Well, thanks for the late answer.
> you shouldn't need to set home again in ::server and ::client, although I
> guess you
> only added those when the first didn't work.
That's right
In the meantime I made a little workaround and edited the following:
define ssh_auth_key_client ($ensure, $filename, $group, $home, $user)
{
File {
owner => $user,
group => $group,
mode => 600,
require => [ User[$user], File[$home]],
}
Now it looks like this:
define ssh_auth_key_client ($ensure, $filename, $group, $home, $user)
{
File {
owner => $user,
group => $group,
mode => 600,
require => $user ? {
"root" => [ User[$user], File["$home/.ssh"] ],
default => [ User[$user], File[$home]],
}
}
Together with file {"/root/.ssh"} this works now for me...but I don't
think that's a pretty solution ;)
During the last days I came across another problem. Something like
this doesn't seem to be possible:
ssh::auth::server { "user1":
user => [ "user1", "user2"],
require => [ File["/home/user1"],
File["/home/user2"] ]
}
Explanation: User1 should be able to ssh as user1 and user2 but arrays
apparently don't work with the "user" parameter. When I run this
manifest puppet gives me always something like this: "directory /home/
user1user2 doesn't exist"
Is there way to realize this? I couldn't figure a way out, as defining
ssh::auth::server {"user1"} twice isn't allowed either.
By the way your documentation looks pretty messed up now after the
wiki change. I already fixed the link form the module overview and
reuploaded the auth.pp file, but I couldn't figure out how to fix the
relative links in the document itself. Although I have to admit that I
didn't really spend that much time on this issue...
christian
On 27 Mrz., 23:43, Andrew Schulman <google-groups-
and...@sneakemail.com> wrote:
> > Hey there,
>
> > I'm playing around with the ssh::auth module and right now I want to
> > create the authorized_keys file for root. But it doesn't seem to work
> > as I always get this error:
>
> > puppetd[2579]: Could not apply complete catalog:
> > Puppet::Util::FileType::FileTypeFlat could not write /home/root/.ssh/
> > authorized_keys: No such file or directory - /home/root/.ssh/
> > authorized_keys
>
> > Obviously puppet tries to write to the wrong directory. For other
> > users who really live in /home/$user the module works.
> > If I create a link /root/.ssh -> /home/root/.ssh puppet creates the
> > authorized_keys file.
>
> > My manifests look like this:
> > #site.pp
> > include ssh::auth
> > ssh::auth::key { "root":
> > ensure => "present",
> > keytype => "dsa",
> > home => "/root",
> > }
>
> > #nodes.pp
> > node sshserver {
> > ssh::auth::server { "root":
> > home => "/root", }
> > ssh::auth::client { "root":
> > home => "/root", }
>
> > }
>
> > As you can see I added always the home-parameter but still puppet
> > tries to write to /home/root.
> > I'm using puppet 0.25.4.
> > So where did I do the mistake?
>
> Christian, I'm sorry for my delayed reply. I've been offline for a while.
>
> Your manifests look right to me. This looks like a bug in ssh::auth. Setting
> ssh::auth::key { root: home => "/root" } should be all you'd have to do; you
> shouldn't need to set home again in ::server and ::client, although I guess
> you
> only added those when the first didn't work.
>
> Let me look into this and I'll see what I can figure out.
> Andrew.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
