I'm trying to create a ssh class where the /etc/ssh/ssh_known_hosts and
/etc/ssh/shosts.equiv stays updated. The issue i'm finding is that if I
include a "tag == anything" in the Collector filter, it collects all
resources EXCEPT it's own. In this case, the known_hosts and .equiv files
will have all the other hostnames, but not it's own hostname. If I remove
the "tag ==" line it works as expected. I tested this with a common tag
"ssh" which I verified is in puppetdb on both exports.
[root@csep0501 ssh]# rpm -qa | grep puppet
puppet-3.2.3-1.el5
(where $dsitename is the lowercase version of a global fact)
@@sshkey{ "${::fqdn}-ssh-pubkey" :
tag => $dsitename,
ensure => present,
host_aliases => [ $::hostname ],
key => $::sshrsakey,
name => $::fqdn,
type => 'ssh-rsa',
}
@@file_line{ "${::fqdn}-shosts.equiv" :
tag => $dsitename,
path => "/etc/ssh/shosts.equiv",
ensure => present,
line => "+${::fqdn}",
}
notify { 'testmessage' :
message => "Downcased sitename is $dsitename",
}
Sshkey <<| tag == 'ssh' and tag == $dsitename |>> {
require => File['/etc/ssh/ssh_known_hosts'],
}
File_line <<| tag == 'ssh' and tag == $dsitename and path ==
"/etc/ssh/shosts.equiv" |>> {
require => File['/etc/ssh/shosts.equiv'],
}
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
