[Puppet Users] Assign a single ssh pubkey to multiple users on the same system

Wed, 16 Feb 2011 02:19:55 -0800 

Hi *,

I would like to create a pool of ssh pubkeys. The major goal is to be
able to assign a single key to multiple users on a given node/system.

Okay, lets say we have the users: foo and bar. In my manifest I've
created the following test definition for resource "jim":

---------------------------------------------------------------------
define sshpubkey::test($user) {

        ssh_authorized_key {
        'jim':
        ensure => present,
        user => "$user",
        name => "jim@unique.email",
        type  => ssh-rsa,
        key => "[...KEY...]"
      }
---------------------------------------------------------------------

I was able to pass the "$user" variable to the copy of that resource by
placing a "sshpubkey:test" definition within the node configuration. The
users authorized_keys file is updated accordingly.

Now I've just tried to install the pubkey of resource "jim" in the
authorized_keys file of user "bar" on node1, placing a second definition:

---------------------------------------------------------------------
node node1 {

sshpubkey::test { "jim": user => "foo"}
sshpubkey::test { "jim": user => "bar"}

}
---------------------------------------------------------------------

.. but then, of course, puppet throws a "Duplicate definition" error
because I've tried to reuse resource "jim" another time:

---------------------------------------------------------------------
node:~ # puppetd -o --server puppet.domain.tld --waitforcert 60 --test
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate definition: Sshpubkey::Test[jim] is already defined in file
/etc/puppet/manifests/node.pp at line 3; cannot redefine at
/etc/puppet/manifests/node.pp:4 on node puppet.domain.tld
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
---------------------------------------------------------------------

Can somebody tell me how to handle it the puppet way"?

Any sort of advice, hints and comments are much appreciated! :)

Many thanks

Jan

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Reply via email to