Issue #16637 has been updated by Jeff McCune. Status changed from Needs More Information to Closed Assignee deleted (Curtis Ruck) Target version changed from 3.0.x to 3.0.0
Curtis, I'm going to close this ticket again. If you have the opportunity to address the questions I posted in the 16 October update please update this ticket and I'll re-open the issue. Cheers, -Jeff ---------------------------------------- Bug #16637: Puppet confdir and vardir are wrong when running non-root https://projects.puppetlabs.com/issues/16637#change-74965 Author: Jeff McCune Status: Closed Priority: Normal Assignee: Category: settings Target version: 3.0.0 Affected Puppet version: 3.0.0 Keywords: telly settings defaults confdir vardir runmode run_mode master system Branch: https://github.com/puppetlabs/puppet/pull/1194 # Overview Puppet master should default to confdir of `~/.puppet` and vardir of `~/.puppet/var` when running as non-root, instead defaults to `/etc/puppet` and `/var/lib/puppet` respectively. In Puppet 3.0.0, the semantics of the term, "configuration directory" (confdir) are as follows: 1. If `confdir` is explicitly configured, this value wins. 2. If Puppet is running as root (or the OS equivalent) then use the system configuration directory. (e.g. `/etc/puppet` for FOSS or `/etc/puppetlabs/puppet` for PE) 3. In all other situations use `~/.puppet` These semantics are no longer affected by the specific username when running non-root, or the application being run (master, agent, etc...). This is not actually the case in 3.0.0 though: # Actual Behavior <pre> $ puppet master --verbose --no-daemonize Error: Could not set 'directory' on ensure: Permission denied - /etc/puppet Error: Could not set 'directory' on ensure: Permission denied - /etc/puppetWrapped exception: Permission denied - /etc/puppet Error: /File[/etc/puppet]/ensure: change from absent to directory failed: Could not set 'directory' on ensure: Permission denied - /etc/puppet /File[/etc/puppet/var.master]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master]: Skipping because of failed dependencies /File[/etc/puppet/var.master/bucket]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/bucket]: Skipping because of failed dependencies /File[/etc/puppet/var.master/log]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/log]: Skipping because of failed dependencies /File[/etc/puppet/var.master/log/masterhttp.log]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/log/masterhttp.log]: Skipping because of failed dependencies /File[/etc/puppet/var.master/yaml]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/yaml]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/public_keys]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/public_keys]: Skipping because of failed dependencies/File[/etc/puppet/var.master/lib]: Dependency File[/etc/puppet] has failures: trueWarning: /File[/etc/puppet/var.master/lib]: Skipping because of failed dependencies/File[/etc/puppet/var.master/ssl/certificate_requests]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/certificate_requests]: Skipping because of failed dependencies/File[/etc/puppet/var.master/run]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/run]: Skipping because of failed dependencies/File[/etc/puppet/manifests]: Dependency File[/etc/puppet] has failures: trueWarning: /File[/etc/puppet/manifests]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/private]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/private]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/private_keys]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/private_keys]: Skipping because of failed dependencies /File[/etc/puppet/var.master/rrd]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/rrd]: Skipping because of failed dependencies /File[/etc/puppet/var.master/ssl/certs]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/ssl/certs]: Skipping because of failed dependencies /File[/etc/puppet/var.master/reports]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/reports]: Skipping because of failed dependencies /File[/etc/puppet/var.master/server_data]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/server_data]: Skipping because of failed dependencies /File[/etc/puppet/var.master/state]: Dependency File[/etc/puppet] has failures: true Warning: /File[/etc/puppet/var.master/state]: Skipping because of failed dependencies Error: Could not prepare for execution: Got 3 failure(s) while initializing: Could not set 'directory' on ensure: Permission denied - /etc/puppet; Could not set 'directory' on ensure: Permission denied - /etc/puppet Wrapped exception: Permission denied - /etc/puppet; change from absent to directory failed: Could not set 'directory' on ensure: Permission denied - /etc/puppet </pre> # Expected behavior `confdir` and `vardir` should default to my home directory when run as non-root user "jeff" <pre> $ puppet master --verbose --no-daemonize Info: Creating a new SSL key for ca Info: Creating a new SSL certificate request for ca Info: Certificate Request fingerprint (SHA256): E4:95:B1:A5:01:A5:07:80:0B:B7:C6:5E:C1:4F:58:EF:CD:FF:D3:DE:EC:30:EF:10:3C:92:53:91:7A:33:26:BC Signed certificate request for ca Rebuilding inventory file Info: Creating a new certificate revocation list Info: Creating a new SSL key for mccune.local Info: Creating a new SSL certificate request for mccune.local Info: Certificate Request fingerprint (SHA256): A8:77:22:5A:D0:C8:89:69:8E:3B:38:7A:0B:43:E3:D7:AA:E8:7F:73:F3:DC:E6:E2:0C:E1:BA:23:41:ED:4B:CF mccune.local has a waiting certificate request Signed certificate request for mccune.local Removing file Puppet::SSL::CertificateRequest mccune.local at '/Users/jeff/.puppet/ssl/ca/requests/mccune.local.pem' Removing file Puppet::SSL::CertificateRequest mccune.local at '/Users/jeff/.puppet/ssl/certificate_requests/mccune.local.pem' Starting Puppet master version 3.0.0 </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
