ankush grover
2012-Apr-05 11:43 UTC
[Puppet Users] Somehow puppet is not able to start ossec service
Hi Friends,
I have configured Puppet 2.7.12-1 on Centos 6 as server and various clients
running on Redhat/Centos/Ubuntu etc.. The issue I am facing is that
somehow Puppet is not able to start the ossec service on the client.
If the service is stopped on the client then puppet is not able to start
the service. Below are the logs of the Puppet client running on the Centos
5 machine.
puppetd --test --server puppetmaster-del.example.com --debug
debug: Failed to load library ''shadow'' for feature
''libshadow''
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl
does not exist
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not
exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Failed to load library ''ldap'' for feature
''ldap''
debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
debug: Failed to load library ''rubygems'' for feature
''rubygems''
debug: Failed to load library ''selinux'' for feature
''selinux''
debug: /File[/var/lib/puppet/client_data]: Autorequiring
File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/resources.txt]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/state/last_run_summary.yaml]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring
File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/log/puppet/http.log]: Autorequiring File[/var/log/puppet]
debug: /File[/var/run/puppet/agent.pid]: Autorequiring File[/var/run/puppet]
debug:
/File[/var/lib/puppet/ssl/private_keys/linuxbackup-del4.synapse.com.pem]:
Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring
File[/var/lib/puppet]
debug:
/File[/var/lib/puppet/ssl/public_keys/linuxbackup-del4.synapse.com.pem]:
Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/classes.txt]: Autorequiring
File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring
File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/namespaceauth.conf]: Autorequiring
File[/etc/puppet]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state/last_run_report.yaml]: Autorequiring
File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/certs/linuxbackup-del4.synapse.com.pem]:
Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: Finishing transaction -607017838
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring
File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug:
/File[/var/lib/puppet/ssl/public_keys/linuxbackup-del4.synapse.com.pem]:
Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs/linuxbackup-del4.synapse.com.pem]:
Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/namespaceauth.conf]: Autorequiring
File[/etc/puppet]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/log/puppet/http.log]: Autorequiring File[/var/log/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug:
/File[/var/lib/puppet/ssl/private_keys/linuxbackup-del4.synapse.com.pem]:
Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: Finishing transaction -607864488
debug: Using cached certificate for ca
debug: Using cached certificate for linuxbackup-del4.synapse.com
notice: Ignoring --listen on onetime run
debug: Finishing transaction -608144338
debug: Loaded state in 0.00 seconds
debug: catalog supports formats: b64_zlib_yaml dot marshal pson raw yaml;
using pson
debug: Using cached certificate for ca
debug: Using cached certificate for linuxbackup-del4.synapse.com
debug: Using cached certificate_revocation_list for ca
debug: Puppet::Type::Package::ProviderRpm: Executing ''/bin/rpm
--version''
debug: Puppet::Type::Package::ProviderYum: Executing ''/bin/rpm
--version''
debug: Puppet::Type::Package::ProviderUrpmi: Executing ''/bin/rpm -ql
rpm''
debug: Puppet::Type::Package::ProviderAptrpm: Executing ''/bin/rpm -ql
rpm''
info: Caching catalog for linuxbackup-del4.synapse.com
debug: Puppet::Type::Service::ProviderRunit: file /usr/bin/sv does not exist
debug: Puppet::Type::Service::ProviderLaunchd: file /bin/launchctl does not
exist
debug: Puppet::Type::Service::ProviderSystemd: file /bin/systemctl does not
exist
debug: Puppet::Type::Service::ProviderGentoo: file /sbin/rc-update does not
exist
debug: Puppet::Type::Service::ProviderDaemontools: file /usr/bin/svc does
not exist
debug: Puppet::Type::Service::ProviderDebian: file /usr/sbin/update-rc.d
does not exist
debug: Puppet::Type::Package::ProviderSunfreeware: file pkg-get does not
exist
debug: Puppet::Type::Package::ProviderHpux: file /usr/sbin/swinstall does
not exist
debug: Puppet::Type::Package::ProviderApt: file /usr/bin/apt-get does not
exist
debug: Puppet::Type::Package::ProviderFreebsd: file /usr/sbin/pkg_delete
does not exist
debug: Puppet::Type::Package::ProviderPkg: file /usr/bin/pkg does not exist
debug: Puppet::Type::Package::ProviderZypper: file /usr/bin/zypper does not
exist
debug: Puppet::Type::Package::ProviderDpkg: file /usr/bin/dpkg does not
exist
debug: Puppet::Type::Package::ProviderUp2date: file /usr/sbin/up2date-nox
does not exist
debug: Puppet::Type::Package::ProviderPortage: file /usr/bin/eix-update
does not exist
debug: Puppet::Type::Package::ProviderFink: file /sw/bin/fink does not exist
debug: Puppet::Type::Package::ProviderRug: file /usr/bin/rug does not exist
debug: Puppet::Type::Package::ProviderAptrpm: file apt-get does not exist
debug: Puppet::Type::Package::ProviderPorts: file
/usr/local/sbin/pkg_deinstall does not exist
debug: Puppet::Type::Package::ProviderAix: file /usr/bin/lslpp does not
exist
debug: Puppet::Type::Package::ProviderGem: file gem does not exist
debug: Puppet::Type::Package::ProviderPortupgrade: file
/usr/local/sbin/pkg_deinstall does not exist
debug: Puppet::Type::Package::ProviderOpenbsd: file pkg_delete does not
exist
debug: Puppet::Type::Package::ProviderSun: file /usr/sbin/pkgadd does not
exist
debug: Puppet::Type::Package::ProviderNim: file /usr/sbin/nimclient does
not exist
debug: Puppet::Type::Package::ProviderPacman: file /usr/bin/pacman does not
exist
debug: Puppet::Type::Package::ProviderUrpmi: file urpmq does not exist
debug: Puppet::Type::Package::ProviderAptitude: file /usr/bin/aptitude does
not exist
debug: Creating default schedules
debug: Loaded state in 0.00 seconds
info: Applying configuration version ''1333625384''
debug: /Stage[main]/Ntp/Service[ntp]/subscribe: subscribes to File[ntp.conf]
debug: /Stage[main]/Ntp/File[ntp.conf]/require: requires Package[ntp]
debug: /Stage[main]/Noidamuninnode/File[/etc/munin.conf]/notify: subscribes
to Service[munin-node]
debug: /Stage[main]/Dnsresolve/File[/etc/resolv.conf]/notify: subscribes to
Service[nscd]
debug: /Stage[main]/Enablentpdate/Exec[/usr/local/sbin/ntp.sh]:
Autorequiring File[enablentpdate]
debug: /Schedule[daily]: Skipping device resources because running on a host
debug: /Schedule[monthly]: Skipping device resources because running on a
host
debug: /Schedule[hourly]: Skipping device resources because running on a
host
debug: Prefetching yum resources for package
debug: Puppet::Type::Package::ProviderYum: Executing ''/bin/rpm
--version''
debug: Puppet::Type::Package::ProviderYum: Executing ''/bin/rpm -qa
--nosignature --nodigest --qf ''%{NAME} %|EPOCH?{%{EPOCH}}:{0}|
%{VERSION}
%{RELEASE} %{ARCH}
''''
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml;
using pson
debug: /Schedule[never]: Skipping device resources because running on a host
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml;
using pson
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml;
using pson
debug: Exec[/usr/local/sbin/ntp.sh](provider=posix): Executing
''/usr/local/sbin/ntp.sh''
debug: Executing ''/usr/local/sbin/ntp.sh''
notice: /Stage[main]/Enablentpdate/Exec[/usr/local/sbin/ntp.sh]/returns:
executed successfully
debug: /Stage[main]/Enablentpdate/Exec[/usr/local/sbin/ntp.sh]: The
container Class[Enablentpdate] will propagate my refresh event
debug: Class[Enablentpdate]: The container Stage[main] will propagate my
refresh event
debug: Service[ntp](provider=redhat): Executing ''/sbin/service ntpd
status''
debug: Puppet::Type::Service::ProviderRedhat: Executing
''/sbin/chkconfig
ntpd''
debug: Service[sendmail](provider=redhat): Executing ''/sbin/service
sendmail status''
debug: Puppet::Type::Service::ProviderRedhat: Executing
''/sbin/chkconfig
sendmail''
debug: Service[xinetd](provider=redhat): Executing ''/sbin/service
xinetd
status''
debug: Puppet::Type::Service::ProviderRedhat: Executing
''/sbin/chkconfig
xinetd''
debug: /Schedule[weekly]: Skipping device resources because running on a
host
debug: Prefetching crontab resources for cron
debug: /Schedule[puppet]: Skipping device resources because running on a
host
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml;
using pson
debug: Service[munin-node](provider=redhat): Executing ''/sbin/service
munin-node status''
debug: Puppet::Type::Service::ProviderRedhat: Executing
''/sbin/chkconfig
munin-node''
debug: Service[ossec](provider=redhat): Executing ''/sbin/service ossec
status''
debug: Puppet::Type::Service::ProviderRedhat: Executing
''/sbin/chkconfig
ossec''
debug: file_metadata supports formats: b64_zlib_yaml marshal pson raw yaml;
using pson
debug: Service[nscd](provider=redhat): Executing ''/sbin/service nscd
status''
debug: Puppet::Type::Service::ProviderRedhat: Executing
''/sbin/chkconfig
nscd''
debug: Finishing transaction -608279958
debug: Storing state
debug: Stored state in 0.01 seconds
notice: Finished catalog run in 13.46 seconds
debug: Value of ''preferred_serialization_format'' (pson) is
invalid for
report, using default (marshal)
debug: report supports formats: b64_zlib_yaml marshal raw yaml; using
marshal
service ossec status
ossec-logcollector not running...
ossec-syscheckd not running...
ossec-agentd not running...
ossec-execd not running...
Ossec is starting fine through the service command
root@linuxbackup-del4 ~]# service ossec start
Starting OSSEC: [ OK ]
[root@linuxbackup-del4 ~]# service ossec status
ossec-logcollector is running...
ossec-syscheckd is running...
ossec-agentd is running...
ossec-execd is running...
Client Details
Puppet version: puppet-2.7.12-1.el5
ruby -v
ruby 1.8.5 (2006-08-25) [i386-linux]
Server Details
puppet-2.7.12-1
ruby -v
ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux]
What could be the reason Puppet not being able to start the ossec service?
Regards
Ankush
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/rDEmoH3jtPAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
jcbollinger
2012-Apr-06 15:09 UTC
[Puppet Users] Re: Somehow puppet is not able to start ossec service
On Apr 5, 6:43 am, ankush grover <ankushcen...@gmail.com> wrote:> Hi Friends, > > I have configured Puppet 2.7.12-1 on Centos 6 as server and various clients > running on Redhat/Centos/Ubuntu etc.. The issue I am facing is that > somehow Puppet is not able to start the ossec service on the client. > > If the service is stopped on the client then puppet is not able to start > the service. Below are the logs of the Puppet client running on the Centos > 5 machine.From the log, it does not appear that Puppet is unable to start the service, but rather that it thinks it doesn''t needs to do. The log shows it checking the service''s current status> debug: Service[ossec](provider=redhat): Executing ''/sbin/service ossec > status''and whether the service is enabled> debug: Puppet::Type::Service::ProviderRedhat: Executing ''/sbin/chkconfig > ossec''but not any attempt to start the service. There are two main possibilities: 1) Your manifest doesn''t declare that the service should be running, or 2) the service''s initscript does not follow LSB convention for the return value of the ''status'' command. Puppet relies on the return value, not the text output. See, for example, http://refspecs.linux-foundation.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html. My bet would be that the initscript''s ''status'' command is always returning 0, regardless of the actual status. Instead, it ought to return 1, 2, or 3 when the service is not running, depending on whether there is a leftover pid file, lock file, or neither. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.