Issue #7014 has been updated by Spencer Krum.
That's correct. Thanks Nick. I am trying to run two puppet clients under different users, with different certnames. Right now I'm getting by with the syntax username-machinename.domain but I'd really like to be able to get to [email protected] because that is a better indicator of whats really going on. I have code in a PR that gets this working, the tests don't pass yet and I haven't had time to fix that yet but I will. I have verified that the code totally does work. https://github.com/puppetlabs/puppet/pull/1846 ---------------------------------------- Bug #7014: certnames with @ symbols don't pass through auth.conf https://projects.puppetlabs.com/issues/7014#change-96738 * Author: Matt Robinson * Status: Accepted * Priority: Normal * Assignee: * Category: security * Target version: * Affected Puppet version: * Keywords: * Branch: ---------------------------------------- In lib/puppet/network/authstore.rb line 242ish a case statement deals with certnames with @ symbols in way that makes it so that they'll never match auth.conf rules for hosts. The easy workaround is, of course, not to use certnames with at symbols. We really ought to stop conflating host, name and certname in this area of code also, because it makes it REALLY hard to read. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
