Throw a warning if users with identical fingerprint exist?

[s-fleck]

I recently had a very stupid bug in one of my packages. I had a duplicated user in vault/users with two identical .pem files with different filenames (the username was misspelled in one).

The result was that the user got "access denied" for the secret he wanted to access, despite the secret being correctly shared with him. Obviously this was my mistake, but it was pretty hard to debug. I think it would be cool if secret:::lookup_user() issued a warning (or threw an error?) on duplicate key files in /users

[gaborcsardi]

Good idea. Do you want to submit a PR?

[s-fleck]

Yes! sure! :) It would probably have slightly negative impact on performance because you would now have to read all keyfiles instead of stop on the first matching one.

[gaborcsardi]

I think that is fine. If somebody complains then we can make it optional.