headers
tickets | 3 May 2012 17:35

[Puppet - Bug #13973] No such file or directory error with ssh_authorized_keys

Issue #13973 has been updated by Nitesh Goel.

    Stefan Schulte wrote:

    Puppet will write the authorized_keys file as the user you specify with the user property (because of http://puppetlabs.com/security/cve/cve-2011-3870). The user most likely has far less priviledges than the original user who is running the puppet command (most likely root).

    If puppet needs to make a change in the authorized key file, indicated by […]

    puppet will first dump the new content to a temporary file and later move it to the correct place. Puppet uses a ruby library to create that file (tempfile). The tempfile will normally be created in /tmp but as it turns out, the current working directory is used instead. If the current working directory (e.g. /root) is not writeable by user nitesh you’ll get the error above.

    In order to find out, why tempfile does not create the file in /tmp can you please do the following: […]

    Thanks Stefan, that was it.

    I was mounting my tmp folder to another volume and that folder was not writable. I did not know that puppet writes to /tmp. Should we display a warning if tmp cannot be written to? The error message, in its current form, is not easy to debug.

    Bug #13973: No such file or directory error with ssh_authorized_keys

    • Author: Nitesh Goel
    • Status: Needs More Information
    • Priority: Normal
    • Assignee: Nitesh Goel
    • Category: ssh
    • Target version: 2.7.x
    • Affected Puppet version: 2.7.13
    • Keywords:
    • Branch:

    When I try to set authorized keys through the ssh_authorized_key resource type, I get the following error:

    Could not evaluate: Puppet::Util::FileType::FileTypeFlat could not write /home/nitesh/.ssh/authorized_keys: No such file or directory - /opt/puppet/lib/puppet20120417-2519-62ftr9.lock

    $vardir config is set to /opt/puppet/lib. I am saving my puppet manifests in a git repo and running them locally without a puppet server.

    You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account

    --
    You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
    To post to this group, send email to puppet-bugs <at> googlegroups.com.
    To unsubscribe from this group, send email to puppet-bugs+unsubscribe <at> googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
    Permalink | Reply |

    Gmane