[Puppet - Bug #21145] (Accepted) Puppet does not correctly manage its yamldir

Fri, 07 Jun 2013 12:29:23 -0700 

Issue #21145 has been reported by Andrew Parker.

----------------------------------------
Bug #21145: Puppet does not correctly manage its yamldir
https://projects.puppetlabs.com/issues/21145

* Author: Andrew Parker
* Status: Accepted
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
* Affected Puppet version: 
* Keywords: 
* Branch: 
----------------------------------------
The yamldir is managed as
<pre>
      :type => :directory,
      :owner => "service",
      :group => "service",
      :mode => "750",
</pre>

However, the `Puppet::Indirector::Yaml` class, which is used by the facts and 
node indirections for their yaml terminus does not accurately reflect the 
ownership and group of the yamldir when creating subdirectories for storing 
information. This is actually pointed out in the code at 
<https://github.com/puppetlabs/puppet/blob/f826ab91e039669a3cb4b30b0f790ce39464a6b4/lib/puppet/indirector/yaml.rb#L38-39>
 
<pre>
 38     # This is quite likely a bad idea, since we're not managing ownership 
or modes.
 39     Dir.mkdir(basedir) unless FileTest.exist?(basedir)
</pre>

This means that if the "service" user changes, then the puppet master will be 
unable to write facts or node yaml files. This shows up with errors similar to:
<pre>
        Warning: Unable to fetch my node definition, but the agent run will 
continue: 
        Warning: Error 400 on SERVER: Could not retrieve facts for 
acceptance-master-3.delivery.puppetlabs.net: Could not read YAML data for facts 
acceptance-master-3.delivery.puppetlabs.net: Permission denied - 
/var/lib/puppet/yaml/facts/acceptance-master-3.delivery.puppetlabs.net.yaml 
        Info: Retrieving plugin 
        Error: /File[/var/lib/puppet/lib]: Could not evaluate: Could not 
retrieve information from environment production source(s) 
puppet://acceptance-master-3/plugins 
        Error: Could not retrieve catalog from remote server: Error 400 on 
SERVER: cannot generate tempfile 
`/var/lib/puppet/yaml/facts/acceptance-master-3.delivery.puppetlabs.net.yaml20130606-13359-15437n5-9'
 
        Warning: Not using cache on failed catalog 
        Error: Could not retrieve catalog; skipping run 
</pre>




-- 
You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here: 
http://projects.puppetlabs.com/my/account

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to