From 8a7639c19182f8e2d88a2a5029f30a54e07fc6a8 Mon Sep 17 00:00:00 2001
From: Steven Armstrong <steven@icarus.ethz.ch>
Date: Fri, 27 Sep 2013 21:51:36 +0200
Subject: [PATCH 1/2] preserve ownership and permissions of existing files

Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
---
 cdist/conf/type/__ssh_authorized_keys/gencode-remote | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cdist/conf/type/__ssh_authorized_keys/gencode-remote b/cdist/conf/type/__ssh_authorized_keys/gencode-remote
index cc86cc19..b886c96f 100755
--- a/cdist/conf/type/__ssh_authorized_keys/gencode-remote
+++ b/cdist/conf/type/__ssh_authorized_keys/gencode-remote
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2012-2013 Steven Armstrong (steven-cdist at armstrong.cc)
 #
 # This file is part of cdist.
 #
@@ -24,7 +24,7 @@ if [ -f "$__object/parameter/file" ]; then
 else
    home="$(cut -d':' -f 6 "$__object/explorer/passwd")"
    file="$home/.ssh/authorized_keys"
-fi 
+fi
 
 entry="$__object/files/entry"
 if [ ! -s "$__object/explorer/entry" ]; then
@@ -48,6 +48,8 @@ remove_entry() {
    suffix="#/cdist:$__object_name"
    cat << DONE
 tmpfile=\$(mktemp)
+# preserve ownership and permissions by copying existing file over tmpfile
+cp -p "$file" "\$tmpfile"
 awk -v prefix="$prefix" -v suffix="$suffix" '
 {
    if (index(\$0,prefix)) {

From d166224e688bdd8841d1d023ed3a5986eecb2691 Mon Sep 17 00:00:00 2001
From: Steven Armstrong <steven@icarus.ethz.ch>
Date: Fri, 27 Sep 2013 22:06:08 +0200
Subject: [PATCH 2/2] create tmpfile on same volume as existing file

Signed-off-by: Steven Armstrong <steven@icarus.ethz.ch>
---
 cdist/conf/type/__ssh_authorized_keys/gencode-remote | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cdist/conf/type/__ssh_authorized_keys/gencode-remote b/cdist/conf/type/__ssh_authorized_keys/gencode-remote
index b886c96f..7fcb59c6 100755
--- a/cdist/conf/type/__ssh_authorized_keys/gencode-remote
+++ b/cdist/conf/type/__ssh_authorized_keys/gencode-remote
@@ -47,7 +47,7 @@ remove_entry() {
    prefix="#cdist:$__object_name"
    suffix="#/cdist:$__object_name"
    cat << DONE
-tmpfile=\$(mktemp)
+tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
 # preserve ownership and permissions by copying existing file over tmpfile
 cp -p "$file" "\$tmpfile"
 awk -v prefix="$prefix" -v suffix="$suffix" '