From 4a6e0fe8b1c17d2b35da7b7e548c01d93ee1ea9c Mon Sep 17 00:00:00 2001 From: Matt Taggart Date: Tue, 13 May 2014 15:56:22 -0700 Subject: set the user/group the key needs to be owner by on the server, default to nagios, but this might need to be something else for OMD (if so then that will need tobe passed down via agent::config) --- manifests/agent/generate_sshkey.pp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'manifests/agent') diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index c72da91..68c3bf1 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -1,6 +1,9 @@ define check_mk::agent::generate_sshkey ( # dir on the check-mk-server where the collected key pairs are stored $keydir, + # user/group the key should be owned by on the check-mk-server + $keyuser = 'nagios', + $keygroup = 'nagios', # dir on the check-mk-agent where the authorized_keys file is stored $authdir, # name of the authorized_keys file @@ -54,11 +57,11 @@ define check_mk::agent::generate_sshkey ( } # resource collector for the private half of the keys, these end up on - # the check-mk-server host + # the check-mk-server host, and the user running check-mk needs access @@file { "${keydir}/${ssh_key_name}": content => $secret_key, - owner => root, - group => root, + owner => $keyuser, + group => $keygroup, mode => '0600', tag => $check_mk_tag; } -- cgit v1.2.3