Details
-
Bug
-
Status: Resolved
-
Normal
-
Resolution: Fixed
-
PUP 6.23.0
-
Needs Assessment
-
Bug Fix
-
Puppet no longer emits a warning if the "purge_ssh_keys" parameter for the "user" type is set to false (the default) and the "sshkeys_core" module is not installed.
-
Needs Assessment
Description
It seems that the type user does not honor setting purge_ssh_keys => false correctly.
puppet language:
user { "myuser":
|
ensure => present,
|
[...]
|
purge_ssh_keys => false,
|
}
|
leads to the following warning:
/Stage[main]/Mymodule/Mymodule::Mydefinedtype[myuser]/User[myuser] (warning): Ssh_authorized_key type is not available. Cannot purge SSH keys.
|
Diving into the code, this seems logical: https://github.com/puppetlabs/puppet/blob/main/lib/puppet/type/user.rb#L698
self[:purge_ssh_keys] may take values :true, :false and ["string1", "string2"], but
irb(main):001:0> foo = :false |
irb(main):002:0> foo.empty? |
=> false |
irb(main):003:1* if !foo.empty? |
irb(main):004:1* puts "something wrong here" |
irb(main):005:0> end |
something wrong here
|
=> nil |
I'd recommend the following patch to fix this:
--- /opt/puppetlabs/puppet/lib64/ruby/vendor_ruby/puppet/type/user.rb 2021-06-29 14:56:58.756944173 +0200 |
+++ /tmp/user.rb 2021-06-29 14:56:35.920004027 +0200 |
@@ -695,7 +695,7 @@ |
end |
|
def generate |
- if !self[:purge_ssh_keys].empty? |
+ if !self[:purge_ssh_keys].empty? && !(self[:purge_ssh_keys] == :false) |
return [] if self[:ensure] == :present && !provider.exists? |
if Puppet::Type.type(:ssh_authorized_key).nil? |
warning _("Ssh_authorized_key type is not available. Cannot purge SSH keys.") |
Attachments
Issue Links
- relates to
-
-
- Resolved
-
