Puppet users - Oct 2009 - Bug #2617(?) in Puppet 0.25.1rc2

When I use the latest puppet 0.25.1 I got the same problem. This is
what I do:
0. Install the Ubuntu 8.04 server with ssh, ruby, rdoc, libopenssl-
ruby and git-core (which gets removed after clone).
1. Install the latest puppet from git repositories on both machines
using git clone «git clone git://github.com/reductivelabs/puppet» and
«git clone git://github.com/reductivelabs/facter»
2. Install it (first facter, then puppet) by running «install.rb».
3. Put each others'' name on /etc/hosts, so they can see each other
4. «puppetmasterd --mkusers»
5. On server I create meaningless  /etc/manifest/site.pp (the contents
are not important)
6. I put the same options for both server and client. They don''t
differ from the generated defaults only in --genconfig = false, but
here are they:

[main]
    genconfig = false
    railslog = /var/puppet/log/rails.log
    dblocation = /var/puppet/state/clientconfigs.sqlite3
    cert_inventory = /etc/puppet/ssl/ca/inventory.txt
    cakey = /etc/puppet/ssl/ca/ca_key.pem
    caprivatedir = /etc/puppet/ssl/ca/private
    capass = /etc/puppet/ssl/ca/private/ca.pass
    cadir = /etc/puppet/ssl/ca
    capub = /etc/puppet/ssl/ca/ca_pub.pem
    csrdir = /etc/puppet/ssl/ca/requests
    serial = /etc/puppet/ssl/ca/serial
    cacert = /etc/puppet/ssl/ca/ca_crt.pem
    cacrl = /etc/puppet/ssl/ca/ca_crl.pem
    signeddir = /etc/puppet/ssl/ca/signed
    autosign = /etc/puppet/autosign.conf
    factdest = /var/puppet/facts/
    hostprivkey = /etc/puppet/ssl/private_keys/
puppetmaster25.balkon.statystyka.net.pem
    hostcrl = /etc/puppet/ssl/crl.pem
    rundir = /var/puppet/run
    ssldir = /etc/puppet/ssl
    plugindest = /var/puppet/lib
    privatekeydir = /etc/puppet/ssl/private_keys
    hostcsr = /etc/puppet/ssl/
csr_puppetmaster25.balkon.statystyka.net.pem
    factsource = puppet://puppet/facts/
    hostpubkey = /etc/puppet/ssl/public_keys/
puppetmaster25.balkon.statystyka.net.pem
    statedir = /var/puppet/state
    authconfig = /etc/puppet/namespaceauth.conf
    publickeydir = /etc/puppet/ssl/public_keys
    pluginsource = puppet://puppet/plugins
    privatedir = /etc/puppet/ssl/private
    factpath = /var/puppet/facts/
    hostcert = /etc/puppet/ssl/certs/
puppetmaster25.balkon.statystyka.net.pem
    localcacert = /etc/puppet/ssl/certs/ca.pem
    logdir = /var/puppet/log
    certdir = /etc/puppet/ssl/certs
    requestdir = /etc/puppet/ssl/certificate_requests
    httplog = /var/puppet/log/http.log
    libdir = /var/puppet/lib
    passfile = /etc/puppet/ssl/private/password
    splaylimit = 1800
    statefile = /var/puppet/state/state.yaml
    puppetdlog = /var/puppet/log/puppetd.log
    report_port = 8140
    ca_server = puppet
    puppetdlockfile = /var/puppet/state/puppetdlock
    clientyamldir = /var/puppet/client_yaml
    reportserver = puppet
    ca_port = 8140
    localconfig = /var/puppet/state/localconfig
    clientbucketdir = /var/puppet/clientbucket
    classfile = /var/puppet/state/classes.txt
    report_server = puppet
    graphdir = /var/puppet/state/graphs
    fileserverconfig = /etc/puppet/fileserver.conf
    config = /etc/puppet/puppet.conf
    masterlog = /var/puppet/log/puppetmaster.log
    rrddir = /var/puppet/rrd
    pidfile = /var/puppet/run/puppetmasterd.pid
    manifestdir = /etc/puppet/manifests
    masterhttplog = /var/puppet/log/masterhttp.log
    bucketdir = /var/puppet/bucket
    modulepath = /etc/puppet/modules:/usr/share/puppet/modules
    reportdir = /var/puppet/reports
    rrdinterval = 1800
    manifest = /etc/puppet/manifests/site.pp
    rest_authconfig = /etc/puppet/auth.conf
    yamldir = /var/puppet/yaml
    templatedir = /var/puppet/templates
    tagmap = /etc/puppet/tagmail.conf

7. On server I run # puppetmasterd --no-daemonize --trace --debug
 and it gives me initially the following output:
debug: Failed to load library ''shadow'' for feature
''libshadow''
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does
not exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/
dscl does not exist
debug: Failed to load library ''ldap'' for feature
''ldap''
debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
debug: /File[/var/puppet/log/masterhttp.log]: Autorequiring File[/var/
puppet/log]
debug: /File[/var/puppet/lib]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/yaml]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/rrd]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring File
[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs/
puppetmaster25.balkon.statystyka.net.pem]: Autorequiring File[/etc/
puppet/ssl/certs]
debug: /File[/etc/puppet/ssl/public_keys/
puppetmaster25.balkon.statystyka.net.pem]: Autorequiring File[/etc/
puppet/ssl/public_keys]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/ssl/private_keys/
puppetmaster25.balkon.statystyka.net.pem]: Autorequiring File[/etc/
puppet/ssl/private_keys]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/
puppet/ssl]
debug: /File[/var/puppet/state]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/bucket]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/manifests]: Autorequiring File[/etc/puppet]
debug: /File[/var/puppet/run]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring File[/etc/
puppet/ssl/certs]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/
puppet/ssl]
debug: /File[/var/puppet/log]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/puppet/reports]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/puppet/facts]: Autorequiring File[/var/puppet]
debug: Finishing transaction -609472068 with 0 changes
debug: /File[/etc/puppet/ssl/ca/ca_pub.pem]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/requests]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/serial]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring File[/
etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/signed]: Autorequiring File[/etc/
puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring File[/
etc/puppet/ssl/ca/private]
debug: Finishing transaction -609710708 with 0 changes
debug: Using cached certificate for ca
debug: Using cached certificate for ca
debug: Using cached certificate for
puppetmaster25.balkon.statystyka.net
notice: Starting Puppet server version 0.25.1
debug: No file server configuration file; autocreating modules mount
with default permissions
debug: No file server configuration file; autocreating plugins mount
with default permissions
debug: Creating interpreter
debug: Finishing transaction -610530138 with 0 changes
debug: Finishing transaction -610532078 with 0 changes

8. On klient i do # puppetd --server
PuppetMaster25.balkon.statystyka.net --no-daemonize --debug --trace
    and i get the following output:
 debug: Failed to load library ''shadow'' for feature
''libshadow''
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/
dscl does not exist
debug: Failed to load library ''ldap'' for feature
''ldap''
debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does
not exist
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/var/puppet/state/graphs]: Autorequiring File[/var/puppet/
state]
debug: /File[/var/puppet/state]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/
puppet/ssl]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring File
[/etc/puppet/ssl]
debug: /File[/var/puppet/facts]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/lib]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring File[/etc/
puppet/ssl/certs]
debug: /File[/var/puppet/client_yaml]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/
puppet/ssl]
debug: /File[/var/puppet/run]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/clientbucket]: Autorequiring File[/var/
puppet]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/puppet/log]: Autorequiring File[/var/puppet]
debug: Finishing transaction -609620008 with 0 changes
debug: Using cached certificate for ca
debug: Using cached certificate for
puppetklient25.balkon.statystyka.net
notice: Starting Puppet client version 0.25.1
debug: Puppet::Network::Format[json]: false value when expecting true
debug: Format s not supported for Puppet::Resource::Catalog; has not
implemented method ''from_s''
warning: peer certificate won''t be verified in this SSL session
/usr/local/lib/site_ruby/1.8/puppet/indirector/rest.rb:55:in
`deserialize''
/usr/local/lib/site_ruby/1.8/puppet/indirector/rest.rb:69:in `find''
/usr/local/lib/site_ruby/1.8/puppet/indirector/indirection.rb:198:in
`find''
/usr/local/lib/site_ruby/1.8/puppet/indirector.rb:51:in `find''
/usr/local/lib/site_ruby/1.8/puppet/configurer.rb:94:in
`retrieve_catalog''
/usr/local/lib/site_ruby/1.8/puppet/util.rb:422:in `thinmark''
/usr/lib/ruby/1.8/benchmark.rb:293:in `measure''
/usr/lib/ruby/1.8/benchmark.rb:307:in `realtime''
/usr/local/lib/site_ruby/1.8/puppet/util.rb:421:in `thinmark''
/usr/local/lib/site_ruby/1.8/puppet/configurer.rb:93:in
`retrieve_catalog''
/usr/local/lib/site_ruby/1.8/puppet/configurer.rb:140:in `run''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:53:in `run''
/usr/local/lib/site_ruby/1.8/puppet/agent/locker.rb:21:in `lock''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:53:in `run''
/usr/lib/ruby/1.8/sync.rb:230:in `synchronize''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:53:in `run''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:130:in `with_client''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:51:in `run''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:104:in `start''
/usr/local/lib/site_ruby/1.8/puppet/external/event-loop/signal-
system.rb:97:in `call''
/usr/local/lib/site_ruby/1.8/puppet/external/event-loop/signal-
system.rb:97:in `__signal__''
/usr/local/lib/site_ruby/1.8/puppet/external/event-loop/signal-
system.rb:97:in `each''
/usr/local/lib/site_ruby/1.8/puppet/external/event-loop/signal-
system.rb:97:in `__signal__''
(eval):2:in `signal''
/usr/local/lib/site_ruby/1.8/puppet/external/event-loop/event-loop.rb:
321:in `sound_alarm''
/usr/local/lib/site_ruby/1.8/puppet/agent.rb:108:in `start''
/usr/local/lib/site_ruby/1.8/puppet/daemon.rb:127:in `start''
/usr/local/lib/site_ruby/1.8/puppet/application/puppetd.rb:116:in
`main''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:226:in `send''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:226:in
`run_command''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:217:in `run''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:306:in
`exit_on_fail''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:217:in `run''
/usr/sbin/puppetd:159
err: Could not retrieve catalog from remote server: Error 403 on
SERVER: Forbidden request: PuppetKlient25.balkon.statystyka.net
(192.168.3.142) access to /catalog/
puppetklient25.balkon.statystyka.net [find] at line 0
notice: Using cached catalog
err: Could not retrieve catalog; skipping run

9. Simultaneously the server adds:

info: Inserting default ''~ ^/catalog/([^/]+)$''(auth) acl
because /etc/
puppet/auth.conf doesn''t exist
info: Inserting default ''/file''(non-auth) acl because
/etc/puppet/
auth.conf doesn''t exist
info: Inserting default
''/certificate_revocation_list/ca''(auth) acl
because /etc/puppet/auth.conf doesn''t exist
info: Inserting default ''/report''(auth) acl because
/etc/puppet/
auth.conf doesn''t exist
info: Inserting default ''/certificate/ca''(non-auth) acl
because /etc/
puppet/auth.conf doesn''t exist
info: Inserting default ''/certificate/''(non-auth) acl because
/etc/
puppet/auth.conf doesn''t exist
info: Inserting default ''/certificate_request''(non-auth) acl
because /
etc/puppet/auth.conf doesn''t exist
info: access[/]: defaulting to no access for
PuppetKlient25.balkon.statystyka.net
warning: Denying access: Forbidden request:
PuppetKlient25.balkon.statystyka.net(192.168.3.142) access to /catalog/
puppetklient25.balkon.statystyka.net [find] at line 0
/usr/local/lib/site_ruby/1.8/puppet/network/rights.rb:79:in
`fail_on_deny''
/usr/local/lib/site_ruby/1.8/puppet/network/rest_authconfig.rb:36:in
`allowed?''
/usr/local/lib/site_ruby/1.8/puppet/network/rest_authorization.rb:
21:in `check_authorization''
/usr/local/lib/site_ruby/1.8/puppet/network/http/handler.rb:66:in
`process''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick/rest.rb:23:in
`service''
/usr/lib/ruby/1.8/webrick/httpserver.rb:104:in `service''
/usr/lib/ruby/1.8/webrick/httpserver.rb:65:in `run''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:45:in
`listen''
/usr/lib/ruby/1.8/webrick/server.rb:173:in `call''
/usr/lib/ruby/1.8/webrick/server.rb:173:in `start_thread''
/usr/lib/ruby/1.8/webrick/server.rb:162:in `start''
/usr/lib/ruby/1.8/webrick/server.rb:162:in `start_thread''
/usr/lib/ruby/1.8/webrick/server.rb:95:in `start''
/usr/lib/ruby/1.8/webrick/server.rb:92:in `each''
/usr/lib/ruby/1.8/webrick/server.rb:92:in `start''
/usr/lib/ruby/1.8/webrick/server.rb:23:in `start''
/usr/lib/ruby/1.8/webrick/server.rb:82:in `start''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:42:in
`listen''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:41:in
`initialize''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:41:in
`new''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:41:in
`listen''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:38:in
`synchronize''
/usr/local/lib/site_ruby/1.8/puppet/network/http/webrick.rb:38:in
`listen''
/usr/local/lib/site_ruby/1.8/puppet/network/server.rb:131:in `listen''
/usr/local/lib/site_ruby/1.8/puppet/network/server.rb:146:in `start''
/usr/local/lib/site_ruby/1.8/puppet/daemon.rb:128:in `start''
/usr/local/lib/site_ruby/1.8/puppet/application/puppetmasterd.rb:
122:in `main''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:226:in `send''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:226:in
`run_command''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:217:in `run''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:306:in
`exit_on_fail''
/usr/local/lib/site_ruby/1.8/puppet/application.rb:217:in `run''
/usr/sbin/puppetmasterd:66
err: Forbidden request: PuppetKlient25.balkon.statystyka.net
(192.168.3.142) access to /catalog/
puppetklient25.balkon.statystyka.net [find] at line 0

10. «puppetca --list» prints nothing.

What should I do to get puppets talking to each other? Maybe I should
install some previous version, and then reinstall on top of it v0.25?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

I have found a walkaround (the same as in the bug 2617). On the server
side one has to first install and remove the old puppetmaster from
repositories. It works with Ubuntu 8.04.

Maybe I shouldn''t have posted it here, but as far as I can understand
the http://projects.reductivelabs.com/issues/2617, the status of this
bug was "closed" and then "accepted", and the fix was
"Applied in
changeset a1d3b04296babc42b6a00956508c86c18e2b39bc", which I believe I
should have downloaded when I was getting the last version from git.

So if my assumptions were true, the bug has not been solved.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Adam Ryczkowski wrote:
> I have found a walkaround (the same as in the bug 2617). On the server
> side one has to first install and remove the old puppetmaster from
> repositories. It works with Ubuntu 8.04.
> 
> Maybe I shouldn''t have posted it here, but as far as I can
understand
> the http://projects.reductivelabs.com/issues/2617, the status of this
> bug was "closed" and then "accepted", and the fix was
"Applied in
> changeset a1d3b04296babc42b6a00956508c86c18e2b39bc", which I believe I
> should have downloaded when I was getting the last version from git.
> 
> So if my assumptions were true, the bug has not been solved.
Depends what branch you installed from.  It''s been hotfixed in the
0.25.x branch but not yet fixed in the master (dev) branch.

Can you test the 0.25.1rc2 tarball please?

Regards

James Turnbull

- --
Author of:
* Pro Linux Systems Administration (http://tinyurl.com/linuxadmin)
* Pulling Strings with Puppet (http://tinyurl.com/pupbook)
* Pro Nagios 2.0 (http://tinyurl.com/pronagios)
* Hardening Linux (http://tinyurl.com/hardeninglinux)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSuFStCFa/lDkFHAyAQKMCgf/dOc60zf+5XymoENrCvqSVlxET1nVgfyM
AFj8bPuPGjl4vR7wnSBZHDP/SG5DGd68XSwkPT0U2+5sYooSkWQTtJgXa2iZc3m3
NrXEvus0qcb/8tW+NAkwHVH38nBkI3gkli8HWfrS+x3ebKqFwQpiFmmj+7XFDzpY
O6FWVYJ+nUS5+Av+29yTpBSImQg60BO4rRWw4cZgoveUpl9KGzJDddusoHe49d7D
WWTMbS8/NibuXVPiM6vi7T0bUeV100GAoLiRpWbCM8yKQsOC+qqrwTUC1EzBK82s
H0IURVscV1p514qSQ+8sFOOMyuWr7TuZeKpE83wKealE+ed0lUSPmQ==WaY7
-----END PGP SIGNATURE-----

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---