From 3f99bd71811be182f9217d727ec0ca7755eec68d Mon Sep 17 00:00:00 2001
From: Jesse Wolfe <jes5199@gmail.com>
Date: Wed, 22 Sep 2010 17:31:31 -0700
Subject: Fix #4267 - Create a backup before dropping permissions

This change just forces a file to be written to the filebucket before we
drop the permissions necessary to do so.
---
 lib/puppet/provider/ssh_authorized_key/parsed.rb | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/puppet/provider/ssh_authorized_key/parsed.rb b/lib/puppet/provider/ssh_authorized_key/parsed.rb
index 82f6b8881..6a3855c0e 100644
--- a/lib/puppet/provider/ssh_authorized_key/parsed.rb
+++ b/lib/puppet/provider/ssh_authorized_key/parsed.rb
@@ -61,6 +61,13 @@ require 'puppet/provider/parsedfile'
       Dir.mkdir(dir, dir_perm)
       File.chown(uid, nil, dir)
     end
+
+    # ParsedFile usually calls backup_target much later in the flush process,
+    # but our SUID makes that fail to open filebucket files for writing.
+    # Fortunately, there's already logic to make sure it only ever happens once,
+    # so calling it here supresses the later attempt by our superclass's flush method.
+    self.class.backup_target(target)
+
     Puppet::Util::SUIDManager.asuser(@resource.should(:user)) { super }
     File.chown(uid, nil, target)
     File.chmod(file_perm, target)
-- 
cgit