[Puppet-dev] (puppetlabs/puppet) New pull request: (#8986) Don't su when creating SSH authorized_keys

Sun, 28 Aug 2011 08:38:32 -0700

Greetings!

Please review the pull request #67: (#8986) Don't su when creating SSH authorized_keys opened by (khightower)

Some more information about the pull request:

  • Opened: Sun Aug 28 15:17:05 UTC 2011
  • Based on: puppetlabs:master (98db04eb290ad7767cbc6da43c0ab94971f0d8ef)
  • Requested merge: khightower:bug/master/8986 (a24a5a5661e2c75930018068a2f3e14fd2504523)

Description:

In order to support use cases where an authorized_key file is written to
a non-standard location, which may not be writable by the user, this patch
removes the step in the flush method that switches users before writing
the authorized_key file to disk. As a result, the authorized_key can now
be written to any location.

This patch does not change the core functionality of the
ssh_authorized_key type.

Thanks!
The Pull Request Bot

Diff follows:

diff --git a/lib/puppet/provider/ssh_authorized_key/parsed.rb b/lib/puppet/provider/ssh_authorized_key/parsed.rb
index 81b1fbc..6ca15c2 100644
--- a/lib/puppet/provider/ssh_authorized_key/parsed.rb
+++ b/lib/puppet/provider/ssh_authorized_key/parsed.rb
@@ -1,11 +1,9 @@
 require 'puppet/provider/parsedfile'
 
-
-      Puppet::Type.type(:ssh_authorized_key).provide(
-        :parsed,
+Puppet::Type.type(:ssh_authorized_key).provide(
+  :parsed,
   :parent => Puppet::Provider::ParsedFile,
-  :filetype => :flat,
-        
+  :filetype => :flat,      
   :default_target => ''
 ) do
   desc "Parse and generate authorized_keys files for SSH."
@@ -62,7 +60,7 @@ require 'puppet/provider/parsedfile'
     # so calling it here supresses the later attempt by our superclass's flush method.
     self.class.backup_target(target)
 
-    Puppet::Util::SUIDManager.asuser(@resource.should(:user)) { super }
+    super
     File.chown(uid, nil, target)
     File.chmod(file_perm, target)
   end

--
You received this message because you are subscribed to the Google Groups "Puppet Developers" group.
To post to this group, send email to puppet-dev@googlegroups.com.
To unsubscribe from this group, send email to puppet-dev+unsubscr...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.

Reply via email to