Ken Barber wrote:
Its just using the Ruby Etc library to do the lookup according to
puppet/util/posix.rb. Which won't match NIS accounts. So I'd raise a
feature request if you want this support.
its #8081
You can work around this by using something like:
$username = "bob"
ssh_authorized_key { "keyfor-${username}":
key => "...",
target => "/user/home/dirs/${username}/.ssh/authorized_keys",
}
Will look into this.
The issue being you need prior knowledge of path to the key.
For my simple usecase this is not a problem. (At least atm. I don't see one.)
Thanks, Andreas
glean this by producing a fact that uses something like 'getent'
instead of /etc/passwd - but this is less then optimal.
ken.
On Fri, Jun 24, 2011 at 3:13 PM, Nathan Clemons <nat...@livemocha.com> wrote:
I'm wondering if the User provider has the capability to look up accounts
via NIS. It's been a long time since I've used NIS, however, so I don't know
if this is the problem for sure.
--
Nathan Clemons
http://www.livemocha.com
The worlds largest online language learning community
On Fri, Jun 24, 2011 at 6:41 AM, Andreas Kuntzagk
<andreas.kuntz...@mdc-berlin.de> wrote:
I'm wondering if my description was not clear enough or nobody knows an
answer to this. Did I stumble across a bug here and should open a ticket?
regards, Andreas
Andreas Kuntzagk wrote:
Hi,
I have this resource definition:
ssh_authorized_key { "nagios@login2":
key => [REDACTED]
user => "nagios",
type => "ssh-dss",
require => Service['nis'],
}
This nagios user comes from NIS, yp.conf and nsswitch.conf are handled by
puppet and configured before the key. I still get an "User does not exist".
daemon.log:
...
Jun 17 14:00:57 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/localhome/nagios/]/ensure) created
Jun 17 14:12:53 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[root@node002]/ensure) created
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//File[/etc/idmapd.conf]/content) content changed
'{md5}3e94f238294cc61b047e7ae50115dffc' to
'{md5}6d9c69f38eca81ab0f879c2771d5d543'
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//Service[idmapd]/ensure) ensure changed 'stopped' to 'running'
Jun 17 14:15:14 node016 puppet-agent[1109]:
(/Stage[main]//Service[idmapd]) Triggered 'refresh' from 1 events
Jun 17 14:15:41 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/etc/yp.conf]/ensure) defined content as
'{md5}9c23d37f431c0788c212d3c0ab8a48af'
Jun 17 14:15:58 node016 puppet-agent[1109]:
(/Stage[main]/All/All::Append_if_no_such_line[sudoers_nagios_smartctl]/Exec[/bin/echo
'nagios ALL=(root) NOPASSWD: /usr/sbin/smartctl' >> '/etc/sudoers']/returns)
executed su
ccessfully
Jun 17 14:17:03 node016 puppet-agent[1109]:
(/Stage[main]//Package[nis]/ensure) ensure changed 'purged' to 'latest'
Jun 17 14:17:39 node016 puppet-agent[1109]:
(/Stage[main]/All/File[/etc/nsswitch.conf]/content) content changed
'{md5}295c15c4bdac80e50b37689ef08f359c' to
'{md5}250a1851aec43bcc5f73e8a01b2141bd'
Jun 17 14:17:43 node016 puppet-agent[1109]:
(/Stage[main]/All/Service[nis]) Triggered 'refresh' from 4 events
Jun 17 14:17:50 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[nagios@login2]/ensure) created
Jun 17 14:17:50 node016 puppet-agent[1109]:
(/Stage[main]//Ssh_authorized_key[nagios@login2]) Could not evaluate: User
'nagios' does not exist
Jun 17 14:18:06 node016 puppet-agent[1109]: (/Whit[last]) Dependency
Ssh_authorized_key[nagios@login2] has failures: true
...
This is Ubuntu 10.04 with puppet 2.6.8
regards, Andreas
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.