Issue #21406 has been updated by Roger Kennedy.
Status changed from Unreviewed to Needs More Information
Assignee set to Jo Rhett
I am not able to reproduce in my dev environment:
root@neoice-dev2:/home/puppet-triage# puppet --version
3.2.2
root@neoice-dev2:/home/puppet-triage# puppet agent -t
Info: Retrieving plugin
Info: Caching catalog for neoice-dev2.neoice.net
Info: Applying configuration version '1373726217'
Notice: /Stage[main]/Foo::Bar/Sshkey[empty]/ensure: created
Info: FileBucket got a duplicate file {md5}35d831014f5b738ab2694e3df8a438f5
Error: /Stage[main]/Foo::Bar/Sshkey[empty]: Could not evaluate: Field 'key'
is required
Notice: Finished catalog run in 0.13 seconds
I can reproduce the failure to remove, but it requires that I manually add the
"empty ssh-rsa" line to /etc/ssh/ssh_known_hosts. After manually adding the
line and changing setting `sshkey { jrhett: ensure => absent }`, I receive the
following output:
root@neoice-dev2:/home/puppet-triage# puppet agent -t
Info: Retrieving plugin
Info: Caching catalog for neoice-dev2.neoice.net
Info: Applying configuration version '1373726758'
Notice: /Stage[main]/Foo::Bar/Sshkey[jrhett]/ensure: removed
Info: FileBucket adding {md5}7b0b1adbb4e33f9471665ff194219ebb
Error: /Stage[main]/Foo::Bar/Sshkey[jrhett]: Could not evaluate: Field
'key' is required
Notice: Finished catalog run in 0.24 seconds
----------------------------------------
Bug #21406: sshkey will create blank keys but is unable to remove any entries
from the file thereafter
https://projects.puppetlabs.com/issues/21406#change-94505
* Author: Jo Rhett
* Status: Needs More Information
* Priority: Normal
* Assignee: Jo Rhett
* Category:
* Target version:
* Affected Puppet version: 3.2.2
* Keywords:
* Branch:
----------------------------------------
Given the following policy:
<pre>
sshkey { empty:
ensure => present,
type => ssh-rsa,
key => $undefinedvalue,
}
sshkey { jrhett:
ensure => present,
type => ssh-rsa,
key => 'blahlbahblahblahXblahXblahXX==',
}
</pre>
This creates the file as you would expect:
<pre>
$ cat /etc/ssh/ssh_known_hosts
# HEADER: This file was autogenerated at Sat Jun 22 20:00:19 -0700 2013
# HEADER: by puppet. While it can still be managed manually, it
# HEADER: is definitely not recommended.
empty ssh-rsa
jrhett ssh-rsa blahlbahblahblahXblahXblahXX==
</pre>
Further additions to this file work fine, however any attempt to remove a key
from this file, either the empty key or a properly created key, create an error:
<pre>
Notice: /Stage[main]/Users::Allusers/Userandkey[jrhett]/Sshkey[jrhett]/ensure:
removed
Error: /Stage[main]/Users::Allusers/Userandkey[jrhett]/Sshkey[jrhett]: Could
not evaluate: Field 'key' is required
</pre>
I discovered this in 3.2.2 however it may be visible in earlier versions (as I
don't think this code has changed much). This appears to be related to #3377
but that's for you to determine.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/groups/opt_out.
