> Hey there,
>
> I'm playing around with the ssh::auth module and right now I want to
> create the authorized_keys file for root. But it doesn't seem to work
> as I always get this error:
>
> puppetd[2579]: Could not apply complete catalog:
> Puppet::Util::FileType::FileTypeFlat could not write /
> I also manage users using AD (and likewise-open deployed with puppet), and
> I've had a similar issue.
> I couldn't find an elegant way to deploy ssh public keys "only if" the home
> dir exists.
>
> I do NOT want the user homedir to be created by puppet! (It must be created
> by likewise-open i
> Hi Andrew,
>
> Just noticed that ssh::auth::server doesn't require the resource for ~/.ssh
> directory. Considering the documentation says it does (in Examples -> 1.
> With
> account management at the bottom mentions that 'require => [User[$title],
> File["$home/.ssh"]]' is implicitly inclu
> Hello Andrew,
>
> I'm getting a syntax error when trying to use the ssh::auth module ("Syntax
> error at '{'; expected '}' at .../auth.pp:111"). It looks like it's
> something
> to do with parameters after a collection, i.e. line 111 is:
>
> if $ensure { Ssh_auth_key_client <| title == $tit
> Awesome, thanks.
>
> I've got to muck up the module now because I want to be able to stick my key
> in as root so that I can do some automated ssh loop stuff, but it defaults
> to dealing with /home/$user and /root doesn't fit with that. :)
Yes, I do that too. That's what the home parameter is
> The docs mention this requirement at
> http://www.reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth#detailed-usage
> , but looking at it now I see that it's probably not as clear as I thought.
> Sorry about that. I'll make it more explicit.
OK, I've made this clearer in the docs, and add
> I had include ssh:auth in ssh/manifests/init.pp at first but that didn't
> work. then I put it in my baseclass that is included in all nodes but
> that wouldn't work and finally I added it to the node{} statement. I'm
> a little confused because my ssh module is included on all machines in
>
> I didn't do a ton of work on this as I had hoped to just drop it in
> place and move on to the million other things I have to do today, but
> I shovelled auth.pp into ssh/manifests and now I get this:
>
> Feb 10 10:56:18 hlslinutil1 puppetmasterd[611]: Could not find
> resource type ssh::auth::s
> I also have to say that I really appreciate the speed at which this loads
> compared to the old site too :)
You've got that right.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.
> http://docs.reductivelabs.com/guides/introduction.html
There seems to be a glitch in
http://docs.reductivelabs.com/guides/introduction.html#functions .
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppe
> Hi,
>
> I am trying to manage the file authorized_keys with puppet. I am using
> http://reductivelabs.com/trac/puppet/wiki/Recipes/Authorized_keys as
> reference.
>
> I was not able to delete an unwanted key from the file. Unfortuantely
> there are "/" within the key:
>
> ssh-rsa B3NzaC1yc
> The correct link is http://www.example42.com
> Before there was a redirect to http://www.example42.com:811 that it
> doesn't work if you are behind a proxy.
Or a firewall that doesn't allow outbound connections to arbitrary ports.
> I've finally placed a reverse proxy to avoid such a problem.
> Andrew,
> I'd like to integrate your ssh::auth in my module set
> (www.example42.com), hope you don't mind.
> I'm going to change the license of my modules from Creative Commons to
> GPL3 in order to be more free to integrate other users modules
> released under GPL3.
Sure, I have no objection.
> Oops, I've been too fast. When I try to ssh::auth::key (realize
> Ssh::Auth::Key["$keyname"]) and ssh::auth::server without
> ssh::auth::client on a node, it fails on the master :
>
> err: Failed to realize virtual resources Ssh::Auth::key[...@ssh]
ssh::auth::key can't be made into a virtual re
> I spent some time to find the subtle difference (regarding $home)
> between :
>
> ssh::auth::server { "r...@ssh": }
>
> And :
>
> ssh::auth::server { "r...@ssh":
> user=> "root",
> }
>
> ;)
Please, enlighten me. If it's not right, I'll correct it.
I've uploaded version 0.3.2 of ssh::auth to
http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth . This
release fixes a couple of bugs since version 0.3:
* Fix parser error in ssh_auth_namecheck
* Fix wrong $home when user is specified separately for a client or server
In addition, th
> Still I have something I don't understand. With the following I expect
> to log in as user1 with user2 key pair :
>
> class user::virtuals {
>
> @user { "user1":
> uid => "1001",
> gid => "group",
> comment => "name",
>
> Andrew, while you're in your code, can you let me know how I can
> achieve this :
>
> ssh::auth::server { "us...@lan": user => "user1" }
> ssh::auth::server { "us...@lan": user => "root" }
>
> I would like my big admin user to get access to several accounts. Is
> there any trick that would do o
> Better ;) Thank you. I would have been unable to find this patch by
> myself !
Well thanks for testing. I test on my own installation but
> Still I have something I don't understand. With the following I expect
> to log in as user1 with user2 key pair :
>
> class user::virtuals {
>
>
> I'm new to puppet and trying some simple things. Especially, I
> followed the doc @
> http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth
> to manage ssh keys.
>
> Everything went well until I tried with more than one user! If I try
> to add another user key, ie :
>
> ssh::auth::ke
I've uploaded version 0.3 of ssh::auth to
http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth . Changes in
this release:
* Regenerate key if $keytype or $length changes
* Update authorized_keys if $options changes
* Use ssh_authorized_keys to manage authorized_keys
* Remove comment pa
I've uploaded version 0.2 of ssh::auth to
http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth .
Version 0.2 is a bug fix release. It fixes a variable inheritance problem that
caused clients and servers to not be able to install keys.
ssh::auth is a Puppet module that provides centr
I've uploaded version 0.1 of ssh::auth to
http://reductivelabs.com/trac/puppet/wiki/Recipes/ModuleSSHAuth .
ssh::auth is a Puppet module that provides centralized creation,
distribution, and revocation of ssh keys for users. Features:
* Each user may have one or more ssh key pairs, centrally cre
> I don't know your background but have you considered cloning the git
> repo and directly editing the reference source and submitting
> patches? That way it's straight upstream and you get credit for the
> update.
>
> You can find some instructions at:
>
> http://reductivelabs.com/trac/puppet/w
> > I'd appreciate it if someone would check the accuracy of what I wrote, and
> > if
> > it's deemed to be accurate and useful, apply it upstream so that it
> > will stay in
> > the wiki.
>
> hmm, I'm not sure whether it is now even more misleading than before.
> The point with function is t
> On 08.12.2009 11:31, Andrew Schulman wrote:
> > I added some text to
> > http://reductivelabs.com/trac/puppet/wiki/FunctionReference. It explains
> > that
> > functions get evaluated at compile time, before execution time, and that
> > this
> > matters
I added some text to
http://reductivelabs.com/trac/puppet/wiki/FunctionReference. It explains that
functions get evaluated at compile time, before execution time, and that this
matters if you're using functions whose values depend on the results of your
manifests.
http://reductivelabs.com/trac/pu
> Sorry about the access - we've had spam bot issues again so page
> creation is disabled.
Understood. Thanks.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe f
I want to create a new page in the wiki, to hold documentation for a new
contributed module that I'm developing. I'll link to it from the modules
page.
I've tried going to
http://reductivelabs.com/trac/puppet/wiki/ModuleSshAuth, which AFAIK is
supposed to offer me to option to create the page, si
> >> If someone wants to edit those docs for now to do exactly that, that
> >> might be a good interim step, while we're waiting for Bruce's work to
> >> come through.
> >
> > OK. If there's no objection I'll do it.
>
> I've done it:
>
> http://reductivelabs.com/trac/puppet/wiki/TypeReferen
> > It takes a really long time for
> > http://reductivelabs.com/trac/puppet/wiki/TypeReference to render.
> > I've
> > noticed it for a while, but today for the first time it actually
> > timed out
> > on me.
>
> We're in the process of moving these pages to a static, external
> format, ba
It takes a really long time for
http://reductivelabs.com/trac/puppet/wiki/TypeReference to render. I've
noticed it for a while, but today for the first time it actually timed out
on me.
Any idea what's making this page take so long? Is it just too much
restructured text? It is a very long page.
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Andrew Schulman wrote:
> > At http://reductivelabs.com/trac/puppet/wiki/ModuleOrganisation, the
> > Configuration section says "There are only two items that can be configured
> > for
> > modules
At http://reductivelabs.com/trac/puppet/wiki/ModuleOrganisation, the
Configuration section says "There are only two items that can be configured for
modules:" and then only lists #1. There's no #2!
It appears that James Turnbull added the configuration section at r39:
http://reductivelabs.com/tra
I'm writing a module for centralized creation, distribution, and revocation
of ssh key pairs for users. It's tentatively called ssh::authkey. It aims
to be a complete solution for centrally managing users' ssh keys.
The module is superficially similar to the Authorized keys recipe, but
unlike th
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Andrew Schulman wrote:
> > At http://reductivelabs.com/trac/puppet/wiki/ModuleDocumentationStandards,
> > I see
> >
> > Error: Failed to load processor redirect
> > No macro or processor named
At http://reductivelabs.com/trac/puppet/wiki/ModuleDocumentationStandards, I see
Error: Failed to load processor redirect
No macro or processor named 'redirect' found
Thanks,
Andrew.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to t
> Thanks for the docs update - the TypeReference is auto-generated from
> the Puppet source so I deleted your update from the current wiki and
> committed it into the relevant section of the code.
When will the wiki page be regenerated? So far it hasn't been, so my edits
have vanished. Thanks, A
> Andrew Schulman wrote:
> >> that doesnt exactly work as you described it. As a feature, if you set up
> >> default mode as 644, puppet assumes that you want 755 on dirs and not 644.
> >
> > I've tested this and it's true, so I've added an
> On Thu, Nov 19, 2009 at 11:52 AM, Andrew Schulman <
> google-groups-and...@sneakemail.com> wrote:
>
> > The Type Reference lists 8 read-only type attributes, but I can't find any
> > information in the documentation about how to use them. Are they usable,
>
> The Type Reference lists 8 read-only type attributes, but I can't find any
> information in the documentation about how to use them. Are they usable,
> and if so how?
Any answer to this question? If read-only attributes are only for internal
use in Puppet, it would be helpful to say that in th
> >>> I can't understand what this means. What does it mean, "specifying
> >>> 'modules' in file path"?
> >>> [...]
> >>> file { "/etc/firehol/firehol.conf":
> >>> source => "puppet:///firehol/firehol.conf"
> >>> }
> >> file { "/etc/firehol/firehol.conf":
> >>source => "puppet:///modules/fir
> The wiki is open sand editable all you need to do is sign-up for an
> account.
OK.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email
> > I can't understand what this means. What does it mean, "specifying
> > 'modules' in file path"?
> > [...]
> > file { "/etc/firehol/firehol.conf":
> > source => "puppet:///firehol/firehol.conf"
> > }
>
> file { "/etc/firehol/firehol.conf":
>source => "puppet:///modules/firehol/firehol.co
Puppet 0.25.1. I'm getting the following log message:
Nov 20 16:50:01 helium puppetmasterd[32124]: DEPRECATION NOTICE: Files
found in modules without specifying 'modules' in file path will be
deprecated in the next major release. Please fix module 'firehol' when no
0.24.x clients are present
I
> On Thu, Nov 19, 2009 at 3:53 PM, Dan Bode wrote:
> > On Thu, Nov 19, 2009 at 11:52 AM, Andrew Schulman
> > wrote:
> >>
> >> The Type Reference lists 8 read-only type attributes, but I can't find any
> >> information in the documentation about ho
> As a feature, if you set up
> default mode as 644, puppet assumes that you want 755 on dirs and not 644.
Is that documented anywhere? I've never seen it.
That still leaves my question unanswered, though.
Thanks,
Andrew.
--
You received this message because you are subscribed to the Google G
The Type Reference lists 8 read-only type attributes, but I can't find any
information in the documentation about how to use them. Are they usable,
and if so how?
Here's my #1 example: when I set the mode on a file resource, I want to
set a different default mode for a file than for a directory.
I do have lsb-base installed, yes. Not one I selected-- it seems to
have come automatically with Jaunty.
I just upgraded facter from 1.5.1 to 1.5.6, and this problem no longer
occurs. Sorry-- should've tried that first.
Thanks for everyone's help with this.
Andrew.
--~--~-~--~~---
> This has nothing to do with grep.
>
> facter should report a single consistent value for 'operatingsystem' when
> invoked in either of these ways.
Agreed.
> Andrew, have you put a bug report in about this?
No, I wanted to check first if I was missing something. I'll file a
bug report about i
Hi. I'm running facter 1.5.1 in Ubuntu Jaunty. facter is giving me
inconsistent results for the operatingsystem fact:
$ facter operatingsystem
Debian
$ facter | grep operatingsystem
operatingsystem => Ubuntu
operatingsystemrelease => 9.04
Is this a known problem? Possibly fixed in a more rec
51 matches
Mail list logo
