2013 Daniel Heule (hda at sfs.biz)
 #
 # This file is part of cdist.
 #
@@ -21,11 +22,14 @@
 #
 # Manage users.
 #
+#set -x
 
 name="$__object_id"
 
 os="$(cat "$__global/explorer/os")"
 
+state=$(cat "$__object/parameter/state")
+
 # We need to shorten options for both usermod and useradd since on some
 # systems (such as *BSD, Darwin) those commands do not handle GNU style long
 # options.
@@ -40,12 +44,14 @@ shorten_property() {
 	shell) ret="-s";;
 	uid) ret="-u";;
     create-home) ret="-m";;
+    system) ret="-r";;
     esac
     echo "$ret"
 }
 
-cd "$__object/parameter"
-if grep -q "^${name}:" "$__object/explorer/passwd"; then
+if [ "$state" = "present" ]; then
+    cd "$__object/parameter"
+    if grep -q "^${name}:" "$__object/explorer/passwd"; then
        for property in $(ls .); do
           new_value="$(cat "$property")"
           unset current_value
@@ -78,6 +84,9 @@ if grep -q "^${name}:" "$__object/explorer/passwd"; then
              shell)   field=7 ;;
              uid)     field=3 ;;
              create-home) continue;; # Does not apply to user modification
+             system) continue;; # Does not apply to user modification
+             state) continue;; # Does not apply to user modification
+             remove-home) continue;; # Does not apply to user modification
           esac
 
           # If we haven't already set $current_value above, pull it from the
@@ -101,8 +110,10 @@ if grep -q "^${name}:" "$__object/explorer/passwd"; then
        else
           true
        fi
-else
+    else
         for property in $(ls .); do
+            [ "$property" = "state" ] && continue
+            [ "$property" = "remove-home" ] && continue
             new_value="$(cat "$property")"
             if [ -z "$new_value" ];then       # Boolean values have no value
               set -- "$@" "$(shorten_property $property)"
@@ -116,4 +127,14 @@ else
        else
           echo useradd "$@" "$name"
        fi
+    fi
+else
+    if grep -q "^${name}:" "$__object/explorer/passwd"; then
+        #user exists, but state != present, so delete it
+        if [ -f "$__object/parameter/remove-home" ]; then
+            echo userdel -r "${name}"
+        else
+            echo userdel "${name}"
+        fi
+    fi
 fi

cdist/conf/type/__user/man.text

@@ -20,6 +20,8 @@ None.
 
 OPTIONAL PARAMETERS
 -------------------
+state::
+    absent or present, defaults to present
 comment::
     see usermod(8)
 home::
@@ -32,7 +34,15 @@ shell::
     see above
 uid::
     see above
+system::
+    see above
 
+BOOLEAN PARAMETERS
+------------------
+create-home::
+    see useradd(8), apply only on user create
+remove-home::
+    see userdel(8), apply only on user delete
 
 EXAMPLES
 --------
@@ -44,8 +54,14 @@ __user foobar
 # Same but with a different shell
 __user foobar --shell /bin/zsh
 
+# Same but for a system account
+__user foobar --system
+
 # Set explicit uid and home
 __user foobar --uid 1001 --shell /bin/zsh --home /home/foobar
+
+# Drop user if exists
+__user foobar --state absent
 --------------------------------------------------------------------------------
 
 

cdist/conf/type/__user/parameter/boolean

@@ -1 +1,3 @@
 create-home
+remove-home
+system

cdist/conf/type/__user/parameter/default/state

@@ -0,0 +1 @@
+present

cdist/conf/type/__user/parameter/optional

@@ -1,3 +1,4 @@
+state
 comment
 home
 gid