Issue #17613 has been updated by Andrew Parker.
Status changed from Investigating to Needs Decision
Assignee changed from Andrew Parker to eric sorenson
I've taken a look into this. It won't be changing in 3.1 as it currently
stands. The issue is that as part of #16637 we removed the logic for handling
master specially when determining the default confdir and vardir. What now
seems to happen is:
1. The master starts using webrick
2. The code registers a HUP handler
3. The code drops privs.
4. The code recieves a HUP signal.
5. The HUP causes the code to re-exec itself by reconstructing the command line
(`exec($0 + " " + argv.join(" "))`
<https://github.com/puppetlabs/puppet/blob/master/lib/puppet/daemon.rb#L67>)
(NOTE: that code looks to have a problem if any command line args need to be
quoted)
6. The new process starts, but is no longer root, never was root, and so tries
to look in the home directory, which is still set to root's home directory
(because it wasn't changed when we dropped privileges.
7. The code tries to read the wrong config file.
I think we have two options:
1. master sets its app default for confdir and vardir to be /etc/puppet
2. when we rexec we try to pass the current confdir and vardir through to the
rexec'd process
Option 1 presents the problems of selecting the correct confdir or vardir based
on the current platform (win32 vs. unix). This essentially undoes some of the
changes made in #16637.
Option 2 presents the problem of constructing the correct command line, which
shouldn't be too hard of a problem.
Tom, the workaround that you can employ right now is to also specify the
correct vardir in your configuration file. You are already specifying the
confdir on the command line, so that is covered.
Eric, is this a large enough issue to warrant trying to get it into 3.1.0?
----------------------------------------
Bug #17613: puppet master ignores config and commandline parameters on SIGHUP
https://projects.puppetlabs.com/issues/17613#change-80004
Author: Tom Fenri
Status: Needs Decision
Priority: Normal
Assignee: eric sorenson
Category: server
Target version: 3.1.0
Affected Puppet version: 3.0.1
Keywords:
Branch:
We are using puppet version 3.0.1 on FreeBSD 8.1, installed from ports.
$confdir is /home/share/puppet/, puppet master is running as user 'puppet'.
rc.conf:
puppetmaster_enable="YES"
puppetmaster_flags="--confdir=/home/share/puppet --rundir=/var/run/puppet"
When started via /usr/local/etc/rc.d/puppetmaster everything works fine,
process looks like:
puppet 58577 4.7 0.9 121420 71124 ?? Ss 1:05PM 3:18.22
/usr/local/bin/ruby18 /usr/local/bin/puppet master --confdir=/home/share/puppet
--rundir=/var/run/puppet
When reloaded with "kill -HUP $pid", which happens sometimes by newsyslog, it
seems to forget all settings and tries to do things in /root/.puppet:
Nov 14 13:38:22 isptsfits21 puppet-master[58577]: Caught HUP; calling
restart
Nov 14 13:38:22 isptsfits21 puppet-master[58577]: Restarting with
'/usr/local/bin/puppet master --confdir=/home/share/puppet
--rundir=/var/run/puppet'
Nov 14 13:38:24 isptsfits21 puppet-master[58577]: Cannot create
/root/.puppet/var; parent directory /root/.puppet does not exist
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var]/ensure) change from absent to directory failed:
Cannot create
/root/.puppet/var; parent
directory /root/.puppet does not exist
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/lib]) Dependency File[/root/.puppet/var] has failures:
true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/lib]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/server_data]) Dependency File[/root/.puppet/var] has
failures: true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/server_data]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/bucket]) Dependency File[/root/.puppet/var] has
failures: true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/bucket]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/reports]) Dependency File[/root/.puppet/var] has
failures: true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/reports]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/state]) Dependency File[/root/.puppet/var] has
failures: true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/state]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/yaml]) Dependency File[/root/.puppet/var] has
failures: true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/yaml]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/rrd]) Dependency File[/root/.puppet/var] has failures:
true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/rrd]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/log]) Dependency File[/root/.puppet/var] has failures:
true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/log]) Skipping because of failed dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/log/masterhttp.log]) Dependency
File[/root/.puppet/var] has failures: true
Nov 14 13:38:24 isptsfits21 puppet-master[58577]:
(/File[/root/.puppet/var/log/masterhttp.log]) Skipping because of failed
dependencies
Nov 14 13:38:24 isptsfits21 puppet-master[58577]: Could not prepare for
execution: Got 2 failure(s) while initializing: Cannot create
/root/.puppet/var; parent
directory /root/.puppet does not exist; change from absent to
directory failed: Cannot
create /root/.puppet/var; parent directory /root/.puppet does
not exist
After the last error the process dies and has to be restarted manually.
As already said, it runs as user 'puppet' which doesn't have permissions to
fiddle around in /root and /root/.puppet doesn't exist either. $HOME of user
'puppet' is /nonexistent.
The default configfile /usr/local/etc/puppet/puppet.conf is configured to point
to the right directories as well (see attachment).
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
