d'oh!
Syntax failure on my part it seems.
However, you can point sshkey to different files, so that could be my issue.
If you actually specify a target file for your sshkey instances, does
it still work?
Trevor
On Tue, Jul 24, 2012 at 6:21 PM, Nan Liu <n...@puppetlabs.com> wrote:
> On Tue, Jul 24, 2012 at 3:05 PM, jcbollinger <john.bollin...@stjude.org>
> wrote:
>>
>>
>> On Tuesday, July 24, 2012 9:47:25 AM UTC-5, Nan Liu wrote:
>>>
>>> On Mon, Jul 23, 2012 at 11:10 AM, Trevor Vaughan <tvaug...@onyxpoint.com>
>>> wrote:
>>> > So, I'm sure this has been covered somewhere, but I can't seem to find
>>> > it.
>>> >
>>> > Is there no 'purge' ability on the 'sshkey' type? It would be nice to
>>> > be able to get rid of entries for hosts that are no longer present
>>> > without actually having to write out a node declaration for each one.
>>>
>>> Purge isn't supported for providers based on parsed file that edit
>>> more than one target file. So purge works for host/cron, but not
>>> sshkey/yum. To support purging, I've used a custom define resource
>>> based on concat files (which have other pro/cons).
>>
>>
>> We're talking about Sshkey, not Ssh_authorized_key. As far as I know, the
>> former ought to be managing only one file (/etc/ssh/ssh_known_hosts for most
>> systems). Is there some reason why that type would be managing more than
>> one file?
>
> Sorry for the mix up. It's purging the default target files:
>
> resources { 'sshkey':
> purge => true,
> }
>
> $ puppet apply /tmp/sshkey.pp
>
> notice: /Sshkey[192.168.232.128]/ensure: removed
> notice: /Sshkey[192.168.101.131]/ensure: removed
> notice: /Sshkey[ec2-23-22-74-239.compute-1.amazonaws.com]/ensure: removed
> notice: /Sshkey[192.168.232.143]/ensure: removed
> notice: Finished catalog run in 0.06 seconds
>
> $ cat /etc/ssh/ssh_known_hosts
> # HEADER: This file was autogenerated at Tue Jul 10 17:29:06 -0500 2012
> # HEADER: by puppet. While it can still be managed manually, it
> # HEADER: is definitely not recommended.
>
> On mac it's default to /etc/ssh_known_hosts, and both seems to work.
>
> Nan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
tvaug...@onyxpoint.com
-- This account not approved for unencrypted proprietary information --
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
