Affects Version/s: PUP 3.7.4
Fix Version/s: None
I am useing a modified version of the module "sshkeys" from sudorenko to manage my users and ssh_keys. In favor to our SLAs I modified it in that way that I can change the target and ownerchips and permissions. All works fine so far - purgeing ssh_keys, readding them and so on. However as soon as I change the ownerchip of the authorized_keys (/etc/keys/$USERNAME/authorized_keys) and try to remove a key from the file i get:
"Error: Puppet::Util::FileType::FileTypeFlat could not write /etc/keys/puppettest1/test_keys: Permission denied - /etc/keys/puppettest1/test_keys
Error: /Stage[main]/Sshkeys/Sshkeys::User[puppettest1]/Ssh_authorized_key[firstname.lastname@example.org]: Could not evaluate: Puppet::Util::FileType::FileTypeFlat could not write /etc/keys/puppettest1/test_keys: Permission denied - /etc/keys/puppettest1/test_keys"
The reason for that is to me clear. Puppet runs as root but tries to remove the key as user "puppettest1" which is not possible as the file belongs to root.
For SLA reasons my authorized_keys MUST not belong to the user nor does the user to have writepermissions
Is there a way of telling the tell the refference "user" to run as root rather then as user.
As this is my first post I hope to do it correctly.
THX for your help