Don't expect user to be in the default group Related: PROD-32907 Change-Id: Iea1ab5341ca28fd2189092a26ae7fbdf182429f2

commit: 9a664c1407f0ea322a1bef2ee06e4709c0396c56 [log] [tgz]
author: Martin Polreich <polreichmartin@gmail.com> Wed Sep 25 15:37:42 2019 +0200
committer: Martin Polreich <polreichmartin@gmail.com> Wed Sep 25 16:00:54 2019 +0200
tree: 2cb9cb788d2195e2144693d5fee9720ac37c4494
parent: a66ad213c56664c1cf70143309f4aa59cc709a0e [diff]
diff --git a/openssh/server/public_key.sls b/openssh/server/public_key.sls
index d9fe879..fa25a6f 100644
--- a/openssh/server/public_key.sls
+++ b/openssh/server/public_key.sls

@@ -7,11 +7,13 @@
 
 {%- if user.public_keys is defined %}
 
+{%- set user_gid = salt['user.info'](user.user.name).get('gid', 0) %}
+
 {{ user.user.name }}_ssh_dir:
   file.directory:
   - name: {{ user.user.home }}/.ssh
   - user: {{ user.user.name }}
-  - group: {{ user.user.name }}
+  - group: {{ user_gid if user_gid|int != 65534 else 0 }}
   - mode: 700
 
 {%- if user.get('purge', False) %}
@@ -20,7 +22,7 @@
   file.managed:
   - name: {{ user.user.home }}/.ssh/authorized_keys
   - user: {{ user.user.name }}
-  - group: {{ user.user.name }}
+  - group: {{ user_gid if user_gid|int != 65534 else 0 }}
   - mode: 644
   - template: jinja
   - source: salt://openssh/files/authorized_keys
commit	9a664c1407f0ea322a1bef2ee06e4709c0396c56	[log] [tgz]
author	Martin Polreich <polreichmartin@gmail.com>	Wed Sep 25 15:37:42 2019 +0200
committer	Martin Polreich <polreichmartin@gmail.com>	Wed Sep 25 16:00:54 2019 +0200
tree	2cb9cb788d2195e2144693d5fee9720ac37c4494
parent	a66ad213c56664c1cf70143309f4aa59cc709a0e [diff]