Puppet users - Nov 2009 - Cannot create authorized key and user in the same go?

Hi,

I''m trying to create an authorized key and a user in one go and
I''m
not getting anywhere:

class users {

  user { "ben" :
    ensure => present,
    uid => 1010,
    gid => "users",
    managehome => true,
    password => "blahblah"
  }

 ssh_authorized_key { "ben-key":
   ensure => present,
   key    => "blahblah",
   type => "ssh-dss",
   user => "ben",
 }

}

This doesn''t work, not even in the ''run it twice''
kind of way:
Nov 11 23:49:04 mgmt puppetd[20300]: Could not create ben-key: user
ben doesn''t exist
Nov 11 23:49:04 mgmt puppetd[20300]: Configuration could not be
instantiated: user ben doesn''t exist

Commenting out the key will create the user, and uncommenting it after
user creation will create the key.  Am I missing something painfully
obvious?

Puppet 24.8 on SUSE 11.  I''ve pared the configuration down to only
this; nothing else is going on.

Thanks,
Ben
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Ben Lavender schrieb:
> Hi,
>
> I''m trying to create an authorized key and a user in one go and
I''m
> not getting anywhere:
>
> class users {
>
>   user { "ben" :
>     ensure => present,
>     uid => 1010,
>     gid => "users",
>     managehome => true,
>     password => "blahblah"
>   }
>
>  ssh_authorized_key { "ben-key":
>    ensure => present,
>    key    => "blahblah",
>    type => "ssh-dss",
>    user => "ben",
>  }
>
> }
>
> This doesn''t work, not even in the ''run it
twice'' kind of way:
> Nov 11 23:49:04 mgmt puppetd[20300]: Could not create ben-key: user
> ben doesn''t exist
> Nov 11 23:49:04 mgmt puppetd[20300]: Configuration could not be
> instantiated: user ben doesn''t exist
>
> Commenting out the key will create the user, and uncommenting it after
> user creation will create the key.  Am I missing something painfully
> obvious?
>
> Puppet 24.8 on SUSE 11.  I''ve pared the configuration down to only
> this; nothing else is going on.
>
> Thanks,
> Ben
> >
>   
I tried following Recipe 
http://reductivelabs.com/trac/puppet/wiki/Recipes/Authorized_keys and 
its working;
I think first you need to create .ssh directory in the home directory of 
every user, then create the public key in this directory (say 
/home/ben/.ssh/id_rsa.pub) and then generate the ssh key.
try out the recipe and if it won''t work then try to separate the
AddUser
process and GenerateKey process in separate functions.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Hi
> class users {
> 
>   user { "ben" :
>     ensure => present,
>     uid => 1010,
>     gid => "users",
>     managehome => true,
>     password => "blahblah"
>   }
> 
>  ssh_authorized_key { "ben-key":
>    ensure => present,
>    key    => "blahblah",
>    type => "ssh-dss",
>    user => "ben",
>  }
> 
> }
> 
> This doesn''t work, not even in the ''run it
twice'' kind of way:
> Nov 11 23:49:04 mgmt puppetd[20300]: Could not create ben-key: user
> ben doesn''t exist
> Nov 11 23:49:04 mgmt puppetd[20300]: Configuration could not be
> instantiated: user ben doesn''t exist
> 
> Commenting out the key will create the user, and uncommenting it after
> user creation will create the key.  Am I missing something painfully
> obvious?

you have to specify relationship between these 2 resources. This means
that the ssh_authorized_key needs a require => User[''ben'']

cheers pete

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

> > }
>
> > This doesn''t work, not even in the ''run it
twice'' kind of way:
> > Nov 11 23:49:04 mgmt puppetd[20300]: Could not create ben-key: user
> > ben doesn''t exist
> > Nov 11 23:49:04 mgmt puppetd[20300]: Configuration could not be
> > instantiated: user ben doesn''t exist
>
> > Commenting out the key will create the user, and uncommenting it after
> > user creation will create the key.  Am I missing something painfully
> > obvious?
>
> you have to specify relationship between these 2 resources. This means
> that the ssh_authorized_key needs a require =>
User[''ben'']
This is not the issue; specifying the relationship manually does not
solve the problem.  Further, the docs state that the require => User
[$user] is implicit with the user argument.

Thanks,
Ben
> cheers pete
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

: user ben doesn''t exist
>
> > Commenting out the key will create the user, and uncommenting it after
> > user creation will create the key.  Am I missing something painfully
> > obvious?
>
> > Puppet 24.8 on SUSE 11.  I''ve pared the configuration down to
only
> > this; nothing else is going on.
>
> > Thanks,
> > Ben
>
> I tried following
Recipehttp://reductivelabs.com/trac/puppet/wiki/Recipes/Authorized_keysand
> its working;
> I think first you need to create .ssh directory in the home directory of
> every user, then create the public key in this directory (say
> /home/ben/.ssh/id_rsa.pub) and then generate the ssh key.
> try out the recipe and if it won''t work then try to separate the
AddUser
> process and GenerateKey process in separate functions.
This recipe is not what I want; I am doing something different but
have pared down the config to this in order to show the problem.

It is not an issue of the .ssh/ or the id existing.  If the user
exists without a .ssh directory, the key is created just fine.  (The
home directory not existing will be an error, though)

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

On Nov 12, 11:51 am, Ben Lavender <blaven...@gmail.com>
wrote:
>
> > you have to specify relationship between these 2 resources. This means
> > that the ssh_authorized_key needs a require =>
User[''ben'']
>
> This is not the issue; specifying the relationship manually does not
> solve the problem.  Further, the docs state that the require => User
> [$user] is implicit with the user argument.
Perhaps bug #2487 is relevant?

http://projects.reductivelabs.com/issues/2487

--
Arto Bendiken | http://ar.to/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---