[chef] Strange template behavior?

[Charles Burns < >]

Hi all,

I'm relatively new to chef, so I hope I'm not asking a 
silly question, but I can't seem to find any information relating to my 
problem anywhere else.

I've bootstrapped some Centos 6 nodes 
sucessfully, both using the rbel yum/rpm method which yields a 
chef-client of version 10.6 and (alternatively) using gems which yields a
 chef-client of version 10.14.4.

The nodes communicate just fine with my chef-server (10.8 running on
 Ubuntu 11.10), but I'm seeing some behavior I can't explain when I use 
templates.

I have a custom recipe that, for example, replaces 
/etc/sshd_config with a template in order to change the location of the 
authorized_keys file. The recipe also creates the authorized_keys file 
(at /etc/ssh/publicSSHkeys) and ensures it's there. Permissions on the 
files are correct, and set in the recipe. The files are created 
successfully by the recipe. 

However, when I restart the sshd service (either from the recipe, or
 from the command line on the server itself) I get an error. 
Specifically, "Starting sshd: /etc/ssh/sshd_config: Permission denied 
[FAILED]". At first I thought this may be related to the permissions on 
the file itself, but those are set properly, to 600 just like the file 
that was created by yum when the openssh-server package was initially 
installed. 

It seems, for some reason, that existing files which are overwritten
 by chef templates in recipes can't then be found by the system. 

The same sort of problem occurs when I use a chef recipe to install nrpe and overwrite /etc/nrpe.cfg with a template.

The oddest part is that the exact same recipe works properly in 
Ubuntu 11.10/12.04, templates overwrite the conf files on the node, and 
the services (sshd, nrpe) start fine. 

I've been racking my brain
 about this for some time now, and google/documentation/knowledge base 
haven't provided an answer, but I must be missing something. 

Anyone have any ideas?

-- 
----------------------------
Charles J. Burns
 
 ">