Issue #17488 has been updated by Jeff McCune.
Category set to user
Status changed from Unreviewed to Needs More Information
Assignee set to Lubomir Rintel
Target version set to 2.7.x
Lubomir,
I'm having trouble reproducing this issue in the currently released 3.0.1
version of Puppet:
When running as my own un-elevated user "jeff" with UID 502, I get these
results:
<pre>
$ puppet apply --execute "file { '/root/chuj': ensure => absent; }"
Finished catalog run in 0.20 seconds
</pre>
In addition, with 2.7.18, I'm also unable to reproduce the access violation
issue:
<pre>
$ puppet apply --execute "file { '/root/chuj': ensure => absent; }"
/Users/jeff/.rbenv/versions/1.9.3-p194/lib/ruby/1.9.1/rubygems/custom_require.rb:36:in
`require': iconv will be deprecated in the future, use String#encode instead.
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
Could not load confine test 'operatingsystem': cannot load such file --
puppet/provider/confine/operatingsystem
notice: Finished catalog run in 0.04 seconds
</pre>
Could you please paste the complete output of the command you're running, and
the command itself, with the --trace and --evaltrace options appended? This
will help me quickly reproduce the issue.
Also, what version of Ruby and what operating system are you running Puppet on?
How did you install Puppet 2.7.18, and finally how is SELinux configured on
this system?
This information will help me quickly resolve this issue.
Finally, thank you for addressing the comments in the original pull request,
but Deepak's comment about tests still holds true. Unfortunately, we will not
merge changes into Puppet that do not also have a way to automatically verify
future changes we make do not regress on expected behavior.
I am happy to write tests for you, but it is very difficult to do so unless I
have a clear understanding of the exact behavior you expect from Puppet after
the patch is applied. I am also happy to help you write the tests. If this is
something you're interested in, please ping me on #puppet-dev. My nick is
jmccune on freenode.
The next actions on this ticket are to obtain a clear copy of the error
message, a clear understanding of the expected behavior after the change set is
applied, and then write examples to exercise this behavior.
Thanks,
-Jeff
----------------------------------------
Bug #17488: Puppet needlessly crashes when run unptivileged even with --noop
https://projects.puppetlabs.com/issues/17488#change-76058
Author: Lubomir Rintel
Status: Needs More Information
Priority: Normal
Assignee: Lubomir Rintel
Category: user
Target version: 2.7.x
Affected Puppet version: 2.7.18
Keywords:
Branch:
I'm mostly opening this to satisfy comments in [pull request
1022](https://github.com/puppetlabs/puppet/pull/1022) even though I believe the
commit and pull comments were sufficiently descriptive.
Will open a new pull request, since the old one was closed due to my
unresponsiveness.
Repeating them here:
### Problem scope
I often run puppet --noop unprivileged to conduct a basic sanity check of the
recipes (such as checking for duplicate definitions or syntax errors).
These changesets fix unnecessary abort that cause puppet to stop way too early.
### First fix
Capture access violations for selinux context of file resources
and deal with them gracefully without aborting the run.
A simple reproducer of the problem (abort), to be run unprivileged:
<pre>
puppet apply --execute "file { '/root/chuj': ensure => absent; }"
</pre>
### Second fix
Don't abort while checking managedhome on nonexistent user provider.
The user resource itself should fail itself and this prevents falling back to
that.
Simple test case (unprivileged):
<pre>
before$ puppet apply --execute 'user { "kokot": managehome => true }'
Parameter managehome failed: Validate method failed for class managehome:
undefined method `manages_homedir?' for NilClass:Class
</pre>
<pre>
after$ puppet apply --execute 'user { "kokot": managehome => true }'
err: Could not find a suitable provider for user
notice: Finished catalog run in 0.10 seconds
</pre>
### Test suite
Unfortunately I can not write tests for this; since I could not get Puppet test
suite pass sufficiently well on my laptop and I have no idea how is it supposed
to work, let alone testing for fixes for issues that exhibit different
behaviour when run privileged. I would be very thankful if anyone could assist.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
