Ed, The following line looks dubious to me:
edit_defaults => "empty", AFAIR, quotes are only allowed for constants, not for body names. Did you try it without quotes, i.e. edit_defaults => empty, ? 2010/8/26 Ed Voncken <cfeng...@edvoncken.net>: > Hi all, > > I've run into an issue with "empty_file_before_editing" not emptying > the file when it is being edited by CFengine. > > I'm trying to achieve the following (based on > http://www.cfengine.org/manuals/cf3-solutions.html#Distribute-ssh-keys) > * Copy authorized keys from repository > * If not present, add them to /root/.ssh/authorized_keys > * But: clean out the file before editing to ensure no old keys remain in place > > The modified file promise looks like this: > > "/root/.ssh/authorized_keys" > comment => "Regenerate authorized_keys for root", > perms => mog("644","root","root"), > create => "true", > edit_defaults => "empty", > edit_line => > insert_file_if_no_line_matching("$(user)","$(local_cache)/$(user).pub"), > action => if_elapsed("60"); > > I've added "edit_defaults => empty" which expands to a body from the > COPB Library: > > body edit_defaults empty > { > empty_file_before_editing => "true"; > edit_backup => "false"; > max_file_size => "100000"; > } > > > The result I expected is that the authorized_keys file is emptied, > only the missing keys are added. > The actual result is that the old keys remain in place, and the new > keys are simply added. > > Am I misunderstanding the effect of 'empty_file_before_editing => > "true";', or is there an other error in my logic here? > > Thanks for your time! > > Met vriendelijke groet / Kind regards, > Ed Voncken. > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine > -- SY, Seva Gluschenko. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
