Puppet users - May 2013 - Bug in puppetdb-ssl-setup?

I''m setting up PuppetDB for the first time (and on OpenSuSE, yay). 
After
some tinkering I''ve gotten the package rebuilt and working.  However,
on
first setup puppetdb-ssl-setup fails with the following message:

# /usr/sbin/puppetdb-ssl-setup
cp: cannot stat
`/var/lib/puppet/ssl/private_keys/puppetmaster.mycompany.com.pem'': No
such
file or directory

I''m planning on running PuppetDB on a separate box from my
Puppetmaster.
 Digging into the script a bit, the problem seems to be with the use of the
''puppet master'' command to find the certificate information. 
I use a
monolithic puppet.conf for my master and agents, so it''s picking up the
master''s configuration instead of the agent''s.

Anyhow, this small diff seems to get me past the problem.  Is this a bug?

Thanks,
Jeffrey.


# diff -u /usr/sbin/puppetdb-ssl-setup puppetdb-ssl-setup
--- /usr/sbin/puppetdb-ssl-setup 2013-05-06 11:04:25.000000000 -0500
+++ puppetdb-ssl-setup 2013-05-08 12:57:47.423096218 -0500
@@ -94,10 +94,10 @@
   fqdn=`facter hostname`
 fi

-mycertname=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
--configprint  certname`
-mycert=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
--configprint  hostcert`
-myca=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
--configprint localcacert`
-privkey=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
--configprint hostprivkey`
+mycertname=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
--configprint  certname`
+mycert=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
--configprint  hostcert`
+myca=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
--configprint localcacert`
+privkey=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
--configprint hostprivkey`

 pw_file=${puppetdb_confdir}/ssl/puppetdb_keystore_pw.txt

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Hi Jeffrey,

It is a ''bug'', and a known one at that:

http://projects.puppetlabs.com/issues/17523

Feel free to watch/vote for it.

ken.

On Wed, May 8, 2013 at 7:04 PM, Jeffrey Watts <jeffrey.w.watts@gmail.com>
wrote:
> I''m setting up PuppetDB for the first time (and on OpenSuSE, yay).
After
> some tinkering I''ve gotten the package rebuilt and working. 
However, on
> first setup puppetdb-ssl-setup fails with the following message:
>
> # /usr/sbin/puppetdb-ssl-setup
> cp: cannot stat
> `/var/lib/puppet/ssl/private_keys/puppetmaster.mycompany.com.pem'':
No such
> file or directory
>
> I''m planning on running PuppetDB on a separate box from my
Puppetmaster.
> Digging into the script a bit, the problem seems to be with the use of the
> ''puppet master'' command to find the certificate
information.  I use a
> monolithic puppet.conf for my master and agents, so it''s picking
up the
> master''s configuration instead of the agent''s.
>
> Anyhow, this small diff seems to get me past the problem.  Is this a bug?
>
> Thanks,
> Jeffrey.
>
>
> # diff -u /usr/sbin/puppetdb-ssl-setup puppetdb-ssl-setup
> --- /usr/sbin/puppetdb-ssl-setup 2013-05-06 11:04:25.000000000 -0500
> +++ puppetdb-ssl-setup 2013-05-08 12:57:47.423096218 -0500
> @@ -94,10 +94,10 @@
>    fqdn=`facter hostname`
>  fi
>
> -mycertname=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint  certname`
> -mycert=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint  hostcert`
> -myca=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint localcacert`
> -privkey=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint hostprivkey`
> +mycertname=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint  certname`
> +mycert=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint  hostcert`
> +myca=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint localcacert`
> +privkey=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> --configprint hostprivkey`
>
>  pw_file=${puppetdb_confdir}/ssl/puppetdb_keystore_pw.txt
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscribe@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Thanks Ken!

J.


On Thu, May 9, 2013 at 7:26 AM, Ken Barber <ken@puppetlabs.com> wrote:
> Hi Jeffrey,
>
> It is a ''bug'', and a known one at that:
>
> http://projects.puppetlabs.com/issues/17523
>
> Feel free to watch/vote for it.
>
> ken.
>
> On Wed, May 8, 2013 at 7:04 PM, Jeffrey Watts
<jeffrey.w.watts@gmail.com>
> wrote:
> > I''m setting up PuppetDB for the first time (and on OpenSuSE,
yay).  After
> > some tinkering I''ve gotten the package rebuilt and working. 
However, on
> > first setup puppetdb-ssl-setup fails with the following message:
> >
> > # /usr/sbin/puppetdb-ssl-setup
> > cp: cannot stat
> >
`/var/lib/puppet/ssl/private_keys/puppetmaster.mycompany.com.pem'': No
> such
> > file or directory
> >
> > I''m planning on running PuppetDB on a separate box from my
Puppetmaster.
> > Digging into the script a bit, the problem seems to be with the use of
> the
> > ''puppet master'' command to find the certificate
information.  I use a
> > monolithic puppet.conf for my master and agents, so it''s
picking up the
> > master''s configuration instead of the agent''s.
> >
> > Anyhow, this small diff seems to get me past the problem.  Is this a
bug?
> >
> > Thanks,
> > Jeffrey.
> >
> >
> > # diff -u /usr/sbin/puppetdb-ssl-setup puppetdb-ssl-setup
> > --- /usr/sbin/puppetdb-ssl-setup 2013-05-06 11:04:25.000000000 -0500
> > +++ puppetdb-ssl-setup 2013-05-08 12:57:47.423096218 -0500
> > @@ -94,10 +94,10 @@
> >    fqdn=`facter hostname`
> >  fi
> >
> > -mycertname=`puppet master --confdir=$agent_confdir
> --vardir=$agent_vardir
> > --configprint  certname`
> > -mycert=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
> > --configprint  hostcert`
> > -myca=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir
> > --configprint localcacert`
> > -privkey=`puppet master --confdir=$agent_confdir
--vardir=$agent_vardir
> > --configprint hostprivkey`
> > +mycertname=`puppet agent --confdir=$agent_confdir
--vardir=$agent_vardir
> > --configprint  certname`
> > +mycert=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> > --configprint  hostcert`
> > +myca=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> > --configprint localcacert`
> > +privkey=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir
> > --configprint hostprivkey`
> >
> >  pw_file=${puppetdb_confdir}/ssl/puppetdb_keystore_pw.txt
> >
> > --
> > You received this message because you are subscribed to the Google
Groups
> > "Puppet Users" group.
> > To unsubscribe from this group and stop receiving emails from it, send
an
> > email to puppet-users+unsubscribe@googlegroups.com.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > Visit this group at http://groups.google.com/group/puppet-users?hl=en.
> > For more options, visit https://groups.google.com/groups/opt_out.
> >
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscribe@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.