Yes but if I am understanding you correctly I can't just let puppet
own the required resources. The directories are created automatically
via PAM config upon initial login. I can't define a user type or a
file type as I don't know the UID.
ssh_authorized_key{ "billys key":
ensure => present,
key => 'billys sshkey',
name => "super duper key",
type => ssh-rsa,
user =>"billy",
onlyif => "test -d /home/${user}"
}
I am assuming that I can refer to the user with ${user} and that
onlyif is a valid parameter.
Does every defined type have onlyif parameter built in?
On Apr 21, 4:00 pm, Jeff McCune <[email protected]> wrote:
> On Thu, Apr 21, 2011 at 3:41 PM, Corey Osman <[email protected]> wrote:
> > Here is my situation:
>
> > 1. We use Active directory (LDAP) to store all user info which is retrieved
> > from linux
> > 2. A home directory is not created until the first time the user logs into
> > the linux system
>
> > I am using the ssh_authorized_key type to push out my ssh keys to every
> > system. However, because I haven't logged into every system at least once.
> > Puppet errors out due to a missing home directory when trying to create
> > the authorized_keys file. The simple remedy is to login to the box and
> > have the home directory created (su - username). However, I would like
> > the ssh_authorized_key type to not fail but just give a notice. (home
> > directory does not exist, skipping) therefore the reports don't show errors
> > and give misleading errors in the reports.
>
> > ssh_authorized_key{ "billys key":
> > ensure => present,
> > key => 'billys sshkey',
> > name => "super duper key",
> > type => ssh-rsa,
> > user =>"billy",
> > onlyif => "test -d /home/${user}"
> > }
>
> > I am assuming that I can refer to the user with ${user} and that onlyif is
> > a valid parameter.
>
> > Is this possible?
>
> Wouldn't it be better to make sure the home directory does exist, as
> well as the ~/.ssh directory?
>
> This is often accomplished by creating a defined resource type to
> contain all of the resources you need to manage to give you access to
> the system.
>
> --
> Jeff McCune
> Professional Services, Puppet Labs
> @0xEFF
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
