similar to: SECURITY: Authorization vulnerability in Puppet 2.6.x

Trying to get an EC2 AMI running puppet 0.25 and i''m hitting a problem. After installing the rpms and starting puppet it was just quitting with only: puppetd[3313]: Reopening log files In the log file. When running it with the following I get some more output. -bash-3.1# puppetd -D -d -t --trace debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug:

Hello all, I''ve tried to run ''puppetrun'', but there seems something unconfigured regarding the certificates. The reverse way (puppetd pulls the config from puppetmasterd) works fine. The namespaceauth.conf on the client (where puppetd runs) is configured as follows: [puppetrunner] allow *.abc.net (also tried the calling host: puppet1.abc.net) But when I call

Hello, Running into a problem when wanting to daemon-ize the agent. It doesnt seems to do anything: - cannot find any daemon process with (ps aux | grep puppet) - the config is not updated after editing some params on the master - /var/log/puppet stay empty... while, when logged as root, it is working without issue with $puppet agent --test. ##Conf Ubuntu 12.04 Puppet 2.7.11 ## Daemon is

We use puppet with two environments: [main] and [development]. These environments have different locations for their puppet manifests and modules (see puppet.conf below). Whenever I change/update a file in the directories belonging to the “main” environment, puppetmaster notices these changes and reacts to them w/o any hiccups. In contrast to this – if I change/touch a file in a directory

We have discovered a security vulnerability (“AltNames Vulnerability”) whereby a malicious attacker can impersonate the Puppet master using credentials from a Puppet agent node. This vulnerability cannot cross Puppet deployments, but it can allow an attacker with elevated privileges on one Puppet-managed node to gain control of any other Puppet-managed node within the same infrastructure. All

When I use the latest puppet 0.25.1 I got the same problem. This is what I do: 0. Install the Ubuntu 8.04 server with ssh, ruby, rdoc, libopenssl- ruby and git-core (which gets removed after clone). 1. Install the latest puppet from git repositories on both machines using git clone «git clone git://github.com/reductivelabs/puppet» and «git clone git://github.com/reductivelabs/facter» 2. Install it

How do I debug errors with external nodes? When my client connects, the following appears on the puppetmaster when running in debug mode. It''s not feasible to always be running the pupeptmaster in debug mode. debug: importing ''/etc/puppet/modules/yum/manifests/client.pp'' in environment production info: Automatically imported yum::client from yum/client into production

Hi, I have a puppet infrastructure running 2.6.14 under Passenger with about 30 nodes. I''m just spinning up a new Cent 6.3, puppet 2.7.19 master. Right now I have the master built and configured using the same configuration as my 2.6.14 setup, with a few tweaks for the new version. Puppet on the master built itself fine. I have puppetd stopped on the master. I tried pointing one

Hello Everybody, I am trying to install the puppetdb on the same machine as am running my puppetmaster. I am getting the following error when am trying to connect the agent: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit ''replace facts'' command for ftldwshost180.wsdev.citrix.com to PuppetDB at

This release addresses issues with the Puppet 2.7.0rc3 series. This release is available for download at: <http://goog_1305397870/> http://www.puppetlabs.com/downloads/puppet/puppet-2.7.0rc4.tar.gz See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Please report feedback via the Puppet Labs Redmine site, using an affected

Not sure if this is another issue cropping up with 0.24.1 but I''m getting the following: info: Loading fact raid /etc/puppet/facts/location.rb:5: private method `split'' called for nil:NilClass (NoMethodError) from /usr/lib/ruby/site_ruby/1.8/facter.rb:510:in `call'' from /usr/lib/ruby/site_ruby/1.8/facter.rb:510:in `value'' from

Anyone know what this is? It doesn''t seem related to puppet but I''m stumped. info: Loading facts in dmidecode info: Loading facts in cpuinfo debug: catalog supports formats: b64_zlib_yaml marshal pson raw yaml; using pson /usr/lib64/ruby/site_ruby/1.8/puppet/indirector/rest.rb:55:in `deserialize'' /usr/lib64/ruby/site_ruby/1.8/puppet/indirector/rest.rb:69:in

I can''t seem to get the authorized_key type to work at all on my systems. Below is my configuration that I used. I could have something missing but the examples I see make it difficult to compare. Additionally if I try and do the reverse using puppet resource nothing comes up: puppet resource ssh_authorized_key (this returns nothing) puppet resource ssh_authorized_key username

Hi everyone, I''m stuck with this error trying to set up inspection reports : Could not send report: Error 400 on SERVER: Could not intern from yaml: undefined method `intern'' for nil:NilClass Earlier, I had this one : Could not run: Could not find catalog for hostname That I fixed with : catalog_cache_terminus = yaml Agent and server are running puppet 3.2.3. Full

Hello. While trying to get to the bottom of a puppetmaster+unicorn+nginx rig that''s serving empty files, it seemed to be a relatively sensible idea to upgrade the puppetmaster to 2.6.1 This broke in a manner that seems to be the multiple-& bug. Running the puppetmaster standalone gives the following: [ ... ] info: mount[files]: allowing *.mysparedomain.com access info:

Hello All, (Salut) Sebastien is a French user among us, and doesn''t speak English, so I''ve been talking with him in French the best way I know how (Google is god.) So, I will also translate the conversation going on, so that everyone will be able to understand, and keep up with what has been going on: (Sebastien est un utilisateur français parmi nous, et ne parle pas

All- Poking around in the bug database it looks like storeconfigs is being actively worked on. I am using 2.7.6 on my master as well as all the clients. I have clients boot , start puppet and get a signed cert via auto signing. The nagios module (and currently the only thing puppet does) complains a lot during compile time about not having storeconfigs enabled, which is not the case in my

Hello all, I get this intermittent error saying OpenURI::HTTPError. At the bottom of the email is what is reported in my backgroundrb_server_<port>.log file. The process_netflix_reviews method is parsing (in the background) Netflix''s RSS feeds. This error also pretty much brings down the BDRb process and to recover, I am forced to do a ./script/backgroundrb stop

Asterisk Project Security Advisory - AST-2018-009 Product Asterisk Summary Remote crash vulnerability in HTTP websocket upgrade Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

Asterisk Project Security Advisory - AST-2018-010 Product Asterisk Summary Remote crash vulnerability DNS SRV and NAPTR lookups Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate