Forum: CFEngine Help
Subject: Re: Problem accessing list variables in hash
Author: nickanderson
Link to topic: https://cfengine.com/forum/read.php?3,26268,26272#msg-26272
Hi Mike,
I think I would do it in a different way.
You seem to have a user creation bundle already. Perhaps you could consider
installing ssh keys as a different function.
You could define it the same way you have now. You could use the Design Center
style prefix parameter.
body common control {
bundlesequence => {"main",};
inputs => {"cfengine_stdlib.cf",};
}
bundle agent main{
vars:
"users" string => "Web server user";
"users" string => "/var/lib/www";
"users" string => "www-user";
"users" slist => { "fred", "bill" };
methods:
"users"
usebundle => create_system_users("streamerconfig.users"),
comment => "This would do your user creation part";
"sshkeys"
usebundle => install_ssh_keys("main.users"),
comment => "Install specified ssh keys for user";
}
bundle agent install_ssh_keys(prefix){
# read in contents of $(keystore)/$(keyname).pub and ensure they are in
# the specified users authorized_keys file
# expects prefix style passing
# vars:
# "users" slist => { "key1", "key2" };
vars:
"keystore"
string => "/tmp/sshkeystore",
comment => "Directory where we expect to find ssh public keys
in the form keyname.pub";
"keylist" slist => { "@($(prefix))" };
# im blanking on how to get the contents of each file into an element of a
list
# This works, but prevents you from using edit_defaults => empty
# since each line is effectively a separate promise. Passing in a list
# to edit_line append_if_no_lines would be superior i think.
"key[$(keylist)]" string => readfile( "$(keystore)/$(keylist).pub", "1024");
files:
"/tmp/authorized_keys"
create => "true",
edit_line => append_if_no_line("$(key[$(keylist)])"),
comment => "Make sure the key is included in authorized_keys";
}
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
