Pastie now auto-senses if line-wrap is a bad or good idea. Feedback?
## mark a section (Learn more)
** manifest (24.5 and 24.7 work using this syntax) class 248_root_sshkey { #- ensure link for authorized_keys and authorized_keys2 exists file { "/root/.ssh/authorized_keys": ensure => "/root/.ssh/authorized_keys2" } ssh_authorized_key { "bbartlett@zynga.com": key => "AAAZZZZWHATEVER", name => "bbartlett@zynga.com", user => "root", type => ssh-dss, target => authorized_keys2, ensure => present, } ** removed all authorized_keys so puppet will re-create... in theory: [root@sw17152 .ssh]# ls -la total 16 drwxr-xr-x 2 root root 4096 May 24 20:47 ./ drwxr-xr-x 7 root root 4096 May 24 09:04 ../ ** restart puppetd and see that the link to authorized_keys is created, but no keys are actually written May 24 20:49:37 sw17152 puppetd[6578]: Caught TERM; shutting down May 24 20:49:37 sw17152 puppetd[6578]: Shutting down May 24 20:49:37 sw17152 puppetd[7092]: Reopening log files May 24 20:49:37 sw17152 puppetd[7092]: Starting Puppet client version 0.24.8 May 24 20:49:39 sw17152 puppetd[7092]: Starting catalog run May 24 20:49:40 sw17152 puppetd[7092]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/File[/root/.ssh/authorized_keys]/ensure) created May 24 20:49:43 sw17152 puppetd[7092]: Finished catalog run in 3.83 seconds [root@sw17152 .ssh] ls -la total 16 drwxr-xr-x 2 root root 4096 May 24 20:49 ./ drwxr-xr-x 7 root root 4096 May 24 09:04 ../ lrwxrwxrwx 1 root root 27 May 24 20:49 authorized_keys -> /root/.ssh/authorized_keys2 ::::::::::::::::::: ** Exact same manifest. All I did was rpm -e puppet, rpm -ivh puppet-0.24.7-4.el5.noarch.rpm and change /etc/sysconfig/puppet to the correct puppet server. May 24 20:53:33 sw17152 puppetd[7092]: Caught TERM; shutting down May 24 20:53:33 sw17152 puppetd[7092]: Shutting down May 24 20:54:27 sw17152 puppetd[7615]: Reopening log files May 24 20:54:27 sw17152 puppetd[7615]: Starting Puppet client version 0.24.7 May 24 20:54:29 sw17152 puppetd[7615]: Starting catalog run May 24 20:54:30 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Add_sshkey[ttt@entropy.zynga.com]/Ssh_authorized_key[ttt@entropy.zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys' May 24 20:54:30 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Ssh_authorized_key[bbartlett@zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys' May 24 20:54:31 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Add_sshkey[xxx@zynga.com]/Ssh_authorized_key[xxx@zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys' May 24 20:54:31 sw17152 puppetd[7615]: (//Node[sw17152.sv4.zynga.com]/248_root_sshkey/Add_sshkey[aaa@zynga.com]/Ssh_authorized_key[aaa@zynga.com]/target) target changed 'authorized_keys2' to '/root/.ssh/authorized_keys' <etc etc etc> May 24 20:54:33 sw17152 puppetd[7615]: Finished catalog run in 3.96 seconds [root@sw17152 .ssh] ls -la total 24 drwxr-xr-x 2 root root 4096 May 24 20:54 ./ drwxr-xr-x 7 root root 4096 May 24 09:04 ../ lrwxrwxrwx 1 root root 27 May 24 20:49 authorized_keys -> /root/.ssh/authorized_keys2 -rw------- 1 root root 5280 May 24 20:54 authorized_keys2
This paste will be private.
From the Design Piracy series on my blog:
Pastie << self Blog