Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-7606

ssh_authorized_keys updating user => ... fails with Permission denied on previous user's .ssh/authorized_keys

    Details

    • Template:
    • Team:
      Platform OS

      Description

      Changing the user for an ssh_authorized_key resource:

          ssh_authorized_key { "admin::sshkey:$name":
              ensure => present,
              key    => $sshkey,
              type   => $type,
              user   => $user,
          }
      

      Leads to a Permission Denied error writing to the ~/.ssh/authorized_keys file of the previous user:

      Notice: /Stage[main]/Admins/Admin[foo]/Admin::Sshkey[...]/Ssh_authorized_key[admin::sshkey:...]/user: user changed 'bar' to 'foo'
      Notice: /Stage[main]/Admins/Admin[foo]/Admin::Sshkey[...]/Ssh_authorized_key[admin::sshkey:...]/target: target changed '/home/bar/.ssh/authorized_keys' to '/home/foo/.ssh/authorized_keys'
      Error: Puppet::Util::FileType::FileTypeFlat could not write /home/bar/.ssh/authorized_keys: Permission denied - /home/bar/.ssh/authorized_keys
      Error: /Stage[main]/Admins/Admin[foo]/Admin::Sshkey[...]/Ssh_authorized_key[admin::sshkey:...]: Could not evaluate: Puppet::Util::FileType::FileTypeFlat could not write /home/bar/.ssh/authorized_keys: Permission denied - /home/bar/.ssh/authorized_keys
      

      The key for the new user is not written to ~foo/.ssh/authorized_keys, nor is the key removed from the old user's ~bar/.ssh/authorized_keys.

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  branan Branan Riley
                  Reporter:
                  terom Tero Marttila
                  QA Contact:
                  Eric Thompson
                • Votes:
                  6 Vote for this issue
                  Watchers:
                  9 Start watching this issue

                  Dates

                  • Created:
                    Updated:

                    Zendesk Support