Well, thanks for the late answer.
> you shouldn''t need to set home again in ::server and ::client,
although I guess you
> only added those when the first didn''t work.
That''s right
In the meantime I made a little workaround and edited the following:
define ssh_auth_key_client ($ensure, $filename, $group, $home, $user)
{
File {
owner => $user,
group => $group,
mode => 600,
require => [ User[$user], File[$home]],
}
Now it looks like this:
define ssh_auth_key_client ($ensure, $filename, $group, $home, $user)
{
File {
owner => $user,
group => $group,
mode => 600,
require => $user ? {
"root" => [ User[$user], File["$home/.ssh"] ],
default => [ User[$user], File[$home]],
}
}
Together with file {"/root/.ssh"} this works now for me...but I
don''t
think that''s a pretty solution ;)
During the last days I came across another problem. Something like
this doesn''t seem to be possible:
ssh::auth::server { "user1":
user => [ "user1",
"user2"],
require => [
File["/home/user1"],
File["/home/user2"] ]
}
Explanation: User1 should be able to ssh as user1 and user2 but arrays
apparently don''t work with the "user" parameter. When I run
this
manifest puppet gives me always something like this: "directory /home/
user1user2 doesn''t exist"
Is there way to realize this? I couldn''t figure a way out, as defining
ssh::auth::server {"user1"} twice isn''t allowed either.
By the way your documentation looks pretty messed up now after the
wiki change. I already fixed the link form the module overview and
reuploaded the auth.pp file, but I couldn''t figure out how to fix the
relative links in the document itself. Although I have to admit that I
didn''t really spend that much time on this issue...
christian
On 27 Mrz., 23:43, Andrew Schulman <google-groups-
and...@sneakemail.com> wrote:> > Hey there,
>
> > I''m playing around with the ssh::auth module and right now I
want to
> > create the authorized_keys file for root. But it doesn''t seem
to work
> > as I always get this error:
>
> > puppetd[2579]: Could not apply complete catalog:
> > Puppet::Util::FileType::FileTypeFlat could not write /home/root/.ssh/
> > authorized_keys: No such file or directory - /home/root/.ssh/
> > authorized_keys
>
> > Obviously puppet tries to write to the wrong directory. For other
> > users who really live in /home/$user the module works.
> > If I create a link /root/.ssh -> /home/root/.ssh puppet creates the
> > authorized_keys file.
>
> > My manifests look like this:
> > #site.pp
> > include ssh::auth
> > ssh::auth::key { "root":
> > ensure => "present",
> > keytype => "dsa",
> > home => "/root",
> > }
>
> > #nodes.pp
> > node sshserver {
> > ssh::auth::server { "root":
> > home => "/root",
}
> > ssh::auth::client { "root":
> > home => "/root",
}
>
> > }
>
> > As you can see I added always the home-parameter but still puppet
> > tries to write to /home/root.
> > I''m using puppet 0.25.4.
> > So where did I do the mistake?
>
> Christian, I''m sorry for my delayed reply. I''ve been
offline for a while.
>
> Your manifests look right to me. This looks like a bug in ssh::auth.
Setting
> ssh::auth::key { root: home => "/root" } should be all
you''d have to do; you
> shouldn''t need to set home again in ::server and ::client,
although I guess you
> only added those when the first didn''t work.
>
> Let me look into this and I''ll see what I can figure out.
> Andrew.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.