GuidesModules
group.present
Ensures a group exists with the specified attributes and membership.
Source: pkg/state/modules/group.go
Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
name | string | No | State ID | Group name. If omitted, the state ID is used as the group name. |
gid | int | No | (auto) | Numeric group ID. Only compared/set when non-zero. |
system | bool | No | false | If true, create a system group (low GID range). Used only during creation. |
members | list | No | [] | Exact membership list. When specified, the group will contain exactly these users — extra members are removed, missing members are added. |
addusers | list | No | [] | Users to add to the group without affecting other existing members. |
delusers | list | No | [] | Users to remove from the group without affecting other existing members. |
All states also accept the full set of requisite parameters and Salt-parity state attributes — see Dependencies & Requisites.
Check Behavior
The check phase performs these comparisons in order:
- Group existence — if the group does not exist, the state needs changes.
- GID — if
gidis specified (non-zero) and differs from the current value, the state needs changes. - Members — if
membersis specified and the current membership does not match exactly, the state needs changes. - AddUsers — if any user in
addusersis not currently a member, the state needs changes. - DelUsers — if any user in
delusersis currently a member, the state needs changes.
If all checks pass, the state reports no changes needed.
Apply Behavior
- Looks up the group. If the group does not exist:
- Creates the group via
groupaddwith the specifiedgidandsystemflag. - If
membersoraddusersare specified, adds those users to the newly created group viagpasswd -a. - Records that the group was created (for revert).
- Creates the group via
- If the group already exists:
- Stores the original group info as a backup (for revert).
- If
gidis specified and differs, updates the GID. - If
membersis specified, computes exact add/remove lists to match the desired membership. - Processes
addusers(add missing users viagpasswd -a) anddelusers(remove unwanted users viagpasswd -d). - GID changes are applied via
groupmod.
Revert Behavior
- If the group was created by Apply, deletes the group via
groupdel. - If the group was modified by Apply, restores the original GID via
groupmod. Membership changes (addusers,delusers,members) are not reverted. - If no changes were made, no-op.
Examples
Direct Execution
# Create a group with defaults
zester 'web-01' group.present docker
# Create a group with a specific GID
zester 'db*' group.present dbadmin gid=2000State File
Basic group creation:
docker:
group.present:
- system: trueGroup with exact membership:
webadmins:
group.present:
- gid: 3000
- members:
- alice
- bob
- charlieAdd users without removing existing members:
developers:
group.present:
- addusers:
- newdev
- delusers:
- formerdev
- require:
- "user.present:newdev"