Issue #16637 has been updated by Jeff McCune. Affected Puppet version set to 3.0.0
---------------------------------------- Bug #16637: Puppet confdir and vardir are wrong when running non-root https://projects.puppetlabs.com/issues/16637#change-72021 Author: Jeff McCune Status: Accepted Priority: Normal Assignee: Category: settings Target version: 3.0.x Affected Puppet version: 3.0.0 Keywords: telly settings defaults confdir vardir runmode run_mode master system Branch: # Overview Puppet master should default to confdir of `~/.puppet` and vardir of `~/.puppet/var` when running as non-root, instead defaults to `/etc/puppet` and `/var/lib/puppet` respectively. In Puppet 3.0.0, the semantics of the term, "configuration directory" (confdir) are as follows: 1. If `confdir` is explicitly configured, this value wins. 2. If Puppet is running as root (or the OS equivalent) then use the system configuration directory. (e.g. `/etc/puppet` for FOSS or `/etc/puppetlabs/puppet` for PE) 3. In all other situations use `~/.puppet` These semantics are no longer affected by the specific username when running non-root, or the application being run (master, agent, etc...). This is not actually the case in 3.0.0 though: # Actual Behavior <pre> $ puppet master --verbose --no-daemonize Error: Could not set 'directory' on ensure: Permission denied - /etc/puppet Error: Could not set 'directory' on ensure: Permission denied - /etc/puppetWrapped exception: Permission denied - /etc/puppet Error: /File[/etc/puppet]/ensure: change from absent to directory failed: Could not set 'directory' on ensure: Permission denied - /etc/puppet /File[/etc/puppet/var.master]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master]: Skipping because of failed dependencies /File[/etc/puppet/var.master/bucket]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/bucket]: Skipping because of failed dependencies /File[/etc/puppet/var.master/log]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/log]: Skipping because of failed dependencies /File[/etc/puppet/var.master/log/masterhttp.log]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/log/masterhttp.log]: Skipping because of failed dependencies /File[/etc/puppet/var.master/yaml]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/yaml]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/public_keys]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/public_keys]: Skipping because of failed dependencies/File[/etc/puppet/var.master/lib]: Dependency File[/etc/puppet] has failures: trueWarning: /File[/etc/puppet/var.master/lib]: Skipping because of failed dependencies/File[/etc/puppet/var.master/ssl/certificate_requests]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/certificate_requests]: Skipping because of failed dependencies/File[/etc/puppet/var.master/run]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/run]: Skipping because of failed dependencies/File[/etc/puppet/manifests]: Dependency File[/etc/puppet] has failures: trueWarning: /File[/etc/puppet/manifests]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/private]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/private]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/private_keys]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/private_keys]: Skipping because of failed dependencies /File[/etc/puppet/var.master/rrd]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/rrd]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/certs]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/certs]: Skipping because of failed dependencies /File[/etc/puppet/var.master/reports]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/reports]: Skipping because of failed dependencies /File[/etc/puppet/var.master/server_data]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/server_data]: Skipping because of failed dependencies /File[/etc/puppet/var.master/state]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/state]: Skipping because of failed dependencies Error: Could not prepare for execution: Got 3 failure(s) while initializing: Could not set 'directory' on ensure: Permission denied - /etc/puppet; Could not set 'directory' on ensure: Permission denied - /etc/puppet Wrapped exception: Permission denied - /etc/puppet; change from absent to directory failed: Could not set 'directory' on ensure: Permission denied - /etc/puppet </pre> # Expected behavior `confdir` and `vardir` should default to my home directory when run as non-root user "jeff" <pre> $ puppet master --verbose --no-daemonize Info: Creating a new SSL key for ca Info: Creating a new SSL certificate request for ca Info: Certificate Request fingerprint (SHA256): E4:95:B1:A5:01:A5:07:80:0B:B7:C6:5E:C1:4F:58:EF:CD:FF:D3:DE:EC:30:EF:10:3C:92:53:91:7A:33:26:BC Signed certificate request for ca Rebuilding inventory file Info: Creating a new certificate revocation list Info: Creating a new SSL key for mccune.local Info: Creating a new SSL certificate request for mccune.local Info: Certificate Request fingerprint (SHA256): A8:77:22:5A:D0:C8:89:69:8E:3B:38:7A:0B:43:E3:D7:AA:E8:7F:73:F3:DC:E6:E2:0C:E1:BA:23:41:ED:4B:CF mccune.local has a waiting certificate request Signed certificate request for mccune.local Removing file Puppet::SSL::CertificateRequest mccune.local at '/Users/jeff/.puppet/ssl/ca/requests/mccune.local.pem' Removing file Puppet::SSL::CertificateRequest mccune.local at '/Users/jeff/.puppet/ssl/certificate_requests/mccune.local.pem' Starting Puppet master version 3.0.0 </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
