Issue #772 has been updated by josh.
The only approach that I can think of that leaves the keys unreadable by the puppet user is to use Apache-style forking, but I know that's been discussed and I'm pretty sure it's not in the roadmap at the moment. (It *would* greatly simplify managing puppetmasterd, though.) ---------------------------------------- Bug #772: puppetmasterd should fail more intelligently when receiving a SIGHUP http://projects.reductivelabs.com/issues/772 Author: emerose Status: Accepted Priority: Normal Assigned to: community Category: executables Target version: unplanned Complexity: Medium Patch: None Affected version: 0.24.4 Keywords: Sending a SIGHUP to the puppetmasterd caused it to keel over: <pre> /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet.rb:245:in @settraps': uninitialized constant Puppet::Network::Client::Master (NameError) </pre> Trace: <pre> /var/lib/gems/1.8/bin/puppetmasterd --verbose --debug --mkusers --certname puppet.example.com --trace info: Starting server for Puppet version 0.23.2 debug: user provider pw: Not suitable: missing pw debug: user provider netinfo: Not suitable: missing nireport debug: user provider directoryservice: Not suitable: operatingsystem not in darwin debug: group provider pw: Not suitable: missing /usr/sbin/pw debug: group provider netinfo: Not suitable: missing nireport debug: group provider directoryservice: Not suitable: operatingsystem not in darwin debug: /puppetconfig/main/File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]: Autorequiring File[/etc/puppet/ssl] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys/puppet.example.com.pem]: Autorequiring File[/etc/puppet/ssl/private_keys] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/main/File[/var/puppet/state/state.yaml]: Autorequiring File[/var/puppet/state] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl] debug: /puppetconfig/main/File[/var/puppet/state]: Autorequiring File[/var/puppet] debug: /puppetconfig/main/File[/var/puppet/facts]: Autorequiring File[/var/puppet] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys/puppet.example.com.pem]: Autorequiring File[/etc/puppet/ssl/public_keys] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/puppet/ssl] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring File[/etc/puppet/ssl/ca/private] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/serial]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/serial]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/serial]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/main/File[/var/puppet/lib]: Autorequiring File[/var/puppet] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl] debug: /puppetconfig/main/File[/var/puppet/run]: Autorequiring File[/var/puppet] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/puppet/ssl] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_pub.pem]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_pub.pem]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_pub.pem]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/main/File[/var/puppet/plugins]: Autorequiring File[/var/puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/csr_puppet.example.com.pem]: Autorequiring File[/etc/puppet/ssl] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs/puppet.example.com.pem]: Autorequiring File[/etc/puppet/ssl/certs] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/ca/File[/etc/puppet/autosign.conf]: Autorequiring File[/etc/puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/main/User[puppet]: Autorequiring Group[puppet] debug: /puppetconfig/main/File[/var/puppet/log]: Autorequiring Group[puppet] debug: /puppetconfig/main/File[/var/puppet/log]: Autorequiring User[puppet] debug: /puppetconfig/main/File[/var/puppet/log]: Autorequiring File[/var/puppet] debug: /puppetconfig/main/File[/etc/puppet/namespaceauth.conf]: Autorequiring File[/etc/puppet] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring File[/etc/puppet/ssl/certs] debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private/password]: Autorequiring File[/etc/puppet/ssl/private] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring Group[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring User[puppet] debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring File[/etc/puppet/ssl/ca] debug: /puppetconfig/main/File[/etc/puppet/namespaceauth.conf]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/autosign.conf]: File does not exist debug: /puppetconfig/main/File[/var/puppet/plugins]: File does not exist debug: /puppetconfig/main/File[/var/puppet/facts]: File does not exist debug: /puppetconfig/main/File[/var/puppet/state/state.yaml]: File does not exist debug: /puppetconfig/main/File[/etc/puppet/ssl]: File does not exist debug: /puppetconfig/main/File[/etc/puppet/ssl]: Changing ensure debug: /puppetconfig/main/File[/etc/puppet/ssl]: 1 change(s) debug: /puppetconfig/main/File[/etc/puppet/ssl]/ensure: setting directory (currently absent) debug: /puppetconfig/main/File[/etc/puppet/ssl]/ensure: created debug: /puppetconfig/ssl/File[/etc/puppet/ssl/csr_puppet.example.com.pem]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys]: Changing ensure debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys]: 1 change(s) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys]/ensure: setting directory (currently absent) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys]/ensure: created debug: /puppetconfig/ssl/File[/etc/puppet/ssl/public_keys/puppet.example.com.pem]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private]: Changing ensure debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private]: 1 change(s) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private]/ensure: setting directory (currently absent) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private]/ensure: created debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private/password]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys]: Changing ensure debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys]: 1 change(s) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys]/ensure: setting directory (currently absent) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys]/ensure: created debug: /puppetconfig/ssl/File[/etc/puppet/ssl/private_keys/puppet.example.com.pem]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs]: Changing ensure debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs]: 1 change(s) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs]/ensure: setting directory (currently absent) debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs]/ensure: created debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs/ca.pem]: File does not exist debug: /puppetconfig/ssl/File[/etc/puppet/ssl/certs/puppet.example.com.pem]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]: Changing ensure debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]: 1 change(s) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]/ensure: setting directory (currently absent) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca]/ensure: created debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crt.pem]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/inventory.txt]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]: Changing ensure debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]: 1 change(s) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]/ensure: setting directory (currently absent) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private]/ensure: created debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/private/ca.pass]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]: Changing ensure debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]: 1 change(s) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]/ensure: setting directory (currently absent) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/requests]/ensure: created debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_key.pem]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_pub.pem]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]: Changing ensure debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]: 1 change(s) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]/ensure: setting directory (currently absent) debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/signed]/ensure: created debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/serial]: File does not exist debug: /puppetconfig/ca/File[/etc/puppet/ssl/ca/ca_crl.pem]: File does not exist debug: Finishing transaction 23774977915440 with 9 changes debug: /puppetconfig/reporting/User[puppet]: Autorequiring Group[puppet] debug: /puppetconfig/reporting/File[/var/puppet/reports]: Autorequiring Group[puppet] debug: /puppetconfig/reporting/File[/var/puppet/reports]: Autorequiring User[puppet] debug: Finishing transaction 23774977244460 with 0 changes debug: /puppetconfig/metrics/User[puppet]: Autorequiring Group[puppet] debug: /puppetconfig/metrics/File[/var/puppet/rrd]: Autorequiring Group[puppet] debug: /puppetconfig/metrics/File[/var/puppet/rrd]: Autorequiring User[puppet] debug: Finishing transaction 23774977139660 with 0 changes debug: Creating interpreter debug: importing '/etc/puppet/manifests/common.pp' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/ast/function.rb:32:in @initialize' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:60:in @new' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:60:in @ast' grammar.ra:371:in @_reduce_100' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util/autoload.rb:75:in @_racc_yyparse_c' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util/autoload.rb:75:in @catch' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util/autoload.rb:75:in @_racc_yyparse_c' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/lexer.rb:283:in @scan' /usr/lib/ruby/1.8/racc/parser.rb:152:in @_racc_yyparse_c' /usr/lib/ruby/1.8/racc/parser.rb:152:in @+send+' /usr/lib/ruby/1.8/racc/parser.rb:152:in @yyparse' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:397:in @parse' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:199:in @import' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:183:in @collect' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:183:in @import' grammar.ra:498:in @_reduce_134' grammar.ra:497:in @each' grammar.ra:497:in @_reduce_134' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util/autoload.rb:75:in @_racc_yyparse_c' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util/autoload.rb:75:in @catch' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util/autoload.rb:75:in @_racc_yyparse_c' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/lexer.rb:283:in @scan' /usr/lib/ruby/1.8/racc/parser.rb:152:in @_racc_yyparse_c' /usr/lib/ruby/1.8/racc/parser.rb:152:in @+send+' /usr/lib/ruby/1.8/racc/parser.rb:152:in @yyparse' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/parser_support.rb:397:in @parse' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/interpreter.rb:651:in @parsefiles' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util.rb:212:in @benchmark' /usr/lib/ruby/1.8/benchmark.rb:293:in @measure' /usr/lib/ruby/1.8/benchmark.rb:307:in @realtime' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/util.rb:211:in @benchmark' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/interpreter.rb:650:in @parsefiles' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/parser/interpreter.rb:327:in @initialize' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/handler/master.rb:124:in @new' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/handler/master.rb:124:in @initialize' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/server/webrick.rb:134:in @new' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/server/webrick.rb:134:in @setup_handlers' /usr/lib/ruby/1.8/rubygems/custom_require.rb:27:in @collect' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/server/webrick.rb:129:in @each' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/server/webrick.rb:129:in @collect' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/server/webrick.rb:129:in @setup_handlers' /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/network/server/webrick.rb:79:in @initialize' /var/lib/gems/1.8/gems/puppet-0.23.2/bin/puppetmasterd:259:in @new' /var/lib/gems/1.8/gems/puppet-0.23.2/bin/puppetmasterd:259 /var/lib/gems/1.8/bin/puppetmasterd:18:in @load' /var/lib/gems/1.8/bin/puppetmasterd:18 err: Could not parse; using old configuration: Unknown function slash_escape at /etc/puppet/manifests/common.pp:63 debug: Finishing transaction 23774978581060 with 0 changes info: Creating a new certificate request for puppet.example.com info: Creating a new SSL key at /etc/puppet/ssl/private_keys/puppet.example.com.pem info: Autosign is enabled but /etc/puppet/autosign.conf is missing info: Signing certificate for CA server info: Signing certificate for puppet.example.com debug: /puppetconfig/puppetmasterd/File[/var/puppet/bucket]: Autorequiring Group[puppet] debug: /puppetconfig/puppetmasterd/File[/var/puppet/bucket]: Autorequiring User[puppet] debug: /puppetconfig/puppetmasterd/User[puppet]: Autorequiring Group[puppet] debug: /puppetconfig/puppetmasterd/File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/manifests] debug: /puppetconfig/puppetmasterd/File[/var/puppet/log/puppetmaster.log]: Autorequiring Group[puppet] debug: /puppetconfig/puppetmasterd/File[/var/puppet/log/puppetmaster.log]: Autorequiring User[puppet] debug: /puppetconfig/puppetmasterd/File[/var/puppet/log/masterhttp.log]: Autorequiring Group[puppet] debug: /puppetconfig/puppetmasterd/File[/var/puppet/log/masterhttp.log]: Autorequiring User[puppet] debug: /puppetconfig/puppetmasterd/File[/etc/puppet/modules:/usr/share/puppet/modules]: File does not exist debug: /puppetconfig/puppetmasterd/File[/etc/puppet/puppet.conf]: File does not exist debug: /puppetconfig/puppetmasterd/File[/var/puppet/log/puppetmaster.log]: File does not exist debug: Finishing transaction 23774978309320 with 0 changes info: Listening on port 8140 notice: Starting Puppet server version 0.23.2 /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet.rb:245:in @settraps': uninitialized constant Puppet::Network::Client::Master (NameError) from /usr/lib/ruby/1.8/rubygems/custom_require.rb:27:in @find' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet.rb:245:in @each' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet.rb:245:in @find' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet.rb:245:in @settraps' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/external/event-loop/event-loop.rb:127:in @call' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/external/event-loop/event-loop.rb:127:in @select' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/external/event-loop/event-loop.rb:127:in @select' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/external/event-loop/event-loop.rb:116:in @iterate' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet/external/event-loop/event-loop.rb:107:in @run' from /var/lib/gems/1.8/gems/puppet-0.23.2/lib/puppet.rb:361:in @start' from /var/lib/gems/1.8/gems/puppet-0.23.2/bin/puppetmasterd:306 from /var/lib/gems/1.8/bin/puppetmasterd:18:in @load' from /var/lib/gems/1.8/bin/puppetmasterd:18 </pre> ---------------------------------------- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
