aboutsummaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorColin Guthrie <colin@mageia.org>2015-01-18 12:57:35 +0000
committerColin Guthrie <colin@mageia.org>2015-01-18 13:15:52 +0000
commit529eee5bc243fe27578f9ce9eda9375838d19f5b (patch)
treef07674cfff229f08fd3a310d563f7db9f433ddfa /modules
parentd5148ffbb0514c37893002e4988c5f7f379586bf (diff)
downloadpuppet-529eee5bc243fe27578f9ce9eda9375838d19f5b.tar
puppet-529eee5bc243fe27578f9ce9eda9375838d19f5b.tar.gz
puppet-529eee5bc243fe27578f9ce9eda9375838d19f5b.tar.bz2
puppet-529eee5bc243fe27578f9ce9eda9375838d19f5b.tar.xz
puppet-529eee5bc243fe27578f9ce9eda9375838d19f5b.zip
openssh: Return failure when no keys are updated.
We can then use this exit status to run other commands when keys are updated.
Diffstat (limited to 'modules')
-rwxr-xr-xmodules/openssh/templates/ldap-sshkey2file.py17
1 files changed, 15 insertions, 2 deletions
diff --git a/modules/openssh/templates/ldap-sshkey2file.py b/modules/openssh/templates/ldap-sshkey2file.py
index 4a547b5e..15c27270 100755
--- a/modules/openssh/templates/ldap-sshkey2file.py
+++ b/modules/openssh/templates/ldap-sshkey2file.py
@@ -35,6 +35,9 @@ def usage():
print "with ssh keys in them and write each one to"
print "%s/<login>/authorized_keys" % keypathprefix
print
+ print "It will return failure when no keys are updated and success"
+ print "when one or more keys have changed."
+ print
print "This script is intented to be run from cron as root"
print
@@ -87,6 +90,9 @@ def write_keys(keys, user, uid, gid):
os.chmod(tmpname, 0600)
os.chown(tmpname, uid, gid)
shutil.move(tmpname, keyfile)
+ return True
+
+ return False
if len(sys.argv) != 1:
@@ -95,6 +101,7 @@ if len(sys.argv) != 1:
bindpw = get_pw(pwfile)
+changed = False
try:
ld = ldap.initialize(uri)
ld.set_option(ldap.OPT_NETWORK_TIMEOUT, timeout)
@@ -106,18 +113,24 @@ try:
os.makedirs(keypathprefix, 0701)
except:
pass
+
for result in res:
dn, entry = result
# skip possible system users
if int(entry['uidNumber'][0]) < 500:
continue
- write_keys(entry['sshPublicKey'], entry['uid'][0], int(entry['uidNumber'][0]), int(entry['gidNumber'][0]))
+ if write_keys(entry['sshPublicKey'], entry['uid'][0], int(entry['uidNumber'][0]), int(entry['gidNumber'][0])):
+ changed = True
+
ld.unbind_s()
except Exception, e:
print "Error"
raise
-sys.exit(0)
+if changed:
+ sys.exit(0)
+
+sys.exit(1)
# vim:ts=4:sw=4:et:ai:si