diff options
| author | varac <varacanero@zeromail.org> | 2014-02-14 17:38:02 +0100 |
|---|---|---|
| committer | varac <varacanero@zeromail.org> | 2014-02-14 17:38:02 +0100 |
| commit | d0eea33d88a6ffcbe01544678372d80e8c8de51f (patch) | |
| tree | efbc6f4da786850cacad482f1c9f57729a4fbcb9 /puppet | |
| parent | 12cea40d5dffe5aa6e269c05773ed49d9f00a9ea (diff) | |
Include check_mk monitor pubkey in /root/.ssh/authorized_keys
instead of creating a /root/.ssh/authorized_keys2
see https://review.leap.se/r/148/#comment153
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/modules/site_check_mk/manifests/agent.pp | 7 | ||||
| -rw-r--r-- | puppet/modules/site_sshd/templates/authorized_keys.erb | 4 |
2 files changed, 4 insertions, 7 deletions
diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index ac5a7ebd..75188c7b 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -14,12 +14,5 @@ class site_check_mk::agent { register_agent => false } - file { '/root/.ssh/authorized_keys2': - owner => 'root', - group => 'root', - mode => '0600', - content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" - } - include site_check_mk::agent::mrpe } diff --git a/puppet/modules/site_sshd/templates/authorized_keys.erb b/puppet/modules/site_sshd/templates/authorized_keys.erb index 3c65e8ab..69f4d8e6 100644 --- a/puppet/modules/site_sshd/templates/authorized_keys.erb +++ b/puppet/modules/site_sshd/templates/authorized_keys.erb @@ -2,5 +2,9 @@ # all manually added keys will be overridden <% keys.sort.each do |user, hash| -%> +<% if user == 'monitor' -%> +command="/usr/bin/check_mk_agent",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, <%=hash['type']-%> <%=hash['key']%> <%=user%> +<% else -%> <%=hash['type']-%> <%=hash['key']%> <%=user%> +<% end -%> <% end -%> |