On Tue, May 03, 2011 at 10:19:30AM -0700, richard jacobsen wrote: > I just installed puppet on an ubuntu natty narwhal desktop and I'm > getting the following error on one of my puppet classes: > > notice: //myclass/Ssh_authorized_key[adminuser]/ensure: created > err: //myclass/Ssh_authorized_key[adminuser]: Could not evaluate: > Cannot write SSH authorized keys without user > > ssh_authorized_key { "adminuser": > ensure => present, > key => "blahblah", > name => "adminusername", > target => "/root/.ssh/authorized_keys", > type => "ssh-rsa" > } > > This same bit works fine on ubuntu lucid, and debian squeeze. Any > ideas what could be wrong? I checked and the root user is indeed in > both /etc/passwd and /etc/shadow. > > Thanks, > Richard >
The ssh_authorized_key type has a user property. This is used to chown the authorized_key file to the correct user. so the follwing should work: ssh_authorized_key { "adminuser": ensure => present, key => "blahblah", name => "adminusername", target => "/root/.ssh/authorized_keys", type => "ssh-rsa", user => 'root', ## added line } Actually the target property is now redundant because if you dont set the target, it will default to ~user/.ssh/authorized_keys. Puppet may try to guess the user if you dont specify it (like reading the owner of the target, i dont know) but in your cased failed. But as long as you have your keys in the normal directory, I would always specify user instead of target because it is more readably (at least in my opinion) -Stefan
pgpHX7z8g1H4z.pgp
Description: PGP signature