Hi > You're correct, let's move that discussion into the mailing-list > instead of chatting in the tickets.
+1 > In #1644 you wrote: > >> In my opinion, the proper design would be to have ONE >> ssh_authorized_key resource per user, and that you should be able >> to provide an array for both the "target" and "key" attributes. >> This way, all the user's specified keys would be added to all the >> specified authorized_keys file for the host in question. In it's >> current state, ssh_authorized_keys offers me only a fraction of the >> functionality needed to satisfy what I believe are normal use >> cases. > > I cannot really agree on that point in your design because we'll lose > granularity. It won't be possible any more to install keys for a > given user in different parts of a recipe. > > IMHO native types in Puppet really have to provide the maximum > granularity possible to be able to solve as many use cases as > possible. +1 especially I'd like to put not every key of a user on every node. > About the idea of using the key itself, a hash or the fingerprint as > namevar instead of the comment, I don't see it solving this issue if > we want to keep separate resources for each line in each > authorized_keys file. I don't like to use the key as an identifier, especially when using the resource in inheritance. well I could define an alias, but what's the point of using then the key as name-var? > It's nice to see people using this code and lead to some constructive > discussion. the current type has some drawbacks, which might be due to some puppet limitations (name-var unique, not connectable). Hower I found my way round the limitations and currently define a key only once and can change target etc. with an inheritance chain. For me it is more important to define a key once and only once, because then I also have to manage it only once (in case of removal etc.), but being able to deploy it for different users, nodes etc. This is for me the important key point. greets pete --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
