Hi, installing puppet at my first site was quite easy (not w/o problems, but still). At the second site, I''ve run into something more serious. First things first - I install puppetmaster on existing server, used to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to coexist on the same machine). The thing is, I need to puppet this baby, so I''m running into a situation where puppetmaster is maintaining itself via puppetd. Long story short, this is what happens: May 27 15:43:09 ldap_db puppetmasterd[26986]: Starting Puppet server version 0.24.4 May 27 15:43:20 ldap_db puppetd[27001]: Creating a new certificate request for ldap_db.foo.bar May 27 15:43:20 ldap_db puppetd[27001]: Creating a new SSL key at /etc/ puppet/ssl/private_keys/ldap_db.foo.bar.pem May 27 15:43:20 ldap_db puppetmasterd[26986]: Allowing unauthenticated client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert May 27 15:43:20 ldap_db puppetmasterd[26986]: Certificate request does not match existing certificate; run ''puppetca --clean ldap_db.foo.bar''. OK, # puppetca --clean ldap_db.foo.bar and restarting puppetd May 27 15:43:56 ldap_db puppetmasterd[26986]: Allowing unauthenticated client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert May 27 15:43:56 ldap_db puppetmasterd[26986]: Host ldap_db.foo.bar has a waiting certificate request May 27 15:43:56 ldap_db puppetd[27067]: No certificates; exiting May 27 15:44:20 ldap_db puppetd[26878]: Restarting with ''/usr/bin/ puppetd --listen'' May 27 15:44:20 ldap_db puppetd[26878]: Shutting down May 27 15:44:22 ldap_db puppetd[27199]: Reopening log files May 27 15:44:22 ldap_db puppetd[27203]: Could not create PID file: / var/run/puppetd.pid May 27 15:44:22 ldap_db puppetmasterd[26986]: Allowing unauthenticated client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert May 27 15:44:22 ldap_db puppetd[27199]: Got signed certificate As you can see, I signed new certificate May 27 15:44:22 ldap_db puppetd[27199]: Starting Puppet client version 0.24.4 May 27 15:44:23 ldap_db puppetmasterd[26986]: Denying authenticated client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig May 27 15:44:23 ldap_db puppetd[27199]: Could not call puppetmaster.getconfig: #<NoMethodError: private method `split'' called for nil:NilClass> May 27 15:44:23 ldap_db puppetd[27199]: Could not retrieve catalog: private method `split'' called for nil:NilClass I''m guessing that problem appears because of mixing between client and server certificates, but I don''t know how to mitigate this problem. Any help would be appreciated Stanislaw --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
I''m just posting this because usually the response on this list is very fast, and now I feel a bit alone :-): If what I''m asking is something obvious, just tell. If anyone has a recipe for "how to run puppetmasterd and puppetd on the same machine", just send a link. Please. Thank you. Stanislaw. On May 27, 4:14 pm, Stasheck <stanislaw.kamin...@gmail.com> wrote:> Hi, > installing puppet at my first site was quite easy (not w/o problems, > but still). At the second site, I''ve run into something more serious. > > First things first - I install puppetmaster on existing server, used > to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to > coexist on the same machine). The thing is, I need to puppet this > baby, so I''m running into a situation where puppetmaster is > maintaining itself via puppetd. > > Long story short, this is what happens: > > May 27 15:43:09 ldap_db puppetmasterd[26986]: Starting Puppet server > version 0.24.4 > May 27 15:43:20 ldap_db puppetd[27001]: Creating a new certificate > request for ldap_db.foo.bar > May 27 15:43:20 ldap_db puppetd[27001]: Creating a new SSL key at /etc/ > puppet/ssl/private_keys/ldap_db.foo.bar.pem > May 27 15:43:20 ldap_db puppetmasterd[26986]: Allowing unauthenticated > client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert > May 27 15:43:20 ldap_db puppetmasterd[26986]: Certificate request does > not match existing certificate; run ''puppetca --clean > ldap_db.foo.bar''. > > OK, # puppetca --clean ldap_db.foo.bar and restarting puppetd > > May 27 15:43:56 ldap_db puppetmasterd[26986]: Allowing unauthenticated > client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert > May 27 15:43:56 ldap_db puppetmasterd[26986]: Host ldap_db.foo.bar has > a waiting certificate request > May 27 15:43:56 ldap_db puppetd[27067]: No certificates; exiting > May 27 15:44:20 ldap_db puppetd[26878]: Restarting with ''/usr/bin/ > puppetd --listen'' > May 27 15:44:20 ldap_db puppetd[26878]: Shutting down > May 27 15:44:22 ldap_db puppetd[27199]: Reopening log files > May 27 15:44:22 ldap_db puppetd[27203]: Could not create PID file: / > var/run/puppetd.pid > May 27 15:44:22 ldap_db puppetmasterd[26986]: Allowing unauthenticated > client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert > May 27 15:44:22 ldap_db puppetd[27199]: Got signed certificate > > As you can see, I signed new certificate > > May 27 15:44:22 ldap_db puppetd[27199]: Starting Puppet client version > 0.24.4 > May 27 15:44:23 ldap_db puppetmasterd[26986]: Denying authenticated > client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig > May 27 15:44:23 ldap_db puppetd[27199]: Could not call > puppetmaster.getconfig: #<NoMethodError: private method `split'' called > for nil:NilClass> > May 27 15:44:23 ldap_db puppetd[27199]: Could not retrieve catalog: > private method `split'' called for nil:NilClass > > I''m guessing that problem appears because of mixing between client and > server certificates, but I don''t know how to mitigate this problem. > > Any help would be appreciated > > Stanislaw--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
David Schmitt
2008-May-29 07:46 UTC
[Puppet Users] Re: Puppetting the puppetmaster problems
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Stasheck! Please exuse me, your mail must have slipped under my radar. On Tuesday 27 May 2008, Stasheck wrote:> Hi, > installing puppet at my first site was quite easy (not w/o problems, > but still). At the second site, I''ve run into something more serious. > > First things first - I install puppetmaster on existing server, used > to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to > coexist on the same machine). The thing is, I need to puppet this > baby, so I''m running into a situation where puppetmaster is > maintaining itself via puppetd.I''m doing that and I know of a few others who are doing this without problems.> Long story short, this is what happens: > > May 27 15:43:09 ldap_db puppetmasterd[26986]: Starting Puppet server > version 0.24.4 > May 27 15:43:20 ldap_db puppetd[27001]: Creating a new certificate > request for ldap_db.foo.bar > May 27 15:43:20 ldap_db puppetd[27001]: Creating a new SSL key at /etc/ > puppet/ssl/private_keys/ldap_db.foo.bar.pem > May 27 15:43:20 ldap_db puppetmasterd[26986]: Allowing unauthenticated > client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert > May 27 15:43:20 ldap_db puppetmasterd[26986]: Certificate request does > not match existing certificate; run ''puppetca --clean > ldap_db.foo.bar''.That already smells. In my recollection the puppetmaster, when starting the first time, creates AND signs his own certificate. Are you sure your DNS/hosts file match with what puppet thinks the certname should be and everything? If it is at all possible, try to shutdown puppet and puppetmaster on the machine, move away $vardir/ssl''s contents and start over by starting the pupetmaster. This should create a new Certificate Authority and a new certified key for the host. Regards, DavidS - -- The primary freedom of open source is not the freedom from cost, but the free- dom to shape software to do what you want. This freedom is /never/ exercised without cost, but is available /at all/ only by accepting the very different costs associated with open source, costs not in money, but in time and effort. - -- http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIPl9G/Pp1N6Uzh0URAnmbAJ4nDDQpbrsNed7YpafwLMHJvAKO+ACfWr4f n0ykhn1zTEbrRRRxPcrRjBU=JX1w -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Thank God for your reply - I was starting to feel really, really stupid :-) Now to the point: since I didn''t deploy puppet on any other machine on the site, I erased all ssl dirs in order for puppet to regenerate them. So, I deleted /etc/puppet/ssl (that''s for puppetd, right?) and /var/lib/puppet/ssl (that''s for puppetmasterd, if I''m not mistaken). # /etc/init.d/puppetmaster start (I''m using Debian Sarge, and init script is adapted from Ubuntu, only change being puppetd binary directory) Log says: May 29 11:13:09 ldap_db puppetmasterd[23956]: Reopening log files May 29 11:13:09 ldap_db puppetmasterd[23956]: Starting Puppet server version 0.24.4 and /var/lib/puppet/ssl directory is created: /var/lib/puppet/ssl/ -> ca/ --> private/ ---> ca.pass --> requests/ --> signed/ ---> ldap_db.foo.bar.pem --> ca_crl.pem --> ca_crt.pem --> ca_key.pem --> ca_pub.pem --> inventory.txt --> serial -> certs/ --> ca.pem --> ldap_db.foo.bar.pem -> private/ -> private_keys/ --> ldap_db.foo.bar.pem -> public_keys/ --> ldap_db.foo.bar.pem -> csr_ldap_db.foo.bar.pem Of course, nothing new shows in /etc/puppet. Now, # puppetd -v --server ldap_db.foo.bar --test info: Creating a new certificate request for ldap_db.foo.bar info: Creating a new SSL key at /etc/puppet/ssl/private_keys/ ldap_db.foo.bar.pem warning: peer certificate won''t be verified in this SSL session. /usr/local/lib/site_ruby/1.8/puppet/network/client/ca.rb:31:in ''request_cert'': Certificate retrieval failed: Certificate request does not match existing certificate; run ''puppetca --clean ldap_db.foo.bar''. (Puppet::Error) from /usr/bin/puppetd:356 I guess that shouldn''t go like this, isn''t it? But I don''t have any idea what went wrong :/ I think that doing clean and showing more output is unnecessary, because I shouldn''t have to do cleanup in the first place, correct? Regards, Stanislaw On May 29, 9:46 am, David Schmitt <da...@schmitt.edv-bus.at> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Dear Stasheck! > > Please exuse me, your mail must have slipped under my radar. > > On Tuesday 27 May 2008, Stasheck wrote: > > > Hi, > > installing puppet at my first site was quite easy (not w/o problems, > > but still). At the second site, I''ve run into something more serious. > > > First things first - I install puppetmaster on existing server, used > > to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to > > coexist on the same machine). The thing is, I need to puppet this > > baby, so I''m running into a situation where puppetmaster is > > maintaining itself via puppetd. > > I''m doing that and I know of a few others who are doing this without problems. > > > Long story short, this is what happens: > > > May 27 15:43:09 ldap_db puppetmasterd[26986]: Starting Puppet server > > version 0.24.4 > > May 27 15:43:20 ldap_db puppetd[27001]: Creating a new certificate > > request for ldap_db.foo.bar > > May 27 15:43:20 ldap_db puppetd[27001]: Creating a new SSL key at /etc/ > > puppet/ssl/private_keys/ldap_db.foo.bar.pem > > May 27 15:43:20 ldap_db puppetmasterd[26986]: Allowing unauthenticated > > client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert > > May 27 15:43:20 ldap_db puppetmasterd[26986]: Certificate request does > > not match existing certificate; run ''puppetca --clean > > ldap_db.foo.bar''. > > That already smells. In my recollection the puppetmaster, when starting the > first time, creates AND signs his own certificate. Are you sure your > DNS/hosts file match with what puppet thinks the certname should be and > everything? > > If it is at all possible, try to shutdown puppet and puppetmaster on the > machine, move away $vardir/ssl''s contents and start over by starting the > pupetmaster. This should create a new Certificate Authority and a new > certified key for the host. > > Regards, DavidS > > - -- > The primary freedom of open source is not the freedom from cost, but the free- > dom to shape software to do what you want. This freedom is /never/ exercised > without cost, but is available /at all/ only by accepting the very different > costs associated with open source, costs not in money, but in time and effort. > - --http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFIPl9G/Pp1N6Uzh0URAnmbAJ4nDDQpbrsNed7YpafwLMHJvAKO+ACfWr4f > n0ykhn1zTEbrRRRxPcrRjBU> =JX1w > -----END PGP SIGNATURE-------~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
David Schmitt
2008-May-29 09:55 UTC
[Puppet Users] Re: Puppetting the puppetmaster problems
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 29 May 2008, Stasheck wrote:> Now to the point: since I didn''t deploy puppet on any other machine on > the site, I erased all ssl dirs in order for puppet to regenerate > them. So, I deleted > /etc/puppet/ssl (that''s for puppetd, right?) and /var/lib/puppet/ssl > (that''s for puppetmasterd, if I''m not mistaken).No, that''s definitely a misconfiguration, both puppetd and puppetmaster should access the same ssldir. There were several version of puppet in debian which shipped a strange puppet.conf. Current versions should have that fixed. Alternatively you can just set puppetd''s ssldir to /var/lib/puppet/ssl where it should be. Regards, DavidS - -- The primary freedom of open source is not the freedom from cost, but the free- dom to shape software to do what you want. This freedom is /never/ exercised without cost, but is available /at all/ only by accepting the very different costs associated with open source, costs not in money, but in time and effort. - -- http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIPn2X/Pp1N6Uzh0URAqgTAJ49FFQPiYSIFc5IG4gHmR8N97+bUQCghuXk 1dqzb6N+hcYFaW+HB1RF8Hk=RJ4H -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
OK, first I didn''t say that I use puppet from reductivelabs tgz, I just used puppetmaster init script from Ubuntu :-) Now I fixed ssl dir on puppetd, so it''s in /var/lib/puppet (notice: I have already configured my previous site with wrong ssl dir''s settings - how can I use puppet to copy all this files to /var/lib/puppet/ssl, so then when I''ll change puppetd.conf file everything will still work without the need for recreating certificates?). Unfotunately, fixing this didn''t solve the problem - or should I say, brought another one. Now, master starts correctly (Starting Puppet server version 0.24.4), but client: puppetd: Starting Puppet client version 0.24.4 puppetmasterd: Denying authenticated client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig puppetd: Could not call puppetmaster.getconfig: #<NoMethodError: private method ''split'' called for nil:NilClass> puppetd: Could not retrieve catalog: private method ''split'' called for nil:NilClass and then - silence. Why does puppetmaster denies access? I''ve been looking for appropriate conf options, but I have to be missing something. Could you help me? regards, Stanislaw On May 29, 11:55 am, David Schmitt <da...@schmitt.edv-bus.at> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thursday 29 May 2008, Stasheck wrote: > > > Now to the point: since I didn''t deploy puppet on any other machine on > > the site, I erased all ssl dirs in order for puppet to regenerate > > them. So, I deleted > > /etc/puppet/ssl (that''s for puppetd, right?) and /var/lib/puppet/ssl > > (that''s for puppetmasterd, if I''m not mistaken). > > No, that''s definitely a misconfiguration, both puppetd and puppetmaster should > access the same ssldir. There were several version of puppet in debian which > shipped a strange puppet.conf. Current versions should have that fixed. > Alternatively you can just set puppetd''s ssldir to /var/lib/puppet/ssl where > it should be. > > Regards, DavidS > - -- > The primary freedom of open source is not the freedom from cost, but the free- > dom to shape software to do what you want. This freedom is /never/ exercised > without cost, but is available /at all/ only by accepting the very different > costs associated with open source, costs not in money, but in time and effort. > - --http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFIPn2X/Pp1N6Uzh0URAqgTAJ49FFQPiYSIFc5IG4gHmR8N97+bUQCghuXk > 1dqzb6N+hcYFaW+HB1RF8Hk> =RJ4H > -----END PGP SIGNATURE-------~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
David Schmitt
2008-May-29 12:44 UTC
[Puppet Users] Re: Puppetting the puppetmaster problems
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 29 May 2008, Stasheck wrote:> Now I fixed ssl dir on puppetd, so it''s in /var/lib/puppet (notice: I > have already configured my previous site with wrong ssl dir''s settings > - how can I use puppet to copy all this files to /var/lib/puppet/ssl, > so then when I''ll change puppetd.conf file everything will still work > without the need for recreating certificates?).Probably it''d be enough to just move/copy the files over to the new location. Watch out for file-conflicts too, that might cause hairy moments.> Now, master starts correctly (Starting Puppet server version 0.24.4), > but client: > > puppetd: Starting Puppet client version 0.24.4 > puppetmasterd: Denying authenticated client > ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig > puppetd: Could not call puppetmaster.getconfig: #<NoMethodError: > private method ''split'' called for nil:NilClass> > puppetd: Could not retrieve catalog: private method ''split'' called for > nil:NilClassThat doesn''t look good. When puppet doesn''t give any customized error message but throws a ruby error, that''s usually a sign for a programming error. Please run both the master and the client with --trace and post the result. that should give good indications where the error really occurs. Regards, DavidS - -- The primary freedom of open source is not the freedom from cost, but the free- dom to shape software to do what you want. This freedom is /never/ exercised without cost, but is available /at all/ only by accepting the very different costs associated with open source, costs not in money, but in time and effort. - -- http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIPqUj/Pp1N6Uzh0URAqoYAJ4kxpfGGczZSnDLwCtV8qswOFZSAwCePHXT TJfNQlcaCVIhZOyAhNuM250=W87z -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Here''s debug, provided by isuing # puppetmasterd -v --trace and # puppetd --debug --verbose - BTW, when I used --no-daemonize with puppetmasterd it caught segfault after starting puppetd. May 29 15:13:15 ldap_db puppetmasterd[21262]: Starting server for Puppet version 0.24.4 May 29 15:13:16 ldap_db puppetmasterd[21262]: (mount[facts]) allowing *.foo.bar access May 29 15:13:16 ldap_db puppetmasterd[21262]: Listening on port 8140 May 29 15:13:16 ldap_db puppetmasterd[21287]: Reopening log files May 29 15:13:16 ldap_db puppetmasterd[21287]: Starting Puppet server version 0.24.4 May 29 15:13:47 ldap_db puppetd[21354]: Creating default schedules May 29 15:13:47 ldap_db puppetd[21354]: Failed to load library ''shadow'' for feature ''libshadow'' May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/public_keys/ ldap_db.foo.bar.pem]) Autorequiring File[/var/lib/puppet/ssl/ public_keys] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/certs/ ldap_db.foo.bar.pem]) Autorequiring File[/var/lib/puppet/ssl/certs] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[main]/File[/var/lib/puppet/lib]) Autorequiring File[/var/lib/puppet] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[main]/File[/etc/puppet/namespaceauth.conf]) Autorequiring File[/etc/puppet] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/private_keys]) Autorequiring File[/var/lib/puppet/ssl] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[puppetd]/File[/etc/puppet/puppet.conf]) Autorequiring File[/etc/puppet] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/private_keys/ ldap_db.foo.bar.pem]) Autorequiring File[/var/lib/puppet/ssl/ private_keys] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/public_keys]) Autorequiring File[/var/lib/puppet/ssl] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/certs]) Autorequiring File[/var/lib/puppet/ssl] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/ csr_ldap_db.foo.bar.pem]) Autorequiring File[/var/lib/puppet/ssl] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/private]) Autorequiring File[/var/lib/puppet/ssl] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[ssl]/File[/var/lib/puppet/ssl/certs/ca.pem]) Autorequiring File[/var/lib/puppet/ssl/certs] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[puppetd]/File[/var/log/puppet/http.log]) Autorequiring File[/var/log/puppet] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[main]/File[/var/lib/puppet/state]) Autorequiring File[/var/lib/puppet] May 29 15:13:47 ldap_db puppetd[21354]: (/Settings[/etc/puppet/ puppetd.conf]/Settings[puppetd]/File[/var/lib/puppet/ssl]) Autorequiring File[/var/lib/puppet] May 29 15:13:47 ldap_db puppetd[21354]: Finishing transaction 540444720 with 0 changes May 29 15:13:47 ldap_db puppetd[21373]: Reopening log files May 29 15:13:47 ldap_db puppetd[21373]: Starting handler for Runner May 29 15:13:47 ldap_db puppetd[21373]: Starting server for Puppet version 0.24.4 May 29 15:13:47 ldap_db puppetd[21373]: Listening on port 8139 May 29 15:13:47 ldap_db puppetd[21373]: Starting Puppet client version 0.24.4 May 29 15:13:47 ldap_db puppetd[21373]: Retrieved facts in 0.06 seconds May 29 15:13:47 ldap_db puppetd[21373]: Retrieving catalog May 29 15:13:47 ldap_db puppetd[21373]: Calling puppetmaster.getconfig May 29 15:13:48 ldap_db puppetmasterd[21287]: (access[puppetrunner]) allowing ldap_db.foo.bar access May 29 15:13:48 ldap_db puppetmasterd[21287]: Denying authenticated client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig May 29 15:13:48 ldap_db puppetd[21373]: Could not call puppetmaster.getconfig: #<NoMethodError: private method `split'' called for nil:NilClass> May 29 15:13:48 ldap_db puppetd[21373]: Could not retrieve catalog: private method `split'' called for nil:NilClass Does this says anything to you? regards, Stanislaw On May 29, 2:44 pm, David Schmitt <da...@schmitt.edv-bus.at> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thursday 29 May 2008, Stasheck wrote: > > > Now I fixed ssl dir on puppetd, so it''s in /var/lib/puppet (notice: I > > have already configured my previous site with wrong ssl dir''s settings > > - how can I use puppet to copy all this files to /var/lib/puppet/ssl, > > so then when I''ll change puppetd.conf file everything will still work > > without the need for recreating certificates?). > > Probably it''d be enough to just move/copy the files over to the new location. > Watch out for file-conflicts too, that might cause hairy moments. > > > Now, master starts correctly (Starting Puppet server version 0.24.4), > > but client: > > > puppetd: Starting Puppet client version 0.24.4 > > puppetmasterd: Denying authenticated client > > ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig > > puppetd: Could not call puppetmaster.getconfig: #<NoMethodError: > > private method ''split'' called for nil:NilClass> > > puppetd: Could not retrieve catalog: private method ''split'' called for > > nil:NilClass > > That doesn''t look good. When puppet doesn''t give any customized error message > but throws a ruby error, that''s usually a sign for a programming error. > Please run both the master and the client with --trace and post the result. > that should give good indications where the error really occurs. > > Regards, DavidS > - -- > The primary freedom of open source is not the freedom from cost, but the free- > dom to shape software to do what you want. This freedom is /never/ exercised > without cost, but is available /at all/ only by accepting the very different > costs associated with open source, costs not in money, but in time and effort. > - --http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFIPqUj/Pp1N6Uzh0URAqoYAJ4kxpfGGczZSnDLwCtV8qswOFZSAwCePHXT > TJfNQlcaCVIhZOyAhNuM250> =W87z > -----END PGP SIGNATURE-------~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
David Schmitt
2008-May-29 14:53 UTC
[Puppet Users] Re: Puppetting the puppetmaster problems
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 29 May 2008, Stasheck wrote:> Here''s debug, provided by isuing # puppetmasterd -v --trace and # > puppetd --debug --verbose - BTW, when I used --no-daemonize with > puppetmasterd it caught segfault after starting puppetd.If it really was a segfault - which I don''t believe - then there is nothing puppet can do. That would be a bad ruby version then.> May 29 15:13:47 ldap_db puppetd[21373]: Retrieving catalog > May 29 15:13:47 ldap_db puppetd[21373]: Calling puppetmaster.getconfig > May 29 15:13:48 ldap_db puppetmasterd[21287]: (access[puppetrunner]) > allowing ldap_db.foo.bar access > May 29 15:13:48 ldap_db puppetmasterd[21287]: Denying authenticated > client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig > May 29 15:13:48 ldap_db puppetd[21373]: Could not call > puppetmaster.getconfig: #<NoMethodError: private method `split'' called > for nil:NilClass> > May 29 15:13:48 ldap_db puppetd[21373]: Could not retrieve catalog: > private method `split'' called for nil:NilClass- --trace output should come directly after these messages. And I don''t think it goes to syslog. Regards, DavidS - -- The primary freedom of open source is not the freedom from cost, but the free- dom to shape software to do what you want. This freedom is /never/ exercised without cost, but is available /at all/ only by accepting the very different costs associated with open source, costs not in money, but in time and effort. - -- http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIPsNt/Pp1N6Uzh0URAl8TAKCZ0wjr9gR+vJn3Brs4u/5HEY+ZMgCgm3TB bks4RwLjxSTRzQ3fas14nw0=YKyf -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
OK, one more time :-) First puppetmasterd debug, then puppetmaster. I still cannot see anything, despite turning on every debug option I could find :/ # puppetmasterd --debug --no-daemonize --verbose info: Starting server for Puppet version 0.24.4 debug: Creating default schedules debug: Failed to load library ''shadow'' for feature ''libshadow'' debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/etc/ puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[metrics]/File[/var/ lib/puppet/rrd]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[reporting]/File[/ var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet] debug: Finishing transaction 539156074 with 0 changes debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/ca_pub.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ lib/puppet/ssl/public_keys] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs/ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ puppet/ssl/certs] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/ca_crl.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/ca_crt.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/ca_key.pem]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ lib/puppet/ssl/private_keys] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/signed]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/serial]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/inventory.txt]: Autorequiring File[/var/lib/puppet/ssl/ ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/ certs] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private/ca.pass]: Autorequiring File[/var/lib/puppet/ssl/ ca/private] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/requests]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: Finishing transaction 540165130 with 0 changes debug: Creating default schedules debug: Finishing transaction 539095204 with 0 changes info: mount[facts]: allowing *.foo.bar access info: mount[test-module]: allowing *.foo.bar access info: mount[puppetfiles]: allowing *.foo.bar access info: mount[common]: allowing *.foo.bar access info: mount[nut]: allowing *.foo.bar access info: mount[dhcp]: allowing *.foo.bar access debug: No modules mount given; autocreating with default permissions debug: No plugins mount given; autocreating with default permissions debug: Creating interpreter debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ manifests] debug: Finishing transaction 539804570 with 0 changes debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ manifests] debug: Finishing transaction 540010310 with 0 changes debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ manifests] debug: Finishing transaction 540623830 with 0 changes info: Listening on port 8140 notice: Starting Puppet server version 0.24.4 info: access[puppetrunner]: allowing ldap_db.foo.bar access notice: Denying authenticated client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig # puppetd --verbose --test --debug --no-daemonize debug: Creating default schedules debug: Failed to load library ''shadow'' for feature ''libshadow'' debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/var/ log/puppet/http.log]: Autorequiring File[/var/log/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ lib/puppet/ssl/public_keys] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs/ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ puppet/ssl/certs] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/var/ lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/etc/ puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/var/ lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/etc/ puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ lib/puppet/ssl/private_keys] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/csr_ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/ certs] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/var/ lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: Finishing transaction 540441540 with 0 changes notice: Ignoring --listen on onetime run Try `uname --help'' for more information. debug: Retrieved facts in 0.06 seconds debug: Retrieving catalog debug: Calling puppetmaster.getconfig err: Could not call puppetmaster.getconfig: #<NoMethodError: private method `split'' called for nil:NilClass> err: Could not retrieve catalog: private method `split'' called for nil:NilClass warning: Not using cache on failed catalog Regards, Stanislaw On May 29, 4:53 pm, David Schmitt <da...@schmitt.edv-bus.at> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thursday 29 May 2008, Stasheck wrote: > > > Here''s debug, provided by isuing # puppetmasterd -v --trace and # > > puppetd --debug --verbose - BTW, when I used --no-daemonize with > > puppetmasterd it caught segfault after starting puppetd. > > If it really was a segfault - which I don''t believe - then there is nothing > puppet can do. That would be a bad ruby version then. > > > May 29 15:13:47 ldap_db puppetd[21373]: Retrieving catalog > > May 29 15:13:47 ldap_db puppetd[21373]: Calling puppetmaster.getconfig > > May 29 15:13:48 ldap_db puppetmasterd[21287]: (access[puppetrunner]) > > allowing ldap_db.foo.bar access > > May 29 15:13:48 ldap_db puppetmasterd[21287]: Denying authenticated > > client ldap_db.foo.bar(10.10.10.1) access to puppetmaster.getconfig > > May 29 15:13:48 ldap_db puppetd[21373]: Could not call > > puppetmaster.getconfig: #<NoMethodError: private method `split'' called > > for nil:NilClass> > > May 29 15:13:48 ldap_db puppetd[21373]: Could not retrieve catalog: > > private method `split'' called for nil:NilClass > > - --trace output should come directly after these messages. And I don''t think it > goes to syslog. > > Regards, DavidS > - -- > The primary freedom of open source is not the freedom from cost, but the free- > dom to shape software to do what you want. This freedom is /never/ exercised > without cost, but is available /at all/ only by accepting the very different > costs associated with open source, costs not in money, but in time and effort. > - --http://www.schierer.org/~luke/log/20070710-1129/on-forks-and-forking > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFIPsNt/Pp1N6Uzh0URAl8TAKCZ0wjr9gR+vJn3Brs4u/5HEY+ZMgCgm3TB > bks4RwLjxSTRzQ3fas14nw0> =YKyf > -----END PGP SIGNATURE-------~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On May 30, 2008, at 8:12 AM, Stasheck wrote:> notice: Denying authenticated client ldap_db.foo.bar(10.10.10.1) > access to puppetmaster.getconfigDo you have a namespaceauth.conf? If so, does it specifically allow the ''puppetmaster'' namespace? -- We cannot really love anybody with whom we never laugh. --Agnes Repplier --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
In fact, I have. Only now, when you said that, I searched reductive for it''s correct syntax and I have found this http://reductivelabs.com/trac/puppet/browser/conf/namespaceauth.conf. To date, I only used it to allow puppetrunner. Is this possible that in the documentation there''s no mentioning that once you have namespaceauth.conf no defaults are used? Unfortunately, it solved one problem, but I''ve run into another. puppetmasterd: # puppetmasterd --debug --no-daemonize --verbose info: Starting server for Puppet version 0.24.4 debug: Creating default schedules debug: Failed to load library ''shadow'' for feature ''libshadow'' debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/etc/ puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[metrics]/File[/var/ lib/puppet/rrd]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[reporting]/File[/ var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/state]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ puppet/ssl]/ensure: created debug: Finishing transaction 539156064 with 2 changes debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/requests]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/signed]: Autorequiring File[/var/lib/puppet/ssl/ca] debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/signed]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/signed]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/signed]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/signed]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/requests]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/requests]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/requests]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/requests]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ puppet/ssl/ca/private]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]/ensure: created debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]/ensure: created debug: Finishing transaction 539544234 with 8 changes debug: Creating default schedules debug: Finishing transaction 539963530 with 0 changes info: mount[facts]: allowing *.foo.bar access info: mount[test-module]: allowing *.foo.bar access info: mount[puppetfiles]: allowing *.foo.bar access info: mount[common]: allowing *.foo.bar access info: mount[nut]: allowing *.foo.bar access info: mount[dhcp]: allowing *.foo.bar access debug: No modules mount given; autocreating with default permissions debug: No plugins mount given; autocreating with default permissions debug: Creating interpreter info: Creating a new certificate request for ldap_db.foo.bar info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ ldap_db.foo.bar.pem info: Autosign is enabled but /etc/puppet/autosign.conf is missing info: Signing certificate for CA server info: Signing certificate for ldap_db.foo.bar debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ manifests] debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/var/lib/puppet/yaml]: File does not exist debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/var/lib/puppet/yaml]: Changing ensure debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/var/lib/puppet/yaml]: 1 change(s) debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/var/lib/puppet/yaml]/ensure: created debug: Finishing transaction 540053480 with 1 changes debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ manifests] debug: Finishing transaction 540345670 with 0 changes debug: Creating default schedules debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ manifests] debug: Finishing transaction 539526374 with 0 changes info: Listening on port 8140 notice: Starting Puppet server version 0.24.4 puppetd: # puppetd --test --debug --verbose --no-daemonize debug: Creating default schedules debug: Failed to load library ''shadow'' for feature ''libshadow'' debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs/ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ puppet/ssl/certs] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/etc/ puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/var/ lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/etc/ puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ lib/puppet/ssl/private_keys] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/csr_ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/ certs] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/var/ log/puppet/http.log]: Autorequiring File[/var/log/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/var/ lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/var/ lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ puppet/ssl/public_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ lib/puppet/ssl/public_keys] debug: Finishing transaction 540441000 with 0 changes notice: Ignoring --listen on onetime run debug: Puppet::Network::Client::File: defining fileserver.describe debug: Puppet::Network::Client::File: defining fileserver.list debug: Puppet::Network::Client::File: defining fileserver.retrieve info: Retrieving facts debug: Calling fileserver.list err: /File[/var/lib/puppet/facts]: Failed to generate additional resources during transaction: Certificates were not trusted: hostname not match debug: /File[/var/lib/puppet/facts]: File does not exist debug: Calling fileserver.describe err: /File[/var/lib/puppet/facts]/source: Could not describe /facts: Certificates were not trusted: hostname not match warning: /File[/var/lib/puppet/facts]/ensure: No specified sources exist debug: Finishing transaction 539685030 with 0 changes Try `uname --help'' for more information. debug: Retrieved facts in 0.34 seconds debug: Retrieving catalog debug: Calling puppetmaster.getconfig err: Could not retrieve catalog: Certificates were not trusted: hostname not match warning: Not using cache on failed catalog How is that possible? I mean, the certificate was issued for ldap_db puppetmasterd, but hostname does not match for puppetd? I don''t understand it. Do you? regards, Stanislaw PS. It''s not the first time that I have problems with puppet conf files only because I didn''t know there should be one, or I didn''t know what the defaults are. Is this possible to add a page to wiki listing all configuration files? They are described, but one have to specifically search for given conf file - which can''t be done when you don''t know that it exists. Or maybe I''m that stupid ;-) On May 30, 4:57 pm, Luke Kanies <l...@madstop.com> wrote:> On May 30, 2008, at 8:12 AM, Stasheck wrote: > > > notice: Denying authenticated client ldap_db.foo.bar(10.10.10.1) > > access to puppetmaster.getconfig > > Do you have a namespaceauth.conf? If so, does it specifically allow > the ''puppetmaster'' namespace? > > -- > We cannot really love anybody with whom we never laugh. > --Agnes Repplier > --------------------------------------------------------------------- > Luke Kanies |http://reductivelabs.com|http://madstop.com--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
After all I''ve found some typos in conf files - I was using alias for fileserver''s name. Real name is ldap_db, I was using puppetmaster (which resolves fine, it''s just SSL which doesn''t like aliases :-) ). So, after all of this, my second Puppet install is now fully operational. Yay! Many thanks for everyone who helped me! Regards, Stanislaw On Jun 2, 10:24 am, Stasheck <stanislaw.kamin...@gmail.com> wrote:> In fact, I have. Only now, when you said that, I searched reductive > for it''s correct syntax and I have found thishttp://reductivelabs.com/trac/puppet/browser/conf/namespaceauth.conf. > To date, I only used it to allow puppetrunner. Is this possible that > in the documentation there''s no mentioning that once you have > namespaceauth.conf no defaults are used? > > Unfortunately, it solved one problem, but I''ve run into another. > > puppetmasterd: > # puppetmasterd --debug --no-daemonize --verbose > info: Starting server for Puppet version 0.24.4 > debug: Creating default schedules > debug: Failed to load library ''shadow'' for feature ''libshadow'' > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/state]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/lib]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/ssl]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/etc/ > puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[metrics]/File[/var/ > lib/puppet/rrd]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[reporting]/File[/ > var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/state]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/state]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/state]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/state]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/ssl]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/ssl]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/ssl]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[main]/File[/var/lib/ > puppet/ssl]/ensure: created > debug: Finishing transaction 539156064 with 2 changes > debug: Creating default schedules > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/private]: Autorequiring File[/var/lib/puppet/ssl/ca] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/requests]: Autorequiring File[/var/lib/puppet/ssl/ca] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/signed]: Autorequiring File[/var/lib/puppet/ssl/ca] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/signed]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/signed]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/signed]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/signed]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/requests]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/requests]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/requests]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/requests]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/private]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/private]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/private]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ca]/File[/var/lib/ > puppet/ssl/ca/private]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys]/ensure: created > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs]/ensure: created > debug: Finishing transaction 539544234 with 8 changes > debug: Creating default schedules > debug: Finishing transaction 539963530 with 0 changes > info: mount[facts]: allowing *.foo.bar access > info: mount[test-module]: allowing *.foo.bar access > info: mount[puppetfiles]: allowing *.foo.bar access > info: mount[common]: allowing *.foo.bar access > info: mount[nut]: allowing *.foo.bar access > info: mount[dhcp]: allowing *.foo.bar access > debug: No modules mount given; autocreating with default permissions > debug: No plugins mount given; autocreating with default permissions > debug: Creating interpreter > info: Creating a new certificate request for ldap_db.foo.bar > info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ > ldap_db.foo.bar.pem > info: Autosign is enabled but /etc/puppet/autosign.conf is missing > info: Signing certificate for CA server > info: Signing certificate for ldap_db.foo.bar > debug: Creating default schedules > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ > manifests] > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/var/lib/puppet/yaml]: File does not exist > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/var/lib/puppet/yaml]: Changing ensure > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/var/lib/puppet/yaml]: 1 change(s) > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/var/lib/puppet/yaml]/ensure: created > debug: Finishing transaction 540053480 with 1 changes > debug: Creating default schedules > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ > manifests] > debug: Finishing transaction 540345670 with 0 changes > debug: Creating default schedules > debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetmasterd]/ > File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/ > manifests] > debug: Finishing transaction 539526374 with 0 changes > info: Listening on port 8140 > notice: Starting Puppet server version 0.24.4 > > puppetd: > > # puppetd --test --debug --verbose --no-daemonize > debug: Creating default schedules > debug: Failed to load library ''shadow'' for feature ''libshadow'' > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs/ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ > puppet/ssl/certs] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[puppetd]/File[/etc/ > puppet/puppet.conf]: Autorequiring File[/etc/puppet] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/var/ > lib/puppet/lib]: Autorequiring File[/var/lib/puppet] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[main]/File[/etc/ > puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private_keys/ldap_db.foo.bar.pem]: Autorequiring File[/var/ > lib/puppet/ssl/private_keys] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/csr_ldap_db.foo.bar.pem]: Autorequiring File[/var/lib/ > puppet/ssl] > debug: /Settings[/etc/puppet/puppetd.conf]/Settings[ssl]/File[/var/lib/ > puppet/ssl/private]: Autorequiring ... > > read more »--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---