Issue #17702 has been updated by Gary Larizza. Status changed from Investigating to Duplicate
You're hitting a couple of things here: When you run Puppet as root, Puppet creates its vardir, logdir, and rundir in a common location where it tries to set ownership of everything to the owner and group of 'puppet'. In this case, when the puppet user/group doesn't exist, it throws a fit. So, you go and CREATE that user/group and you get this error: <pre> Error: Could not create resources for managing Puppet's files and directories in sections [:main, :agent, :ssl]: undefined method `string' for nil:NilClass Error: Could not prepare for execution: Could not create resources for managing Puppet's files and directories in sections [:main, :agent, :ssl]: undefined method `string' for nil:NilClass undefined method `string' for nil:NilClass </pre> THIS error is because the user type in Puppet 3.0.1 is broke - it can't read the Password for the user, which is what the message `undefined method `string' for nil:NilClass` is indicating. You can see this in these two bugs: <http://projects.puppetlabs.com/issues/16109> and <http://projects.puppetlabs.com/issues/12833>. If you look at #12833, you'll see that it is merged in and targeted for the 3.0.2 release, so that should solve your problem there. Now, you CAN run Puppet as a non-root user - in this case, it creates a puppet.conf in ~/.puppet/, which is on a per-user basis. It also creates a relative vardir and ssldir for that user (usually in ~/.puppet/var and ~/.puppet/ssl), so that's why you don't get Puppet throwing an error about a missing puppet user/group. I hope this explains the problems you're seeing. The long and short of it is, if you're using 10.8, you should wait until Puppet 3.0.2 when the new user provider is available, or you should create the Puppet GROUP, but not the Puppet USER (at which case the error shouldn't manifest itself). Puppet SHOULD be run as root (with sudo), so you're correct in doing that. I'm going to mark this as a duplicate of #12833 based on the symptoms, but please comment if you feel I missed something! Thanks Brian! ---------------------------------------- Bug #17702: Puppet 3.0.1 for OS X fails when run as sudo https://projects.puppetlabs.com/issues/17702#change-76808 Author: Brian LaShomb Status: Duplicate Priority: Normal Assignee: Category: Target version: Affected Puppet version: 3.0.1 Keywords: mac, sudo, package Branch: I'm getting errors trying to use Puppet 3.0.1 agent on Macs. I'm running 3.0.1 on the master. I've tried to connect a puppet agent to the master in two setups. Both provide the same result. One is from a base image running 10.8.2 and puppet 2.7.19, which I then installed puppet 3.0.1 on top of. And the second is just installing puppet 3.0.1 on a fresh 10.8.1 VM, straight from Apple installer. I get errors initially because the group puppet isn't found, and I imagine that is screwing up the install: <pre> Error: /File[/var/log/puppet]: Could not evaluate: Could not find group puppet Error: Could not prepare for execution: Got 1 failure(s) while initializing: Could not evaluate: Could not find group puppet </pre> So then I add puppet user and group using puppet one-liners (ensure => present) and add puppet user to puppet group using dscl. Then when I try a sudo puppet agent -t, I get this: <pre> Error: Could not create resources for managing Puppet's files and directories in sections [:main, :agent, :ssl]: undefined method `string' for nil:NilClass Error: Could not prepare for execution: Could not create resources for managing Puppet's files and directories in sections [:main, :agent, :ssl]: undefined method `string' for nil:NilClass undefined method `string' for nil:NilClass </pre> When I try to run this without sudo, it ignores the certname (maybe the whole file) in /etc/puppet/puppet.conf and creates a new SSL cert, although consipicously absent is the feedback that it's creating a new SSL cert. But when I check the master with puppet cert list, its there. After signing, and rerunning puppet agent -t I get this, along with the rest of the puppet run and it runs successfully. <pre> test-macbook:~ local$ puppet agent -t --waitforcert=60 Info: Caching certificate for test-macbook.ommin </pre> Is this a bug or does puppet agent not need root anymore? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
