hi guys,
I am having an unusual behaviour in puppet with AIX (client node) while
copying ssh key from puppet-server to client.
here is what i am trying to do;
$username = "xyz"
$group = "system"
$home = "/home"
$sshDir = ".ssh"
$pub_key = "id_rsa.pub.xyz"
1. creating all users virtually in one go
2. realize them all and copy each of their''s .ssh/authorized_keys.
The
keys are located on puppetserver with name
"/etc/puppet/modules/userkeys/id_rsa.pub.$username".
in puppet i m writting following code to copy each users'' key from
server to
cient-nodes.
...
...
$sourcepath = $operatingsystem ? {
AIX =>
"/etc/puppet/modules/userkeys/files/$pub_key.$username",
default => "puppet:///SLES/$pub_key.${username}",
*#
Linux nodes pick the file path mentioned in the fileserver.conf, however,
AIX doesnot picking up*
}
...
...
file { "${home}/${username}/$sshDir/authorized_keys":
ensure => "present",
owner => $username,
group => $group,
mode => 600,
require => File["${home}/${username}/${sshDir}"],
#source =>
"puppet:///userkeys/files/${pub_key}.${username}",
source => $sourcepath,
}
when i run this script on Linux nodes, it executes successfully and all
users created with the their keys but on AIX the users are created but keys
are not deployed there and i am getting this errr:
*File[/home/xyz/.ssh/authorized_keys]/ensure:
No specified sources exist*
PS: Though I found a hack to copy the keys from server and deploy them on
client nodes but i am still wondering why my AIX client is not able to
retreive the sourcepath from server when my SLES clients are able to
retrieve it.
one more thing i am not creating any ssh key but actually copying it from
hosted server to the clients.
what am i doing wrong here? waiting for your response
--
haris
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Haris, On Jul 6, 7:19 am, "M.F.Haris" <mfha...@gmail.com> wrote:> $sourcepath = $operatingsystem ? { > AIX => "/etc/puppet/modules/userkeys/files/$pub_key.$username", > default => "puppet:///SLES/$pub_key.${username}", > }Here, on the AIX path you tell it to copy the id_dsa.pub /from a local file on the client/. You need to probably change that to ''puppet:/// modules/userkeys/$pub_key.$username'' or ''puppet:///SLES/$pub_key.$ {username}'' or similar and it should copy from the server. There''s a built in ssh_authorized_key type that would probably save you a bunch of work. http://docs.puppetlabs.com/references/stable/type.html#ssh_authorized_key -Andrew> ... > ... > > file { "${home}/${username}/$sshDir/authorized_keys": > ensure => "present", > owner => $username, > group => $group, > mode => 600, > require => File["${home}/${username}/${sshDir}"], > #source => "puppet:///userkeys/files/${pub_key}.${username}", > source => $sourcepath, > } > > when i run this script on Linux nodes, it executes successfully and all > users created with the their keys but on AIX the users are created but keys > are not deployed there and i am getting this errr: > *File[/home/xyz/.ssh/authorized_keys]/ensure: > No specified sources exist* > > PS: Though I found a hack to copy the keys from server and deploy them on > client nodes but i am still wondering why my AIX client is not able to > retreive the sourcepath from server when my SLES clients are able to > retrieve it. > > one more thing i am not creating any ssh key but actually copying it from > hosted server to the clients. > > what am i doing wrong here? waiting for your response > > -- > haris-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
thanks Andrew,
the sourcepath i was using for AIX is
puppet:///userkeys/$pub_key.${username}. but I am pretty sure that with 0.24
it was working fine and i it appears to me since i upgrade to 0.25
sourcepath must require ''/modules/'' inlcuded here.
Thanks again for your prompt reply.
M Haris Farooque
MSc. Software Engineering (Hochshule Für Technik-Stuttgart)
Cell: +49-176-470-96-991
On Tue, Jul 6, 2010 at 4:56 PM, Andrew Forgue
<andrew.forgue@gmail.com>wrote:
> Haris,
>
> On Jul 6, 7:19 am, "M.F.Haris" <mfha...@gmail.com> wrote:
> > $sourcepath = $operatingsystem ? {
> > AIX =>
"/etc/puppet/modules/userkeys/files/$pub_key.$username",
> > default => "puppet:///SLES/$pub_key.${username}",
> > }
>
> Here, on the AIX path you tell it to copy the id_dsa.pub /from a local
> file on the client/. You need to probably change that to
''puppet:///
> modules/userkeys/$pub_key.$username'' or
''puppet:///SLES/$pub_key.$
> {username}'' or similar and it should copy from the server.
>
> There''s a built in ssh_authorized_key type that would probably
save
> you a bunch of work.
>
> http://docs.puppetlabs.com/references/stable/type.html#ssh_authorized_key
>
> -Andrew
>
>
>
> > ...
> > ...
> >
> > file { "${home}/${username}/$sshDir/authorized_keys":
> > ensure => "present",
> > owner => $username,
> > group => $group,
> > mode => 600,
> > require =>
File["${home}/${username}/${sshDir}"],
> > #source =>
"puppet:///userkeys/files/${pub_key}.${username}",
> > source => $sourcepath,
> > }
> >
> > when i run this script on Linux nodes, it executes successfully and
all
> > users created with the their keys but on AIX the users are created but
> keys
> > are not deployed there and i am getting this errr:
> > *File[/home/xyz/.ssh/authorized_keys]/ensure:
> > No specified sources exist*
> >
> > PS: Though I found a hack to copy the keys from server and deploy them
on
> > client nodes but i am still wondering why my AIX client is not able to
> > retreive the sourcepath from server when my SLES clients are able to
> > retrieve it.
> >
> > one more thing i am not creating any ssh key but actually copying it
from
> > hosted server to the clients.
> >
> > what am i doing wrong here? waiting for your response
> >
> > --
> > haris
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
>
puppet-users+unsubscribe@googlegroups.com<puppet-users%2Bunsubscribe@googlegroups.com>
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.