diff options
author | Micah Anderson <micah@leap.se> | 2014-05-27 14:06:39 -0400 |
---|---|---|
committer | Micah Anderson <micah@leap.se> | 2014-05-27 14:06:39 -0400 |
commit | 3290e4b6c0655616c1a4374595af3a2eb95c85d8 (patch) | |
tree | 3f5b63562e0e17f1ff30f1e7ccdf07daad5fb512 | |
parent | 1585d3694c6c021a11f8363290a57261f5ee4c2b (diff) |
clarify comments in site_sshd::authorized_keys
Change-Id: I679dfe8dff90b7c86ab0ffff43e13958f1ec2c99
-rw-r--r-- | puppet/modules/site_sshd/manifests/authorized_keys.pp | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/puppet/modules/site_sshd/manifests/authorized_keys.pp b/puppet/modules/site_sshd/manifests/authorized_keys.pp index f36fe20f..90a33d8d 100644 --- a/puppet/modules/site_sshd/manifests/authorized_keys.pp +++ b/puppet/modules/site_sshd/manifests/authorized_keys.pp @@ -1,7 +1,17 @@ define site_sshd::authorized_keys ($keys, $ensure = 'present', $home = '') { - # We use a custom define here to deploy the authorized_keys file - # cause puppet doesn't allow purgin before populating this file - # (see https://tickets.puppetlabs.com/browse/PUP-1174) + # We want to purge unmanaged keys from the authorized_keys file so that only + # keys added in the provider are valid. Any manually added keys will be + # overridden. + # + # In order to do this, we have to use a custom define to deploy the + # authorized_keys file because puppet's internal resource doesn't allow + # purging before populating this file. + # + # See the following for more information: + # https://tickets.puppetlabs.com/browse/PUP-1174 + # https://leap.se/code/issues/2990 + # https://leap.se/code/issues/3010 + # # This line allows default homedir based on $title variable. # If $home is empty, the default is used. $homedir = $home ? {'' => "/home/${title}", default => $home} |