I''m setting up PuppetDB for the first time (and on OpenSuSE, yay). After some tinkering I''ve gotten the package rebuilt and working. However, on first setup puppetdb-ssl-setup fails with the following message: # /usr/sbin/puppetdb-ssl-setup cp: cannot stat `/var/lib/puppet/ssl/private_keys/puppetmaster.mycompany.com.pem'': No such file or directory I''m planning on running PuppetDB on a separate box from my Puppetmaster. Digging into the script a bit, the problem seems to be with the use of the ''puppet master'' command to find the certificate information. I use a monolithic puppet.conf for my master and agents, so it''s picking up the master''s configuration instead of the agent''s. Anyhow, this small diff seems to get me past the problem. Is this a bug? Thanks, Jeffrey. # diff -u /usr/sbin/puppetdb-ssl-setup puppetdb-ssl-setup --- /usr/sbin/puppetdb-ssl-setup 2013-05-06 11:04:25.000000000 -0500 +++ puppetdb-ssl-setup 2013-05-08 12:57:47.423096218 -0500 @@ -94,10 +94,10 @@ fqdn=`facter hostname` fi -mycertname=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir --configprint certname` -mycert=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir --configprint hostcert` -myca=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir --configprint localcacert` -privkey=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir --configprint hostprivkey` +mycertname=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir --configprint certname` +mycert=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir --configprint hostcert` +myca=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir --configprint localcacert` +privkey=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir --configprint hostprivkey` pw_file=${puppetdb_confdir}/ssl/puppetdb_keystore_pw.txt -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Hi Jeffrey, It is a ''bug'', and a known one at that: http://projects.puppetlabs.com/issues/17523 Feel free to watch/vote for it. ken. On Wed, May 8, 2013 at 7:04 PM, Jeffrey Watts <jeffrey.w.watts@gmail.com> wrote:> I''m setting up PuppetDB for the first time (and on OpenSuSE, yay). After > some tinkering I''ve gotten the package rebuilt and working. However, on > first setup puppetdb-ssl-setup fails with the following message: > > # /usr/sbin/puppetdb-ssl-setup > cp: cannot stat > `/var/lib/puppet/ssl/private_keys/puppetmaster.mycompany.com.pem'': No such > file or directory > > I''m planning on running PuppetDB on a separate box from my Puppetmaster. > Digging into the script a bit, the problem seems to be with the use of the > ''puppet master'' command to find the certificate information. I use a > monolithic puppet.conf for my master and agents, so it''s picking up the > master''s configuration instead of the agent''s. > > Anyhow, this small diff seems to get me past the problem. Is this a bug? > > Thanks, > Jeffrey. > > > # diff -u /usr/sbin/puppetdb-ssl-setup puppetdb-ssl-setup > --- /usr/sbin/puppetdb-ssl-setup 2013-05-06 11:04:25.000000000 -0500 > +++ puppetdb-ssl-setup 2013-05-08 12:57:47.423096218 -0500 > @@ -94,10 +94,10 @@ > fqdn=`facter hostname` > fi > > -mycertname=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > --configprint certname` > -mycert=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > --configprint hostcert` > -myca=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > --configprint localcacert` > -privkey=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > --configprint hostprivkey` > +mycertname=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > --configprint certname` > +mycert=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > --configprint hostcert` > +myca=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > --configprint localcacert` > +privkey=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > --configprint hostprivkey` > > pw_file=${puppetdb_confdir}/ssl/puppetdb_keystore_pw.txt > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscribe@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Thanks Ken! J. On Thu, May 9, 2013 at 7:26 AM, Ken Barber <ken@puppetlabs.com> wrote:> Hi Jeffrey, > > It is a ''bug'', and a known one at that: > > http://projects.puppetlabs.com/issues/17523 > > Feel free to watch/vote for it. > > ken. > > On Wed, May 8, 2013 at 7:04 PM, Jeffrey Watts <jeffrey.w.watts@gmail.com> > wrote: > > I''m setting up PuppetDB for the first time (and on OpenSuSE, yay). After > > some tinkering I''ve gotten the package rebuilt and working. However, on > > first setup puppetdb-ssl-setup fails with the following message: > > > > # /usr/sbin/puppetdb-ssl-setup > > cp: cannot stat > > `/var/lib/puppet/ssl/private_keys/puppetmaster.mycompany.com.pem'': No > such > > file or directory > > > > I''m planning on running PuppetDB on a separate box from my Puppetmaster. > > Digging into the script a bit, the problem seems to be with the use of > the > > ''puppet master'' command to find the certificate information. I use a > > monolithic puppet.conf for my master and agents, so it''s picking up the > > master''s configuration instead of the agent''s. > > > > Anyhow, this small diff seems to get me past the problem. Is this a bug? > > > > Thanks, > > Jeffrey. > > > > > > # diff -u /usr/sbin/puppetdb-ssl-setup puppetdb-ssl-setup > > --- /usr/sbin/puppetdb-ssl-setup 2013-05-06 11:04:25.000000000 -0500 > > +++ puppetdb-ssl-setup 2013-05-08 12:57:47.423096218 -0500 > > @@ -94,10 +94,10 @@ > > fqdn=`facter hostname` > > fi > > > > -mycertname=`puppet master --confdir=$agent_confdir > --vardir=$agent_vardir > > --configprint certname` > > -mycert=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint hostcert` > > -myca=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint localcacert` > > -privkey=`puppet master --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint hostprivkey` > > +mycertname=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint certname` > > +mycert=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint hostcert` > > +myca=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint localcacert` > > +privkey=`puppet agent --confdir=$agent_confdir --vardir=$agent_vardir > > --configprint hostprivkey` > > > > pw_file=${puppetdb_confdir}/ssl/puppetdb_keystore_pw.txt > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to puppet-users+unsubscribe@googlegroups.com. > > To post to this group, send email to puppet-users@googlegroups.com. > > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscribe@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.