Hi Everyone,
I just upgraded to this on my ubuntu puppetmaster and I am having
issues starting the server.
I am running the openjdk-6-jre
After some digging i found the options the start script was using and
tried to start the daemon manually
It gives me this error.
start-stop-daemon --start --chuid puppetdb -v --make-pidfile --pidfile
/var/run/puppetdb.pid --chdir /usr/share/puppet --exec /usr/bin/java
-- -Xmx192m -jar /usr/share/puppetdb/puppetdb.jar services -c
/etc/puppetdb/conf.d
Starting /usr/bin/java...
Exception in thread "main" java.lang.SecurityException: Invalid
signature file digest for Manifest main attributes
at
sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:239)
at
sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:193)
at java.util.jar.JarVerifier.processEntry(JarVerifier.java:294)
at java.util.jar.JarVerifier.update(JarVerifier.java:205)
at java.util.jar.JarFile.initializeVerifier(JarFile.java:338)
at java.util.jar.JarFile.getInputStream(JarFile.java:403)
at sun.misc.JarIndex.getJarIndex(JarIndex.java:116)
at sun.misc.URLClassPath$JarLoader$1.run(URLClassPath.java:623)
at java.security.AccessController.doPrivileged(Native Method)
at sun.misc.URLClassPath$JarLoader.ensureOpen(URLClassPath.java:614)
at sun.misc.URLClassPath$JarLoader.<init>(URLClassPath.java:598)
at sun.misc.URLClassPath$3.run(URLClassPath.java:348)
at java.security.AccessController.doPrivileged(Native Method)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:337)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:314)
at sun.misc.URLClassPath.getResource(URLClassPath.java:184)
at java.net.URLClassLoader$1.run(URLClassLoader.java:209)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:321)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:266)
Could not find the main class: com.puppetlabs.puppetdb.core. Program will exit.
On 13 July 2012 06:54, Matthaus Litteken <[email protected]> wrote:
> PuppetDB 0.9.2 is the third beta release on the road to 1.0. Changes
> include new features and bug fixes. For details on changes
> in this release, please see the release notes below.
>
> # Downloads
>
> Available in native package format at
>
> http://yum.puppetlabs.com
>
> http://apt.puppetlabs.com
>
> Source (same license as Puppet): http://github.com/puppetlabs/puppetdb
>
> Available for use with Puppet Enterprise 2.5.1 and later at
>
> http://yum-enterprise.puppetlabs.com/ and
> http://apt-enterprise.puppetlabs.com/
>
> # Documentation (including how to install):
> http://docs.puppetlabs.com/puppetdb
>
> # Issues can be filed at:
> http://projects.puppetlabs.com/projects/puppetdb/issues
>
> # Upgrading
>
> 1. On your puppetdb server, stop the puppetdb daemon
> 2. On your puppetmaster(s), stop the puppetmaster daemon
> 3. On your puppetdb server, install the new puppetdb package
> 4. On your puppetdb server, start the puppetdb daemon
> 5. On your puppetmaster(s), install the new puppetdb-terminus package
> 6. On your puppetmaster(s), start the puppetmaster daemon
>
> 0.9.2
> =====
>
> Many thanks to the following people who contributed patches to this
> release:
>
> * Jason Ashby
> * Kushal Pisavadia
> * Erik Dalén
> * Deepak Giridharagopal
> * Nick Lewis
> * Matthaus Litteken
> * Chris Price
>
> Notable features:
>
> * Allow more advanced storeconfigs queries
>
> Now, when using PuppetDB, your puppet manifests can use "and" and
> "or" in collection queries:
>
> File <<| mode == 0755 or content == "bar" |>>
>
> * (#14947) Restrict accetable client certificates by CN
>
> PuppetDB now implements an optional whitelist for HTTPS clients. If
> enabled by the user, we validate that the CN of the supplied client
> certificate exactly matches an entry in the whitelist. This allows
> users to restrict access to PuppetDB using the same CA
> infrastructure that Puppet already uses. For example, you can
> restrict access to PuppetDB to just your puppetmaster boxes.
>
> This feature is off by default. Refer to the documentation on the
> `certificate-whitelist` configuration option for details.
>
> Notable fixes:
>
> * (#15388) Add redirect from '/' to the dashboard
>
> Prior to this fix, if you started up PuppetDB and then attempted to
> browse to "/", you'd get an error message that might lead you to
> believe that the server wasn't actually running (depending on your
> browser).
>
> This commit simply adds a redirect from "/" to the dashboard index
> page.
>
> * (#14688) Improve stdout/stderr handling for redhat init script
>
> Prior to this fix, the redhat init script was keeping stdout/stderr
> open when you called "service puppetdb stop". This resulted in some
> undesirable behavior; starting the service over an ssh connection
> would not release the ssh connection, errors would appear on the
> console rather than in the log file, etc. Now, daemon startup
> redirects stdout/stderr to a file (puppetdb-daemon.log) instead of
> spamming the console, and we more properly background the launched
> process to prevent "locking" of a parent SSH connection.
>
> * (#15349) Work around non-string resource titles
>
> It's possible in some cases for Puppet to generate a resource whose
> title isn't a string. However, since the generated edges refer to
> the resource using a string title, we end up with a mismatch. Now we
> will stringify all resource titles on the way out. In future, Puppet
> should do this for us.
>
> * (#15446) Improve handling of user/group removal on rpm removal
>
> Fixed the following bugs in our handling of user/group removal
> during rpm removal:
>
> 1. We were not conditioning the calls to groupdel / userdel to avoid
> running them during an upgrade, which meant that we were trying
> to delete them even during upgrades... which would have been bad.
> 2. We had an || where we needed an &&, so we weren't actually
> calling the groupdel / userdel commands.
> 3. We were hard-coding the user's home dir to a bad path.
> 4. We had some '-r' flags that were wrong and/or unnecessary.
>
> * (#15136, #15340) Properly handle non-string node queries
>
> Previously, these would result in 500 errors as the database failed
> the comparisons because of mismatched types. Now, all equality
> comparisons will be done against strings, and all numeric
> comparisons will be done against numbers.
>
> For equality comparisons, non-string arguments will be
> converted. This allows natural queries against numbers or booleans
> to work despite all fact values technically being strings.
>
> For numeric comparisons, non-numeric arguments will be converted.
> However, if the argument doesn't represent a number, the query will
> be rejected.
>
> * (#15075) Improve handling of service start/stop during rpm
> upgrade/uninstall
>
> On uninstall, we now check to see if this is part of an upgrade or
> not, and we only stop and disable the service if this is *not* part
> of an upgrade. Also, we stop the service before we install the new
> package, and restart it after we finish removing the old package.
>
> * (#15321) Add aliases for namevars that are munged via `title_pattern`
>
> When we are creating aliases for resources (in order to ensure
> dependency resolution in the catalog), we need to take into account
> the case where the resource type defines one or more title_patterns,
> which, when used to set the value of the namevar, may munge the
> value via regex awesomeness. 'File' is an example of such a
> resource, as it will strip trailing slashes from the title to set
> the :path parameter if :path is not specified.
>
> Because this `title_pattern` munging happens as a side effect of the
> Puppet::Resource#to_hash method, it is important that our namevar
> alias code search that hash for necessary aliases rather than
> searching the Puppet::Resource instance directly.
>
> * (#15059) Stop loading non-SSL content in the dashboard
>
> You can now view the PuppetDB dashboard using HTTPS without
> triggering browser warnings about mixing HTTP and HTTPS content.
>
> * Improved "logging of last resort"
>
> There are certain points in the lifecycle of PuppetDB where it's
> critical that we properly log an exception, even if that means we
> spam different log targets (logfiles, stdout, stderr, etc) and
> duplicate output. Daemon startup and unhandled exceptions within a
> thread are two such critical points. We now more thoroughly ensure
> that these types of errors get logged properly.
>
> * `puppetdb-ssl-setup` should be able to be re-executed
>
> The script can now be executed multiple times. It will ensure that
> all generated files are readable by the PuppetDB daemon, and it
> reconfigures PuppetDB to use the newly-generated keystore and
> truststore passwords.
>
> * `puppetdb-ssl-setup` shouldn't fail when FQDN can't be determined
>
> We now revert to using `facter hostname`, to allow installation to
> continue unimpeded.
>
> * Change SSL setup to use master SSL keys intead of agent
>
> This fixes installation bugs on systems that use different Puppet
> `ssldir` settings for `[master]` and `[agent]`.
>
> * Automatic testing against Puppet 3.x ("telly")
>
> Spec tests now properly execute against Telly, and they are plugged
> into our continuous integration system.
>
> * Acceptance testing
>
> We not automatically run PuppetDB through a series of
> acceptance-level tests (included in the source tree). This verifies
> correct behavior in an actual multi-node Puppet environment. Tests
> are executed automatically as part of Puppet Labs' continuous
> integration system.
>
> --
> Matthaus Litteken
> Release Manager, Puppet Labs
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
