On Tue, Jul 24, 2012 at 3:05 PM, jcbollinger <[email protected]> wrote:
>
>
> On Tuesday, July 24, 2012 9:47:25 AM UTC-5, Nan Liu wrote:
>>
>> On Mon, Jul 23, 2012 at 11:10 AM, Trevor Vaughan <[email protected]>
>> wrote:
>> > So, I'm sure this has been covered somewhere, but I can't seem to find
>> > it.
>> >
>> > Is there no 'purge' ability on the 'sshkey' type? It would be nice to
>> > be able to get rid of entries for hosts that are no longer present
>> > without actually having to write out a node declaration for each one.
>>
>> Purge isn't supported for providers based on parsed file that edit
>> more than one target file. So purge works for host/cron, but not
>> sshkey/yum. To support purging, I've used a custom define resource
>> based on concat files (which have other pro/cons).
>
>
> We're talking about Sshkey, not Ssh_authorized_key. As far as I know, the
> former ought to be managing only one file (/etc/ssh/ssh_known_hosts for most
> systems). Is there some reason why that type would be managing more than
> one file?
Sorry for the mix up. It's purging the default target files:
resources { 'sshkey':
purge => true,
}
$ puppet apply /tmp/sshkey.pp
notice: /Sshkey[192.168.232.128]/ensure: removed
notice: /Sshkey[192.168.101.131]/ensure: removed
notice: /Sshkey[ec2-23-22-74-239.compute-1.amazonaws.com]/ensure: removed
notice: /Sshkey[192.168.232.143]/ensure: removed
notice: Finished catalog run in 0.06 seconds
$ cat /etc/ssh/ssh_known_hosts
# HEADER: This file was autogenerated at Tue Jul 10 17:29:06 -0500 2012
# HEADER: by puppet. While it can still be managed manually, it
# HEADER: is definitely not recommended.
On mac it's default to /etc/ssh_known_hosts, and both seems to work.
Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
