On Tue, May 03, 2011 at 10:19:30AM -0700, richard jacobsen wrote:
> I just installed puppet on an ubuntu natty narwhal desktop and I'm
> getting the following error on one of my puppet classes:
>
> notice: //myclass/Ssh_authorized_key[adminuser]/ensure: created
> err: //myclass/Ssh_authorized_key[adminuser]: Could not evaluate:
> Cannot write SSH authorized keys without user
>
> ssh_authorized_key { "adminuser":
> ensure => present,
> key => "blahblah",
> name => "adminusername",
> target => "/root/.ssh/authorized_keys",
> type => "ssh-rsa"
> }
>
> This same bit works fine on ubuntu lucid, and debian squeeze. Any
> ideas what could be wrong? I checked and the root user is indeed in
> both /etc/passwd and /etc/shadow.
>
> Thanks,
> Richard
>
The ssh_authorized_key type has a user property. This is used to chown
the authorized_key file to the correct user.
so the follwing should work:
ssh_authorized_key { "adminuser":
ensure => present,
key => "blahblah",
name => "adminusername",
target => "/root/.ssh/authorized_keys",
type => "ssh-rsa",
user => 'root', ## added line
}
Actually the target property is now redundant because if you dont set the
target, it will default to ~user/.ssh/authorized_keys.
Puppet may try to guess the user if you dont specify it (like reading
the owner of the target, i dont know) but in your cased failed.
But as long as you have your keys in the normal directory, I would
always specify user instead of target because it is more readably (at
least in my opinion)
-Stefan
pgpHX7z8g1H4z.pgp
Description: PGP signature
