Issue #3922 has been updated by Rick Garcia.
FWIW, I don't think that backing up a copy of the old authrized_keys file is important... as long as maybe a diff can be shown in the output when the file is replaced... which is the same behavior that is shown when a custom fact is overwritten by pluginsync. i think the fix is to remove the clientbucket backup of authorized_keys. i think that keeping an old public key hanging around is a security risk anyway, regardless if the file owned by the original owner of the original authorized_key file. thoughts? -Rick ---------------------------------------- Bug #3922: Ssh_authorized_key "Could not apply complete catalog: Could not back up" http://projects.puppetlabs.com/issues/3922 Author: mélanie Gault Status: Accepted Priority: Normal Assignee: Category: ssh Target version: queued Affected version: 0.25.5 Keywords: backup clientbucket catalog Ssh_authorized_key Branch: I manage user, directories, ssh_authorized_key, ... on redhat 4 and 5 boxes with a master and a client with 0.25.5 version. My puppet client runs as root and my maser with the user puppet. Everything works fine for some of my users, but I got an error with clientbucket directory : <pre>info: Caching catalog for puppet-client info: Applying configuration version '1275367180' notice: //users/My::User[my.user]/Ssh_authorized_key[my.user]/ensure: created err: Could not apply complete catalog: Could not back up /home/my.user/.ssh/authorized_keys: Permission denied - /var/lib/puppet/clientbucket/f notice: Finished catalog run in 3.52 seconds</pre> If I create manualy this directory I got the same error for /var/lib/puppet/clientbucket/f/6 next for /var/lib/puppet/clientbucket/f/6/9... And at the end I have : <pre>[r...@monserveur: i386 ]$ puppetd --server my-puppet -t -o info: Caching catalog for puppet-client info: Applying configuration version '1275367180' notice: //users/My::User[my.user]/Ssh_authorized_key[my.user]/ensure: created err: Could not apply complete catalog: Could not back up /home/my.user/.ssh/authorized_keys: Permission denied - /var/lib/puppet/clientbucket/f/6/9/4/9/5/1/7/f6949517cbf4fddfa665d41361f8bce4 notice: Finished catalog run in 3.69 seconds</pre> manifest citation : <pre> ssh_authorized_key { $name: ensure => $ensure, type => "dsa", key => $key, user => $name, require => File["/home/$name/.ssh"], } </pre> With 0.25.3 I didn't have this issue. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
