Issue #4210 has been reported by Gary Larizza.
----------------------------------------
Bug #4210: Autosign causing master to fail after cleaning its cert
http://projects.puppetlabs.com/issues/4210
Author: Gary Larizza
Status: Unreviewed
Priority: Low
Assigned to:
Category:
Target version:
Affected version: 2.6.0rc1
Keywords:
Branch:
Sorry if this is named poorly - feel free to fix.
I'm running OS X 10.6 Server and Puppet 2.6 on an Intel iMac. The box is
acting as both the Master and Agent.
I'm not sure how to classify this, but if I clean the cert of the Master via
"puppet cert --clean master.hostname", and I have an autosign.conf defined,
when I restart the Master service it will fail. Trying to run it a second time
works fine - but it fails initially. If you DON'T have an autosign.conf, it
works just fine.
Here, have a stack trace:
-----autosign.conf file------
*.huronhs.com
----clean cert and run puppet master----
bash-3.2# puppet cert --clean demomini.huronhs.com
notice: Revoked certificate with serial 4
notice: Removing file Puppet::SSL::Key demomini.huronhs.com at
'/etc/puppet/ssl/private_keys/demomini.huronhs.com.pem'
notice: Removing file Puppet::SSL::Certificate demomini.huronhs.com at
'/etc/puppet/ssl/ca/signed/demomini.huronhs.com.pem'
notice: Removing file Puppet::SSL::Certificate demomini.huronhs.com at
'/etc/puppet/ssl/certs/demomini.huronhs.com.pem'
----Start Puppet Master----
bash-3.2# puppet master --no-daemonize -v -d --trace
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderUser_role_add: file roledel does not
exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderUseradd: file usermod does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: Executing
'/usr/bin/dscl -plist . -list /Users'
debug: Puppet::Type::User::ProviderDirectoryservice: Executing
'/usr/bin/dscl -plist . -read /Users/puppet'
debug: Puppet::Type::File::ProviderMicrosoft_windows: feature
microsoft_windows is missing
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/log/masterhttp.log]: Autorequiring
File[/var/lib/puppet/log]
debug: /File[/var/lib/puppet/rrd]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/manifests/site.pp]: Autorequiring
File[/etc/puppet/manifests]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/bucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/manifests]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/fileserver.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/server_data]: Autorequiring
File[/var/lib/puppet]
debug: Finishing transaction 2164776700
debug: /File[/etc/puppet/ssl/ca/serial]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/requests]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/signed]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring
File[/etc/puppet/ssl/ca/private]
debug: /File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: Finishing transaction 2165315120
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: Finishing transaction 2164768240
debug: Using cached certificate for ca
info: Creating a new SSL key for demomini.huronhs.com
debug: Using cached certificate for ca
info: Creating a new SSL certificate request for demomini.huronhs.com
info: Certificate Request fingerprint (md5):
39:45:40:81:3B:B2:BE:65:07:A8:0E:AA:78:ED:07:01
notice: demomini.huronhs.com has a waiting certificate request
/Library/Ruby/Site/1.8/puppet/ssl/certificate_authority.rb:83:in
`autosign_store': uninitialized constant Puppet::Network::AuthStore (NameError)
from /Library/Ruby/Site/1.8/puppet/ssl/certificate_authority.rb:64:in
`autosign'
from /Library/Ruby/Site/1.8/puppet/ssl/certificate_request.rb:55:in `save'
from /Library/Ruby/Site/1.8/puppet/ssl/host.rb:147:in
`generate_certificate_request'
from /Library/Ruby/Site/1.8/puppet/ssl/host.rb:182:in `generate'
from /Library/Ruby/Site/1.8/puppet/ssl/host.rb:28:in `init_localhost'
from /Library/Ruby/Site/1.8/puppet/util/cacher.rb:102:in `send'
from /Library/Ruby/Site/1.8/puppet/util/cacher.rb:102:in `cached_value'
from /Library/Ruby/Site/1.8/puppet/util/cacher.rb:46:in `localhost'
from /Library/Ruby/Site/1.8/puppet/application/master.rb:86:in `main'
from /Library/Ruby/Site/1.8/puppet/application/master.rb:46:in `run_command'
from /Library/Ruby/Site/1.8/puppet/application.rb:301:in `run'
from /Library/Ruby/Site/1.8/puppet/application.rb:398:in `exit_on_fail'
from /Library/Ruby/Site/1.8/puppet/application.rb:301:in `run'
from /Library/Ruby/Site/1.8/puppet/util/command_line.rb:55:in `execute'
from /usr/bin/puppet:4
----Start Puppet Master again----
bash-3.2# puppet master --no-daemonize -v -d --trace
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderUser_role_add: file roledel does not
exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderUseradd: file usermod does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: Executing
'/usr/bin/dscl -plist . -list /Users'
debug: Puppet::Type::User::ProviderDirectoryservice: Executing
'/usr/bin/dscl -plist . -read /Users/puppet'
debug: Puppet::Type::File::ProviderMicrosoft_windows: feature
microsoft_windows is missing
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/fileserver.conf]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/var/lib/puppet/log/masterhttp.log]: Autorequiring
File[/var/lib/puppet/log]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/manifests/site.pp]: Autorequiring
File[/etc/puppet/manifests]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/bucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/manifests]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/rrd]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/server_data]: Autorequiring
File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/public_keys]
debug: /File[/etc/puppet/ssl/private_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/private_keys]
debug: /File[/etc/puppet/ssl/private_keys/demomini.huronhs.com.pem]/mode:
mode changed '640' to '600'
debug: /File[/etc/puppet/ssl/public_keys/demomini.huronhs.com.pem]/mode:
mode changed '640' to '644'
debug: Finishing transaction 2164749100
debug: /File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/signed]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/serial]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring
File[/etc/puppet/ssl/ca/private]
debug: /File[/etc/puppet/ssl/ca/requests]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: Finishing transaction 2165240660
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/etc/puppet/ssl/public_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/private_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: Finishing transaction 2164684140
debug: Using cached certificate for ca
debug: Using cached certificate for ca
debug: Using cached certificate_request for demomini.huronhs.com
debug: Using cached certificate for ca
debug: Using cached certificate_request for demomini.huronhs.com
notice: Signed certificate request for demomini.huronhs.com
notice: Removing file Puppet::SSL::CertificateRequest demomini.huronhs.com
at '/etc/puppet/ssl/ca/requests/demomini.huronhs.com.pem'
notice: Removing file Puppet::SSL::CertificateRequest demomini.huronhs.com
at '/etc/puppet/ssl/certificate_requests/demomini.huronhs.com.pem'
debug: /File[/etc/puppet/manifests/site.pp]: Autorequiring
File[/etc/puppet/manifests]
debug: Finishing transaction 2166718900
notice: Starting Puppet master version 2.6.0
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/private_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs/demomini.huronhs.com.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/public_keys]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs/demomini.huronhs.com.pem]/mode: mode
changed '640' to '644'
debug: Finishing transaction 2165352980
debug: /File[/etc/puppet/ssl/ca/ca_crl.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/ca_key.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/private/ca.pass]: Autorequiring
File[/etc/puppet/ssl/ca/private]
debug: /File[/etc/puppet/ssl/ca/ca_crt.pem]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/requests]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/inventory.txt]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/signed]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/serial]: Autorequiring
File[/etc/puppet/ssl/ca]
debug: Finishing transaction 2164772580
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certs/demomini.huronhs.com.pem]: Autorequiring
File[/etc/puppet/ssl/certs]
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/public_keys/demomini.huronhs.com.pem]:
Autorequiring File[/etc/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
File[/etc/puppet/ssl]
debug: Finishing transaction 2164134660
info: mount[files]: allowing * access
debug: No modules mount given; autocreating with default permissions
debug: No plugins mount given; autocreating with default permissions
debug: Finishing transaction 2156773880
It's not terribly problematic, and it looks like you need a certain set of
circumstances (including cleaning the cert of the master), but it's been
reproducible for me.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
