Puppet users - May 2011 - Could not evaluate: Cannot write SSH authorized keys without user

I just installed puppet on an ubuntu natty narwhal desktop and I''m
getting the following error on one of my puppet classes:

notice: //myclass/Ssh_authorized_key[adminuser]/ensure: created
err: //myclass/Ssh_authorized_key[adminuser]: Could not evaluate:
Cannot write SSH authorized keys without user

        ssh_authorized_key { "adminuser":
                ensure => present,
                key => "blahblah",
                name => "adminusername",
                target => "/root/.ssh/authorized_keys",
                type => "ssh-rsa"
        }

This same bit works fine on ubuntu lucid, and debian squeeze.  Any
ideas what could be wrong?  I checked and the root user is indeed in
both /etc/passwd and /etc/shadow.

Thanks,
Richard


-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

On Tue, May 03, 2011 at 10:19:30AM -0700, richard jacobsen
wrote:
> I just installed puppet on an ubuntu natty narwhal desktop and I''m
> getting the following error on one of my puppet classes:
> 
> notice: //myclass/Ssh_authorized_key[adminuser]/ensure: created
> err: //myclass/Ssh_authorized_key[adminuser]: Could not evaluate:
> Cannot write SSH authorized keys without user
> 
>         ssh_authorized_key { "adminuser":
>                 ensure => present,
>                 key => "blahblah",
>                 name => "adminusername",
>                 target => "/root/.ssh/authorized_keys",
>                 type => "ssh-rsa"
>         }
> 
> This same bit works fine on ubuntu lucid, and debian squeeze.  Any
> ideas what could be wrong?  I checked and the root user is indeed in
> both /etc/passwd and /etc/shadow.
> 
> Thanks,
> Richard
> 
The ssh_authorized_key type has a user property. This is used to chown
the authorized_key file to the correct user.

so the follwing should work:

    ssh_authorized_key { "adminuser":
            ensure => present,
            key    => "blahblah",
            name   => "adminusername",
            target => "/root/.ssh/authorized_keys",
            type   => "ssh-rsa",
            user   => ''root'', ## added line
    }

Actually the target property is now redundant because if you dont set the
target, it will default to ~user/.ssh/authorized_keys.

Puppet may try to guess the user if you dont specify it (like reading
the owner of the target, i dont know) but in your cased failed.

But as long as you have your keys in the normal directory, I would
always specify user instead of target because it is more readably (at
least in my opinion)

-Stefan