Issue #13976 has been updated by Steve Shipway.
We occasionally get a similar behaviour - one manifest file (apparently at random) seems to be ignored by puppet master (the node defined in the file falls back to using the default manifest) and there is no clear reason why. The file is readable, no syntax errors... and if I copy it into a different directory then it works! Other manifests in the same directory work, so it is not directory access. I'll try changing file ownerships and see if that helps. ---------------------------------------- Bug #13976: PuppetMaster is unable to read manifest when manifest is not directly owned by user Puppet or from primary group Puppet https://projects.puppetlabs.com/issues/13976#change-69219 Author: Egon Kastelijn Status: Needs More Information Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: manifest rights user group Branch: When a manifest (or template) is owned by the userid 'puppet' or the groupid 'puppet' then the PuppetMaster proces can read the manifest just fine. But when the manifest has a userid, and a groupid that is not 'puppet' then the PuppetMaster process is unable to read the manifest. When I change my shell to the user 'puppet' (sudo -u puppet -i), under which the PuppetMaster process is running, then I can read the file nicely. This means that the OS and filesystem don't block the read-access to the file for the user 'puppet'. I think the PuppetMaster does some kind of extra check to see if it can read the manifest-file, but this check is not complete or wrong. I think it checks if the file is owned by the user 'puppet' and/or is readable by the group 'puppet', but it fails to check if the user 'puppet' is in a secondary group that also gives it read access to the manifest-file. $ ls -al website.rb -rw-rw---- 1 uav377 wsadmin 43598 Apr 12 17:44 website.rb $ $ getent group wsadmin wsadmin:x:9000:puppet $ A work-around, is to make the files world-readable, but this is not desirable as a permanent solution. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
