linux - How to add a GCE user to a group that persists membership? -

in rhel7 instance on gce use software package installed commandline using bash scripted installer. installer creates user xyz software runs under, , group xyzgroup, , adds both user xyz , user ran installer (eg. gce_user) xyzgroup group. gce google-accounts-daemon.service (gad) periodically removes user gce_user group xyzgroup :

sudo systemctl -l status google-accounts-daemon.service [...] aug 03 23:36:18 rhel7-n4 usermod[7702]: delete 'gce_user' group 'xyzgroup' aug 03 23:36:18 rhel7-n4 usermod[7702]: delete 'gce_user' shadow group 'xyzgroup' aug 23 05:12:36 rhel7-n4 usermod[26008]: delete 'gce_user' group 'xyzgroup' aug 23 05:12:36 rhel7-n4 usermod[26008]: delete 'gce_user' shadow group 'xyzgroup' sep 05 20:59:26 rhel7-n4 usermod[21884]: delete 'gce_user' group 'xyzgroup' sep 05 20:59:26 rhel7-n4 usermod[21884]: delete 'gce_user' shadow group 'xyzgroup'

however gad not remove user xyz group xyzgroup . created user gce_user using gce cloud console when creating instance , added ssh keys user; installer added user gce_user group xyzgroup didn't persist. used sudo gpasswd -a gce_user xyzgroup restore user group didn't persist. used sudo usermod -a -g xyzgroup gce_user restore user gce_user group xyzgroup didn't persist either. gad deleted user group several days after user added group.

i note gce accounts daemon account_utils.py calls usermod add user groups:

command = ['usermod', '-g', groups, user]

the gce docs cloud console can used manage (linux os) user accounts, including (linux os) group membership: https://cloud.google.com/compute/docs/access/user-accounts/#create_a_new_user_account

however, instructions start with: 1. go user accounts page.

that link user accounts page require select project. once selected, resulting page not user accounts page - it's project's overall dashboard page. if enter search bar @ top of dashboard page [user accounts] , click item user accounts (subtitled iam & admin), resulting page says "(!) failed load".

how add user gce_user group xyzusers group membership persists, , isn't deleted gad? preferably commandline can fix xyz software package's installer bash script.

the cloud user accounts feature in beta requires whitelisting.

this beta release of user accounts. feature might changed in backward-incompatible ways , not recommended production use. not subject sla or deprecation policy. request whitelisted use feature.

https://cloud.google.com/compute/docs/access/user-accounts/#useraccountsgroups

Search This Blog

Today

linux - How to add a GCE user to a group that persists membership? -

Comments

Post a Comment

Popular posts from this blog

java - Jasper subreport showing only one entry from the JSON data source when embedded in the Title band -

serialization - Convert Any type in scala to Array[Byte] and back -

SonarQube Plugin for Jenkins does not find SonarQube Scanner executable -