[Puppet - Bug #7052] (Unreviewed) Cert generation fails using "--ssldir"

tickets Mon, 11 Apr 2011 11:41:48 -0700

Issue #7052 has been reported by Dominic Maraglia.

----------------------------------------
Bug #7052: Cert generation fails using "--ssldir"
https://projects.puppetlabs.com/issues/7052


Author: Dominic Maraglia
Status: Unreviewed
Priority: High
Assignee: Nigel Kersten
Category: 
Target version: Statler
Affected Puppet version: 
Keywords: cert generation ssldir
Branch: 


Cert generation fails when generating a cert and passing options such as 
--ssldir.

Configuration:
<pre>
  Test Suite: acceptance @ Mon Apr 11 11:25:19 -0700 2011
  
  - Host Configuration Summary -
Platform for centos-55-386-1 centos-5-i386
Platform for centos-55-64-1 centos-5-x86_64
Role for centos-55-386-1 agent
Role for centos-55-64-1 master
Config Key|Val: rubyver "ruby18"
Config Key|Val: version {:puppet=>"2.6.7-60-g7b23e59", :facter=>"1.5.8"}
Config Key|Val: filecount 12
Config Key|Val: puppet_ver "origin/2.6.next"
Config Key|Val: pe_nfs_mount "/mnt/ro/pe"
Config Key|Val: gemver "gem12"Config Key|Val: puppetpath "/etc/puppet"
Config Key|Val: puppetbinpath "/opt/puppet/bin"
Config Key|Val: facter_ver "1.5.8"
Config Key|Val: ssh {:user=>"root", :config=>false, :paranoid=>false, 
:auth_methods=>["publickey"], :port=>22, 
:user_known_hosts_file=>"/home/djm/.ssh/known_hosts", 
:keys=>["/home/djm/.ssh/id_rsa"]}
Config Key|Val: nfs_server "192.168.97.1"
Config Key|Val: puppetbin "/usr/bin/puppet"

  - Test Case Summary -
  Attempted: 89
     Passed: 86
     Failed: 2
    Errored: 1
    Skipped: 0

  - Specific Test Case Status -
Failed Tests Cases:
  Test Case 
tests/acceptance/ticket_4151_defined_function_should_not_return_true_for_unrealized_virtual_resources.rb
 reported: #<Test::Unit::AssertionFailedError: Exited with 1.
<false> is not true.>
  Test Case 
tests/acceptance/ticket_6710_relationship_syntax_should_work_with_title_arrays.rb
 reported: #<Test::Unit::AssertionFailedError: Exited with 1.
<false> is not true.>
Errored Tests Cases:
  Test Case tests/acceptance/ticket_3961_puppet_ca_should_produce_certs.rb 
reported: #<RuntimeError: Exited with 23>
</pre>


Example repro:
<pre>
[root@centos-55-386-1 tmp]# puppet cert --trace --generate 
working3961.example.org --vardir=/tmp/puppet-ssl-3961 
--ssldir=/tmp/puppet-ssl-3961 --confdir=/tmp/puppet-ssl-3961
notice: Signed certificate request for ca
notice: Rebuilding inventory file
/usr/lib/ruby/site_ruby/1.8/puppet/util/settings.rb:731:in `initialize'
/usr/lib/ruby/site_ruby/1.8/puppet/util/settings.rb:731:in `open'
/usr/lib/ruby/site_ruby/1.8/puppet/util/settings.rb:731:in `writesub'
/usr/lib/ruby/site_ruby/1.8/puppet/util.rb:162:in `withumask'
/usr/lib/ruby/site_ruby/1.8/puppet/util/settings.rb:730:in `writesub'
/usr/lib/ruby/site_ruby/1.8/puppet/util/suidmanager.rb:62:in `asuser'
/usr/lib/ruby/site_ruby/1.8/puppet/util/settings.rb:723:in `writesub'
/usr/lib/ruby/site_ruby/1.8/puppet/util/settings.rb:709:in `write'
/usr/lib/ruby/site_ruby/1.8/puppet/indirector/ssl_file.rb:158:in `write'
/usr/lib/ruby/site_ruby/1.8/puppet/indirector/ssl_file.rb:98:in `save'
/usr/lib/ruby/site_ruby/1.8/puppet/indirector/indirection.rb:267:in `save'
/usr/lib/ruby/site_ruby/1.8/puppet/indirector.rb:68:in `save'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:99:in `crl'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:136:in 
`generate_ca_certificate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:222:in `setup'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:146:in 
`initialize'
/usr/lib/ruby/site_ruby/1.8/puppet/application/cert.rb:81:in `new'
/usr/lib/ruby/site_ruby/1.8/puppet/application/cert.rb:81:in `setup'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:420:in `hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:411:in `exit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:304:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:62:in `execute'
/usr/bin/puppet:4
Permission denied - /tmp/puppet-ssl-3961/crl.pem
[root@centos-55-386-1 tmp]# ll puppet-ssl-3961/
total 44
drwxrwx--- 5 puppet puppet 4096 Apr 11 11:33 ca
drwxr-xr-x 2 puppet root   4096 Apr 11 11:33 certificate_requests
drwxr-xr-x 2 puppet root   4096 Apr 11 11:33 certs
drwxr-xr-x 2 root   root   4096 Apr 11 11:33 facts
drwxr-xr-x 2 root   root   4096 Apr 11 11:33 lib
drwxr-x--- 2 puppet puppet 4096 Apr 11 11:33 log
drwxr-x--- 2 puppet root   4096 Apr 11 11:33 private
drwxr-x--- 2 puppet root   4096 Apr 11 11:33 private_keys
drwxr-xr-x 2 puppet root   4096 Apr 11 11:33 public_keys
drwxrwxrwt 2 root   root   4096 Apr 11 11:33 run
drwxr-xr-t 2 root   root   4096 Apr 11 11:33 state

</pre>


-- 
You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here: 
http://projects.puppetlabs.com/my/account

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/puppet-bugs?hl=en.

[Puppet - Bug #7052] (Unreviewed) Cert generation fails using "--ssldir"

Reply via email to