Stop over-managing user SSH keyfiles
* modules/user/manifests/virtual/localuser.pp: This reverts part of 0d82c62 which was providing a temporary transition correcting permissions and ownership as well as removing the results of a previous failed implementation of keyfile management. Unfortunately that also caused nodepool images to no longer set up accounts correctly, but reverting the transitional bits fixes that issue. Change-Id: Ic3e7f0a3b82bbc8a23707b88f9fe381e9d70e356
This commit is contained in:
Jeremy Stanley
parent
ff3de251c9
commit
e7cdec3736
@ -29,33 +29,11 @@ define user::virtual::localuser(
|
|||||||
require => Group[$title],
|
require => Group[$title],
|
||||||
}
|
}
|
||||||
|
|
||||||
file { "${title}_sshdir":
|
|
||||||
ensure => directory,
|
|
||||||
name => "${home}/.ssh",
|
|
||||||
owner => $title,
|
|
||||||
group => $title,
|
|
||||||
mode => '0700',
|
|
||||||
require => User[$title],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { "${title}_keyfile":
|
|
||||||
ensure => present,
|
|
||||||
mode => '0600',
|
|
||||||
name => "${home}/.ssh/authorized_keys",
|
|
||||||
require => File["${title}_sshdir"],
|
|
||||||
}
|
|
||||||
|
|
||||||
ssh_authorized_key { $key_id:
|
ssh_authorized_key { $key_id:
|
||||||
ensure => present,
|
ensure => present,
|
||||||
key => $sshkeys,
|
key => $sshkeys,
|
||||||
user => $title,
|
user => $title,
|
||||||
type => 'ssh-rsa',
|
type => 'ssh-rsa',
|
||||||
require => File["${title}_keyfile"],
|
|
||||||
}
|
|
||||||
|
|
||||||
ssh_authorized_key { "${title}_keys":
|
|
||||||
ensure => absent,
|
|
||||||
user => $title,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $old_keys != [] ) {
|
if ( $old_keys != [] ) {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user