Hello everyone, I am new to puppet. I have installed on redhat Enterprise 5and seems to be working fine. Couple days ago I was testing some permissions on / etc folder and applied 600 /etc and sub folders. Although I have reverted the permission but I am having issues on puppetmaster. Currently I have these permission on etc 755 and puppet folder: my /etc folder is 755 and puppet folder with tese permsions: -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests drwxr-xr-x 21 root root 4096 Oct 22 2010 modules -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew I am getting these error in the log: puppet-master[3519]: Could not parse for environment production: Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ puppet/manifests/site.pp:3 on node client1 Dec 27 14:25:46 server puppet-master[3519]: Could not parse for environment production: Permission denied - /etc/puppet/manifests/ classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 Dec 27 14:27:15 server puppet-master[3519]: Could not parse for environment production: Permission denied - /etc/puppet/manifests/ classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 Dec 27 14:27:15 server puppet-master[3519]: Could not parse for environment production: Permission denied - /etc/puppet/manifests/ classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for environment production: Permission denied - /etc/puppet/manifests/ classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server Any Help will be greatly appreciated. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hello Khan, I''m fairly new to Puppet as well. I''m assuming that `manifests/classes/sysctl.pp` is being referenced by the line 3 of `manifests/site.pp` from the error msgs. My first thing would be to double check the permissions on `manifests/ classes/sysctl.pp` After that I would check the content and files being referenced by sysctl.pp and see if it''s a permission issue at a lower level and Puppet is errorring at an unhelpfully high level. If that doesn''t help, what the users/groups for the manifests and files being created by the manifests? Are you using filebucket? - Justin On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote:> Hello everyone, > I am new to puppet. I have installed on redhat Enterprise 5and seems > to be working fine. Couple days ago I was testing some permissions on / > etc folder and applied 600 /etc and sub folders. Although I have > reverted the permission but I am having issues on puppetmaster. > Currently I have these permission on etc 755 and puppet folder: > my /etc folder is 755 and puppet folder with tese permsions: > > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > > I am getting these error in the log: > > puppet-master[3519]: Could not parse for environment production: > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ > puppet/manifests/site.pp:3 on node client1 > > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 > > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog > from remote server: Error 400 on SERVER: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server > Any Help will be greatly appreciated.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks for your response. I have cahnge the permission to 655 on manifests and still the same thing. My puppetmaster was not even starting then and now. The user/group is root for this folder. Every time when I try to start puppetmaster is get this error message: server puppet-master[20965]: Starting Puppet master version 2.6.12 Dec 29 13:29:26 server puppet-master[20982]: You have configuration parameter $classfile specified in [puppetd], which is a deprecated section. I''m assuming you meant [agent] Dec 29 13:29:26 server puppet-master[20982]: You have configuration parameter $localconfig specified in [puppetd], which is a deprecated section. I''m assuming you meant [agent] Dec 29 13:29:27 server puppet-master[21035]: Reopening log files Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master version 2.6.12 On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com> wrote:> Hello Khan, > > I''m fairly new to Puppet as well. > I''m assuming that `manifests/classes/sysctl.pp` is being referenced by > the line 3 of `manifests/site.pp` from the error msgs. > My first thing would be to double check the permissions on `manifests/ > classes/sysctl.pp` > > After that I would check the content and files being referenced by > sysctl.pp and see if it''s a permission issue at a lower level and > Puppet is errorring at an unhelpfully high level. > > If that doesn''t help, what the users/groups for the manifests and > files being created by the manifests? Are you using filebucket? > > > - Justin > > > > On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: > > Hello everyone, > > I am new to puppet. I have installed on redhat Enterprise 5and seems > > to be working fine. Couple days ago I was testing some permissions on / > > etc folder and applied 600 /etc and sub folders. Although I have > > reverted the permission but I am having issues on puppetmaster. > > Currently I have these permission on etc 755 and puppet folder: > > my /etc folder is 755 and puppet folder with tese permsions: > > > > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > > > > I am getting these error in the log: > > > > puppet-master[3519]: Could not parse for environment production: > > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ > > puppet/manifests/site.pp:3 on node client1 > > > > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 > > > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 > > > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 > > > > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog > > from remote server: Error 400 on SERVER: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server > > Any Help will be greatly appreciated. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Can you post your config? It sounds like there may be an error in it. On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan <makhan628@gmail.com> wrote:> Thanks for your response. > I have cahnge the permission to 655 on manifests and still the same thing. > My puppetmaster was not even starting then and now. The user/group is root > for this folder. Every time when I try to start puppetmaster is get this > error message: > > server puppet-master[20965]: Starting Puppet master version 2.6.12 > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > parameter $classfile specified in [puppetd], which is a deprecated section. > I''m assuming you meant [agent] > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > parameter $localconfig specified in [puppetd], which is a deprecated > section. I''m assuming you meant [agent] > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master version > 2.6.12 > > > > > On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com> wrote: >> >> Hello Khan, >> >> I''m fairly new to Puppet as well. >> I''m assuming that `manifests/classes/sysctl.pp` is being referenced by >> the line 3 of `manifests/site.pp` from the error msgs. >> My first thing would be to double check the permissions on `manifests/ >> classes/sysctl.pp` >> >> After that I would check the content and files being referenced by >> sysctl.pp and see if it''s a permission issue at a lower level and >> Puppet is errorring at an unhelpfully high level. >> >> If that doesn''t help, what the users/groups for the manifests and >> files being created by the manifests? Are you using filebucket? >> >> >> - Justin >> >> >> >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: >> > Hello everyone, >> > I am new to puppet. I have installed on redhat Enterprise 5and seems >> > to be working fine. Couple days ago I was testing some permissions on / >> > etc folder and applied 600 /etc and sub folders. Although I have >> > reverted the permission but I am having issues on puppetmaster. >> > Currently I have these permission on etc 755 and puppet folder: >> > my /etc folder is 755 and puppet folder with tese permsions: >> > >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> > >> > I am getting these error in the log: >> > >> > puppet-master[3519]: Could not parse for environment production: >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >> > puppet/manifests/site.pp:3 on node client1 >> > >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >> > >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >> > >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >> > >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog >> > from remote server: Error 400 on SERVER: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >> > Any Help will be greatly appreciated. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Regards, > Mohammad > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[main] # Where Puppet stores dynamic and growing data. # The default value is ''/var/puppet''. vardir = /var/lib/puppet # The Puppet log directory. # The default value is ''$vardir/log''. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is ''$vardir/run''. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is ''$confdir/ssl''. ssldir = $vardir/ssl [puppetd] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is ''$confdir/classes.txt''. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is ''$confdir/localconfig''. localconfig = $vardir/localconfig On Thu, Dec 29, 2011 at 1:43 PM, Aaron Grewell <aaron.grewell@gmail.com>wrote:> Can you post your config? It sounds like there may be an error in it. > > On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan <makhan628@gmail.com> > wrote: > > Thanks for your response. > > I have cahnge the permission to 655 on manifests and still the same > thing. > > My puppetmaster was not even starting then and now. The user/group is > root > > for this folder. Every time when I try to start puppetmaster is get this > > error message: > > > > server puppet-master[20965]: Starting Puppet master version 2.6.12 > > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > > parameter $classfile specified in [puppetd], which is a deprecated > section. > > I''m assuming you meant [agent] > > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > > parameter $localconfig specified in [puppetd], which is a deprecated > > section. I''m assuming you meant [agent] > > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files > > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master > version > > 2.6.12 > > > > > > > > > > On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com> > wrote: > >> > >> Hello Khan, > >> > >> I''m fairly new to Puppet as well. > >> I''m assuming that `manifests/classes/sysctl.pp` is being referenced by > >> the line 3 of `manifests/site.pp` from the error msgs. > >> My first thing would be to double check the permissions on `manifests/ > >> classes/sysctl.pp` > >> > >> After that I would check the content and files being referenced by > >> sysctl.pp and see if it''s a permission issue at a lower level and > >> Puppet is errorring at an unhelpfully high level. > >> > >> If that doesn''t help, what the users/groups for the manifests and > >> files being created by the manifests? Are you using filebucket? > >> > >> > >> - Justin > >> > >> > >> > >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: > >> > Hello everyone, > >> > I am new to puppet. I have installed on redhat Enterprise 5and seems > >> > to be working fine. Couple days ago I was testing some permissions on > / > >> > etc folder and applied 600 /etc and sub folders. Although I have > >> > reverted the permission but I am having issues on puppetmaster. > >> > Currently I have these permission on etc 755 and puppet folder: > >> > my /etc folder is 755 and puppet folder with tese permsions: > >> > > >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > >> > > >> > I am getting these error in the log: > >> > > >> > puppet-master[3519]: Could not parse for environment production: > >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ > >> > puppet/manifests/site.pp:3 on node client1 > >> > > >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > >> > environment production: Permission denied - /etc/puppet/manifests/ > >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 > >> > > >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> > environment production: Permission denied - /etc/puppet/manifests/ > >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 > >> > > >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> > environment production: Permission denied - /etc/puppet/manifests/ > >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 > >> > > >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog > >> > from remote server: Error 400 on SERVER: Could not parse for > >> > environment production: Permission denied - /etc/puppet/manifests/ > >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server > >> > Any Help will be greatly appreciated. > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups > >> "Puppet Users" group. > >> To post to this group, send email to puppet-users@googlegroups.com. > >> To unsubscribe from this group, send email to > >> puppet-users+unsubscribe@googlegroups.com. > >> For more options, visit this group at > >> http://groups.google.com/group/puppet-users?hl=en. > >> > > > > > > > > -- > > Regards, > > Mohammad > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
You''ll want to change [puppetd] to [agent], as well as adding a [master] section with appropriate contents. On Thu, Dec 29, 2011 at 10:57 AM, Mohammad Khan <makhan628@gmail.com> wrote:> [main] > # Where Puppet stores dynamic and growing data. > # The default value is ''/var/puppet''. > vardir = /var/lib/puppet > > # The Puppet log directory. > # The default value is ''$vardir/log''. > logdir = /var/log/puppet > > # Where Puppet PID files are kept. > # The default value is ''$vardir/run''. > rundir = /var/run/puppet > > # Where SSL certificates are kept. > # The default value is ''$confdir/ssl''. > ssldir = $vardir/ssl > > [puppetd] > # The file in which puppetd stores a list of the classes > # associated with the retrieved configuratiion. Can be loaded in > # the separate ``puppet`` executable using the ``--loadclasses`` > # option. > # The default value is ''$confdir/classes.txt''. > classfile = $vardir/classes.txt > > # Where puppetd caches the local configuration. An > # extension indicating the cache format is added automatically. > # The default value is ''$confdir/localconfig''. > localconfig = $vardir/localconfig > > > > On Thu, Dec 29, 2011 at 1:43 PM, Aaron Grewell <aaron.grewell@gmail.com> > wrote: >> >> Can you post your config? It sounds like there may be an error in it. >> >> On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan <makhan628@gmail.com> >> wrote: >> > Thanks for your response. >> > I have cahnge the permission to 655 on manifests and still the same >> > thing. >> > My puppetmaster was not even starting then and now. The user/group is >> > root >> > for this folder. Every time when I try to start puppetmaster is get this >> > error message: >> > >> > server puppet-master[20965]: Starting Puppet master version 2.6.12 >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration >> > parameter $classfile specified in [puppetd], which is a deprecated >> > section. >> > I''m assuming you meant [agent] >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration >> > parameter $localconfig specified in [puppetd], which is a deprecated >> > section. I''m assuming you meant [agent] >> > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files >> > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master >> > version >> > 2.6.12 >> > >> > >> > >> > >> > On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com> >> > wrote: >> >> >> >> Hello Khan, >> >> >> >> I''m fairly new to Puppet as well. >> >> I''m assuming that `manifests/classes/sysctl.pp` is being referenced by >> >> the line 3 of `manifests/site.pp` from the error msgs. >> >> My first thing would be to double check the permissions on `manifests/ >> >> classes/sysctl.pp` >> >> >> >> After that I would check the content and files being referenced by >> >> sysctl.pp and see if it''s a permission issue at a lower level and >> >> Puppet is errorring at an unhelpfully high level. >> >> >> >> If that doesn''t help, what the users/groups for the manifests and >> >> files being created by the manifests? Are you using filebucket? >> >> >> >> >> >> - Justin >> >> >> >> >> >> >> >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: >> >> > Hello everyone, >> >> > I am new to puppet. I have installed on redhat Enterprise 5and seems >> >> > to be working fine. Couple days ago I was testing some permissions on >> >> > / >> >> > etc folder and applied 600 /etc and sub folders. Although I have >> >> > reverted the permission but I am having issues on puppetmaster. >> >> > Currently I have these permission on etc 755 and puppet folder: >> >> > my /etc folder is 755 and puppet folder with tese permsions: >> >> > >> >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> >> > >> >> > I am getting these error in the log: >> >> > >> >> > puppet-master[3519]: Could not parse for environment production: >> >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >> >> > puppet/manifests/site.pp:3 on node client1 >> >> > >> >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >> >> > >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >> >> > >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >> >> > >> >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >> >> > catalog >> >> > from remote server: Error 400 on SERVER: Could not parse for >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >> >> > Any Help will be greatly appreciated. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> >> Groups >> >> "Puppet Users" group. >> >> To post to this group, send email to puppet-users@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> puppet-users+unsubscribe@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> > >> > >> > >> > -- >> > Regards, >> > Mohammad >> > >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
same results after changes , what should i add into master section? On Thu, Dec 29, 2011 at 2:08 PM, Aaron Grewell <aaron.grewell@gmail.com>wrote:> You''ll want to change [puppetd] to [agent], as well as adding a > [master] section with appropriate contents. > > On Thu, Dec 29, 2011 at 10:57 AM, Mohammad Khan <makhan628@gmail.com> > wrote: > > [main] > > # Where Puppet stores dynamic and growing data. > > # The default value is ''/var/puppet''. > > vardir = /var/lib/puppet > > > > # The Puppet log directory. > > # The default value is ''$vardir/log''. > > logdir = /var/log/puppet > > > > # Where Puppet PID files are kept. > > # The default value is ''$vardir/run''. > > rundir = /var/run/puppet > > > > # Where SSL certificates are kept. > > # The default value is ''$confdir/ssl''. > > ssldir = $vardir/ssl > > > > [puppetd] > > # The file in which puppetd stores a list of the classes > > # associated with the retrieved configuratiion. Can be loaded in > > # the separate ``puppet`` executable using the ``--loadclasses`` > > # option. > > # The default value is ''$confdir/classes.txt''. > > classfile = $vardir/classes.txt > > > > # Where puppetd caches the local configuration. An > > # extension indicating the cache format is added automatically. > > # The default value is ''$confdir/localconfig''. > > localconfig = $vardir/localconfig > > > > > > > > On Thu, Dec 29, 2011 at 1:43 PM, Aaron Grewell <aaron.grewell@gmail.com> > > wrote: > >> > >> Can you post your config? It sounds like there may be an error in it. > >> > >> On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan <makhan628@gmail.com> > >> wrote: > >> > Thanks for your response. > >> > I have cahnge the permission to 655 on manifests and still the same > >> > thing. > >> > My puppetmaster was not even starting then and now. The user/group is > >> > root > >> > for this folder. Every time when I try to start puppetmaster is get > this > >> > error message: > >> > > >> > server puppet-master[20965]: Starting Puppet master version 2.6.12 > >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > >> > parameter $classfile specified in [puppetd], which is a deprecated > >> > section. > >> > I''m assuming you meant [agent] > >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > >> > parameter $localconfig specified in [puppetd], which is a deprecated > >> > section. I''m assuming you meant [agent] > >> > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files > >> > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master > >> > version > >> > 2.6.12 > >> > > >> > > >> > > >> > > >> > On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com> > >> > wrote: > >> >> > >> >> Hello Khan, > >> >> > >> >> I''m fairly new to Puppet as well. > >> >> I''m assuming that `manifests/classes/sysctl.pp` is being referenced > by > >> >> the line 3 of `manifests/site.pp` from the error msgs. > >> >> My first thing would be to double check the permissions on > `manifests/ > >> >> classes/sysctl.pp` > >> >> > >> >> After that I would check the content and files being referenced by > >> >> sysctl.pp and see if it''s a permission issue at a lower level and > >> >> Puppet is errorring at an unhelpfully high level. > >> >> > >> >> If that doesn''t help, what the users/groups for the manifests and > >> >> files being created by the manifests? Are you using filebucket? > >> >> > >> >> > >> >> - Justin > >> >> > >> >> > >> >> > >> >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: > >> >> > Hello everyone, > >> >> > I am new to puppet. I have installed on redhat Enterprise 5and > seems > >> >> > to be working fine. Couple days ago I was testing some permissions > on > >> >> > / > >> >> > etc folder and applied 600 /etc and sub folders. Although I have > >> >> > reverted the permission but I am having issues on puppetmaster. > >> >> > Currently I have these permission on etc 755 and puppet folder: > >> >> > my /etc folder is 755 and puppet folder with tese permsions: > >> >> > > >> >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > >> >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > >> >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > >> >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > >> >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > >> >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > >> >> > > >> >> > I am getting these error in the log: > >> >> > > >> >> > puppet-master[3519]: Could not parse for environment production: > >> >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at > /etc/ > >> >> > puppet/manifests/site.pp:3 on node client1 > >> >> > > >> >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > >> >> > environment production: Permission denied - /etc/puppet/manifests/ > >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > client2 > >> >> > > >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >> > environment production: Permission denied - /etc/puppet/manifests/ > >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > client3 > >> >> > > >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >> > environment production: Permission denied - /etc/puppet/manifests/ > >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > client4 > >> >> > > >> >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve > >> >> > catalog > >> >> > from remote server: Error 400 on SERVER: Could not parse for > >> >> > environment production: Permission denied - /etc/puppet/manifests/ > >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server > >> >> > Any Help will be greatly appreciated. > >> >> > >> >> -- > >> >> You received this message because you are subscribed to the Google > >> >> Groups > >> >> "Puppet Users" group. > >> >> To post to this group, send email to puppet-users@googlegroups.com. > >> >> To unsubscribe from this group, send email to > >> >> puppet-users+unsubscribe@googlegroups.com. > >> >> For more options, visit this group at > >> >> http://groups.google.com/group/puppet-users?hl=en. > >> >> > >> > > >> > > >> > > >> > -- > >> > Regards, > >> > Mohammad > >> > > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Puppet Users" group. > >> > To post to this group, send email to puppet-users@googlegroups.com. > >> > To unsubscribe from this group, send email to > >> > puppet-users+unsubscribe@googlegroups.com. > >> > For more options, visit this group at > >> > http://groups.google.com/group/puppet-users?hl=en. > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups > >> "Puppet Users" group. > >> To post to this group, send email to puppet-users@googlegroups.com. > >> To unsubscribe from this group, send email to > >> puppet-users+unsubscribe@googlegroups.com. > >> For more options, visit this group at > >> http://groups.google.com/group/puppet-users?hl=en. > >> > > > > > > > > -- > > Regards, > > Mohammad > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Run puppet --genconfig for an example. On Thu, Dec 29, 2011 at 11:12 AM, Mohammad Khan <makhan628@gmail.com> wrote:> same results after changes , what should i add into master section? > > > On Thu, Dec 29, 2011 at 2:08 PM, Aaron Grewell <aaron.grewell@gmail.com> > wrote: >> >> You''ll want to change [puppetd] to [agent], as well as adding a >> [master] section with appropriate contents. >> >> On Thu, Dec 29, 2011 at 10:57 AM, Mohammad Khan <makhan628@gmail.com> >> wrote: >> > [main] >> > # Where Puppet stores dynamic and growing data. >> > # The default value is ''/var/puppet''. >> > vardir = /var/lib/puppet >> > >> > # The Puppet log directory. >> > # The default value is ''$vardir/log''. >> > logdir = /var/log/puppet >> > >> > # Where Puppet PID files are kept. >> > # The default value is ''$vardir/run''. >> > rundir = /var/run/puppet >> > >> > # Where SSL certificates are kept. >> > # The default value is ''$confdir/ssl''. >> > ssldir = $vardir/ssl >> > >> > [puppetd] >> > # The file in which puppetd stores a list of the classes >> > # associated with the retrieved configuratiion. Can be loaded in >> > # the separate ``puppet`` executable using the ``--loadclasses`` >> > # option. >> > # The default value is ''$confdir/classes.txt''. >> > classfile = $vardir/classes.txt >> > >> > # Where puppetd caches the local configuration. An >> > # extension indicating the cache format is added automatically. >> > # The default value is ''$confdir/localconfig''. >> > localconfig = $vardir/localconfig >> > >> > >> > >> > On Thu, Dec 29, 2011 at 1:43 PM, Aaron Grewell <aaron.grewell@gmail.com> >> > wrote: >> >> >> >> Can you post your config? It sounds like there may be an error in it. >> >> >> >> On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan <makhan628@gmail.com> >> >> wrote: >> >> > Thanks for your response. >> >> > I have cahnge the permission to 655 on manifests and still the same >> >> > thing. >> >> > My puppetmaster was not even starting then and now. The user/group is >> >> > root >> >> > for this folder. Every time when I try to start puppetmaster is get >> >> > this >> >> > error message: >> >> > >> >> > server puppet-master[20965]: Starting Puppet master version 2.6.12 >> >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration >> >> > parameter $classfile specified in [puppetd], which is a deprecated >> >> > section. >> >> > I''m assuming you meant [agent] >> >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration >> >> > parameter $localconfig specified in [puppetd], which is a deprecated >> >> > section. I''m assuming you meant [agent] >> >> > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files >> >> > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master >> >> > version >> >> > 2.6.12 >> >> > >> >> > >> >> > >> >> > >> >> > On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com> >> >> > wrote: >> >> >> >> >> >> Hello Khan, >> >> >> >> >> >> I''m fairly new to Puppet as well. >> >> >> I''m assuming that `manifests/classes/sysctl.pp` is being referenced >> >> >> by >> >> >> the line 3 of `manifests/site.pp` from the error msgs. >> >> >> My first thing would be to double check the permissions on >> >> >> `manifests/ >> >> >> classes/sysctl.pp` >> >> >> >> >> >> After that I would check the content and files being referenced by >> >> >> sysctl.pp and see if it''s a permission issue at a lower level and >> >> >> Puppet is errorring at an unhelpfully high level. >> >> >> >> >> >> If that doesn''t help, what the users/groups for the manifests and >> >> >> files being created by the manifests? Are you using filebucket? >> >> >> >> >> >> >> >> >> - Justin >> >> >> >> >> >> >> >> >> >> >> >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: >> >> >> > Hello everyone, >> >> >> > I am new to puppet. I have installed on redhat Enterprise 5and >> >> >> > seems >> >> >> > to be working fine. Couple days ago I was testing some permissions >> >> >> > on >> >> >> > / >> >> >> > etc folder and applied 600 /etc and sub folders. Although I have >> >> >> > reverted the permission but I am having issues on puppetmaster. >> >> >> > Currently I have these permission on etc 755 and puppet folder: >> >> >> > my /etc folder is 755 and puppet folder with tese permsions: >> >> >> > >> >> >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> >> >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> >> >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> >> >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> >> >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> >> >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> >> >> > >> >> >> > I am getting these error in the log: >> >> >> > >> >> >> > puppet-master[3519]: Could not parse for environment production: >> >> >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at >> >> >> > /etc/ >> >> >> > puppet/manifests/site.pp:3 on node client1 >> >> >> > >> >> >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >> >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> > client2 >> >> >> > >> >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> > client3 >> >> >> > >> >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> > client4 >> >> >> > >> >> >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >> >> >> > catalog >> >> >> > from remote server: Error 400 on SERVER: Could not parse for >> >> >> > environment production: Permission denied - /etc/puppet/manifests/ >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> > server >> >> >> > Any Help will be greatly appreciated. >> >> >> >> >> >> -- >> >> >> You received this message because you are subscribed to the Google >> >> >> Groups >> >> >> "Puppet Users" group. >> >> >> To post to this group, send email to puppet-users@googlegroups.com. >> >> >> To unsubscribe from this group, send email to >> >> >> puppet-users+unsubscribe@googlegroups.com. >> >> >> For more options, visit this group at >> >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> >> > >> >> > >> >> > >> >> > -- >> >> > Regards, >> >> > Mohammad >> >> > >> >> > >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups >> >> > "Puppet Users" group. >> >> > To post to this group, send email to puppet-users@googlegroups.com. >> >> > To unsubscribe from this group, send email to >> >> > puppet-users+unsubscribe@googlegroups.com. >> >> > For more options, visit this group at >> >> > http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> >> Groups >> >> "Puppet Users" group. >> >> To post to this group, send email to puppet-users@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> puppet-users+unsubscribe@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> > >> > >> > >> > -- >> > Regards, >> > Mohammad >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I am getting these messages now at the puppetmaster start: Denying access: Forbidden request: server(ip) access to /catalog/ server.domain.co [find] at line 93 Dec 29 15:13:20 server puppet-master[3311]: Forbidden request: server (ip) access to /catalog/server.domain.co [find] at line 93 Dec 29 15:13:20 server puppet-agent[4382]: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: server (ip) access to /catalog/server.domain.co [find] at line 93 And also the same error: but on 17 line now. Which represent my ldap if i disable ldap line then the error moves to next line and so on. On Thu, Dec 29, 2011 at 2:22 PM, Aaron Grewell <aaron.grewell@gmail.com>wrote:> Run puppet --genconfig for an example. > > > On Thu, Dec 29, 2011 at 11:12 AM, Mohammad Khan <makhan628@gmail.com> > wrote: > > same results after changes , what should i add into master section? > > > > > > On Thu, Dec 29, 2011 at 2:08 PM, Aaron Grewell <aaron.grewell@gmail.com> > > wrote: > >> > >> You''ll want to change [puppetd] to [agent], as well as adding a > >> [master] section with appropriate contents. > >> > >> On Thu, Dec 29, 2011 at 10:57 AM, Mohammad Khan <makhan628@gmail.com> > >> wrote: > >> > [main] > >> > # Where Puppet stores dynamic and growing data. > >> > # The default value is ''/var/puppet''. > >> > vardir = /var/lib/puppet > >> > > >> > # The Puppet log directory. > >> > # The default value is ''$vardir/log''. > >> > logdir = /var/log/puppet > >> > > >> > # Where Puppet PID files are kept. > >> > # The default value is ''$vardir/run''. > >> > rundir = /var/run/puppet > >> > > >> > # Where SSL certificates are kept. > >> > # The default value is ''$confdir/ssl''. > >> > ssldir = $vardir/ssl > >> > > >> > [puppetd] > >> > # The file in which puppetd stores a list of the classes > >> > # associated with the retrieved configuratiion. Can be loaded in > >> > # the separate ``puppet`` executable using the ``--loadclasses`` > >> > # option. > >> > # The default value is ''$confdir/classes.txt''. > >> > classfile = $vardir/classes.txt > >> > > >> > # Where puppetd caches the local configuration. An > >> > # extension indicating the cache format is added automatically. > >> > # The default value is ''$confdir/localconfig''. > >> > localconfig = $vardir/localconfig > >> > > >> > > >> > > >> > On Thu, Dec 29, 2011 at 1:43 PM, Aaron Grewell < > aaron.grewell@gmail.com> > >> > wrote: > >> >> > >> >> Can you post your config? It sounds like there may be an error in > it. > >> >> > >> >> On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan <makhan628@gmail.com > > > >> >> wrote: > >> >> > Thanks for your response. > >> >> > I have cahnge the permission to 655 on manifests and still the same > >> >> > thing. > >> >> > My puppetmaster was not even starting then and now. The user/group > is > >> >> > root > >> >> > for this folder. Every time when I try to start puppetmaster is get > >> >> > this > >> >> > error message: > >> >> > > >> >> > server puppet-master[20965]: Starting Puppet master version 2.6.12 > >> >> > Dec 29 13:29:26 server puppet-master[20982]: You have > configuration > >> >> > parameter $classfile specified in [puppetd], which is a deprecated > >> >> > section. > >> >> > I''m assuming you meant [agent] > >> >> > Dec 29 13:29:26 server puppet-master[20982]: You have configuration > >> >> > parameter $localconfig specified in [puppetd], which is a > deprecated > >> >> > section. I''m assuming you meant [agent] > >> >> > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files > >> >> > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet master > >> >> > version > >> >> > 2.6.12 > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > On Thu, Dec 29, 2011 at 12:35 PM, Justin <justin.stoller@gmail.com > > > >> >> > wrote: > >> >> >> > >> >> >> Hello Khan, > >> >> >> > >> >> >> I''m fairly new to Puppet as well. > >> >> >> I''m assuming that `manifests/classes/sysctl.pp` is being > referenced > >> >> >> by > >> >> >> the line 3 of `manifests/site.pp` from the error msgs. > >> >> >> My first thing would be to double check the permissions on > >> >> >> `manifests/ > >> >> >> classes/sysctl.pp` > >> >> >> > >> >> >> After that I would check the content and files being referenced by > >> >> >> sysctl.pp and see if it''s a permission issue at a lower level and > >> >> >> Puppet is errorring at an unhelpfully high level. > >> >> >> > >> >> >> If that doesn''t help, what the users/groups for the manifests and > >> >> >> files being created by the manifests? Are you using filebucket? > >> >> >> > >> >> >> > >> >> >> - Justin > >> >> >> > >> >> >> > >> >> >> > >> >> >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: > >> >> >> > Hello everyone, > >> >> >> > I am new to puppet. I have installed on redhat Enterprise 5and > >> >> >> > seems > >> >> >> > to be working fine. Couple days ago I was testing some > permissions > >> >> >> > on > >> >> >> > / > >> >> >> > etc folder and applied 600 /etc and sub folders. Although I have > >> >> >> > reverted the permission but I am having issues on puppetmaster. > >> >> >> > Currently I have these permission on etc 755 and puppet folder: > >> >> >> > my /etc folder is 755 and puppet folder with tese permsions: > >> >> >> > > >> >> >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > >> >> >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > >> >> >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > >> >> >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > >> >> >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > >> >> >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > >> >> >> > > >> >> >> > I am getting these error in the log: > >> >> >> > > >> >> >> > puppet-master[3519]: Could not parse for environment production: > >> >> >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at > >> >> >> > /etc/ > >> >> >> > puppet/manifests/site.pp:3 on node client1 > >> >> >> > > >> >> >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > >> >> >> > environment production: Permission denied - > /etc/puppet/manifests/ > >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >> >> > client2 > >> >> >> > > >> >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >> >> > environment production: Permission denied - > /etc/puppet/manifests/ > >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >> >> > client3 > >> >> >> > > >> >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >> >> > environment production: Permission denied - > /etc/puppet/manifests/ > >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >> >> > client4 > >> >> >> > > >> >> >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve > >> >> >> > catalog > >> >> >> > from remote server: Error 400 on SERVER: Could not parse for > >> >> >> > environment production: Permission denied - > /etc/puppet/manifests/ > >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >> >> > server > >> >> >> > Any Help will be greatly appreciated. > >> >> >> > >> >> >> -- > >> >> >> You received this message because you are subscribed to the Google > >> >> >> Groups > >> >> >> "Puppet Users" group. > >> >> >> To post to this group, send email to > puppet-users@googlegroups.com. > >> >> >> To unsubscribe from this group, send email to > >> >> >> puppet-users+unsubscribe@googlegroups.com. > >> >> >> For more options, visit this group at > >> >> >> http://groups.google.com/group/puppet-users?hl=en. > >> >> >> > >> >> > > >> >> > > >> >> > > >> >> > -- > >> >> > Regards, > >> >> > Mohammad > >> >> > > >> >> > > >> >> > -- > >> >> > You received this message because you are subscribed to the Google > >> >> > Groups > >> >> > "Puppet Users" group. > >> >> > To post to this group, send email to puppet-users@googlegroups.com > . > >> >> > To unsubscribe from this group, send email to > >> >> > puppet-users+unsubscribe@googlegroups.com. > >> >> > For more options, visit this group at > >> >> > http://groups.google.com/group/puppet-users?hl=en. > >> >> > >> >> -- > >> >> You received this message because you are subscribed to the Google > >> >> Groups > >> >> "Puppet Users" group. > >> >> To post to this group, send email to puppet-users@googlegroups.com. > >> >> To unsubscribe from this group, send email to > >> >> puppet-users+unsubscribe@googlegroups.com. > >> >> For more options, visit this group at > >> >> http://groups.google.com/group/puppet-users?hl=en. > >> >> > >> > > >> > > >> > > >> > -- > >> > Regards, > >> > Mohammad > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Puppet Users" group. > >> > To post to this group, send email to puppet-users@googlegroups.com. > >> > To unsubscribe from this group, send email to > >> > puppet-users+unsubscribe@googlegroups.com. > >> > For more options, visit this group at > >> > http://groups.google.com/group/puppet-users?hl=en. > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups > >> "Puppet Users" group. > >> To post to this group, send email to puppet-users@googlegroups.com. > >> To unsubscribe from this group, send email to > >> puppet-users+unsubscribe@googlegroups.com. > >> For more options, visit this group at > >> http://groups.google.com/group/puppet-users?hl=en. > >> > > > > > > > > -- > > Regards, > > Mohammad > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I''ve never integrated Puppet with LDAP so I can''t help much there. On Thu, Dec 29, 2011 at 12:25 PM, Mohammad Khan <makhan628@gmail.com> wrote:> I am getting these messages now at the puppetmaster start: > > > Denying access: Forbidden request: server(ip) access to > /catalog/server.domain.co [find] at line 93 > Dec 29 15:13:20 server puppet-master[3311]: Forbidden request: server (ip) > access to /catalog/server.domain.co [find] at line 93 > Dec 29 15:13:20 server puppet-agent[4382]: Could not retrieve catalog from > remote server: Error 403 on SERVER: Forbidden request: server (ip) access to > /catalog/server.domain.co [find] at line 93 > And also the same error: but on 17 line now. Which represent my ldap if i > disable ldap line then the error moves to next line and so on. > > > On Thu, Dec 29, 2011 at 2:22 PM, Aaron Grewell <aaron.grewell@gmail.com> > wrote: >> >> Run puppet --genconfig for an example. >> >> >> On Thu, Dec 29, 2011 at 11:12 AM, Mohammad Khan <makhan628@gmail.com> >> wrote: >> > same results after changes , what should i add into master section? >> > >> > >> > On Thu, Dec 29, 2011 at 2:08 PM, Aaron Grewell <aaron.grewell@gmail.com> >> > wrote: >> >> >> >> You''ll want to change [puppetd] to [agent], as well as adding a >> >> [master] section with appropriate contents. >> >> >> >> On Thu, Dec 29, 2011 at 10:57 AM, Mohammad Khan <makhan628@gmail.com> >> >> wrote: >> >> > [main] >> >> > # Where Puppet stores dynamic and growing data. >> >> > # The default value is ''/var/puppet''. >> >> > vardir = /var/lib/puppet >> >> > >> >> > # The Puppet log directory. >> >> > # The default value is ''$vardir/log''. >> >> > logdir = /var/log/puppet >> >> > >> >> > # Where Puppet PID files are kept. >> >> > # The default value is ''$vardir/run''. >> >> > rundir = /var/run/puppet >> >> > >> >> > # Where SSL certificates are kept. >> >> > # The default value is ''$confdir/ssl''. >> >> > ssldir = $vardir/ssl >> >> > >> >> > [puppetd] >> >> > # The file in which puppetd stores a list of the classes >> >> > # associated with the retrieved configuratiion. Can be loaded in >> >> > # the separate ``puppet`` executable using the ``--loadclasses`` >> >> > # option. >> >> > # The default value is ''$confdir/classes.txt''. >> >> > classfile = $vardir/classes.txt >> >> > >> >> > # Where puppetd caches the local configuration. An >> >> > # extension indicating the cache format is added automatically. >> >> > # The default value is ''$confdir/localconfig''. >> >> > localconfig = $vardir/localconfig >> >> > >> >> > >> >> > >> >> > On Thu, Dec 29, 2011 at 1:43 PM, Aaron Grewell >> >> > <aaron.grewell@gmail.com> >> >> > wrote: >> >> >> >> >> >> Can you post your config? It sounds like there may be an error in >> >> >> it. >> >> >> >> >> >> On Thu, Dec 29, 2011 at 10:35 AM, Mohammad Khan >> >> >> <makhan628@gmail.com> >> >> >> wrote: >> >> >> > Thanks for your response. >> >> >> > I have cahnge the permission to 655 on manifests and still the >> >> >> > same >> >> >> > thing. >> >> >> > My puppetmaster was not even starting then and now. The user/group >> >> >> > is >> >> >> > root >> >> >> > for this folder. Every time when I try to start puppetmaster is >> >> >> > get >> >> >> > this >> >> >> > error message: >> >> >> > >> >> >> > server puppet-master[20965]: Starting Puppet master version 2.6.12 >> >> >> > Dec 29 13:29:26 server puppet-master[20982]: You have >> >> >> > configuration >> >> >> > parameter $classfile specified in [puppetd], which is a deprecated >> >> >> > section. >> >> >> > I''m assuming you meant [agent] >> >> >> > Dec 29 13:29:26 server puppet-master[20982]: You have >> >> >> > configuration >> >> >> > parameter $localconfig specified in [puppetd], which is a >> >> >> > deprecated >> >> >> > section. I''m assuming you meant [agent] >> >> >> > Dec 29 13:29:27 server puppet-master[21035]: Reopening log files >> >> >> > Dec 29 13:29:27 server puppet-master[21035]: Starting Puppet >> >> >> > master >> >> >> > version >> >> >> > 2.6.12 >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > On Thu, Dec 29, 2011 at 12:35 PM, Justin >> >> >> > <justin.stoller@gmail.com> >> >> >> > wrote: >> >> >> >> >> >> >> >> Hello Khan, >> >> >> >> >> >> >> >> I''m fairly new to Puppet as well. >> >> >> >> I''m assuming that `manifests/classes/sysctl.pp` is being >> >> >> >> referenced >> >> >> >> by >> >> >> >> the line 3 of `manifests/site.pp` from the error msgs. >> >> >> >> My first thing would be to double check the permissions on >> >> >> >> `manifests/ >> >> >> >> classes/sysctl.pp` >> >> >> >> >> >> >> >> After that I would check the content and files being referenced >> >> >> >> by >> >> >> >> sysctl.pp and see if it''s a permission issue at a lower level and >> >> >> >> Puppet is errorring at an unhelpfully high level. >> >> >> >> >> >> >> >> If that doesn''t help, what the users/groups for the manifests and >> >> >> >> files being created by the manifests? Are you using filebucket? >> >> >> >> >> >> >> >> >> >> >> >> - Justin >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> On Dec 29, 8:36 am, Khan <makhan...@gmail.com> wrote: >> >> >> >> > Hello everyone, >> >> >> >> > I am new to puppet. I have installed on redhat Enterprise 5and >> >> >> >> > seems >> >> >> >> > to be working fine. Couple days ago I was testing some >> >> >> >> > permissions >> >> >> >> > on >> >> >> >> > / >> >> >> >> > etc folder and applied 600 /etc and sub folders. Although I >> >> >> >> > have >> >> >> >> > reverted the permission but I am having issues on puppetmaster. >> >> >> >> > Currently I have these permission on etc 755 and puppet folder: >> >> >> >> > my /etc folder is 755 and puppet folder with tese permsions: >> >> >> >> > >> >> >> >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> >> >> >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> >> >> >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> >> >> >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> >> >> >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> >> >> >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> >> >> >> > >> >> >> >> > I am getting these error in the log: >> >> >> >> > >> >> >> >> > puppet-master[3519]: Could not parse for environment >> >> >> >> > production: >> >> >> >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at >> >> >> >> > /etc/ >> >> >> >> > puppet/manifests/site.pp:3 on node client1 >> >> >> >> > >> >> >> >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >> >> >> >> > environment production: Permission denied - >> >> >> >> > /etc/puppet/manifests/ >> >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> >> > client2 >> >> >> >> > >> >> >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >> >> >> > environment production: Permission denied - >> >> >> >> > /etc/puppet/manifests/ >> >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> >> > client3 >> >> >> >> > >> >> >> >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse >> >> >> >> > for >> >> >> >> > environment production: Permission denied - >> >> >> >> > /etc/puppet/manifests/ >> >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> >> > client4 >> >> >> >> > >> >> >> >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >> >> >> >> > catalog >> >> >> >> > from remote server: Error 400 on SERVER: Could not parse for >> >> >> >> > environment production: Permission denied - >> >> >> >> > /etc/puppet/manifests/ >> >> >> >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >> >> > server >> >> >> >> > Any Help will be greatly appreciated. >> >> >> >> >> >> >> >> -- >> >> >> >> You received this message because you are subscribed to the >> >> >> >> Google >> >> >> >> Groups >> >> >> >> "Puppet Users" group. >> >> >> >> To post to this group, send email to >> >> >> >> puppet-users@googlegroups.com. >> >> >> >> To unsubscribe from this group, send email to >> >> >> >> puppet-users+unsubscribe@googlegroups.com. >> >> >> >> For more options, visit this group at >> >> >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> >> >> >> > >> >> >> > >> >> >> > >> >> >> > -- >> >> >> > Regards, >> >> >> > Mohammad >> >> >> > >> >> >> > >> >> >> > -- >> >> >> > You received this message because you are subscribed to the Google >> >> >> > Groups >> >> >> > "Puppet Users" group. >> >> >> > To post to this group, send email to >> >> >> > puppet-users@googlegroups.com. >> >> >> > To unsubscribe from this group, send email to >> >> >> > puppet-users+unsubscribe@googlegroups.com. >> >> >> > For more options, visit this group at >> >> >> > http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> >> >> -- >> >> >> You received this message because you are subscribed to the Google >> >> >> Groups >> >> >> "Puppet Users" group. >> >> >> To post to this group, send email to puppet-users@googlegroups.com. >> >> >> To unsubscribe from this group, send email to >> >> >> puppet-users+unsubscribe@googlegroups.com. >> >> >> For more options, visit this group at >> >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> >> > >> >> > >> >> > >> >> > -- >> >> > Regards, >> >> > Mohammad >> >> > >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups >> >> > "Puppet Users" group. >> >> > To post to this group, send email to puppet-users@googlegroups.com. >> >> > To unsubscribe from this group, send email to >> >> > puppet-users+unsubscribe@googlegroups.com. >> >> > For more options, visit this group at >> >> > http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> >> Groups >> >> "Puppet Users" group. >> >> To post to this group, send email to puppet-users@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> puppet-users+unsubscribe@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> > >> > >> > >> > -- >> > Regards, >> > Mohammad >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I''m pretty sure that, besides the other answers already provided, your main problem is the wrong user for your Puppet configuration. It should be user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . drwxr-xr-x 79 root root 12K Dec 26 04:03 .. -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn So a command like ''chown -R puppet:puppet /etc/puppet'' issued as ''root'' should solve your main problem which is the ''Permission denied'' error as well as the non starting Puppet process. Bernd> -----Ursprüngliche Nachricht----- > Von: puppet-users@googlegroups.com [mailto:puppet- > users@googlegroups.com] Im Auftrag von Khan > Gesendet: Donnerstag, 29. Dezember 2011 17:37 > An: Puppet Users > Betreff: [Puppet Users] Puppetserver error > > Hello everyone, > I am new to puppet. I have installed on redhat Enterprise 5and seems > to be working fine. Couple days ago I was testing some permissions on / > etc folder and applied 600 /etc and sub folders. Although I have > reverted the permission but I am having issues on puppetmaster. > Currently I have these permission on etc 755 and puppet folder: > my /etc folder is 755 and puppet folder with tese permsions: > > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > > I am getting these error in the log: > > puppet-master[3519]: Could not parse for environment production: > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ > puppet/manifests/site.pp:3 on node client1 > > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 > > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog > from remote server: Error 400 on SERVER: Could not parse for > environment production: Permission denied - /etc/puppet/manifests/ > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server > Any Help will be greatly appreciated. > > -- > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet- > users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Thanks guys; I am getting closer but still some errors. I am getting these errors now. Starting Puppet client version 2.6.12 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog from remote server: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; skipping run On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz < Bernd.Adamowicz@esailors.de> wrote:> I''m pretty sure that, besides the other answers already provided, your > main problem is the wrong user for your Puppet configuration. It should be > user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: > > drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . > drwxr-xr-x 79 root root 12K Dec 26 04:03 .. > -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf > drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments > drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests > -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf > -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf > drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn > > So a command like ''chown -R puppet:puppet /etc/puppet'' issued as ''root'' > should solve your main problem which is the ''Permission denied'' error as > well as the non starting Puppet process. > > Bernd > > > -----Ursprüngliche Nachricht----- > > Von: puppet-users@googlegroups.com [mailto:puppet- > > users@googlegroups.com] Im Auftrag von Khan > > Gesendet: Donnerstag, 29. Dezember 2011 17:37 > > An: Puppet Users > > Betreff: [Puppet Users] Puppetserver error > > > > Hello everyone, > > I am new to puppet. I have installed on redhat Enterprise 5and seems > > to be working fine. Couple days ago I was testing some permissions on / > > etc folder and applied 600 /etc and sub folders. Although I have > > reverted the permission but I am having issues on puppetmaster. > > Currently I have these permission on etc 755 and puppet folder: > > my /etc folder is 755 and puppet folder with tese permsions: > > > > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > > > > I am getting these error in the log: > > > > puppet-master[3519]: Could not parse for environment production: > > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ > > puppet/manifests/site.pp:3 on node client1 > > > > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 > > > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 > > > > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 > > > > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog > > from remote server: Error 400 on SERVER: Could not parse for > > environment production: Permission denied - /etc/puppet/manifests/ > > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server > > Any Help will be greatly appreciated. > > > > -- > > You received this message because you are subscribed to the Google > > Groups "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to puppet- > > users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I have tried to deleted the ssl folder under puppet. And then tried to clean the certificate from the server but did not work. #puppetca --clean hostname notice: Revoked certificate with serial # Inventory of signed certificates # SERIAL NOT_BEFORE NOT_AFTER SUBJECT err: Could not call revoke: Cannot convert into OpenSSL::BN On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com> wrote:> Thanks guys; I am getting closer but still some errors. I am getting these > errors now. > Starting Puppet client version 2.6.12 > Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog > from remote server: Retrieved certificate does not match private key; > please remove certificate from server and regenerate it with the current key > Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog > Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; > skipping run > > > > > On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz < > Bernd.Adamowicz@esailors.de> wrote: > >> I''m pretty sure that, besides the other answers already provided, your >> main problem is the wrong user for your Puppet configuration. It should be >> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: >> >> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >> >> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as ''root'' >> should solve your main problem which is the ''Permission denied'' error as >> well as the non starting Puppet process. >> >> Bernd >> >> > -----Ursprüngliche Nachricht----- >> > Von: puppet-users@googlegroups.com [mailto:puppet- >> > users@googlegroups.com] Im Auftrag von Khan >> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >> > An: Puppet Users >> > Betreff: [Puppet Users] Puppetserver error >> > >> > Hello everyone, >> > I am new to puppet. I have installed on redhat Enterprise 5and seems >> > to be working fine. Couple days ago I was testing some permissions on / >> > etc folder and applied 600 /etc and sub folders. Although I have >> > reverted the permission but I am having issues on puppetmaster. >> > Currently I have these permission on etc 755 and puppet folder: >> > my /etc folder is 755 and puppet folder with tese permsions: >> > >> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> > >> > I am getting these error in the log: >> > >> > puppet-master[3519]: Could not parse for environment production: >> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >> > puppet/manifests/site.pp:3 on node client1 >> > >> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >> > >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >> > >> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >> > >> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog >> > from remote server: Error 400 on SERVER: Could not parse for >> > environment production: Permission denied - /etc/puppet/manifests/ >> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >> > Any Help will be greatly appreciated. >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups "Puppet Users" group. >> > To post to this group, send email to puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to puppet- >> > users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > > > -- > Regards, > Mohammad > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I have gone little further nowwhat I have done is to delete the ssl folder from one of the client and ran this command on server: puppetca --clean clientname it has generated new certificate but in the end I get the same error: err: Could not call revoke: Cannot convert into OpenSSL::BN Further more when i restart the agent from the client now I get this message under server message log: client has a waiting certificate request Under my client message log: hostname puppet-agent[13385]: Did not receive certificate On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com> wrote:> I have tried to deleted the ssl folder under puppet. And then tried to > clean the certificate from the server but did not work. > #puppetca --clean hostname > notice: Revoked certificate with serial # Inventory of signed certificates > # SERIAL NOT_BEFORE NOT_AFTER SUBJECT > > > err: Could not call revoke: Cannot convert into OpenSSL::BN > > > > On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com>wrote: > >> Thanks guys; I am getting closer but still some errors. I am getting >> these errors now. >> Starting Puppet client version 2.6.12 >> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog >> from remote server: Retrieved certificate does not match private key; >> please remove certificate from server and regenerate it with the current key >> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog >> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; >> skipping run >> >> >> >> >> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz < >> Bernd.Adamowicz@esailors.de> wrote: >> >>> I''m pretty sure that, besides the other answers already provided, your >>> main problem is the wrong user for your Puppet configuration. It should be >>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: >>> >>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >>> >>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as ''root'' >>> should solve your main problem which is the ''Permission denied'' error as >>> well as the non starting Puppet process. >>> >>> Bernd >>> >>> > -----Ursprüngliche Nachricht----- >>> > Von: puppet-users@googlegroups.com [mailto:puppet- >>> > users@googlegroups.com] Im Auftrag von Khan >>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >>> > An: Puppet Users >>> > Betreff: [Puppet Users] Puppetserver error >>> > >>> > Hello everyone, >>> > I am new to puppet. I have installed on redhat Enterprise 5and seems >>> > to be working fine. Couple days ago I was testing some permissions on / >>> > etc folder and applied 600 /etc and sub folders. Although I have >>> > reverted the permission but I am having issues on puppetmaster. >>> > Currently I have these permission on etc 755 and puppet folder: >>> > my /etc folder is 755 and puppet folder with tese permsions: >>> > >>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >>> > >>> > I am getting these error in the log: >>> > >>> > puppet-master[3519]: Could not parse for environment production: >>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >>> > puppet/manifests/site.pp:3 on node client1 >>> > >>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >>> > environment production: Permission denied - /etc/puppet/manifests/ >>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >>> > >>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>> > environment production: Permission denied - /etc/puppet/manifests/ >>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >>> > >>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>> > environment production: Permission denied - /etc/puppet/manifests/ >>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >>> > >>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog >>> > from remote server: Error 400 on SERVER: Could not parse for >>> > environment production: Permission denied - /etc/puppet/manifests/ >>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >>> > Any Help will be greatly appreciated. >>> > >>> > -- >>> > You received this message because you are subscribed to the Google >>> > Groups "Puppet Users" group. >>> > To post to this group, send email to puppet-users@googlegroups.com. >>> > To unsubscribe from this group, send email to puppet- >>> > users+unsubscribe@googlegroups.com. >>> > For more options, visit this group at >>> > http://groups.google.com/group/puppet-users?hl=en. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Puppet Users" group. >>> To post to this group, send email to puppet-users@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-users+unsubscribe@googlegroups.com. >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-users?hl=en. >>> >>> >> >> >> -- >> Regards, >> Mohammad >> >> > > > -- > Regards, > Mohammad > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I was able to sign the certificate to the client but still I am getting this error now on the client: Client puppet-agent[15030]: Starting Puppet client version 2.6.12 Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog from remote server: certificate verify failed Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; skipping run On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com> wrote:> I have gone little further nowwhat I have done is to delete the ssl folder > from one of the client and ran this command on server: puppetca --clean > clientname > it has generated new certificate but in the end I get the same error: > > err: Could not call revoke: Cannot convert into OpenSSL::BN > Further more when i restart the agent from the client now I get this > message under server message log: client has a waiting certificate request > Under my client message log: > hostname puppet-agent[13385]: Did not receive certificate > > > > > On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com>wrote: > >> I have tried to deleted the ssl folder under puppet. And then tried to >> clean the certificate from the server but did not work. >> #puppetca --clean hostname >> notice: Revoked certificate with serial # Inventory of signed certificates >> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT >> >> >> err: Could not call revoke: Cannot convert into OpenSSL::BN >> >> >> >> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com>wrote: >> >>> Thanks guys; I am getting closer but still some errors. I am getting >>> these errors now. >>> Starting Puppet client version 2.6.12 >>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog >>> from remote server: Retrieved certificate does not match private key; >>> please remove certificate from server and regenerate it with the current key >>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog >>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; >>> skipping run >>> >>> >>> >>> >>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz < >>> Bernd.Adamowicz@esailors.de> wrote: >>> >>>> I''m pretty sure that, besides the other answers already provided, your >>>> main problem is the wrong user for your Puppet configuration. It should be >>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: >>>> >>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >>>> >>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as ''root'' >>>> should solve your main problem which is the ''Permission denied'' error as >>>> well as the non starting Puppet process. >>>> >>>> Bernd >>>> >>>> > -----Ursprüngliche Nachricht----- >>>> > Von: puppet-users@googlegroups.com [mailto:puppet- >>>> > users@googlegroups.com] Im Auftrag von Khan >>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >>>> > An: Puppet Users >>>> > Betreff: [Puppet Users] Puppetserver error >>>> > >>>> > Hello everyone, >>>> > I am new to puppet. I have installed on redhat Enterprise 5and seems >>>> > to be working fine. Couple days ago I was testing some permissions on >>>> / >>>> > etc folder and applied 600 /etc and sub folders. Although I have >>>> > reverted the permission but I am having issues on puppetmaster. >>>> > Currently I have these permission on etc 755 and puppet folder: >>>> > my /etc folder is 755 and puppet folder with tese permsions: >>>> > >>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >>>> > >>>> > I am getting these error in the log: >>>> > >>>> > puppet-master[3519]: Could not parse for environment production: >>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >>>> > puppet/manifests/site.pp:3 on node client1 >>>> > >>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >>>> > >>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >>>> > >>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >>>> > >>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog >>>> > from remote server: Error 400 on SERVER: Could not parse for >>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >>>> > Any Help will be greatly appreciated. >>>> > >>>> > -- >>>> > You received this message because you are subscribed to the Google >>>> > Groups "Puppet Users" group. >>>> > To post to this group, send email to puppet-users@googlegroups.com. >>>> > To unsubscribe from this group, send email to puppet- >>>> > users+unsubscribe@googlegroups.com. >>>> > For more options, visit this group at >>>> > http://groups.google.com/group/puppet-users?hl=en. >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Puppet Users" group. >>>> To post to this group, send email to puppet-users@googlegroups.com. >>>> To unsubscribe from this group, send email to >>>> puppet-users+unsubscribe@googlegroups.com. >>>> For more options, visit this group at >>>> http://groups.google.com/group/puppet-users?hl=en. >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Mohammad >>> >>> >> >> >> -- >> Regards, >> Mohammad >> >> > > > -- > Regards, > Mohammad > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Do I need to make any changes to server or delete sl info on the server. I am still getting the certificate verify failed error on clients? On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> wrote:> I was able to sign the certificate to the client but still I am getting > this error now on the > client: > > Client puppet-agent[15030]: Starting Puppet client version 2.6.12 > Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog > from remote server: certificate verify failed > Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog > Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; > skipping run > > > > > On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com>wrote: > >> I have gone little further nowwhat I have done is to delete the ssl >> folder from one of the client and ran this command on server: puppetca >> --clean clientname >> it has generated new certificate but in the end I get the same error: >> >> err: Could not call revoke: Cannot convert into OpenSSL::BN >> Further more when i restart the agent from the client now I get this >> message under server message log: client has a waiting certificate request >> Under my client message log: >> hostname puppet-agent[13385]: Did not receive certificate >> >> >> >> >> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com>wrote: >> >>> I have tried to deleted the ssl folder under puppet. And then tried to >>> clean the certificate from the server but did not work. >>> #puppetca --clean hostname >>> notice: Revoked certificate with serial # Inventory of signed >>> certificates >>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT >>> >>> >>> err: Could not call revoke: Cannot convert into OpenSSL::BN >>> >>> >>> >>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com>wrote: >>> >>>> Thanks guys; I am getting closer but still some errors. I am getting >>>> these errors now. >>>> Starting Puppet client version 2.6.12 >>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog >>>> from remote server: Retrieved certificate does not match private key; >>>> please remove certificate from server and regenerate it with the current key >>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog >>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; >>>> skipping run >>>> >>>> >>>> >>>> >>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz < >>>> Bernd.Adamowicz@esailors.de> wrote: >>>> >>>>> I''m pretty sure that, besides the other answers already provided, your >>>>> main problem is the wrong user for your Puppet configuration. It should be >>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: >>>>> >>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >>>>> >>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as >>>>> ''root'' should solve your main problem which is the ''Permission denied'' >>>>> error as well as the non starting Puppet process. >>>>> >>>>> Bernd >>>>> >>>>> > -----Ursprüngliche Nachricht----- >>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- >>>>> > users@googlegroups.com] Im Auftrag von Khan >>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >>>>> > An: Puppet Users >>>>> > Betreff: [Puppet Users] Puppetserver error >>>>> > >>>>> > Hello everyone, >>>>> > I am new to puppet. I have installed on redhat Enterprise 5and seems >>>>> > to be working fine. Couple days ago I was testing some permissions >>>>> on / >>>>> > etc folder and applied 600 /etc and sub folders. Although I have >>>>> > reverted the permission but I am having issues on puppetmaster. >>>>> > Currently I have these permission on etc 755 and puppet folder: >>>>> > my /etc folder is 755 and puppet folder with tese permsions: >>>>> > >>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >>>>> > >>>>> > I am getting these error in the log: >>>>> > >>>>> > puppet-master[3519]: Could not parse for environment production: >>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >>>>> > puppet/manifests/site.pp:3 on node client1 >>>>> > >>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >>>>> > >>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >>>>> > >>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >>>>> > >>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >>>>> catalog >>>>> > from remote server: Error 400 on SERVER: Could not parse for >>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >>>>> > Any Help will be greatly appreciated. >>>>> > >>>>> > -- >>>>> > You received this message because you are subscribed to the Google >>>>> > Groups "Puppet Users" group. >>>>> > To post to this group, send email to puppet-users@googlegroups.com. >>>>> > To unsubscribe from this group, send email to puppet- >>>>> > users+unsubscribe@googlegroups.com. >>>>> > For more options, visit this group at >>>>> > http://groups.google.com/group/puppet-users?hl=en. >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Puppet Users" group. >>>>> To post to this group, send email to puppet-users@googlegroups.com. >>>>> To unsubscribe from this group, send email to >>>>> puppet-users+unsubscribe@googlegroups.com. >>>>> For more options, visit this group at >>>>> http://groups.google.com/group/puppet-users?hl=en. >>>>> >>>>> >>>> >>>> >>>> -- >>>> Regards, >>>> Mohammad >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Mohammad >>> >>> >> >> >> -- >> Regards, >> Mohammad >> >> > > > -- > Regards, > Mohammad > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Did you remove the ssldir on the server or the client? Usually to completely reset the cert you run clean on the server, remove the contents of the ssldir on the client, then re-run puppet and it should rebuild the cert. I wouldn''t recommend removing the ssldir on the server except as a last resort, otherwise you''ll have to rebuild all your client certs. If that''s what you already did, make sure that your ssldir and its contents are owned by user & group puppet as well. On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan <makhan628@gmail.com> wrote:> Do I need to make any changes to server or delete sl info on the server. I > am still getting the certificate verify failed error on clients? > > > On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> wrote: >> >> I was able to sign the certificate to the client but still I am getting >> this error now on the >> client: >> >> Client puppet-agent[15030]: Starting Puppet client version 2.6.12 >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog >> from remote server: certificate verify failed >> Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; >> skipping run >> >> >> >> >> On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com> >> wrote: >>> >>> I have gone little further nowwhat I have done is to delete the ssl >>> folder from one of the client and ran this command on server: puppetca >>> --clean clientname >>> it has generated new certificate but in the end I get the same error: >>> >>> err: Could not call revoke: Cannot convert into OpenSSL::BN >>> Further more when i restart the agent from the client now I get this >>> message under server message log: client has a waiting certificate request >>> Under my client message log: >>> hostname puppet-agent[13385]: Did not receive certificate >>> >>> >>> >>> >>> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com> >>> wrote: >>>> >>>> I have tried to deleted the ssl folder under puppet. And then tried to >>>> clean the certificate from the server but did not work. >>>> #puppetca --clean hostname >>>> notice: Revoked certificate with serial # Inventory of signed >>>> certificates >>>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT >>>> >>>> >>>> err: Could not call revoke: Cannot convert into OpenSSL::BN >>>> >>>> >>>> >>>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com> >>>> wrote: >>>>> >>>>> Thanks guys; I am getting closer but still some errors. I am getting >>>>> these errors now. >>>>> Starting Puppet client version 2.6.12 >>>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog >>>>> from remote server: Retrieved certificate does not match private key; please >>>>> remove certificate from server and regenerate it with the current key >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog; >>>>> skipping run >>>>> >>>>> >>>>> >>>>> >>>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz >>>>> <Bernd.Adamowicz@esailors.de> wrote: >>>>>> >>>>>> I''m pretty sure that, besides the other answers already provided, your >>>>>> main problem is the wrong user for your Puppet configuration. It should be >>>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look like: >>>>>> >>>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >>>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >>>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >>>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >>>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >>>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >>>>>> >>>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as >>>>>> ''root'' should solve your main problem which is the ''Permission denied'' error >>>>>> as well as the non starting Puppet process. >>>>>> >>>>>> Bernd >>>>>> >>>>>> > -----Ursprüngliche Nachricht----- >>>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- >>>>>> > users@googlegroups.com] Im Auftrag von Khan >>>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >>>>>> > An: Puppet Users >>>>>> > Betreff: [Puppet Users] Puppetserver error >>>>>> > >>>>>> > Hello everyone, >>>>>> > I am new to puppet. I have installed on redhat Enterprise 5and seems >>>>>> > to be working fine. Couple days ago I was testing some permissions >>>>>> > on / >>>>>> > etc folder and applied 600 /etc and sub folders. Although I have >>>>>> > reverted the permission but I am having issues on puppetmaster. >>>>>> > Currently I have these permission on etc 755 and puppet folder: >>>>>> > my /etc folder is 755 and puppet folder with tese permsions: >>>>>> > >>>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >>>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >>>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >>>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >>>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >>>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >>>>>> > >>>>>> > I am getting these error in the log: >>>>>> > >>>>>> > puppet-master[3519]: Could not parse for environment production: >>>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/ >>>>>> > puppet/manifests/site.pp:3 on node client1 >>>>>> > >>>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2 >>>>>> > >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3 >>>>>> > >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4 >>>>>> > >>>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >>>>>> > catalog >>>>>> > from remote server: Error 400 on SERVER: Could not parse for >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server >>>>>> > Any Help will be greatly appreciated. >>>>>> > >>>>>> > -- >>>>>> > You received this message because you are subscribed to the Google >>>>>> > Groups "Puppet Users" group. >>>>>> > To post to this group, send email to puppet-users@googlegroups.com. >>>>>> > To unsubscribe from this group, send email to puppet- >>>>>> > users+unsubscribe@googlegroups.com. >>>>>> > For more options, visit this group at >>>>>> > http://groups.google.com/group/puppet-users?hl=en. >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Puppet Users" group. >>>>>> To post to this group, send email to puppet-users@googlegroups.com. >>>>>> To unsubscribe from this group, send email to >>>>>> puppet-users+unsubscribe@googlegroups.com. >>>>>> For more options, visit this group at >>>>>> http://groups.google.com/group/puppet-users?hl=en. >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> Mohammad >>>>> >>>> >>>> >>>> >>>> -- >>>> Regards, >>>> Mohammad >>>> >>> >>> >>> >>> -- >>> Regards, >>> Mohammad >>> >> >> >> >> -- >> Regards, >> Mohammad >> > > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I removed ssldir from clients and ran the puppetca --clean from the server. It ran fine finally. Now I am stuck on where client complains that ''certificate verify failed" I dont know what to do now? On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell <aaron.grewell@gmail.com>wrote:> Did you remove the ssldir on the server or the client? Usually to > completely reset the cert you run clean on the server, remove the > contents of the ssldir on the client, then re-run puppet and it should > rebuild the cert. I wouldn''t recommend removing the ssldir on the > server except as a last resort, otherwise you''ll have to rebuild all > your client certs. > > If that''s what you already did, make sure that your ssldir and its > contents are owned by user & group puppet as well. > > On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan <makhan628@gmail.com> > wrote: > > Do I need to make any changes to server or delete sl info on the server. > I > > am still getting the certificate verify failed error on clients? > > > > > > On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> > wrote: > >> > >> I was able to sign the certificate to the client but still I am getting > >> this error now on the > >> client: > >> > >> Client puppet-agent[15030]: Starting Puppet client version 2.6.12 > >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog > >> from remote server: certificate verify failed > >> Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog > >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; > >> skipping run > >> > >> > >> > >> > >> On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com> > >> wrote: > >>> > >>> I have gone little further nowwhat I have done is to delete the ssl > >>> folder from one of the client and ran this command on server: puppetca > >>> --clean clientname > >>> it has generated new certificate but in the end I get the same error: > >>> > >>> err: Could not call revoke: Cannot convert into OpenSSL::BN > >>> Further more when i restart the agent from the client now I get this > >>> message under server message log: client has a waiting certificate > request > >>> Under my client message log: > >>> hostname puppet-agent[13385]: Did not receive certificate > >>> > >>> > >>> > >>> > >>> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com> > >>> wrote: > >>>> > >>>> I have tried to deleted the ssl folder under puppet. And then tried to > >>>> clean the certificate from the server but did not work. > >>>> #puppetca --clean hostname > >>>> notice: Revoked certificate with serial # Inventory of signed > >>>> certificates > >>>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT > >>>> > >>>> > >>>> err: Could not call revoke: Cannot convert into OpenSSL::BN > >>>> > >>>> > >>>> > >>>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com> > >>>> wrote: > >>>>> > >>>>> Thanks guys; I am getting closer but still some errors. I am getting > >>>>> these errors now. > >>>>> Starting Puppet client version 2.6.12 > >>>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve > catalog > >>>>> from remote server: Retrieved certificate does not match private > key; please > >>>>> remove certificate from server and regenerate it with the current key > >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog > >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve > catalog; > >>>>> skipping run > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz > >>>>> <Bernd.Adamowicz@esailors.de> wrote: > >>>>>> > >>>>>> I''m pretty sure that, besides the other answers already provided, > your > >>>>>> main problem is the wrong user for your Puppet configuration. It > should be > >>>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look > like: > >>>>>> > >>>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . > >>>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. > >>>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf > >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments > >>>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests > >>>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf > >>>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf > >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn > >>>>>> > >>>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as > >>>>>> ''root'' should solve your main problem which is the ''Permission > denied'' error > >>>>>> as well as the non starting Puppet process. > >>>>>> > >>>>>> Bernd > >>>>>> > >>>>>> > -----Ursprüngliche Nachricht----- > >>>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- > >>>>>> > users@googlegroups.com] Im Auftrag von Khan > >>>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 > >>>>>> > An: Puppet Users > >>>>>> > Betreff: [Puppet Users] Puppetserver error > >>>>>> > > >>>>>> > Hello everyone, > >>>>>> > I am new to puppet. I have installed on redhat Enterprise 5and > seems > >>>>>> > to be working fine. Couple days ago I was testing some permissions > >>>>>> > on / > >>>>>> > etc folder and applied 600 /etc and sub folders. Although I have > >>>>>> > reverted the permission but I am having issues on puppetmaster. > >>>>>> > Currently I have these permission on etc 755 and puppet folder: > >>>>>> > my /etc folder is 755 and puppet folder with tese permsions: > >>>>>> > > >>>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > >>>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > >>>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > >>>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > >>>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > >>>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > >>>>>> > > >>>>>> > I am getting these error in the log: > >>>>>> > > >>>>>> > puppet-master[3519]: Could not parse for environment production: > >>>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at > /etc/ > >>>>>> > puppet/manifests/site.pp:3 on node client1 > >>>>>> > > >>>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ > >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > client2 > >>>>>> > > >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ > >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > client3 > >>>>>> > > >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ > >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > client4 > >>>>>> > > >>>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve > >>>>>> > catalog > >>>>>> > from remote server: Error 400 on SERVER: Could not parse for > >>>>>> > environment production: Permission denied - /etc/puppet/manifests/ > >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > server > >>>>>> > Any Help will be greatly appreciated. > >>>>>> > > >>>>>> > -- > >>>>>> > You received this message because you are subscribed to the Google > >>>>>> > Groups "Puppet Users" group. > >>>>>> > To post to this group, send email to > puppet-users@googlegroups.com. > >>>>>> > To unsubscribe from this group, send email to puppet- > >>>>>> > users+unsubscribe@googlegroups.com. > >>>>>> > For more options, visit this group at > >>>>>> > http://groups.google.com/group/puppet-users?hl=en. > >>>>>> > >>>>>> -- > >>>>>> You received this message because you are subscribed to the Google > >>>>>> Groups "Puppet Users" group. > >>>>>> To post to this group, send email to puppet-users@googlegroups.com. > >>>>>> To unsubscribe from this group, send email to > >>>>>> puppet-users+unsubscribe@googlegroups.com. > >>>>>> For more options, visit this group at > >>>>>> http://groups.google.com/group/puppet-users?hl=en. > >>>>>> > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> Regards, > >>>>> Mohammad > >>>>> > >>>> > >>>> > >>>> > >>>> -- > >>>> Regards, > >>>> Mohammad > >>>> > >>> > >>> > >>> > >>> -- > >>> Regards, > >>> Mohammad > >>> > >> > >> > >> > >> -- > >> Regards, > >> Mohammad > >> > > > > > > > > -- > > Regards, > > Mohammad > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
You''ll have to re-sign your node''s cert using puppetca --sign <hostname> On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan <makhan628@gmail.com> wrote:> I removed ssldir from clients and ran the puppetca --clean from the server. > It ran fine finally. Now I am stuck on where client complains that > ''certificate verify failed" I dont know what to do now? > > > On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell <aaron.grewell@gmail.com> > wrote: >> >> Did you remove the ssldir on the server or the client? Usually to >> completely reset the cert you run clean on the server, remove the >> contents of the ssldir on the client, then re-run puppet and it should >> rebuild the cert. I wouldn''t recommend removing the ssldir on the >> server except as a last resort, otherwise you''ll have to rebuild all >> your client certs. >> >> If that''s what you already did, make sure that your ssldir and its >> contents are owned by user & group puppet as well. >> >> On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan <makhan628@gmail.com> >> wrote: >> > Do I need to make any changes to server or delete sl info on the server. >> > I >> > am still getting the certificate verify failed error on clients? >> > >> > >> > On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> >> > wrote: >> >> >> >> I was able to sign the certificate to the client but still I am getting >> >> this error now on the >> >> client: >> >> >> >> Client puppet-agent[15030]: Starting Puppet client version 2.6.12 >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog >> >> from remote server: certificate verify failed >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; >> >> skipping run >> >> >> >> >> >> >> >> >> >> On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com> >> >> wrote: >> >>> >> >>> I have gone little further nowwhat I have done is to delete the ssl >> >>> folder from one of the client and ran this command on server: puppetca >> >>> --clean clientname >> >>> it has generated new certificate but in the end I get the same error: >> >>> >> >>> err: Could not call revoke: Cannot convert into OpenSSL::BN >> >>> Further more when i restart the agent from the client now I get this >> >>> message under server message log: client has a waiting certificate >> >>> request >> >>> Under my client message log: >> >>> hostname puppet-agent[13385]: Did not receive certificate >> >>> >> >>> >> >>> >> >>> >> >>> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com> >> >>> wrote: >> >>>> >> >>>> I have tried to deleted the ssl folder under puppet. And then tried >> >>>> to >> >>>> clean the certificate from the server but did not work. >> >>>> #puppetca --clean hostname >> >>>> notice: Revoked certificate with serial # Inventory of signed >> >>>> certificates >> >>>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT >> >>>> >> >>>> >> >>>> err: Could not call revoke: Cannot convert into OpenSSL::BN >> >>>> >> >>>> >> >>>> >> >>>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com> >> >>>> wrote: >> >>>>> >> >>>>> Thanks guys; I am getting closer but still some errors. I am getting >> >>>>> these errors now. >> >>>>> Starting Puppet client version 2.6.12 >> >>>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve >> >>>>> catalog >> >>>>> from remote server: Retrieved certificate does not match private >> >>>>> key; please >> >>>>> remove certificate from server and regenerate it with the current >> >>>>> key >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve >> >>>>> catalog; >> >>>>> skipping run >> >>>>> >> >>>>> >> >>>>> >> >>>>> >> >>>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz >> >>>>> <Bernd.Adamowicz@esailors.de> wrote: >> >>>>>> >> >>>>>> I''m pretty sure that, besides the other answers already provided, >> >>>>>> your >> >>>>>> main problem is the wrong user for your Puppet configuration. It >> >>>>>> should be >> >>>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look >> >>>>>> like: >> >>>>>> >> >>>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >> >>>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >> >>>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >> >>>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >> >>>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >> >>>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >> >>>>>> >> >>>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as >> >>>>>> ''root'' should solve your main problem which is the ''Permission >> >>>>>> denied'' error >> >>>>>> as well as the non starting Puppet process. >> >>>>>> >> >>>>>> Bernd >> >>>>>> >> >>>>>> > -----Ursprüngliche Nachricht----- >> >>>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- >> >>>>>> > users@googlegroups.com] Im Auftrag von Khan >> >>>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >> >>>>>> > An: Puppet Users >> >>>>>> > Betreff: [Puppet Users] Puppetserver error >> >>>>>> > >> >>>>>> > Hello everyone, >> >>>>>> > I am new to puppet. I have installed on redhat Enterprise 5and >> >>>>>> > seems >> >>>>>> > to be working fine. Couple days ago I was testing some >> >>>>>> > permissions >> >>>>>> > on / >> >>>>>> > etc folder and applied 600 /etc and sub folders. Although I have >> >>>>>> > reverted the permission but I am having issues on puppetmaster. >> >>>>>> > Currently I have these permission on etc 755 and puppet folder: >> >>>>>> > my /etc folder is 755 and puppet folder with tese permsions: >> >>>>>> > >> >>>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> >>>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> >>>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> >>>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> >>>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> >>>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> >>>>>> > >> >>>>>> > I am getting these error in the log: >> >>>>>> > >> >>>>>> > puppet-master[3519]: Could not parse for environment production: >> >>>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at >> >>>>>> > /etc/ >> >>>>>> > puppet/manifests/site.pp:3 on node client1 >> >>>>>> > >> >>>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for >> >>>>>> > environment production: Permission denied - >> >>>>>> > /etc/puppet/manifests/ >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >>>>>> > client2 >> >>>>>> > >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >>>>>> > environment production: Permission denied - >> >>>>>> > /etc/puppet/manifests/ >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >>>>>> > client3 >> >>>>>> > >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for >> >>>>>> > environment production: Permission denied - >> >>>>>> > /etc/puppet/manifests/ >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >>>>>> > client4 >> >>>>>> > >> >>>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >> >>>>>> > catalog >> >>>>>> > from remote server: Error 400 on SERVER: Could not parse for >> >>>>>> > environment production: Permission denied - >> >>>>>> > /etc/puppet/manifests/ >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >>>>>> > server >> >>>>>> > Any Help will be greatly appreciated. >> >>>>>> > >> >>>>>> > -- >> >>>>>> > You received this message because you are subscribed to the >> >>>>>> > Google >> >>>>>> > Groups "Puppet Users" group. >> >>>>>> > To post to this group, send email to >> >>>>>> > puppet-users@googlegroups.com. >> >>>>>> > To unsubscribe from this group, send email to puppet- >> >>>>>> > users+unsubscribe@googlegroups.com. >> >>>>>> > For more options, visit this group at >> >>>>>> > http://groups.google.com/group/puppet-users?hl=en. >> >>>>>> >> >>>>>> -- >> >>>>>> You received this message because you are subscribed to the Google >> >>>>>> Groups "Puppet Users" group. >> >>>>>> To post to this group, send email to puppet-users@googlegroups.com. >> >>>>>> To unsubscribe from this group, send email to >> >>>>>> puppet-users+unsubscribe@googlegroups.com. >> >>>>>> For more options, visit this group at >> >>>>>> http://groups.google.com/group/puppet-users?hl=en. >> >>>>>> >> >>>>> >> >>>>> >> >>>>> >> >>>>> -- >> >>>>> Regards, >> >>>>> Mohammad >> >>>>> >> >>>> >> >>>> >> >>>> >> >>>> -- >> >>>> Regards, >> >>>> Mohammad >> >>>> >> >>> >> >>> >> >>> >> >>> -- >> >>> Regards, >> >>> Mohammad >> >>> >> >> >> >> >> >> >> >> -- >> >> Regards, >> >> Mohammad >> >> >> > >> > >> > >> > -- >> > Regards, >> > Mohammad >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> > > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I have done this already; however, client "certificate verify failed" is occurring now where I am stuck. On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell <aaron.grewell@gmail.com>wrote:> You''ll have to re-sign your node''s cert using puppetca --sign <hostname> > > On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan <makhan628@gmail.com> > wrote: > > I removed ssldir from clients and ran the puppetca --clean from the > server. > > It ran fine finally. Now I am stuck on where client complains that > > ''certificate verify failed" I dont know what to do now? > > > > > > On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell <aaron.grewell@gmail.com > > > > wrote: > >> > >> Did you remove the ssldir on the server or the client? Usually to > >> completely reset the cert you run clean on the server, remove the > >> contents of the ssldir on the client, then re-run puppet and it should > >> rebuild the cert. I wouldn''t recommend removing the ssldir on the > >> server except as a last resort, otherwise you''ll have to rebuild all > >> your client certs. > >> > >> If that''s what you already did, make sure that your ssldir and its > >> contents are owned by user & group puppet as well. > >> > >> On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan <makhan628@gmail.com> > >> wrote: > >> > Do I need to make any changes to server or delete sl info on the > server. > >> > I > >> > am still getting the certificate verify failed error on clients? > >> > > >> > > >> > On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> > >> > wrote: > >> >> > >> >> I was able to sign the certificate to the client but still I am > getting > >> >> this error now on the > >> >> client: > >> >> > >> >> Client puppet-agent[15030]: Starting Puppet client version 2.6.12 > >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve > catalog > >> >> from remote server: certificate verify failed > >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog > >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve > catalog; > >> >> skipping run > >> >> > >> >> > >> >> > >> >> > >> >> On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com> > >> >> wrote: > >> >>> > >> >>> I have gone little further nowwhat I have done is to delete the ssl > >> >>> folder from one of the client and ran this command on server: > puppetca > >> >>> --clean clientname > >> >>> it has generated new certificate but in the end I get the same > error: > >> >>> > >> >>> err: Could not call revoke: Cannot convert into OpenSSL::BN > >> >>> Further more when i restart the agent from the client now I get this > >> >>> message under server message log: client has a waiting certificate > >> >>> request > >> >>> Under my client message log: > >> >>> hostname puppet-agent[13385]: Did not receive certificate > >> >>> > >> >>> > >> >>> > >> >>> > >> >>> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com > > > >> >>> wrote: > >> >>>> > >> >>>> I have tried to deleted the ssl folder under puppet. And then tried > >> >>>> to > >> >>>> clean the certificate from the server but did not work. > >> >>>> #puppetca --clean hostname > >> >>>> notice: Revoked certificate with serial # Inventory of signed > >> >>>> certificates > >> >>>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT > >> >>>> > >> >>>> > >> >>>> err: Could not call revoke: Cannot convert into OpenSSL::BN > >> >>>> > >> >>>> > >> >>>> > >> >>>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan < > makhan628@gmail.com> > >> >>>> wrote: > >> >>>>> > >> >>>>> Thanks guys; I am getting closer but still some errors. I am > getting > >> >>>>> these errors now. > >> >>>>> Starting Puppet client version 2.6.12 > >> >>>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve > >> >>>>> catalog > >> >>>>> from remote server: Retrieved certificate does not match private > >> >>>>> key; please > >> >>>>> remove certificate from server and regenerate it with the current > >> >>>>> key > >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog > >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve > >> >>>>> catalog; > >> >>>>> skipping run > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz > >> >>>>> <Bernd.Adamowicz@esailors.de> wrote: > >> >>>>>> > >> >>>>>> I''m pretty sure that, besides the other answers already provided, > >> >>>>>> your > >> >>>>>> main problem is the wrong user for your Puppet configuration. It > >> >>>>>> should be > >> >>>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should > look > >> >>>>>> like: > >> >>>>>> > >> >>>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . > >> >>>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. > >> >>>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf > >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments > >> >>>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests > >> >>>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf > >> >>>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf > >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn > >> >>>>>> > >> >>>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as > >> >>>>>> ''root'' should solve your main problem which is the ''Permission > >> >>>>>> denied'' error > >> >>>>>> as well as the non starting Puppet process. > >> >>>>>> > >> >>>>>> Bernd > >> >>>>>> > >> >>>>>> > -----Ursprüngliche Nachricht----- > >> >>>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- > >> >>>>>> > users@googlegroups.com] Im Auftrag von Khan > >> >>>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 > >> >>>>>> > An: Puppet Users > >> >>>>>> > Betreff: [Puppet Users] Puppetserver error > >> >>>>>> > > >> >>>>>> > Hello everyone, > >> >>>>>> > I am new to puppet. I have installed on redhat Enterprise 5and > >> >>>>>> > seems > >> >>>>>> > to be working fine. Couple days ago I was testing some > >> >>>>>> > permissions > >> >>>>>> > on / > >> >>>>>> > etc folder and applied 600 /etc and sub folders. Although I > have > >> >>>>>> > reverted the permission but I am having issues on puppetmaster. > >> >>>>>> > Currently I have these permission on etc 755 and puppet folder: > >> >>>>>> > my /etc folder is 755 and puppet folder with tese permsions: > >> >>>>>> > > >> >>>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > >> >>>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > >> >>>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > >> >>>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > >> >>>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > >> >>>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > >> >>>>>> > > >> >>>>>> > I am getting these error in the log: > >> >>>>>> > > >> >>>>>> > puppet-master[3519]: Could not parse for environment > production: > >> >>>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at > >> >>>>>> > /etc/ > >> >>>>>> > puppet/manifests/site.pp:3 on node client1 > >> >>>>>> > > >> >>>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > client2 > >> >>>>>> > > >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > client3 > >> >>>>>> > > >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse > for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > client4 > >> >>>>>> > > >> >>>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve > >> >>>>>> > catalog > >> >>>>>> > from remote server: Error 400 on SERVER: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > server > >> >>>>>> > Any Help will be greatly appreciated. > >> >>>>>> > > >> >>>>>> > -- > >> >>>>>> > You received this message because you are subscribed to the > >> >>>>>> > Google > >> >>>>>> > Groups "Puppet Users" group. > >> >>>>>> > To post to this group, send email to > >> >>>>>> > puppet-users@googlegroups.com. > >> >>>>>> > To unsubscribe from this group, send email to puppet- > >> >>>>>> > users+unsubscribe@googlegroups.com. > >> >>>>>> > For more options, visit this group at > >> >>>>>> > http://groups.google.com/group/puppet-users?hl=en. > >> >>>>>> > >> >>>>>> -- > >> >>>>>> You received this message because you are subscribed to the > Google > >> >>>>>> Groups "Puppet Users" group. > >> >>>>>> To post to this group, send email to > puppet-users@googlegroups.com. > >> >>>>>> To unsubscribe from this group, send email to > >> >>>>>> puppet-users+unsubscribe@googlegroups.com. > >> >>>>>> For more options, visit this group at > >> >>>>>> http://groups.google.com/group/puppet-users?hl=en. > >> >>>>>> > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> -- > >> >>>>> Regards, > >> >>>>> Mohammad > >> >>>>> > >> >>>> > >> >>>> > >> >>>> > >> >>>> -- > >> >>>> Regards, > >> >>>> Mohammad > >> >>>> > >> >>> > >> >>> > >> >>> > >> >>> -- > >> >>> Regards, > >> >>> Mohammad > >> >>> > >> >> > >> >> > >> >> > >> >> -- > >> >> Regards, > >> >> Mohammad > >> >> > >> > > >> > > >> > > >> > -- > >> > Regards, > >> > Mohammad > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Puppet Users" group. > >> > To post to this group, send email to puppet-users@googlegroups.com. > >> > To unsubscribe from this group, send email to > >> > puppet-users+unsubscribe@googlegroups.com. > >> > For more options, visit this group at > >> > http://groups.google.com/group/puppet-users?hl=en. > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups > >> "Puppet Users" group. > >> To post to this group, send email to puppet-users@googlegroups.com. > >> To unsubscribe from this group, send email to > >> puppet-users+unsubscribe@googlegroups.com. > >> For more options, visit this group at > >> http://groups.google.com/group/puppet-users?hl=en. > >> > > > > > > > > -- > > Regards, > > Mohammad > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi, Maybe a Time related Problem? Check the Time on both, Client and Server Am 30.12.2011 um 18:55 schrieb Mohammad Khan <makhan628@gmail.com>:> I have done this already; however, client "certificate verify failed" is occurring now where I am stuck. > > On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell <aaron.grewell@gmail.com> wrote: > You''ll have to re-sign your node''s cert using puppetca --sign <hostname> > > On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan <makhan628@gmail.com> wrote: > > I removed ssldir from clients and ran the puppetca --clean from the server. > > It ran fine finally. Now I am stuck on where client complains that > > ''certificate verify failed" I dont know what to do now? > > > > > > On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell <aaron.grewell@gmail.com> > > wrote: > >> > >> Did you remove the ssldir on the server or the client? Usually to > >> completely reset the cert you run clean on the server, remove the > >> contents of the ssldir on the client, then re-run puppet and it should > >> rebuild the cert. I wouldn''t recommend removing the ssldir on the > >> server except as a last resort, otherwise you''ll have to rebuild all > >> your client certs. > >> > >> If that''s what you already did, make sure that your ssldir and its > >> contents are owned by user & group puppet as well. > >> > >> On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan <makhan628@gmail.com> > >> wrote: > >> > Do I need to make any changes to server or delete sl info on the server. > >> > I > >> > am still getting the certificate verify failed error on clients? > >> > > >> > > >> > On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> > >> > wrote: > >> >> > >> >> I was able to sign the certificate to the client but still I am getting > >> >> this error now on the > >> >> client: > >> >> > >> >> Client puppet-agent[15030]: Starting Puppet client version 2.6.12 > >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog > >> >> from remote server: certificate verify failed > >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog > >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog; > >> >> skipping run > >> >> > >> >> > >> >> > >> >> > >> >> On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com> > >> >> wrote: > >> >>> > >> >>> I have gone little further nowwhat I have done is to delete the ssl > >> >>> folder from one of the client and ran this command on server: puppetca > >> >>> --clean clientname > >> >>> it has generated new certificate but in the end I get the same error: > >> >>> > >> >>> err: Could not call revoke: Cannot convert into OpenSSL::BN > >> >>> Further more when i restart the agent from the client now I get this > >> >>> message under server message log: client has a waiting certificate > >> >>> request > >> >>> Under my client message log: > >> >>> hostname puppet-agent[13385]: Did not receive certificate > >> >>> > >> >>> > >> >>> > >> >>> > >> >>> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan <makhan628@gmail.com> > >> >>> wrote: > >> >>>> > >> >>>> I have tried to deleted the ssl folder under puppet. And then tried > >> >>>> to > >> >>>> clean the certificate from the server but did not work. > >> >>>> #puppetca --clean hostname > >> >>>> notice: Revoked certificate with serial # Inventory of signed > >> >>>> certificates > >> >>>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT > >> >>>> > >> >>>> > >> >>>> err: Could not call revoke: Cannot convert into OpenSSL::BN > >> >>>> > >> >>>> > >> >>>> > >> >>>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan <makhan628@gmail.com> > >> >>>> wrote: > >> >>>>> > >> >>>>> Thanks guys; I am getting closer but still some errors. I am getting > >> >>>>> these errors now. > >> >>>>> Starting Puppet client version 2.6.12 > >> >>>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve > >> >>>>> catalog > >> >>>>> from remote server: Retrieved certificate does not match private > >> >>>>> key; please > >> >>>>> remove certificate from server and regenerate it with the current > >> >>>>> key > >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog > >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve > >> >>>>> catalog; > >> >>>>> skipping run > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz > >> >>>>> <Bernd.Adamowicz@esailors.de> wrote: > >> >>>>>> > >> >>>>>> I''m pretty sure that, besides the other answers already provided, > >> >>>>>> your > >> >>>>>> main problem is the wrong user for your Puppet configuration. It > >> >>>>>> should be > >> >>>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should look > >> >>>>>> like: > >> >>>>>> > >> >>>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . > >> >>>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. > >> >>>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf > >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments > >> >>>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests > >> >>>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf > >> >>>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf > >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn > >> >>>>>> > >> >>>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as > >> >>>>>> ''root'' should solve your main problem which is the ''Permission > >> >>>>>> denied'' error > >> >>>>>> as well as the non starting Puppet process. > >> >>>>>> > >> >>>>>> Bernd > >> >>>>>> > >> >>>>>> > -----Ursprüngliche Nachricht----- > >> >>>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- > >> >>>>>> > users@googlegroups.com] Im Auftrag von Khan > >> >>>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 > >> >>>>>> > An: Puppet Users > >> >>>>>> > Betreff: [Puppet Users] Puppetserver error > >> >>>>>> > > >> >>>>>> > Hello everyone, > >> >>>>>> > I am new to puppet. I have installed on redhat Enterprise 5and > >> >>>>>> > seems > >> >>>>>> > to be working fine. Couple days ago I was testing some > >> >>>>>> > permissions > >> >>>>>> > on / > >> >>>>>> > etc folder and applied 600 /etc and sub folders. Although I have > >> >>>>>> > reverted the permission but I am having issues on puppetmaster. > >> >>>>>> > Currently I have these permission on etc 755 and puppet folder: > >> >>>>>> > my /etc folder is 755 and puppet folder with tese permsions: > >> >>>>>> > > >> >>>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf > >> >>>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf > >> >>>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests > >> >>>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules > >> >>>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf > >> >>>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew > >> >>>>>> > > >> >>>>>> > I am getting these error in the log: > >> >>>>>> > > >> >>>>>> > puppet-master[3519]: Could not parse for environment production: > >> >>>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at > >> >>>>>> > /etc/ > >> >>>>>> > puppet/manifests/site.pp:3 on node client1 > >> >>>>>> > > >> >>>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > client2 > >> >>>>>> > > >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > client3 > >> >>>>>> > > >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > client4 > >> >>>>>> > > >> >>>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve > >> >>>>>> > catalog > >> >>>>>> > from remote server: Error 400 on SERVER: Could not parse for > >> >>>>>> > environment production: Permission denied - > >> >>>>>> > /etc/puppet/manifests/ > >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node > >> >>>>>> > server > >> >>>>>> > Any Help will be greatly appreciated. > >> >>>>>> > > >> >>>>>> > -- > >> >>>>>> > You received this message because you are subscribed to the > >> >>>>>> > Google > >> >>>>>> > Groups "Puppet Users" group. > >> >>>>>> > To post to this group, send email to > >> >>>>>> > puppet-users@googlegroups.com. > >> >>>>>> > To unsubscribe from this group, send email to puppet- > >> >>>>>> > users+unsubscribe@googlegroups.com. > >> >>>>>> > For more options, visit this group at > >> >>>>>> > http://groups.google.com/group/puppet-users?hl=en. > >> >>>>>> > >> >>>>>> -- > >> >>>>>> You received this message because you are subscribed to the Google > >> >>>>>> Groups "Puppet Users" group. > >> >>>>>> To post to this group, send email to puppet-users@googlegroups.com. > >> >>>>>> To unsubscribe from this group, send email to > >> >>>>>> puppet-users+unsubscribe@googlegroups.com. > >> >>>>>> For more options, visit this group at > >> >>>>>> http://groups.google.com/group/puppet-users?hl=en. > >> >>>>>> > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> -- > >> >>>>> Regards, > >> >>>>> Mohammad > >> >>>>> > >> >>>> > >> >>>> > >> >>>> > >> >>>> -- > >> >>>> Regards, > >> >>>> Mohammad > >> >>>> > >> >>> > >> >>> > >> >>> > >> >>> -- > >> >>> Regards, > >> >>> Mohammad > >> >>> > >> >> > >> >> > >> >> > >> >> -- > >> >> Regards, > >> >> Mohammad > >> >> > >> > > >> > > >> > > >> > -- > >> > Regards, > >> > Mohammad > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Puppet Users" group. > >> > To post to this group, send email to puppet-users@googlegroups.com. > >> > To unsubscribe from this group, send email to > >> > puppet-users+unsubscribe@googlegroups.com. > >> > For more options, visit this group at > >> > http://groups.google.com/group/puppet-users?hl=en. > >> > >> -- > >> You received this message because you are subscribed to the Google Groups > >> "Puppet Users" group. > >> To post to this group, send email to puppet-users@googlegroups.com. > >> To unsubscribe from this group, send email to > >> puppet-users+unsubscribe@googlegroups.com. > >> For more options, visit this group at > >> http://groups.google.com/group/puppet-users?hl=en. > >> > > > > > > > > -- > > Regards, > > Mohammad > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > > > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
I have checked the time it is fine on both client and server, but still the error is occurring. On Fri, Dec 30, 2011 at 3:56 PM, Florian Koch < florian.koch1981@googlemail.com> wrote:> Hi, Maybe a Time related Problem? Check the Time on both, Client and Server > > > > > Am 30.12.2011 um 18:55 schrieb Mohammad Khan <makhan628@gmail.com>: > > I have done this already; however, client "certificate verify failed" is > occurring now where I am stuck. > > On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell <aaron.grewell@gmail.com>wrote: > >> You''ll have to re-sign your node''s cert using puppetca --sign <hostname> >> >> On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan <makhan628@gmail.com> >> wrote: >> > I removed ssldir from clients and ran the puppetca --clean from the >> server. >> > It ran fine finally. Now I am stuck on where client complains that >> > ''certificate verify failed" I dont know what to do now? >> > >> > >> > On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell < >> aaron.grewell@gmail.com> >> > wrote: >> >> >> >> Did you remove the ssldir on the server or the client? Usually to >> >> completely reset the cert you run clean on the server, remove the >> >> contents of the ssldir on the client, then re-run puppet and it should >> >> rebuild the cert. I wouldn''t recommend removing the ssldir on the >> >> server except as a last resort, otherwise you''ll have to rebuild all >> >> your client certs. >> >> >> >> If that''s what you already did, make sure that your ssldir and its >> >> contents are owned by user & group puppet as well. >> >> >> >> On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan <makhan628@gmail.com> >> >> wrote: >> >> > Do I need to make any changes to server or delete sl info on the >> server. >> >> > I >> >> > am still getting the certificate verify failed error on clients? >> >> > >> >> > >> >> > On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan <makhan628@gmail.com> >> >> > wrote: >> >> >> >> >> >> I was able to sign the certificate to the client but still I am >> getting >> >> >> this error now on the >> >> >> client: >> >> >> >> >> >> Client puppet-agent[15030]: Starting Puppet client version 2.6.12 >> >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve >> catalog >> >> >> from remote server: certificate verify failed >> >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog >> >> >> Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve >> catalog; >> >> >> skipping run >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan <makhan628@gmail.com >> > >> >> >> wrote: >> >> >>> >> >> >>> I have gone little further nowwhat I have done is to delete the ssl >> >> >>> folder from one of the client and ran this command on server: >> puppetca >> >> >>> --clean clientname >> >> >>> it has generated new certificate but in the end I get the same >> error: >> >> >>> >> >> >>> err: Could not call revoke: Cannot convert into OpenSSL::BN >> >> >>> Further more when i restart the agent from the client now I get >> this >> >> >>> message under server message log: client has a waiting certificate >> >> >>> request >> >> >>> Under my client message log: >> >> >>> hostname puppet-agent[13385]: Did not receive certificate >> >> >>> >> >> >>> >> >> >>> >> >> >>> >> >> >>> On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan < >> makhan628@gmail.com> >> >> >>> wrote: >> >> >>>> >> >> >>>> I have tried to deleted the ssl folder under puppet. And then >> tried >> >> >>>> to >> >> >>>> clean the certificate from the server but did not work. >> >> >>>> #puppetca --clean hostname >> >> >>>> notice: Revoked certificate with serial # Inventory of signed >> >> >>>> certificates >> >> >>>> # SERIAL NOT_BEFORE NOT_AFTER SUBJECT >> >> >>>> >> >> >>>> >> >> >>>> err: Could not call revoke: Cannot convert into OpenSSL::BN >> >> >>>> >> >> >>>> >> >> >>>> >> >> >>>> On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan < >> makhan628@gmail.com> >> >> >>>> wrote: >> >> >>>>> >> >> >>>>> Thanks guys; I am getting closer but still some errors. I am >> getting >> >> >>>>> these errors now. >> >> >>>>> Starting Puppet client version 2.6.12 >> >> >>>>> Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve >> >> >>>>> catalog >> >> >>>>> from remote server: Retrieved certificate does not match private >> >> >>>>> key; please >> >> >>>>> remove certificate from server and regenerate it with the current >> >> >>>>> key >> >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog >> >> >>>>> Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve >> >> >>>>> catalog; >> >> >>>>> skipping run >> >> >>>>> >> >> >>>>> >> >> >>>>> >> >> >>>>> >> >> >>>>> On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz >> >> >>>>> <Bernd.Adamowicz@esailors.de> wrote: >> >> >>>>>> >> >> >>>>>> I''m pretty sure that, besides the other answers already >> provided, >> >> >>>>>> your >> >> >>>>>> main problem is the wrong user for your Puppet configuration. It >> >> >>>>>> should be >> >> >>>>>> user ''puppet'' and not ''root''. That''s how ''/etc/puppet'' should >> look >> >> >>>>>> like: >> >> >>>>>> >> >> >>>>>> drwxr-xr-x 5 puppet puppet 4.0K Dec 12 17:48 . >> >> >>>>>> drwxr-xr-x 79 root root 12K Dec 26 04:03 .. >> >> >>>>>> -rw-r--r-- 1 puppet puppet 3.1K Dec 12 17:48 auth.conf >> >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 12 17:48 environments >> >> >>>>>> drwxr-xr-x 3 puppet puppet 4.0K Dec 12 17:48 manifests >> >> >>>>>> -rw-r--r-- 1 puppet puppet 838 Dec 12 17:48 namespaceauth.conf >> >> >>>>>> -rw-r--r-- 1 puppet puppet 1.8K Dec 12 17:48 puppet.conf >> >> >>>>>> drwxr-xr-x 6 puppet puppet 4.0K Dec 30 08:20 .svn >> >> >>>>>> >> >> >>>>>> So a command like ''chown -R puppet:puppet /etc/puppet'' issued as >> >> >>>>>> ''root'' should solve your main problem which is the ''Permission >> >> >>>>>> denied'' error >> >> >>>>>> as well as the non starting Puppet process. >> >> >>>>>> >> >> >>>>>> Bernd >> >> >>>>>> >> >> >>>>>> > -----Ursprüngliche Nachricht----- >> >> >>>>>> > Von: puppet-users@googlegroups.com [mailto:puppet- >> >> >>>>>> > users@googlegroups.com] Im Auftrag von Khan >> >> >>>>>> > Gesendet: Donnerstag, 29. Dezember 2011 17:37 >> >> >>>>>> > An: Puppet Users >> >> >>>>>> > Betreff: [Puppet Users] Puppetserver error >> >> >>>>>> > >> >> >>>>>> > Hello everyone, >> >> >>>>>> > I am new to puppet. I have installed on redhat Enterprise 5and >> >> >>>>>> > seems >> >> >>>>>> > to be working fine. Couple days ago I was testing some >> >> >>>>>> > permissions >> >> >>>>>> > on / >> >> >>>>>> > etc folder and applied 600 /etc and sub folders. Although I >> have >> >> >>>>>> > reverted the permission but I am having issues on >> puppetmaster. >> >> >>>>>> > Currently I have these permission on etc 755 and puppet >> folder: >> >> >>>>>> > my /etc folder is 755 and puppet folder with tese permsions: >> >> >>>>>> > >> >> >>>>>> > -rw-r--r-- 1 root root 2346 May 8 2010 auth.conf >> >> >>>>>> > -rw-r--r-- 1 root root 419 May 19 2010 fileserver.conf >> >> >>>>>> > drwxr-xr-x 3 root root 4096 Dec 23 10:48 manifests >> >> >>>>>> > drwxr-xr-x 21 root root 4096 Oct 22 2010 modules >> >> >>>>>> > -rw-r--r-- 1 root root 980 May 27 2010 puppet.conf >> >> >>>>>> > -rw-r--r-- 1 root root 855 May 17 2010 puppet.conf.rpmnew >> >> >>>>>> > >> >> >>>>>> > I am getting these error in the log: >> >> >>>>>> > >> >> >>>>>> > puppet-master[3519]: Could not parse for environment >> production: >> >> >>>>>> > Permission denied - /etc/puppet/manifests/classes/sysctl.pp at >> >> >>>>>> > /etc/ >> >> >>>>>> > puppet/manifests/site.pp:3 on node client1 >> >> >>>>>> > >> >> >>>>>> > Dec 27 14:25:46 server puppet-master[3519]: Could not parse >> for >> >> >>>>>> > environment production: Permission denied - >> >> >>>>>> > /etc/puppet/manifests/ >> >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >>>>>> > client2 >> >> >>>>>> > >> >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse >> for >> >> >>>>>> > environment production: Permission denied - >> >> >>>>>> > /etc/puppet/manifests/ >> >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >>>>>> > client3 >> >> >>>>>> > >> >> >>>>>> > Dec 27 14:27:15 server puppet-master[3519]: Could not parse >> for >> >> >>>>>> > environment production: Permission denied - >> >> >>>>>> > /etc/puppet/manifests/ >> >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >>>>>> > client4 >> >> >>>>>> > >> >> >>>>>> > Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve >> >> >>>>>> > catalog >> >> >>>>>> > from remote server: Error 400 on SERVER: Could not parse for >> >> >>>>>> > environment production: Permission denied - >> >> >>>>>> > /etc/puppet/manifests/ >> >> >>>>>> > classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node >> >> >>>>>> > server >> >> >>>>>> > Any Help will be greatly appreciated. >> >> >>>>>> > >> >> >>>>>> > -- >> >> >>>>>> > You received this message because you are subscribed to the >> >> >>>>>> > Google >> >> >>>>>> > Groups "Puppet Users" group. >> >> >>>>>> > To post to this group, send email to >> >> >>>>>> > puppet-users@googlegroups.com. >> >> >>>>>> > To unsubscribe from this group, send email to puppet- >> >> >>>>>> > users+unsubscribe@googlegroups.com. >> >> >>>>>> > For more options, visit this group at >> >> >>>>>> > http://groups.google.com/group/puppet-users?hl=en. >> >> >>>>>> >> >> >>>>>> -- >> >> >>>>>> You received this message because you are subscribed to the >> Google >> >> >>>>>> Groups "Puppet Users" group. >> >> >>>>>> To post to this group, send email to >> puppet-users@googlegroups.com. >> >> >>>>>> To unsubscribe from this group, send email to >> >> >>>>>> puppet-users+unsubscribe@googlegroups.com. >> >> >>>>>> For more options, visit this group at >> >> >>>>>> http://groups.google.com/group/puppet-users?hl=en. >> >> >>>>>> >> >> >>>>> >> >> >>>>> >> >> >>>>> >> >> >>>>> -- >> >> >>>>> Regards, >> >> >>>>> Mohammad >> >> >>>>> >> >> >>>> >> >> >>>> >> >> >>>> >> >> >>>> -- >> >> >>>> Regards, >> >> >>>> Mohammad >> >> >>>> >> >> >>> >> >> >>> >> >> >>> >> >> >>> -- >> >> >>> Regards, >> >> >>> Mohammad >> >> >>> >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> Regards, >> >> >> Mohammad >> >> >> >> >> > >> >> > >> >> > >> >> > -- >> >> > Regards, >> >> > Mohammad >> >> > >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups >> >> > "Puppet Users" group. >> >> > To post to this group, send email to puppet-users@googlegroups.com. >> >> > To unsubscribe from this group, send email to >> >> > puppet-users+unsubscribe@googlegroups.com. >> >> > For more options, visit this group at >> >> > http://groups.google.com/group/puppet-users?hl=en. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> Groups >> >> "Puppet Users" group. >> >> To post to this group, send email to puppet-users@googlegroups.com. >> >> To unsubscribe from this group, send email to >> >> puppet-users+unsubscribe@googlegroups.com. >> >> For more options, visit this group at >> >> http://groups.google.com/group/puppet-users?hl=en. >> >> >> > >> > >> > >> > -- >> > Regards, >> > Mohammad >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Puppet Users" group. >> > To post to this group, send email to puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to >> > puppet-users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> > http://groups.google.com/group/puppet-users?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > > > -- > Regards, > Mohammad > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. >-- Regards, Mohammad -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.