Issue #17798 has been updated by John Florian.
I believe I too am getting hit with this using
puppet-server-3.1.1-4.fc19.noarch on my master and puppet-3.1.1-4.fc19.noarch
on an example client.
My class looks like this:
class openssh::hostkeys ($aliases=undef) {
File {
owner => 'root',
group => 'root',
mode => '0644',
seluser => 'system_u',
selrole => 'object_r',
seltype => 'etc_t',
}
# Make sure the known_hosts file is readable by non-root users. See
# http://projects.reductivelabs.com/issues/2014.
file { '/etc/ssh/ssh_known_hosts':
}
if $aliases == undef {
$host_aliases = [$hostname, $ipaddress]
} else {
$host_aliases = [$hostname, $aliases, $ipaddress]
}
# Export hostkeys from all hosts.
@@sshkey { $fqdn:
ensure => present,
host_aliases => $host_aliases,
type => 'ssh-rsa',
key => $sshrsakey,
require => Class['openssh::server'],
}
# Import hostkeys to all hosts.
Sshkey <<| |>>
}
If I then have for one of my nodes:
class { 'openssh::hostkeys':
aliases => ['astro', 'imap', 'mail', 'smtp'],
}
I get the following "false" change on every other node using this
openssh::hostkeys class:
2013-07-29 18:51:16 -0400
/Stage[main]/Openssh::Hostkeys/Sshkey[astro-f19.doubledog.org]/host_aliases
(notice): host_aliases changed ['astro-f19', 'astro', 'imap', 'mail', 'smtp',
'172.16.7.129'] to 'astro-f19 astro imap mail smtp 172.16.7.129'
As far as /etc/ssh/ssh_known_hosts goes, everything looks perfect:
astro-f19.doubledog.org,astro-f19,astro,imap,mail,smtp,172.16.7.129 ssh-rsa
AAAAB<snipped for brevity>pCbNHif
Is there anything else I can provide to help this one along? I realize I'm
nesting arrays (via $aliases within $host_aliases) but the provider calls
flatten which if I understand things correctly should eliminate the nesting.
----------------------------------------
Bug #17798: sshkey changed on every run when using a custom function, except
there is no change
https://projects.puppetlabs.com/issues/17798#change-95698
* Author: Steffen Zieger
* Status: Needs More Information
* Priority: Normal
* Assignee: Steffen Zieger
* Category:
* Target version:
* Affected Puppet version:
* Keywords:
* Branch:
----------------------------------------
Everything is working, as long as I'm not using my custom function to collect
all ipaddresses (IPv4 and IPv6) in an array.
The manifest used to collect the keys:
[[https://github.com/saz/puppet-ssh/blob/master/manifests/hostkeys.pp]]
The manifest used to realize the keys:
[[https://github.com/saz/puppet-ssh/blob/master/manifests/knownhosts.pp]]
*Puppet agent run with `host_aliases = [ $::fqdn, $::hostname, $::ipaddress ]`
(ssh_known_hosts entry already exists)*
root@db7:~# puppet agent -t
Info: Retrieving plugin
Info: Caching catalog for db7.domain.tld
Info: Applying configuration version '1353689020'
Finished catalog run in 6.63 seconds
`$ipaddresses = ipaddresses()` # Custom function from
[[https://github.com/saz/puppet-ssh/blob/master/lib/puppet/parser/functions/ipaddresses.rb]]
Puppet agent run with `host_aliases = [ $::fqdn, $::hostname, $ipaddresses ]`
root@db7:~# puppet agent -t
Info: Retrieving plugin
Info: Caching catalog for db7.domain.tld
Info: Applying configuration version '1353689093'
/Stage[main]/Ssh::Hostkeys/Sshkey[db7.domain.tld_rsa]/host_aliases:
host_aliases changed ['db7.domain.tld', 'db7', '1.2.3.4'] to 'db7.domain.tld
db7 1.2.3.4 2001:0db8:85a3::8a2e:0370:7334'
Info: FileBucket adding {md5}8f0bcbf289ef43240021c9fab4af4a6a
/Stage[main]/Ssh::Hostkeys/Sshkey[db7.domain.tld_dsa]/host_aliases:
host_aliases changed ['db7.domain.tld', 'db7', '1.2.3.4'] to 'db7.domain.tld
db7 1.2.3.4 2001:0db8:85a3::8a2e:0370:7334'
Finished catalog run in 7.08 seconds
As expected, host_aliases changes, as IPv6 address has been added.
Next Puppet agent run with same settings as before:
root@db7:~# puppet agent -t
Info: Retrieving plugin
Info: Caching catalog for db7.domain.tld
Info: Applying configuration version '1353689093'
/Stage[main]/Ssh::Hostkeys/Sshkey[db7.domain.tld_rsa]/host_aliases:
host_aliases changed ['db7.domain.tld', 'db7', '1.2.3.4',
'2001:0db8:85a3::8a2e:0370:7334'] to 'db7.domain.tld db7 1.2.3.4
2001:0db8:85a3::8a2e:0370:7334'
Info: FileBucket adding {md5}474fa7e20bcc0d9bb9f5e17823d433ce
/Stage[main]/Ssh::Hostkeys/Sshkey[db7.domain.tld_dsa]/host_aliases:
host_aliases changed ['db7.domain.tld', 'db7', '1.2.3.4',
'2001:0db8:85a3::8a2e:0370:7334'] to 'db7.domain.tld db7 1.2.3.4
2001:0db8:85a3::8a2e:0370:7334'
Finished catalog run in 7.25 seconds
root@db7:~#
host_aliases changed again, but I can't see why.
Generated ssh_known_hosts entries:
db7.domain.tld_rsa,db7.domain.tld,db7,1.2.3.4,2001:0db8:85a3::8a2e:0370:7334
ssh-rsa [..key..]
db7.domain.tld_dsa,db7.domain.tld,db7,1.2.3.4,2001:0db8:85a3::8a2e:0370:7334
ssh-dss [..key..]
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/groups/opt_out.
