| Age | Commit message (Collapse) | Author |
|---|
|
Previously, when the `target` property was set, the ssh_authorized_key
resource could not create directories/files within root-owned paths.
This behavior is due to the module switching context to the user, then
attempting to create the directory/file as the specified user,
ultimately failing because of insufficient permissions.
This commit adds a new parameter, `drop_privileges` which when set to
false allows the module to write a ssh_authorized_key file in a
privileged path. Due to the possible security implications of this,
the parameter must be manually specified in order to activate this
functionality.
A path is considered to be privileged/trusted if all of its ancestors:
- do not contain any symlinks
- have the same owner as the user who runs Puppet
- are not world/group writable
|
|
In Puppet4, the Report class requires a kind argument. Also the is_to_s
and should_to_s methods returned an array of strings and a flattened
array as a string. That behavior was changed in PUP-7616 (commit
c14b28f9c427) so that both methods return a string as the name
implies.
|
|
Since these tests require both the User & Ssh_authorized_keys types are
available, they are unlikely to be run as part of the Puppet test suite as
this module is unlikely to be installed & available to Puppet's test
suite. By moving the tests into this module, we can ensure that they're at
least run as part of development of the module.
|
|
SSH keys are long, and splitting them into multiple lines can be
error-prone, so we'll just disable the Metrics/LineLength check for lines
that are SSH keys.
|
|
|
|
|
|
|
|
|
|
|
|
Imported from dbf5a8964af9b87446542d24f46534cf90f11f59 in the Puppet repo.
|
