Hi *,
I would like to create a pool of ssh pubkeys. The major goal is to be
able to assign a single key to multiple users on a given node/system.
Okay, lets say we have the users: foo and bar. In my manifest I've
created the following test definition for resource "jim":
---------------------------------------------------------------------
define sshpubkey::test($user) {
ssh_authorized_key {
'jim':
ensure => present,
user => "$user",
name => "[email protected]",
type => ssh-rsa,
key => "[...KEY...]"
}
---------------------------------------------------------------------
I was able to pass the "$user" variable to the copy of that resource by
placing a "sshpubkey:test" definition within the node configuration. The
users authorized_keys file is updated accordingly.
Now I've just tried to install the pubkey of resource "jim" in the
authorized_keys file of user "bar" on node1, placing a second definition:
---------------------------------------------------------------------
node node1 {
sshpubkey::test { "jim": user => "foo"}
sshpubkey::test { "jim": user => "bar"}
}
---------------------------------------------------------------------
.. but then, of course, puppet throws a "Duplicate definition" error
because I've tried to reuse resource "jim" another time:
---------------------------------------------------------------------
node:~ # puppetd -o --server puppet.domain.tld --waitforcert 60 --test
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate definition: Sshpubkey::Test[jim] is already defined in file
/etc/puppet/manifests/node.pp at line 3; cannot redefine at
/etc/puppet/manifests/node.pp:4 on node puppet.domain.tld
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
---------------------------------------------------------------------
Can somebody tell me how to handle it the puppet way"?
Any sort of advice, hints and comments are much appreciated! :)
Many thanks
Jan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
