[Puppet Users] puppet not working after switch to passenger - permissions issue?

Wed, 04 May 2011 05:26:53 -0700 

Hi,
as suggested on the list I switched from the standalone puppetmaster to Passenger. I have passenger installed now and edited the apache config as far as I understood. I restarted apache. 
Now when I run an agent I get:

/var/lib/gems/1.8/bin/puppet agent --server node002 --test
err: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: node039(192.168.73.39) access to /catalog/node039 [find] at line 0 
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run

In the server log I find this:
May 4 14:13:08 node002 puppet-master[14489]: Denying access: Forbidden request: node039(192.168.73.39) access to /catalog/node039 [find] at line 0 May 4 14:13:08 node002 puppet-master[14489]: Forbidden request: node039(192.168.73.39) access to /catalog/node039 [find] at line 0 

Here is my apache config:

=========

# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
PassengerMaxRequests 1000
PassengerStatThrottleRate 120
RackAutoDetect Off
RailsAutoDetect Off

Listen 8140

<VirtualHost *:8140>
        SSLEngine on
        SSLProtocol -ALL +SSLv3 +TLSv1
        SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

        SSLCertificateFile      /etc/puppet/ssl/certs/node002.pem
        SSLCertificateKeyFile   /etc/puppet/ssl/private_keys/node002.pem
        SSLCertificateChainFile /etc/puppet/ssl/ca/ca_crt.pem
        SSLCACertificateFile    /etc/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you can try disabling 
        # CRL checking by commenting the next line, but this is not recommended.
        SSLCARevocationFile     /etc/puppet/ssl/ca/ca_crl.pem
        SSLVerifyClient optional
        SSLVerifyDepth  1
        SSLOptions +StdEnvVars

        DocumentRoot /etc/puppet/rack/public/
        RackBaseURI /
        <Directory /etc/puppet/rack/>
                Options None
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>
========
Is that a permissions problem? I dont know how that /catalog/node039 URL maps to a file path. 

regards, Andreas

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Reply via email to