Re: [Puppet Users] SSH authorized key module with support for multiple local accounts (Request for Feedback)
365 views
Skip to first unread message
Dawn Foster
Oct 24, 2012, 7:36:01 PM10/24/12
to puppet...@googlegroups.com
On Wed, Oct 24, 2012 at 2:28 AM, Lukas Hetzenecker
<lukas.he...@gmail.com> wrote:
> Hello,
>
> I am a big fan of Puppet (btw, congratulations to your 3.0 release), but
> there was always one thing that bothered me: the imperfect handling of the
> authorized_keys of SSH.
> To support more than one local user account for one SSH user some ugly
> workarounds were needed.
>
> So I decided to fix this issue and published my attempt here:
>
> https://github.com/lukas-hetzenecker/puppet-module-ssh_authorized_key
>
> The module allows you to specify an array for the user or target attributes
> and uses the SSH key fingerprint as resource identifier (optionally the
> comment can be made unique too).
> This should fix the issues mentioned in bug #1531 (
> http://projects.puppetlabs.com/issues/1531 )
>
> Please note that this module is my first experience with Ruby and Puppet
> module development, so it may contain bad code. Therefore I'm glad about any
> feedback you give me about this code.
Thanks for sharing your module!
You might get some additional feedback if you also upload your module
to the Forge: http://forge.puppetlabs.com/
Here's a link to the how-to for publishing a module on the forge:
http://docs.puppetlabs.com/puppet/2.7/reference/modules_publishing.html
Dawn
<lukas.he...@gmail.com> wrote:
> Hello,
>
> I am a big fan of Puppet (btw, congratulations to your 3.0 release), but
> there was always one thing that bothered me: the imperfect handling of the
> authorized_keys of SSH.
> To support more than one local user account for one SSH user some ugly
> workarounds were needed.
>
> So I decided to fix this issue and published my attempt here:
>
> https://github.com/lukas-hetzenecker/puppet-module-ssh_authorized_key
>
> The module allows you to specify an array for the user or target attributes
> and uses the SSH key fingerprint as resource identifier (optionally the
> comment can be made unique too).
> This should fix the issues mentioned in bug #1531 (
> http://projects.puppetlabs.com/issues/1531 )
>
> Please note that this module is my first experience with Ruby and Puppet
> module development, so it may contain bad code. Therefore I'm glad about any
> feedback you give me about this code.
Thanks for sharing your module!
You might get some additional feedback if you also upload your module
to the Forge: http://forge.puppetlabs.com/
Here's a link to the how-to for publishing a module on the forge:
http://docs.puppetlabs.com/puppet/2.7/reference/modules_publishing.html
Dawn
Lukas Hetzenecker
Nov 7, 2012, 9:27:35 AM11/7/12
to puppet...@googlegroups.com
Hello,
my module is now available from puppet forge too, thanks for your suggestion: http://forge.puppetlabs.com/hetzeneckerl/ssh_authorized_key
However, I'm still having one problem developing this module:
On *every* run I get some of these messages:
/Stage[main]/Ssh::Hetzeneckerl/Ssh[long_ssh_key]/Pxp_ssh_authorized_key_base[long_ssh_key]/user: defined 'type' as 'ssh-rsa'
/Stage[main]/Ssh::Hetzeneckerl/Ssh[long_ssh_key]/Pxp_ssh_authorized_key_base[long_ssh_key]/user: defined 'user' as 'root'
or when running with the noop flag: current_value absent, should be ssh-rsa (noop)
So basically the resource does not remember the previous records ("historical values") and/or does not know the actual current values.
These messages are generated by the apply_parameter method in resource_harness.rb where historical_value is set to nil, the full stacktrace is at the end of this message.
Could anybody have a look at the code uploaded to github and help me debugging this error and give me some clues how I can change the records returned by the fileparser?
Thanks for your help,
Lukas Hetzenecker
---- STACKTRACE ----
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:62:in `perform_changes'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:60:in `each'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:60:in `perform_changes'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction/resource_harness.rb:137:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:49:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:84:in `eval_resource'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:104:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:348:in `thinmark'
/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:347:in `thinmark'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:104:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:383:in `traverse'
/usr/lib/ruby/site_ruby/1.8/puppet/transaction.rb:99:in `evaluate'
/usr/lib/ruby/site_ruby/1.8/puppet/resource/catalog.rb:144:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:122:in `apply_catalog'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:179:in `benchmark'
/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:178:in `benchmark'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:121:in `apply_catalog'
/usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb:179:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application/apply.rb:265:in `apply_catalog'
/usr/lib/ruby/site_ruby/1.8/puppet/application/apply.rb:213:in `main'
/usr/lib/ruby/site_ruby/1.8/puppet/application/apply.rb:146:in `run_command'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:438:in `plugin_hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:500:in `exit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:346:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:87:in `execute'
/usr/bin/puppet:4
Reply all
Reply to author
Forward
0 new messages