X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fportforwarder%2Fmanifests%2Finit.pp;h=e7009b22e986313cff3af8d3ec155b534b048b30;hb=07d55b09f734890a4f08b7b352a561ec7d875cbd;hp=8fd01c34f79387daeaebb88e0046a17dae43f1ce;hpb=3eb533e5499e66423bafdedaf6c7d08ead1772de;p=mirror%2Fdsa-puppet.git

diff --git a/modules/portforwarder/manifests/init.pp b/modules/portforwarder/manifests/init.pp
index 8fd01c34f..e7009b22e 100644
--- a/modules/portforwarder/manifests/init.pp
+++ b/modules/portforwarder/manifests/init.pp
@@ -1,6 +1,14 @@
 class portforwarder {
 	# do not depend on xinetd, yet.  it might uninstall other inetds
 	# for now this will have to be done manually
+
+	if ! $::portforwarder_key {
+		exec { 'create-portforwarder-key':
+			command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
+			onlyif  => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
+		}
+	}
+
 	file { '/etc/ssh/userkeys/portforwarder':
 		content => template('portforwarder/authorized_keys.erb'),
 	}
@@ -12,11 +20,10 @@ class portforwarder {
 	}
 	file { '/etc/xinetd.d/dsa-portforwader':
 		content => template('portforwarder/xinetd.erb'),
-		notify  => Exec['xinetd reload']
+		notify  => Exec['service xinetd reload']
 	}
 
-	exec { 'xinetd reload':
-		path        => '/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin',
+	exec { 'service xinetd reload':
 		refreshonly => true,
 	}
 }