diff options
author | Matt Taggart <taggart@riseup.net> | 2014-05-13 15:56:22 -0700 |
---|---|---|
committer | Matt Taggart <taggart@riseup.net> | 2015-04-16 21:08:56 +0000 |
commit | 4a6e0fe8b1c17d2b35da7b7e548c01d93ee1ea9c (patch) | |
tree | 4a51ece051aec07085d0306288f40d4b1a65373c /manifests/agent | |
parent | 0c2c95da25687045bd894e0780d0fd843ac235fd (diff) |
set the user/group the key needs to be owner by on the server, default to nagios, but this might need to be something else for OMD (if so then that will need tobe passed down via agent::config)
Diffstat (limited to 'manifests/agent')
-rw-r--r-- | manifests/agent/generate_sshkey.pp | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index c72da91..68c3bf1 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -1,6 +1,9 @@ define check_mk::agent::generate_sshkey ( # dir on the check-mk-server where the collected key pairs are stored $keydir, + # user/group the key should be owned by on the check-mk-server + $keyuser = 'nagios', + $keygroup = 'nagios', # dir on the check-mk-agent where the authorized_keys file is stored $authdir, # name of the authorized_keys file @@ -54,11 +57,11 @@ define check_mk::agent::generate_sshkey ( } # resource collector for the private half of the keys, these end up on - # the check-mk-server host + # the check-mk-server host, and the user running check-mk needs access @@file { "${keydir}/${ssh_key_name}": content => $secret_key, - owner => root, - group => root, + owner => $keyuser, + group => $keygroup, mode => '0600', tag => $check_mk_tag; } |