Issue #7114 has been updated by Stefan Schulte.
Looks like I was wrong about a few assumption about correct value validation (https://github.com/stschulte/puppet/commit/54a7a0f1bdea6daa7d34a1c11bac6024c0f10ade): - it is possible to create a key that has spaces in the comment-field (`ssh-keygen -t rsa -C 'My Test' -f test`), so spaces in the resource name should propably be allowed - Multiple options are separated with a comma. But after reading #1737 even a single option like `from="host1,host2"` can contain a comma so we shouldnt raise "Options must be provided as an array, not a comma separated list" in this case. I'll try to provide a modified patch. ---------------------------------------- Bug #7114: ssh_authorized_key not moving key from one target to another https://projects.puppetlabs.com/issues/7114 Author: Stefan Schulte Status: Merged - Pending Release Priority: Normal Assignee: Stefan Schulte Category: ssh Target version: 2.7.1 Affected Puppet version: Keywords: ssh_authorized_key, parsedfile Branch: https://github.com/stschulte/puppet/tree/ticket/2.6.x/7114 When I want to create a key for a user that is already present in the keyfile of another user, puppet does not move the key to right target. Example: # Dummyresource so puppet is aware of all keys that are # present in ~testuser/.ssh/authorized_keys ssh_authorized_key { 'dummy': type => rsa, user => testuser, ensure => absent, } # root user has currently an empty keyfile # key test is currently present in testuser's keyfile # I want puppet to move the key to root's keyfile ssh_authorized_key { 'test': type => rsa, key => 'AAAAB3NzaC1yc2E...Jq/i+6LYhmQ==', user => root, ensure => present, } If the key `test` is already present in testuser's keyfile puppet does nothing <pre> debug: Prefetching parsed resources for ssh_authorized_key info: Applying configuration version '1302816804' debug: Finishing transaction 70329663929120 </pre> If I modify the key in ` ~testuser/.ssh/authorized_keys` (so the keyporperty is out of sync now) puppet changes the keyproperty but it doesnt move the key in root's keyfile. <pre> debug: Prefetching parsed resources for ssh_authorized_key info: Applying configuration version '1302816967' notice: /Stage[main]//Ssh_authorized_key[test]/key: key changed 'AAAAC3NzaC1yc...HSjzJq/i+6LYhmQ==' to 'AAAAC3...LYhmQ==' debug: Finishing transaction 70253495709240 info: FileBucket adding {md5}045ce9916a25ac29485703b416a677cb debug: Flushing ssh_authorized_key provider target /home/testuser/.ssh/authorized_keys info: FileBucket adding {md5}f0fe69a1db9662d0416e29a51773489f debug: Flushing ssh_authorized_key provider target /root/.ssh/authorized_keys debug: Finishing transaction 70253495820920 # cat ~root/.ssh/authorized_keys # HEADER: This file was autogenerated at Thu Apr 14 23:36:54 +0200 2011 # HEADER: by puppet. While it can still be managed manually, it # HEADER: is definitely not recommended. </pre> Specifying target instead of user doesnt seem to change anything. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
