Its just using the Ruby Etc library to do the lookup according to puppet/util/posix.rb. Which won't match NIS accounts. So I'd raise a feature request if you want this support.
You can work around this by using something like: $username = "bob" ssh_authorized_key { "keyfor-${username}": key => "...", target => "/user/home/dirs/${username}/.ssh/authorized_keys", } The issue being you need prior knowledge of path to the key. You can glean this by producing a fact that uses something like 'getent' instead of /etc/passwd - but this is less then optimal. ken. On Fri, Jun 24, 2011 at 3:13 PM, Nathan Clemons <nat...@livemocha.com> wrote: > I'm wondering if the User provider has the capability to look up accounts > via NIS. It's been a long time since I've used NIS, however, so I don't know > if this is the problem for sure. > -- > Nathan Clemons > http://www.livemocha.com > The worlds largest online language learning community > > > On Fri, Jun 24, 2011 at 6:41 AM, Andreas Kuntzagk > <andreas.kuntz...@mdc-berlin.de> wrote: >> >> I'm wondering if my description was not clear enough or nobody knows an >> answer to this. Did I stumble across a bug here and should open a ticket? >> >> regards, Andreas >> >> Andreas Kuntzagk wrote: >>> >>> Hi, >>> >>> I have this resource definition: >>> >>> ssh_authorized_key { "nagios@login2": >>> key => [REDACTED] >>> user => "nagios", >>> type => "ssh-dss", >>> require => Service['nis'], >>> } >>> >>> This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by >>> puppet and configured before the key. I still get an "User does not exist". >>> >>> daemon.log: >>> ... >>> Jun 17 14:00:57 node016 puppet-agent[1109]: >>> (/Stage[main]/All/File[/localhome/nagios/]/ensure) created >>> Jun 17 14:12:53 node016 puppet-agent[1109]: >>> (/Stage[main]//Ssh_authorized_key[root@node002]/ensure) created >>> Jun 17 14:15:14 node016 puppet-agent[1109]: >>> (/Stage[main]//File[/etc/idmapd.conf]/content) content changed >>> '{md5}3e94f238294cc61b047e7ae50115dffc' to >>> '{md5}6d9c69f38eca81ab0f879c2771d5d543' >>> Jun 17 14:15:14 node016 puppet-agent[1109]: >>> (/Stage[main]//Service[idmapd]/ensure) ensure changed 'stopped' to 'running' >>> Jun 17 14:15:14 node016 puppet-agent[1109]: >>> (/Stage[main]//Service[idmapd]) Triggered 'refresh' from 1 events >>> Jun 17 14:15:41 node016 puppet-agent[1109]: >>> (/Stage[main]/All/File[/etc/yp.conf]/ensure) defined content as >>> '{md5}9c23d37f431c0788c212d3c0ab8a48af' >>> Jun 17 14:15:58 node016 puppet-agent[1109]: >>> (/Stage[main]/All/All::Append_if_no_such_line[sudoers_nagios_smartctl]/Exec[/bin/echo >>> 'nagios ALL=(root) NOPASSWD: /usr/sbin/smartctl' >> '/etc/sudoers']/returns) >>> executed su >>> ccessfully >>> Jun 17 14:17:03 node016 puppet-agent[1109]: >>> (/Stage[main]//Package[nis]/ensure) ensure changed 'purged' to 'latest' >>> Jun 17 14:17:39 node016 puppet-agent[1109]: >>> (/Stage[main]/All/File[/etc/nsswitch.conf]/content) content changed >>> '{md5}295c15c4bdac80e50b37689ef08f359c' to >>> '{md5}250a1851aec43bcc5f73e8a01b2141bd' >>> Jun 17 14:17:43 node016 puppet-agent[1109]: >>> (/Stage[main]/All/Service[nis]) Triggered 'refresh' from 4 events >>> Jun 17 14:17:50 node016 puppet-agent[1109]: >>> (/Stage[main]//Ssh_authorized_key[nagios@login2]/ensure) created >>> Jun 17 14:17:50 node016 puppet-agent[1109]: >>> (/Stage[main]//Ssh_authorized_key[nagios@login2]) Could not evaluate: User >>> 'nagios' does not exist >>> Jun 17 14:18:06 node016 puppet-agent[1109]: (/Whit[last]) Dependency >>> Ssh_authorized_key[nagios@login2] has failures: true >>> ... >>> >>> This is Ubuntu 10.04 with puppet 2.6.8 >>> >>> regards, Andreas >>> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.