never mind. puppet agent ignores the user/group config settings, so those
should be kept at puppet, and ${::settings::user} / ${::settings::group}
should not be used to configure agent-related options (such as file
ownership).
On Tuesday, May 5, 2015 at 10:40:00 PM UTC-7, Johnson Earls wrote:
>
> I'm running into a frustrating issue, and I'm wondering if I'm just not
> doing something right.
>
> My understanding is that the puppet agent has to run with the config
> "user" and "group" set to "root" so that it can make changes to the system.
> The puppet server, on the other hand, runs as user and group "puppet".
>
> However, every time the puppet agent activates, it changes the ownership
> of *most* of the subdirectories and files within the
> /etc/puppetlabs/puppet/ssl directory to root, which then prevents the
> puppet server from either starting up or being able to sign certificates.
>
> Am I misunderstanding how these two processes work and interact?
>
> Should the puppet agent run with the config user/group set to "puppet",
> even though puppet won't have permission to make most of the changes on the
> system?
> Or should the puppet server run as root?
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/3955db48-4062-460c-a8a4-0df405277afb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
