Hello there I just noticed an oddity, I revoked a client's certificate to test our kickstart process and instead of getting an error (cause i had forgotten to nuke the client's /var/lib/puppet) i got a successful puppet run.
My server (tangerine) has no certificate for the client (cakewalk): [root@tangerine puppet]# puppet cert --all | grep cakewalk [root@tangerine puppet]# pwd /var/lib/puppet [root@tangerine puppet]# find ./ | grep cakewalk ./yaml/node/cakewalk.its.uq.edu.au.yaml ./yaml/facts/cakewalk.its.uq.edu.au.yaml [root@tangerine puppet]# ls ssl/ ca certificate_requests certs crl.pem private private_keys public_keys [root@tangerine puppet]# but if i invoke a puppet run it will do it quite happily. [root@cakewalk ~]# puppet agent -vt --server=tangerine.example.org info: Retrieving plugin info: Loading facts in /var/lib/puppet/lib/facter/homedirs.rb ... info: Loading facts in /var/lib/puppet/lib/facter/cfservd_started.rb info: Caching catalog for cakewalk.its.uq.edu.au info: Applying configuration version '1349933627' notice: /Stage[main]/Rhel6-timezone/Exec[verify the source timezone info is corrupt]/returns: executed successfully ... notice: /Stage[main]/Rhel6-repos/Rhel6-repos::Nerf_repo[disable mirrors-rpmforge-extras]/Exec[nerf mirrors-rpmforge-extras]/returns: executed successfully ^Cnotice: Caught INT; calling stop [root@cakewalk ~]# I don't have an autosign.conf that would allow cakewalk in: [root@tangerine puppet]# cat /etc/puppet/autosign.conf [root@tangerine puppet]# and tcpdump verified that there is network traffic between the hosts. -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-bugs/-/u5sDcLqwqyYJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
