Hi,
I''m trying to import a gpg key (for repository signing) for my servers
root user, with something like this :
file { "/etc/company/company-gpg-key":
owner => root,
group => root,
mode => 0644,
source =>
"puppet://$puppet_server/files/backports/company-gpg-key",
}
exec { "gpg --import /etc/company/company-gpg-key":
unless => "gpg --list-keys | grep ''company''"
}
However the command is being run as the puppet user and thus not being
imported into root''s gpg keyring. Is there a way to do this kind of
operation with puppet (run commands as a user other than puppet) or is
there a better/different way to achieve this ? I''ve had a quick look
through the existing recipes and couldn''t see anything obvious.
Thanks,
Rob
On Thu, 2007-07-12 at 15:54 +0100, robl wrote:> Hi, > > I''m trying to import a gpg key (for repository signing) for my servers > root user, with something like this : > > file { "/etc/company/company-gpg-key": > owner => root, > group => root, > mode => 0644, > source => "puppet://$puppet_server/files/backports/company-gpg-key", > } > exec { "gpg --import /etc/company/company-gpg-key": > unless => "gpg --list-keys | grep ''company''" > }You can set the user to run as with the user attribute[1]: exec { "gpg --import /etc/company/company-gpg-key": unless => "gpg --list-keys | grep ''company''", user => root } David [1] http://www.reductivelabs.com/trac/puppet/wiki/TypeReference#exec