Side note. I downgraded to the old version and it still works so not as urgent now.
On 13 July 2012 10:54, Peter Brown <[email protected]> wrote: > Hi Everyone, > > I just upgraded to this on my ubuntu puppetmaster and I am having > issues starting the server. > I am running the openjdk-6-jre > After some digging i found the options the start script was using and > tried to start the daemon manually > It gives me this error. > > start-stop-daemon --start --chuid puppetdb -v --make-pidfile --pidfile > /var/run/puppetdb.pid --chdir /usr/share/puppet --exec /usr/bin/java > -- -Xmx192m -jar /usr/share/puppetdb/puppetdb.jar services -c > /etc/puppetdb/conf.d > Starting /usr/bin/java... > Exception in thread "main" java.lang.SecurityException: Invalid > signature file digest for Manifest main attributes > at > sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:239) > at > sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:193) > at java.util.jar.JarVerifier.processEntry(JarVerifier.java:294) > at java.util.jar.JarVerifier.update(JarVerifier.java:205) > at java.util.jar.JarFile.initializeVerifier(JarFile.java:338) > at java.util.jar.JarFile.getInputStream(JarFile.java:403) > at sun.misc.JarIndex.getJarIndex(JarIndex.java:116) > at sun.misc.URLClassPath$JarLoader$1.run(URLClassPath.java:623) > at java.security.AccessController.doPrivileged(Native Method) > at sun.misc.URLClassPath$JarLoader.ensureOpen(URLClassPath.java:614) > at sun.misc.URLClassPath$JarLoader.<init>(URLClassPath.java:598) > at sun.misc.URLClassPath$3.run(URLClassPath.java:348) > at java.security.AccessController.doPrivileged(Native Method) > at sun.misc.URLClassPath.getLoader(URLClassPath.java:337) > at sun.misc.URLClassPath.getLoader(URLClassPath.java:314) > at sun.misc.URLClassPath.getResource(URLClassPath.java:184) > at java.net.URLClassLoader$1.run(URLClassLoader.java:209) > at java.security.AccessController.doPrivileged(Native Method) > at java.net.URLClassLoader.findClass(URLClassLoader.java:205) > at java.lang.ClassLoader.loadClass(ClassLoader.java:321) > at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294) > at java.lang.ClassLoader.loadClass(ClassLoader.java:266) > Could not find the main class: com.puppetlabs.puppetdb.core. Program will > exit. > > > On 13 July 2012 06:54, Matthaus Litteken <[email protected]> wrote: >> PuppetDB 0.9.2 is the third beta release on the road to 1.0. Changes >> include new features and bug fixes. For details on changes >> in this release, please see the release notes below. >> >> # Downloads >> >> Available in native package format at >> >> http://yum.puppetlabs.com >> >> http://apt.puppetlabs.com >> >> Source (same license as Puppet): http://github.com/puppetlabs/puppetdb >> >> Available for use with Puppet Enterprise 2.5.1 and later at >> >> http://yum-enterprise.puppetlabs.com/ and >> http://apt-enterprise.puppetlabs.com/ >> >> # Documentation (including how to install): >> http://docs.puppetlabs.com/puppetdb >> >> # Issues can be filed at: >> http://projects.puppetlabs.com/projects/puppetdb/issues >> >> # Upgrading >> >> 1. On your puppetdb server, stop the puppetdb daemon >> 2. On your puppetmaster(s), stop the puppetmaster daemon >> 3. On your puppetdb server, install the new puppetdb package >> 4. On your puppetdb server, start the puppetdb daemon >> 5. On your puppetmaster(s), install the new puppetdb-terminus package >> 6. On your puppetmaster(s), start the puppetmaster daemon >> >> 0.9.2 >> ===== >> >> Many thanks to the following people who contributed patches to this >> release: >> >> * Jason Ashby >> * Kushal Pisavadia >> * Erik Dalén >> * Deepak Giridharagopal >> * Nick Lewis >> * Matthaus Litteken >> * Chris Price >> >> Notable features: >> >> * Allow more advanced storeconfigs queries >> >> Now, when using PuppetDB, your puppet manifests can use "and" and >> "or" in collection queries: >> >> File <<| mode == 0755 or content == "bar" |>> >> >> * (#14947) Restrict accetable client certificates by CN >> >> PuppetDB now implements an optional whitelist for HTTPS clients. If >> enabled by the user, we validate that the CN of the supplied client >> certificate exactly matches an entry in the whitelist. This allows >> users to restrict access to PuppetDB using the same CA >> infrastructure that Puppet already uses. For example, you can >> restrict access to PuppetDB to just your puppetmaster boxes. >> >> This feature is off by default. Refer to the documentation on the >> `certificate-whitelist` configuration option for details. >> >> Notable fixes: >> >> * (#15388) Add redirect from '/' to the dashboard >> >> Prior to this fix, if you started up PuppetDB and then attempted to >> browse to "/", you'd get an error message that might lead you to >> believe that the server wasn't actually running (depending on your >> browser). >> >> This commit simply adds a redirect from "/" to the dashboard index >> page. >> >> * (#14688) Improve stdout/stderr handling for redhat init script >> >> Prior to this fix, the redhat init script was keeping stdout/stderr >> open when you called "service puppetdb stop". This resulted in some >> undesirable behavior; starting the service over an ssh connection >> would not release the ssh connection, errors would appear on the >> console rather than in the log file, etc. Now, daemon startup >> redirects stdout/stderr to a file (puppetdb-daemon.log) instead of >> spamming the console, and we more properly background the launched >> process to prevent "locking" of a parent SSH connection. >> >> * (#15349) Work around non-string resource titles >> >> It's possible in some cases for Puppet to generate a resource whose >> title isn't a string. However, since the generated edges refer to >> the resource using a string title, we end up with a mismatch. Now we >> will stringify all resource titles on the way out. In future, Puppet >> should do this for us. >> >> * (#15446) Improve handling of user/group removal on rpm removal >> >> Fixed the following bugs in our handling of user/group removal >> during rpm removal: >> >> 1. We were not conditioning the calls to groupdel / userdel to avoid >> running them during an upgrade, which meant that we were trying >> to delete them even during upgrades... which would have been bad. >> 2. We had an || where we needed an &&, so we weren't actually >> calling the groupdel / userdel commands. >> 3. We were hard-coding the user's home dir to a bad path. >> 4. We had some '-r' flags that were wrong and/or unnecessary. >> >> * (#15136, #15340) Properly handle non-string node queries >> >> Previously, these would result in 500 errors as the database failed >> the comparisons because of mismatched types. Now, all equality >> comparisons will be done against strings, and all numeric >> comparisons will be done against numbers. >> >> For equality comparisons, non-string arguments will be >> converted. This allows natural queries against numbers or booleans >> to work despite all fact values technically being strings. >> >> For numeric comparisons, non-numeric arguments will be converted. >> However, if the argument doesn't represent a number, the query will >> be rejected. >> >> * (#15075) Improve handling of service start/stop during rpm >> upgrade/uninstall >> >> On uninstall, we now check to see if this is part of an upgrade or >> not, and we only stop and disable the service if this is *not* part >> of an upgrade. Also, we stop the service before we install the new >> package, and restart it after we finish removing the old package. >> >> * (#15321) Add aliases for namevars that are munged via `title_pattern` >> >> When we are creating aliases for resources (in order to ensure >> dependency resolution in the catalog), we need to take into account >> the case where the resource type defines one or more title_patterns, >> which, when used to set the value of the namevar, may munge the >> value via regex awesomeness. 'File' is an example of such a >> resource, as it will strip trailing slashes from the title to set >> the :path parameter if :path is not specified. >> >> Because this `title_pattern` munging happens as a side effect of the >> Puppet::Resource#to_hash method, it is important that our namevar >> alias code search that hash for necessary aliases rather than >> searching the Puppet::Resource instance directly. >> >> * (#15059) Stop loading non-SSL content in the dashboard >> >> You can now view the PuppetDB dashboard using HTTPS without >> triggering browser warnings about mixing HTTP and HTTPS content. >> >> * Improved "logging of last resort" >> >> There are certain points in the lifecycle of PuppetDB where it's >> critical that we properly log an exception, even if that means we >> spam different log targets (logfiles, stdout, stderr, etc) and >> duplicate output. Daemon startup and unhandled exceptions within a >> thread are two such critical points. We now more thoroughly ensure >> that these types of errors get logged properly. >> >> * `puppetdb-ssl-setup` should be able to be re-executed >> >> The script can now be executed multiple times. It will ensure that >> all generated files are readable by the PuppetDB daemon, and it >> reconfigures PuppetDB to use the newly-generated keystore and >> truststore passwords. >> >> * `puppetdb-ssl-setup` shouldn't fail when FQDN can't be determined >> >> We now revert to using `facter hostname`, to allow installation to >> continue unimpeded. >> >> * Change SSL setup to use master SSL keys intead of agent >> >> This fixes installation bugs on systems that use different Puppet >> `ssldir` settings for `[master]` and `[agent]`. >> >> * Automatic testing against Puppet 3.x ("telly") >> >> Spec tests now properly execute against Telly, and they are plugged >> into our continuous integration system. >> >> * Acceptance testing >> >> We not automatically run PuppetDB through a series of >> acceptance-level tests (included in the source tree). This verifies >> correct behavior in an actual multi-node Puppet environment. Tests >> are executed automatically as part of Puppet Labs' continuous >> integration system. >> >> -- >> Matthaus Litteken >> Release Manager, Puppet Labs >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
