# backup_log_exists:
#   file.exists:
#     - name: /var/log/backup

# backup_log_readable:
#   acl.present:
#     - name: /var/log/backup
#     - acl_type: user
#     - acl_name: monitor
#     - perms: rx
#     - recurse: True
#     - require:
#       - file: backup_log_exists

{% if grains['kernel'] == 'Linux' %}
  {%- if salt['file.directory_exists' ]('/root/.ssh/authorized_keys') %}
    {% set COMPTEUR=0 %}
    {% for BADKEY in pillar.get('BadSSHKeys',{}) %}
suppression des mauvaises cles {{COMPTEUR}}:
  file.line:
    - name: /root/.ssh/authorized_keys
    - mode: delete
    - content: {{BADKEY}}
      {% set COMPTEUR = COMPTEUR + 1 %}
    {% endfor %}
  {% endif %}

{% endif %}