Issue #15000 has been updated by Klavs Klavsen.
That was the fix in my case - but it's a rather likely mistake I'd gather - forgetting a require - and I haven't been bitten by this before, even though I have setup machines using LDAP since puppet 0.24 (oddly enough - but must be nss_ldap/rhel5 specific, haven't had the issue on CentOS5 before either though). IMHO puppet should be able to actually finish it's run - even though NSS services fail (which would happen if the LDAP server is down or unaccessible and the client isn't running nscd or haven't got relevant data in nscd cache). So it this getuid it seems to want so bad (what uid is it looking for?) - it should have a way to do without. If you could enlighten me, as to what the getuid call is for - I could probably come up with something? If it's to set ownership on files (all files in that config where set to root owned - so no getuid call should be necessary for that one - it could atleast fallback to some other way (like parsing /etc/passwd) of getting the id. (I havent' tested getent passwd - if it will return local id's - if LDAP isn't answering - it should). ---------------------------------------- Bug #15000: Puppet doesn't handle LDAP being defective https://projects.puppetlabs.com/issues/15000#change-65478 Author: Klavs Klavsen Status: Needs More Information Priority: Normal Assignee: Category: Target version: Affected Puppet version: 2.7.14 Keywords: Branch: If I accidently screw up my ldap config (by f.ex. having the order of nsswitch and ldap.conf files not forced correctly - so nsswitch.conf gets set to use ldap before the /etc/ldap.conf file is written) puppet hangs forever. in strace it seems it keeps trying to do a getuid call - which times out due to the ldap issue. IMHO puppet should NOT hang on a missing getuid - as this means, it's fairly easy to accidently screw your setup and have to manually go to each machine :( This is an issue on Red Hat 5 (and probably CentOS 5 as well) which uses nss_ldap. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
