Jira (PUP-2635) user purge_ssh_keys not purged
Title: Message Title Doug Byrne commented on an issue Re: user purge_ssh_keys not purged I applied the patch and the resources are ensured absent. Combined with the patch from PUP-2660, it appears to be working. I tried it on both my minimal test, and on one of my normal hosts. Add Comment Puppet / PUP-2635 user purge_ssh_keys not purged I'm using Puppet 3.6.0 on Ubuntu 12.04 and I'm trying to purge unmanaged ssh authorized keys. I've added this code to my manifest: {code} user { 'ubuntu': purge_ssh_keys = true, home = '/home/ubuntu', } {code} However, no keys are purged. I do see the following lines in the agent debug output: {noformat} Debug: /Stage[main]/Role... This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2635) user purge_ssh_keys not purged
Title: Message Title Doug Byrne commented on an issue Re: user purge_ssh_keys not purged The following manifest shows the original issue: keytest.pp package {'python-dev': ensure = present, } ssh_authorized_key { 'doug': ensure = present, key= 'B3NzaC1yc2EDAQABAAABAQC81jWIxrZpzL+IFE9S4yJNMrANeOJke0CbFmk8pBz4rI8RZ+1JBZdD5aZnO15nLVYZlQq1D8BLHy3F02EhfmQBINHUPA373SUedEUPqByQBOslp11sK/u0Op0X7hhW902hOFRszb9VODJifWnkB2bj4FDED6zQf8cIeTIO15CyYxPPeT/EBZ9G4RJsAItXf2ktwWaO94FGcnNYMUzvpsJCMwI4XY8ArqQBsRSrGnauhBD3e1MuqnLF4ujOqLYBwfZ5gw5VSar5i/oSsGswgwjKxmuO0hfTxDVROoIn24AHSTm38lF34djEWIASELEWxDjnFDamawfU2Dpm2MK90Jk/', type = 'ssh-rsa', user = 'ubuntu', } user { 'ubuntu': purge_ssh_keys = true, home = '/home/ubuntu', } I tried multiple packages, all of them appear to have the same behavior. Agent output: ubuntu@keytest:~$ sudo puppet apply keytest.pp --noop -d Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/rabbitmq_erlang_cookie.rb Info: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/concat_basedir.rb Info: Loading facts in /var/lib/puppet/lib/facter/windows_common_appdata.rb Info: Loading facts in /var/lib/puppet/lib/facter/puppi_projects.rb Info: Loading facts in /var/lib/puppet/lib/facter/rvm_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/os_maj_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/doolli_pem.rb Info: Loading facts in /var/lib/puppet/lib/facter/syslog.rb Info: Loading facts in /var/lib/puppet/lib/facter/last_run.rb Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/iptables_persistent_version.rb Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb Info: Loading facts in /var/lib/puppet/lib/facter/rvm_installed.rb Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb Debug: Failed to load library 'selinux' for feature 'selinux' Notice: Compiled catalog for keytest.doolli.com in environment production in 0.35 seconds Debug: Puppet::Type::Package::ProviderPorts: file /usr/local/sbin/portupgrade does not exist Debug: Puppet::Type::Package::ProviderRug: file /usr/bin/rug does not exist Debug: Puppet::Type::Package::ProviderPkgin: file pkgin does not exist Debug: Puppet::Type::Package::ProviderZypper: file /usr/bin/zypper does not exist Debug: Puppet::Type::Package::ProviderPortupgrade: file /usr/local/sbin/portupgrade does not exist Debug: Puppet::Type::Package::ProviderFreebsd: file /usr/sbin/pkg_delete does not exist Debug: Puppet::Type::Package::ProviderPortage: file /usr/bin/emerge does not exist Debug: Puppet::Type::Package::ProviderOpenbsd: file pkg_delete does not exist Debug: Puppet::Type::Package::ProviderOpkg: file opkg does not exist Debug: Puppet::Type::Package::ProviderRpm: file rpm does not exist Debug: Puppet::Type::Package::ProviderAptrpm: file rpm does not exist Debug: Puppet::Type::Package::ProviderSunfreeware: file pkg-get does not exist Debug: Puppet::Type::Package::ProviderUp2date: file /usr/sbin/up2date-nox does not exist Debug: Puppet::Type::Package::ProviderAix:
Jira (PUP-2635) user purge_ssh_keys not purged
Title: Message Title Doug Byrne commented on an issue Re: user purge_ssh_keys not purged For your test, I get the same results. Notice: Compiled catalog for keytest.doolli.com in environment production in 0.18 seconds Notice: /Stage[main]/Main/Ssh_authorized_key[foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea]/ensure: current_value present, should be absent (noop) Notice: /Stage[main]/Main/Ssh_authorized_key[doug]/ensure: current_value present, should be absent (noop) Notice: foo: Would have triggered 'refresh' from 2 events Notice: Class[Main]: Would have triggered 'refresh' from 1 events Notice: Stage[main]: Would have triggered 'refresh' from 1 events Notice: Finished catalog run in 0.17 seconds To perform a second test, I created the following as keytest.pp: keytest.pp ssh_authorized_key { 'doug': ensure = present, key= 'B3NzaC1yc2EDAQABAAABAQC81jWIxrZpzL+IFE9S4yJNMrANeOJke0CbFmk8pBz4rI8RZ+1JBZdD5aZnO15nLVYZlQq1D8BLHy3F02EhfmQBINHUPA373SUedEUPqByQBOslp11sK/u0Op0X7hhW902hOFRszb9VODJifWnkB2bj4FDED6zQf8cIeTIO15CyYxPPeT/EBZ9G4RJsAItXf2ktwWaO94FGcnNYMUzvpsJCMwI4XY8ArqQBsRSrGnauhBD3e1MuqnLF4ujOqLYBwfZ5gw5VSar5i/oSsGswgwjKxmuO0hfTxDVROoIn24AHSTm38lF34djEWIASELEWxDjnFDamawfU2Dpm2MK90Jk/', type = 'ssh-rsa', user = 'ubuntu', } user { 'ubuntu': purge_ssh_keys = true, home = '/home/ubuntu', } Then I ran puppet apply: ubuntu@keytest:~$ sudo puppet apply keytest.pp --noop Notice: Compiled catalog for keytest.doolli.com in environment production in 0.20 seconds Notice: /Stage[main]/Main/Ssh_authorized_key[foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea]/ensure: current_value present, should be absent (noop) Notice: ubuntu: Would have triggered 'refresh' from 1 events Notice: Class[Main]: Would have triggered 'refresh' from 1 events Notice: Stage[main]: Would have triggered 'refresh' from 1 events Notice: Finished catalog run in 0.12 seconds ubuntu@keytest:~$ sudo puppet apply keytest.pp Notice: Compiled catalog for keytest.doolli.com in environment production in 0.20 seconds Notice: /Stage[main]/Main/Ssh_authorized_key[foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea]/ensure: removed Error: /Stage[main]/Main/Ssh_authorized_key[foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea]: Could not evaluate: Cannot write SSH authorized keys without user Notice: /Stage[main]/Main/Ssh_authorized_key[doug]: Dependency Ssh_authorized_key[foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea] has failures: true Warning: /Stage[main]/Main/Ssh_authorized_key[doug]: Skipping because of failed dependencies Notice: Finished catalog run in 0.11 seconds Still not quite there. Debug output follows: ubuntu@keytest:~$ sudo puppet apply keytest.pp -d Info: Loading facts in
Jira (PUP-2635) user purge_ssh_keys not purged
Title: Message Title Doug Byrne commented on an issue Re: user purge_ssh_keys not purged I created a new host for investigation of this issue. Below is the authorized_keys file: # HEADER: This file was autogenerated at Fri May 23 11:34:50 + 2014 # HEADER: by puppet. While it can still be managed manually, it # HEADER: is definitely not recommended. ssh-rsa B3NzaC1yc2EDAQABAAABAQCpIyCCUkkW4CancW11RlGGmcHyIFtwsgIMQGAdBe3WCc+W9MtZDFEFi3XdHQnSRpbsUuiKhiUIKQfuTWXueWIPxtG+Ujde7Ch5MYPbRZ9MDzSYz2MU8/Ir/y7vNLZBadAR131Ok35qL12TMI0Hpzu2o9Y5ZMaf0uoApZAlotJgSsmFAJyq3rdIeIIpdEvTa3C8Yk9ng1p9Dv3nHdx/SpomFIO7rIKIp/vnxplDMBzU7c3akmbI5G3adcRVbZaxiBgJ4X5OKancyq25jqQtduQmgmDOsyr9+DbhcuUafmHpk/lLQ9c8VgvyqbJBaJ7N45NlBGkaZy/frdSeJ+HSEXTr foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea ssh-rsa B3NzaC1yc2EDAQABAAABAQC81jWIxrZpzL+IFE9S4yJNMrANeOJke0CbFmk8pBz4rI8RZ+1JBZdD5aZnO15nLVYZlQq1D8BLHy3F02EhfmQBINHUPA373SUedEUPqByQBOslp11sK/u0Op0X7hhW902hOFRszb9VODJifWnkB2bj4FDED6zQf8cIeTIO15CyYxPPeT/EBZ9G4RJsAItXf2ktwWaO94FGcnNYMUzvpsJCMwI4XY8ArqQBsRSrGnauhBD3e1MuqnLF4ujOqLYBwfZ5gw5VSar5i/oSsGswgwjKxmuO0hfTxDVROoIn24AHSTm38lF34djEWIASELEWxDjnFDamawfU2Dpm2MK90Jk/ doug The formeman key should be purged, but: Debug: /Stage[main]/Role::Keytest/Ssh_authorized_key[foreman-122dc11d6-bd1e-43e7-a00d-f8e2d0af54ea]: Nothing to manage: no ensure and the resource doesn't exist Add Comment Puppet / PUP-2635 user purge_ssh_keys not purged I'm using Puppet 3.6.0 on Ubuntu 12.04 and I'm trying to purge unmanaged ssh
Jira (PUP-2635) user purge_ssh_keys not purged
Title: Message Title Doug Byrne created an issue Puppet / PUP-2635 user purge_ssh_keys not purged Issue Type: Bug Affects Versions: 3.6.0 Assignee: Kylo Ginsberg Components: Types and Providers Created: 22/May/14 8:01 AM Environment: Ubuntu 12.04 Priority: Normal Reporter: Doug Byrne I'm using Puppet 3.6.0 on Ubuntu 12.04 and I'm trying to purge unmanaged ssh authorized keys. I've added this code to my manifest: user { 'ubuntu': purge_ssh_keys = true, home = '/home/ubuntu', } However, no keys are purged. I do see the following lines in the agent debug output: Debug: /Stage[main]/Role::Search/Ssh_authorized_key[key2purge1]: Nothing to manage: no ensure and the resource doesn't exist Debug: /Stage[main]/Role::Search/Ssh_authorized_key[key2purge2]: Nothing to manage: no ensure and the resource doesn't exist Those are the two keys that I expect would be purged. It appears that puppet has correctly identified the keys to purge, and