Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add exclusive option to authorized_keys #7680

Closed
wants to merge 1 commit into from

Conversation

@omgjlk
Copy link
Contributor

@omgjlk omgjlk commented Jun 6, 2014

This option allows the module to ensure that ONLY the specified keys
exist in the authorized_keys file. All others will be removed. This is
quite useful when rotating keys and ensuring no other key will be
accepted.

This option allows the module to ensure that ONLY the specified keys
exist in the authorized_keys file. All others will be removed. This is
quite useful when rotating keys and ensuring no other key will be
accepted.
@sivel
Copy link
Member

@sivel sivel commented Jun 6, 2014

I have seen a number of people ask for this functionality, which seems to give this more merit.

To play devils advocate for a moment, this could be achieved using the template or copy module also.

However, with that being said, most people will look to this module due to it's name (of course) to provide authorized keys functionality.

@omgjlk
Copy link
Contributor Author

@omgjlk omgjlk commented Jun 6, 2014

Yes, we're currently using a template/copy, but it's not as clean, and requires some awkward motions to add a new key to an existing file and testing it before removing any old keys from the file.

@mpdehaan
Copy link
Contributor

@mpdehaan mpdehaan commented Sep 29, 2014

Hi!

Thanks very much for your interest in Ansible. It sincerely means a lot to us.

On September 26, 2014, due to enormous levels of contribution to the project Ansible decided to reorganize module repos, making it easier
for developers to work on the project and for us to more easily manage new contributions and tickets.

We split modules from the main project off into two repos, http://github.com/ansible/ansible-modules-core and http://github.com/ansible/ansible-modules-extras

If you still would like this pull request merged, we will need your help making this target the new repo. If you do not take any action, this
pull request unfortunately cannot be applied.

We apologize that we are not able to make this transition happen seamlessly, though this is a one-time change and your help is greatly appreciated --
this will greatly improve velocity going forward.

Both sets of modules will ship with Ansible, though they'll receive slightly different ticket handling.

To locate where a module lives between 'core' and 'extras'

Otherwise, if this is a new module:

It may be possible to re-patriate your pull requests automatically, one user-submitted approach for advanced git users
has been suggested at https://gist.github.com/willthames/afbaaab0c9681ed45619

Additionally, should you need more help with this, you can ask questions on:

Thanks you very much!

@mpdehaan mpdehaan closed this Sep 29, 2014
@johanmeiring
Copy link

@johanmeiring johanmeiring commented Oct 20, 2014

@j2sol Hi there... are you planning on creating a pull request for this at https://github.com/ansible/ansible-modules-extras/ ? It's a feature that I'm quite looking forward to :-)

@agimenez
Copy link

@agimenez agimenez commented Feb 9, 2015

@j2sol Yes, it would be awesome, but I think that the right repo would be https://github.com/ansible/ansible-modules-core

@omgjlk
Copy link
Contributor Author

@omgjlk omgjlk commented Feb 9, 2015

@bcoca
Copy link
Member

@bcoca bcoca commented Feb 9, 2015

locking this thread as the feature is being added elsewhere, as linked above

@ansible ansible locked and limited conversation to collaborators Feb 9, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

7 participants