Forcing variable evaluation after file promises

Wed, 15 Aug 2012 03:26:39 -0700 

Hi,

I would like to have a variable assignment happen after the execution of 
one file promise, before a second one happens. I'm finding this 
difficult, as I can't see a way to set a class depending on a variable 
promise, which would seem to be the obvious way. To illustrate with the 
code I'm trying to get working:-

bundle agent add_sshkeys_to_user(u, keys)
{
  vars:
    "keystore" string => "/var/cfengine3/ssh_cache";
    "u_home"   string => execresult("/bin/echo ~${u}", "useshell");

    "key[$(keys)]" string => readfile("$(keystore)/$(keys).pub", "1024");

  files:
     "$(keystore)/."
          comment => "Create the local cache directory if needed",
          create  => "true",
          perms   => mog("0700","root","root");

     "$(keystore)/$(keys).pub"
          comment   => "Copy public keys from remote cache",
          perms     => mog("600","root", "root"),
          copy_from => secure_cp("$(g.mst)/pub/$(keys).pub","$(g.phst)"),
          action    => if_elapsed("30");

     "$(u_home)/.ssh/."
          comment    => "Create the .ssh directory if required",
          create     => "true",
          perms      => mog("0700", "$(u)", "$(u)"),

     "$(u_home)/.ssh/authorized_keys"
          comment   => "Add defined keys to the authorized_keys file",
          create    => "true",
          perms     => mog("0600", "$(u)", "$(u)"),
          edit_line => append_if_no_line("$(key[$(keys)])");
}

This bundle is called from a method: promise, and I'm trying to use it 
to add ssh keys to already existing users. However, if the keys haven't 
yet been copied to the local cache, then my readfile() calls fail, and I 
end up with corrupt lines like $(key[username]) in my authorized keys file.

I need a way to force evaluation of the "key" array only after the files 
have been copied locally, *and* then to execute the files: promises for 
the authorized_keys file only once that evaluation has happened. I can 
do the first bit by setting a class on completion of the copy file 
promise, but I can't see a way to make the rest happen. I suppose I 
could put the key variable evaluation and the later two file promises in 
a separate bundle and call that with a method: promise, but I was hoping 
there was a neater way.

Any help would be appreciated.

Thanks,

Mike
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to