Issue #7114 has been reported by Stefan Schulte.
----------------------------------------
Bug #7114: ssh_authorized_key not moving key from one target to another
https://projects.puppetlabs.com/issues/7114
Author: Stefan Schulte
Status: Unreviewed
Priority: Normal
Assignee:
Category: ssh
Target version:
Affected Puppet version:
Keywords: ssh_authorized_key, parsedfile
Branch:
When I want to create a key for a user that is already present in the keyfile
of another user, puppet does not move the key to right target.
Example:
# Dummyresource so puppet is aware of all keys that are
# present in ~testuser/.ssh/authorized_keys
ssh_authorized_key { 'dummy':
type => rsa,
user => testuser,
ensure => absent,
}
# root user has currently an empty keyfile
# key test is currently present in testuser's keyfile
# I want puppet to move the key to root's keyfile
ssh_authorized_key { 'test':
type => rsa,
key => 'AAAAB3NzaC1yc2E...Jq/i+6LYhmQ==',
user => root,
ensure => present,
}
If the key `test` is already present in testuser's keyfile puppet does nothing
<pre>
debug: Prefetching parsed resources for ssh_authorized_key
info: Applying configuration version '1302816804'
debug: Finishing transaction 70329663929120
</pre>
If I modify the key in ` ~testuser/.ssh/authorized_keys` (so the keyporperty is
out of sync now) puppet changes the keyproperty but it doesnt move the key in
root's keyfile.
<pre>
debug: Prefetching parsed resources for ssh_authorized_key
info: Applying configuration version '1302816967'
notice: /Stage[main]//Ssh_authorized_key[test]/key: key changed
'AAAAC3NzaC1yc...HSjzJq/i+6LYhmQ==' to 'AAAAC3...LYhmQ=='
debug: Finishing transaction 70253495709240
info: FileBucket adding {md5}045ce9916a25ac29485703b416a677cb
debug: Flushing ssh_authorized_key provider target
/home/testuser/.ssh/authorized_keys
info: FileBucket adding {md5}f0fe69a1db9662d0416e29a51773489f
debug: Flushing ssh_authorized_key provider target /root/.ssh/authorized_keys
debug: Finishing transaction 70253495820920
# cat ~root/.ssh/authorized_keys
# HEADER: This file was autogenerated at Thu Apr 14 23:36:54 +0200 2011
# HEADER: by puppet. While it can still be managed manually, it
# HEADER: is definitely not recommended.
</pre>
Specifying target instead of user doesnt seem to change anything.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
