Issue #2968 has been updated by Markus Roberts.
The original report: I have a puppetmaster (mongrel behind apache, 0.25.1), which is serving several dozens clients just fine. Today I tried to add a new client, and fired up puppetd to set up the SSL certificates, but the client doesn't seem to be able to get a certificate: swan:/tmp# puppetd --no-daemonize --debug --onetime --waitforcert 30 debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/swan.madduck.net.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/run/puppet/puppetd.pid]: Autorequiring File[/var/run/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/csr_swan.madduck.net.pem]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys/swan.madduck.net.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: Finishing transaction -614074518 with 0 changes debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate_request for swan.madduck.net debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca warning: peer certificate won't be verified in this SSL session The server sees the packets to port 8140 fine, and apache forwards them on the load balancer. puppetmasterd sees them, but logs puppetmasterd[7369]: Could not resolve 80.68.90.58: Address family not supported by protocol - sendto(2) 80.68.90.58 is the client's IP, and it's a normal IPv4 IP, which the server can ping and all that. Any idea what's going on? ---------------------------------------- Bug #2968: Fails to work with ipv6 resolver http://projects.reductivelabs.com/issues/2968 Author: James Turnbull Status: Investigating Priority: Normal Assigned to: Markus Roberts Category: plumbing Target version: 0.25.2 Affected version: 0.25.1 Keywords: Branch: Package: puppetmaster Version: 0.25.1-2 Severity: normal Tags: ipv6 If /etc/resolv.conf contains an IPv6 nameserver (and everything basically works), then puppetmaster won't. While existing clients seem to work fine, a new client elicits the following warning: puppetmasterd[7369]: Could not resolve 80.68.90.58: Address family not supported by protocol - sendto(2) That client will not be able to submit a CSR to the puppet CA. After removing the IPv6 nameserver, I needed to purge and reinstall the client's puppetd for the certificate exchange to work. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31-1-amd64 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages puppet depends on: ii adduser 3.111 add and remove users and groups pn facter <none> (no description available) pn libopenssl-ruby <none> (no description available) pn libshadow-ruby1.8 <none> (no description available) pn libxmlrpc-ruby <none> (no description available) ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip ii ruby1.8 1.8.7.174-2 Interpreter of object-oriented scr Versions of packages puppet recommends: pn libaugeas-ruby1.8 <none> (no description available) pn rdoc <none> (no description available) puppet suggests no packages. http://bugs.debian.org/561650 -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
