From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 14 Sep 2019 10:51:24 +0000 (+0200)
Subject: Copy the ssh_keys_users facter from Tor
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=0ed55c82789b31b34176a2fdb803dd09a4d6e686;p=mirror%2Fdsa-puppet.git

Copy the ssh_keys_users facter from Tor
---

diff --git a/modules/ssh/lib/facter/ssh_keys_users.rb b/modules/ssh/lib/facter/ssh_keys_users.rb
new file mode 100644
index 000000000..308a0eca4
--- /dev/null
+++ b/modules/ssh/lib/facter/ssh_keys_users.rb
@@ -0,0 +1,34 @@
+require 'etc'
+
+# this fact will iterate over all the known users (as defined by the
+# Etc module) and look in their .ssh directory for public keys. the
+# public keys are exported in a user => [keys] hash, where keys are
+# stored in the array without distinction of type
+Facter.add(:ssh_keys_users) do
+  setcode do
+    keys_hash = {}
+    Etc.passwd { |user|
+      keys = {}
+      Dir.glob(File.join(user.dir, '.ssh', '*.pub')).each { |filepath|
+        if FileTest.file?(filepath)
+          regex = %r{^ssh-(\S+) (\S+)\s?(.+)?$}
+          begin
+            line = File.open(filepath).read.chomp
+            if (match = regex.match(line))
+                keys[File.basename(filepath)] = {
+                    'type' => match[1],
+                    'key' => match[2],
+                    'comment' => match[3],
+                    'line' => line,
+                }
+            end
+          rescue
+            puts "cannot read user SSH key: " + user.name
+          end
+        end
+      }
+      keys_hash[user.name] = keys if not keys.empty?
+    }
+    keys_hash
+  end
+end