Issue #2095 has been updated by Russell Van Tassell. Status changed from Closed to Re-opened
Re-opening to add more info (for what it may or may not be worth). I've seen this behavior in both CentOS 5.6 and CentOS 6.0 with Puppet 2.7.3. Mistakenly changing permissions on /etc/puppet to make it unsearchable (no read perms) to the puppet master will crash the server and it will generally refuse to restart. Perhaps this is reasonable/expected behavior -- though it might be better to just loudly complain to the system log while refusing to do anything. (found this bug while searching for "minimum recommended permissions for /etc/puppet") ---------------------------------------- Bug #2095: Changing the permissions of /etc/puppet/puppet.conf via puppet crashes puppetmaster https://projects.puppetlabs.com/issues/2095 Author: Trevor Hemsley Status: Re-opened Priority: Normal Assignee: Nigel Kersten Category: file Target version: Affected Puppet version: 0.24.7 Keywords: Branch: class puppetperms { file {"/etc/puppet/puppet.conf": owner => root, group => root, mode => 600 } } then invoke puppetd --test --tags puppetperms on the puppetmaster server machine. The perms get changed, puppetmaster gets notified then crashes. In syslog I see this puppetd[6381]: (//Node[infra]/puppetperms/File[/etc/puppet/puppet.conf]/mode) mode changed '644' to '600' puppetd[6381]: Finished catalog run in 7.08 seconds puppetmasterd[26866]: Reparsing /etc/puppet/puppet.conf But puppetmaster is now dead. Restart puppetmaster and all is OK again. Can happily run puppetd --test --tags puppetperms while the perms are correct. Reset them via chmod 700 /etc/puppet/puppet.conf and puppetmaster immediately crashes without even running puppetd --test --tags puppetperms. BTW, puppetd does not run as a daemon on any of these machines, it's only run manually. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
