Issue #6112 has been updated by Dennis Matotek.
Me too. See full debug and trace. Means that I'' have to do some thing like
this when I automate the install of the puppet master.
exec {'generate_master_cert':
command => '/usr/bin/puppet cert generate puppetca.mylocal
--dns_alt_names=puppetca,puppet.mylocal ; /bin/true',
creates => '/var/lib/puppet/ssl/private_keys/puppetca.mylocal.pem',
before => File['/etc/httpd/conf.d/puppetmaster.conf'],
}
(that is unless someone has a better idea :))
# puppet cert generate puppetca.mylocal --dns_alt_names=puppetca,puppet.mylocal
--trace --debug ;echo $?
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does
not exist
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist
debug: Failed to load library 'ldap' for feature 'ldap'
debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: /File[/var/lib/puppet/ssl/ca/requests]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/ca/requests
debug: /File[/var/lib/puppet/ssl/ca/requests]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/ca/requests
debug: /File[/var/lib/puppet/ssl/ca/requests]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/ca/requests
debug: /File[/var/lib/puppet/ssl/ca/requests]/selrange: Found selrange default
's0' for /var/lib/puppet/ssl/ca/requests
debug: /File[/var/lib/puppet/ssl/public_keys]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/public_keys
debug: /File[/var/lib/puppet/ssl/public_keys]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/public_keys
debug: /File[/var/lib/puppet/ssl/public_keys]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/public_keys
debug: /File[/var/lib/puppet/ssl/public_keys]/selrange: Found selrange default
's0' for /var/lib/puppet/ssl/public_keys
debug: /File[/etc/puppet]/seluser: Found seluser default 'system_u' for
/etc/puppet
debug: /File[/etc/puppet]/selrole: Found selrole default 'object_r' for
/etc/puppet
debug: /File[/etc/puppet]/seltype: Found seltype default 'puppet_etc_t' for
/etc/puppet
debug: /File[/etc/puppet]/selrange: Found selrange default 's0' for /etc/puppet
debug: /File[/var/lib/puppet/ssl/private_keys]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/private_keys
debug: /File[/var/lib/puppet/ssl/private_keys]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/private_keys
debug: /File[/var/lib/puppet/ssl/private_keys]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/private_keys
debug: /File[/var/lib/puppet/ssl/private_keys]/selrange: Found selrange default
's0' for /var/lib/puppet/ssl/private_keys
debug: /File[/var/lib/puppet/state]/seluser: Found seluser default 'system_u'
for /var/lib/puppet/state
debug: /File[/var/lib/puppet/state]/selrole: Found selrole default 'object_r'
for /var/lib/puppet/state
debug: /File[/var/lib/puppet/state]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/state
debug: /File[/var/lib/puppet/state]/selrange: Found selrange default 's0' for
/var/lib/puppet/state
debug: /File[/var/log/puppet]/seluser: Found seluser default 'system_u' for
/var/log/puppet
debug: /File[/var/log/puppet]/selrole: Found selrole default 'object_r' for
/var/log/puppet
debug: /File[/var/log/puppet]/seltype: Found seltype default 'puppet_log_t' for
/var/log/puppet
debug: /File[/var/log/puppet]/selrange: Found selrange default 's0' for
/var/log/puppet
debug: /File[/var/lib/puppet/ssl/ca/private]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/ca/private
debug: /File[/var/lib/puppet/ssl/ca/private]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/ca/private
debug: /File[/var/lib/puppet/ssl/ca/private]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/ca/private
debug: /File[/var/lib/puppet/ssl/ca/private]/selrange: Found selrange default
's0' for /var/lib/puppet/ssl/ca/private
debug: /File[/var/lib/puppet/ssl/certs]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/certs
debug: /File[/var/lib/puppet/ssl/certs]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/certs
debug: /File[/var/lib/puppet/ssl/certs]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/certs
debug: /File[/var/lib/puppet/ssl/certs]/selrange: Found selrange default 's0'
for /var/lib/puppet/ssl/certs
debug: /File[/etc/puppet/autosign.conf]/seluser: Found seluser default
'system_u' for /etc/puppet/autosign.conf
debug: /File[/etc/puppet/autosign.conf]/selrole: Found selrole default
'object_r' for /etc/puppet/autosign.conf
debug: /File[/etc/puppet/autosign.conf]/seltype: Found seltype default
'puppet_etc_t' for /etc/puppet/autosign.conf
debug: /File[/etc/puppet/autosign.conf]/selrange: Found selrange default 's0'
for /etc/puppet/autosign.conf
debug: /File[/var/lib/puppet/lib]/seluser: Found seluser default 'system_u' for
/var/lib/puppet/lib
debug: /File[/var/lib/puppet/lib]/selrole: Found selrole default 'object_r' for
/var/lib/puppet/lib
debug: /File[/var/lib/puppet/lib]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/lib
debug: /File[/var/lib/puppet/lib]/selrange: Found selrange default 's0' for
/var/lib/puppet/lib
debug: /File[/var/lib/puppet/ssl/ca]/seluser: Found seluser default 'system_u'
for /var/lib/puppet/ssl/ca
debug: /File[/var/lib/puppet/ssl/ca]/selrole: Found selrole default 'object_r'
for /var/lib/puppet/ssl/ca
debug: /File[/var/lib/puppet/ssl/ca]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/ca
debug: /File[/var/lib/puppet/ssl/ca]/selrange: Found selrange default 's0' for
/var/lib/puppet/ssl/ca
debug: /File[/etc/puppet/routes.yaml]/seluser: Found seluser default 'system_u'
for /etc/puppet/routes.yaml
debug: /File[/etc/puppet/routes.yaml]/selrole: Found selrole default 'object_r'
for /etc/puppet/routes.yaml
debug: /File[/etc/puppet/routes.yaml]/seltype: Found seltype default
'puppet_etc_t' for /etc/puppet/routes.yaml
debug: /File[/etc/puppet/routes.yaml]/selrange: Found selrange default 's0' for
/etc/puppet/routes.yaml
debug: /File[/var/lib/puppet/ssl/private]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/private
debug: /File[/var/lib/puppet/ssl/private]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/private
debug: /File[/var/lib/puppet/ssl/private]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/private
debug: /File[/var/lib/puppet/ssl/private]/selrange: Found selrange default 's0'
for /var/lib/puppet/ssl/private
debug: /File[/var/lib/puppet]/seluser: Found seluser default 'system_u' for
/var/lib/puppet
debug: /File[/var/lib/puppet]/selrole: Found selrole default 'object_r' for
/var/lib/puppet
debug: /File[/var/lib/puppet]/seltype: Found seltype default 'puppet_var_lib_t'
for /var/lib/puppet
debug: /File[/var/lib/puppet]/selrange: Found selrange default 's0' for
/var/lib/puppet
debug: /File[/var/lib/puppet/ssl/certificate_requests]/seluser: Found seluser
default 'system_u' for /var/lib/puppet/ssl/certificate_requests
debug: /File[/var/lib/puppet/ssl/certificate_requests]/selrole: Found selrole
default 'object_r' for /var/lib/puppet/ssl/certificate_requests
debug: /File[/var/lib/puppet/ssl/certificate_requests]/seltype: Found seltype
default 'puppet_var_lib_t' for /var/lib/puppet/ssl/certificate_requests
debug: /File[/var/lib/puppet/ssl/certificate_requests]/selrange: Found selrange
default 's0' for /var/lib/puppet/ssl/certificate_requests
debug: /File[/var/run/puppet]/seluser: Found seluser default 'system_u' for
/var/run/puppet
debug: /File[/var/run/puppet]/selrole: Found selrole default 'object_r' for
/var/run/puppet
debug: /File[/var/run/puppet]/seltype: Found seltype default 'puppet_var_run_t'
for /var/run/puppet
debug: /File[/var/run/puppet]/selrange: Found selrange default 's0' for
/var/run/puppet
debug: /File[/var/lib/puppet/ssl/ca/signed]/seluser: Found seluser default
'system_u' for /var/lib/puppet/ssl/ca/signed
debug: /File[/var/lib/puppet/ssl/ca/signed]/selrole: Found selrole default
'object_r' for /var/lib/puppet/ssl/ca/signed
debug: /File[/var/lib/puppet/ssl/ca/signed]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl/ca/signed
debug: /File[/var/lib/puppet/ssl/ca/signed]/selrange: Found selrange default
's0' for /var/lib/puppet/ssl/ca/signed
debug: /File[/var/lib/puppet/ssl]/seluser: Found seluser default 'system_u' for
/var/lib/puppet/ssl
debug: /File[/var/lib/puppet/ssl]/selrole: Found selrole default 'object_r' for
/var/lib/puppet/ssl
debug: /File[/var/lib/puppet/ssl]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/ssl
debug: /File[/var/lib/puppet/ssl]/selrange: Found selrange default 's0' for
/var/lib/puppet/ssl
debug: /File[/var/lib/puppet/facts]/seluser: Found seluser default 'system_u'
for /var/lib/puppet/facts
debug: /File[/var/lib/puppet/facts]/selrole: Found selrole default 'object_r'
for /var/lib/puppet/facts
debug: /File[/var/lib/puppet/facts]/seltype: Found seltype default
'puppet_var_lib_t' for /var/lib/puppet/facts
debug: /File[/var/lib/puppet/facts]/selrange: Found selrange default 's0' for
/var/lib/puppet/facts
debug: /File[/etc/puppet/routes.yaml]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/ssl/ca/private]: Autorequiring
File[/var/lib/puppet/ssl/ca]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/ca/requests]: Autorequiring
File[/var/lib/puppet/ssl/ca]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
debug: /File[/etc/puppet/autosign.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/ca]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/ca/signed]: Autorequiring
File[/var/lib/puppet/ssl/ca]
debug: /File[/var/lib/puppet/ssl]/ensure: created
debug: /File[/var/lib/puppet/ssl/ca]/ensure: created
debug: /File[/var/lib/puppet/ssl/ca/signed]/ensure: created
debug: /File[/var/lib/puppet/ssl/private_keys]/ensure: created
debug: /File[/var/lib/puppet/ssl/public_keys]/ensure: created
debug: /File[/var/lib/puppet/ssl/certs]/ensure: created
debug: /File[/var/lib/puppet/ssl/ca/private]/ensure: created
debug: /File[/var/lib/puppet/ssl/private]/ensure: created
debug: /File[/var/lib/puppet/ssl/ca/requests]/ensure: created
debug: /File[/var/lib/puppet/ssl/certificate_requests]/ensure: created
debug: Finishing transaction 70072904089340
info: Creating a new SSL key for ca
info: Creating a new SSL certificate request for ca
info: Certificate Request fingerprint (md5):
64:24:4F:6B:CF:51:00:7A:19:BB:DE:F8:70:7F:A6:8A
notice: Signed certificate request for ca
notice: Rebuilding inventory file
debug: Using cached certificate for ca
info: Creating a new certificate revocation list
info: Creating a new SSL key for puppetca.mylocal
info: Creating a new SSL certificate request for puppetca.mylocal
info: Certificate Request fingerprint (md5):
97:57:AC:45:36:51:20:EB:12:51:16:D5:16:91:F1:45
notice: puppetca.mylocal has a waiting certificate request
debug: Using cached certificate for ca
debug: Using cached certificate_request for puppetca.mylocal
notice: Signed certificate request for puppetca.mylocal
notice: Removing file Puppet::SSL::CertificateRequest puppetca.mylocal at
'/var/lib/puppet/ssl/ca/requests/puppetca.mylocal.pem'
notice: Removing file Puppet::SSL::CertificateRequest puppetca.mylocal at
'/var/lib/puppet/ssl/certificate_requests/puppetca.mylocal.pem'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:262:in `sign'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:138:in
`generate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:40:in
`generate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:39:in
`each'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:39:in
`generate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:22:in
`send'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:22:in
`apply'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:74:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/application/cert.rb:190:in `main'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:317:in `run_command'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:416:in `hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:407:in `exit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:69:in `execute'
/usr/bin/puppet:4
err: Could not call generate: Could not find certificate request for
puppetca.mylocal
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:262:in `sign'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:138:in
`generate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:40:in
`generate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:39:in
`each'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:39:in
`generate'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:22:in
`send'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority/interface.rb:22:in
`apply'
/usr/lib/ruby/site_ruby/1.8/puppet/ssl/certificate_authority.rb:74:in `apply'
/usr/lib/ruby/site_ruby/1.8/puppet/application/cert.rb:190:in `main'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:317:in `run_command'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:416:in `hook'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:407:in `exit_on_fail'
/usr/lib/ruby/site_ruby/1.8/puppet/application.rb:309:in `run'
/usr/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:69:in `execute'
/usr/bin/puppet:4
Could not find certificate request for puppetca.mylocal
24
----------------------------------------
Bug #6112: Puppet cert generate error message when it succeeds
https://projects.puppetlabs.com/issues/6112#change-71628
Author: Jeff McCune
Status: Needs More Information
Priority: Normal
Assignee:
Category: logging
Target version: 2.7.x
Affected Puppet version: development
Keywords: error cert generate
Branch:
## Overview ##
Running puppet cert in 2.6.next f135a64 performs the desired certificate
generation, but displays a nasty error message int he process.
## Steps to reproduce ##
$ puppet cert --confdir ~/.puppet/conf_enc --generate foo.bar.baz
--certdnsnames foo:foo.bar.baz:puppet
notice: foo.bar.baz has a waiting certificate request
notice: Signed certificate request for foo.bar.baz
notice: Removing file Puppet::SSL::CertificateRequest foo.bar.baz at
'/Users/jeff/.puppet/var/ssl/ca/requests/foo.bar.baz.pem'
notice: Removing file Puppet::SSL::CertificateRequest foo.bar.baz at
'/Users/jeff/.puppet/var/ssl/certificate_requests/foo.bar.baz.pem'
err: Could not call generate: Could not find certificate request for
foo.bar.baz
$ echo $?
0
$ puppet cert --print foo.bar.baz
(Works as expected, certificate was generated and signed)
## Expected Behavior ##
The error shouldn't be displayed.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
