Report abuse 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

** manifest  (24.5 and 24.7 work using this syntax)

class 248_root_sshkey {

    #- ensure link for authorized_keys and authorized_keys2 exists
    file { "/root/.ssh/authorized_keys": ensure => "/root/.ssh/authorized_keys2" }

    ssh_authorized_key { "bbartlett@zynga.com":
        key => "AAAZZZZWHATEVER",
        name => "bbartlett@zynga.com",
        user => "root",
        type => ssh-dss,
        target => authorized_keys2,
  ensure => present,
    }

** removed all authorized_keys so puppet will re-create... in theory:
[root@sw17152 .ssh]# ls -la
total 16
drwxr-xr-x 2 root root 4096 May 24 20:47 ./
drwxr-xr-x 7 root root 4096 May 24 09:04 ../

** restart puppetd and see that the link to authorized_keys is created, but no keys are actually written
May 24 20:49:37 sw17152 puppetd[6578]: Caught TERM; shutting down
May 24 20:49:37 sw17152 puppetd[6578]: Shutting down
May 24 20:49:37 sw17152 puppetd[7092]: Reopening log files
May 24 20:49:37 sw17152 puppetd[7092]: Starting Puppet client version 0.24.8
May 24 20:49:39 sw17152 puppetd[7092]: Starting catalog run
May 24 20:49:40 sw17152 puppetd[7092]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/File[/root/.ssh/authorized_keys]/ensure) created
May 24 20:49:43 sw17152 puppetd[7092]: Finished catalog run in 3.83 seconds

[root@sw17152 .ssh] ls -la
total 16
drwxr-xr-x 2 root root 4096 May 24 20:49 ./
drwxr-xr-x 7 root root 4096 May 24 09:04 ../
lrwxrwxrwx 1 root root   27 May 24 20:49 authorized_keys -> /root/.ssh/authorized_keys2


:::::::::::::::::::

** Exact same manifest.  All I did was rpm -e puppet, rpm -ivh puppet-0.24.7-4.el5.noarch.rpm and change /etc/sysconfig/puppet to the correct puppet server.

May 24 20:53:33 sw17152 puppetd[7092]: Caught TERM; shutting down
May 24 20:53:33 sw17152 puppetd[7092]: Shutting down
May 24 20:54:27 sw17152 puppetd[7615]: Reopening log files
May 24 20:54:27 sw17152 puppetd[7615]: Starting Puppet client version 0.24.7
May 24 20:54:29 sw17152 puppetd[7615]: Starting catalog run
May 24 20:54:30 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Add_sshkey[ttt@entropy.zynga.com]/Ssh_authorized_key[ttt@entropy.zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys'
May 24 20:54:30 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Ssh_authorized_key[bbartlett@zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys'
May 24 20:54:31 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Add_sshkey[xxx@zynga.com]/Ssh_authorized_key[xxx@zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys'
May 24 20:54:31 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Add_sshkey[aaa@zynga.com]/Ssh_authorized_key[aaa@zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys'
<etc etc etc>
May 24 20:54:33 sw17152 puppetd[7615]: Finished catalog run in 3.96 seconds


[root@sw17152 .ssh] ls -la
total 24
drwxr-xr-x 2 root root 4096 May 24 20:54 ./
drwxr-xr-x 7 root root 4096 May 24 09:04 ../
lrwxrwxrwx 1 root root   27 May 24 20:49 authorized_keys -> /root/.ssh/authorized_keys2
-rw------- 1 root root 5280 May 24 20:54 authorized_keys2