Issue #2500 has been updated by Ohad Levy. Assigned to changed from Ohad Levy to Luke Kanies
in 0.24-8, I've disabled the access to the SSL directory for puppetmasters that have no ca however in 0.25 (/w passenger) it seems that puppet still want to read the ssl/private keys dir regardless of its role. is this is by design behavior? backtrace is: </pre> Permission denied - /var/lib/puppet/ssl/private_keys/certname.pem /usr/lib/ruby/site_ruby/1.8/puppet/ssl/key.rb 46 in `read' /usr/lib/ruby/site_ruby/1.8/puppet/ssl/key.rb 46 in `read' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/ssl_file.rb 86 in `find' /usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb 198 in `find' /usr/lib/ruby/site_ruby/1.8/puppet/indirector.rb 51 in `find' /usr/lib/ruby/site_ruby/1.8/puppet/ssl/host.rb 130 in `key' /usr/lib/ruby/site_ruby/1.8/puppet/ssl/host.rb 170 in `certificate' /usr/lib/ruby/site_ruby/1.8/puppet/ssl/host.rb 27 in `init_localhost' /usr/lib/ruby/site_ruby/1.8/puppet/util/cacher.rb 106 in `send' /usr/lib/ruby/site_ruby/1.8/puppet/util/cacher.rb 106 in `cached_value' /usr/lib/ruby/site_ruby/1.8/puppet/util/cacher.rb 46 in `localhost' /usr/lib/ruby/site_ruby/1.8/puppet/application/puppetmasterd.rb 93 in `main' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb 226 in `send' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb 226 in `run_command' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb 217 in `run' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb 306 in `exit_on_fail' /usr/lib/ruby/site_ruby/1.8/puppet/application.rb 217 in `run' config.ru 17 /usr/lib/ruby/gems/1.8/gems/passenger-2.2.2/vendor/rack-1.0.0-git/lib/rack/builder.rb 29 in `instance_eval' /usr/lib/ruby/gems/1.8/gems/passenger-2.2.2/vendor/rack-1.0.0-git/lib/rack/builder.rb 29 in `initialize' config.ru 1 in `new' config.ru </pre> ---------------------------------------- Bug #2500: puppetmaster failes when not running as a ca http://projects.reductivelabs.com/issues/2500 Author: Ohad Levy Status: Needs more information Priority: Normal Assigned to: Luke Kanies Category: SSL Target version: 0.25.0 Complexity: Unknown Affected version: 0.25.0rc1 Keywords: when running with puppetca false option, the following is observed on a client: <pre> err: Could not retrieve catalog from remote server: Error 500 on SERVER: Internal Server Error </pre> and on the server: <pre> 1.2.3.4 - - [05/Aug/2009:13:44:02 +0800] "GET /development/certificate_revocation_list/ca HTTP/1.1" 500 9451 "-" "-" Aug 5 13:44:11 hostname puppetd[23354]: Could not retrieve catalog from remote server: Error 500 on SERVER: Internal Server Error </pre> this happens when running the puppetmaster and puppetd on the same machine. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
