Issue #10850 has been updated by David Swift.
We get the same error as described by Ashley in the original post. While this is really a pain, it seems there is a workaround. Logging into the client machine, and as root, execute 'puppet agent --test'. However, it seems really suspect that this works - after reading the CVE, it seems it shouldn't work. ---------------------------------------- Bug #10850: ssh_authorized_key doing the wrong thing https://projects.puppetlabs.com/issues/10850#change-96771 * Author: Ashley Penney * Status: Accepted * Priority: Normal * Assignee: * Category: ssh * Target version: * Affected Puppet version: 2.7.9 * Keywords: * Branch: ---------------------------------------- Backstory - I cut and paste my ssh_authorized_key statement to make another user's key. I changed the title of the resource and the actual key but forgot to change the 'target =>' setting. This then tried to update apenney instead of jthompson. I tried to correct this and now puppet errors constantly and as you can see from below it's trying to write to the old target not the new target. notice: /Stage[main]/Users/User[jthompson]/ensure: created notice: /Stage[main]/Users/Ssh_authorized_key[jthompson]/user: user changed 'apenney' to 'jthompson' notice: /Stage[main]/Users/Ssh_authorized_key[jthompson]/target: target changed '/home/apenney/.ssh/authorized_keys' to '/home/jthompson/.ssh/authorized_keys' err: /Stage[main]/Users/Ssh_authorized_key[jthompson]: Could not evaluate: Puppet::Util::FileType::FileTypeFlat could not write /home/apenney/.ssh/authorized_keys: Permission denied - /home/apenney/.ssh/authorized_keys -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
