Puppet

I have the following change, which allows unrecognised lines to be passed through unmolested.

--- puppet-0.25.5/lib/puppet/provider/ssh_authorized_key/parsed.rb   Mon May 17 06:10:24 2010
+++ new/lib/puppet/provider/ssh_authorized_key/parsed.rb        Thu Jun 17 14:59:02 2010
@@ -14,7 +14,11 @@
         :fields   => %w{options type key name},
         :optional => %w{options},
         :rts => /^\s+/,
-        :match    => /^(?:(.+) )?(ssh-dss|ssh-rsa) ([^ ]+) ?(.*)$/,
+        # The name field is not optional here.  Lines without a name
+        # will be matched by the "text_line :unrecognised" rule instead.
+        # (Do not change the (.+) at the end to (.*), or make the preceding
+        # space optional.)
+        :match    => /^(?:(.+) )?(ssh-dss|ssh-rsa) ([^ ]+) (.+)$/,
         :post_parse => proc { |h|
             h[:name] = "" if h[:name] == :absent
             h[:options] ||= [:absent]
@@ -30,6 +34,8 @@
         :optional => %w{options},
         :rts      => /^\s+/,
         :match    => /^(?:(.+) )?(\d+) (\d+) (\d+)(?: (.+))?$/
+
+    text_line :unrecognised, :match => //

     def dir_perm
         # Determine correct permission for created directory and file

The :unrecognised rule should probably be in a parent class instead of in the ssh_authorized_keys provider. The part about making the name field compulsory is there to deal with errors (whose details I do not remember) where some other part of puppet was unhappy about having the empty string as the name of a resource.

In my case, it tripped over itself parsing a blank line between comments and keys. After that, it clobbered the whole file and only wrote the managed entries.