From 23a17e5c42e185034e9de809625de1125fa08873 Mon Sep 17 00:00:00 2001
From: Matt Taggart <taggart@riseup.net>
Date: Thu, 22 Jan 2015 12:40:06 -0800
Subject: revert this part, since we contruct $target we _do_ need to check
 authdir/authfile

---
 manifests/agent/generate_sshkey.pp | 26 +++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp
index 71b58e9..419e73f 100644
--- a/manifests/agent/generate_sshkey.pp
+++ b/manifests/agent/generate_sshkey.pp
@@ -34,13 +34,25 @@ define check_mk::agent::generate_sshkey (
 
   # setup the public half of the key in authorized_keys on the agent
   #  and restrict it to running only the agent
-  sshd::ssh_authorized_key { $ssh_key_name:
-      type             => 'ssh-rsa',
-      key              => $public_key,
-      user             => $sshuser,
-      target           => "${authdir}/${authfile}",
-      override_builtin => true,
-      options          => "command=\"${command}\"";
+  if $authdir or $authfile {
+    # if $authkey or $authdir are set, override authorized_keys path and file
+    # and also override using the built-in ssh_authorized_key since it may
+    # not be able to write to $authdir
+    sshd::ssh_authorized_key { $ssh_key_name:
+        type             => 'ssh-rsa',
+        key              => $public_key,
+        user             => $sshuser,
+        target           => "${authdir}/${authfile}",
+        override_builtin => true,
+        options          => "command=\"${command}\"";
+  } else {
+    # otherwise use the defaults
+    sshd::ssh_authorized_key { $ssh_key_name:
+        type    => 'ssh-rsa',
+        key     => $public_key,
+        user    => $sshuser,
+        options => "command=\"${command}\"";
+    }
   }
 
   # resource collector for the private half of the keys, these end up on
-- 
cgit v1.2.3