Jira (PUP-3833) user creates low-numbered uids on OS X (ignores 'system')
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-3833 user creates low-numbered uids on OS X (ignores 'system') Issue Type: Bug Affects Versions: PUP 3.7.0 Assignee: Kylo Ginsberg Components: Types and Providers Created: 2015/01/12 3:47 PM Priority: Normal Reporter: Dustin J. Mitchell Looking at the source code, the default for `uid` is `next_system_id` regardless of the `system` attribute. `next_system_id` does what it promises, in fact quite well – it will select the lowest possible id over 20. It's quite possible that such low id's will conflict with other user accounts from Apple. It also seems that system users cannot be associated with file shares. Add Comment
Jira (PUP-1208) md5lite, mtime not honoured for file type/provider
Title: Message Title Dustin J. Mitchell commented on PUP-1208 Re: md5lite, mtime not honoured for file type/provider What information is needed here? Add Comment This message was sent by Atlassian JIRA (v6.3.10#6340-sha1:7ea293a) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-1208) md5lite, mtime not honoured for file type/provider
Title: Message Title Dustin J. Mitchell commented on PUP-1208 Re: md5lite, mtime not honoured for file type/provider Thanks for the pointer! That's a little different, though, since it requires an explicit checksum in the manifest, rather than using checksums to compare the files between server and agent. It also only supports md5 and not the other checksum methods. I may very well use `remote_file` – I just want to make it clear that it's not a solution to this particular issue. Add Comment This message was sent by Atlassian JIRA (v6.3.7#6337-sha1:2ed701e) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (FACT-724) Warnings about X86PlatformPlugin on OS X 10.10 Yosemite
Title: Message Title Dustin J. Mitchell commented on an issue Re: Warnings about X86PlatformPlugin on OS X 10.10 Yosemite Ah, I hadn't tried running `system_profiler` directly, but yes – it looks like eating stderr is the right fix. Add Comment Facter / FACT-724 Warnings about X86PlatformPlugin on OS X 10.10 Yosemite I see lots of {{2014-10-14 08:12:45.734 system_profiler[12767:255836] platformPluginDictionary: Can't get X86PlatformPlugin, return value 0}} from, it appears, every fact that ends up invoking system_profiler. This appears to not have any effect beyond the warning. This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-1208) md5lite, mtime not honoured for file type/provider
Title: Message Title Dustin J. Mitchell commented on an issue Re: md5lite, mtime not honoured for file type/provider Mark, you could write something up with a define that uses exec { wget with a creates = .. } to download the files once. With a little Ruby scripting you could build a custom type/provider to do it in-process, rather than shelling out to wget, but that's probably overkill. Add Comment Puppet / PUP-1208 md5lite, mtime not honoured for file type/provider It seems I can't get the puppetmaster to honour the checksum = mtime setting, or the md5lite setting. So the following example has no performance improvement over just using md5: {code} file { /testtransfer: ensure = directory, recurse = remote, purge = true, checksum = mtime, source = puppet:///modules/${module_name}/bigfilesh... This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email
Jira (PUP-1208) md5lite, mtime not honoured for file type/provider
Title: Message Title Dustin J. Mitchell commented on an issue Re: md5lite, mtime not honoured for file type/provider I'm specifically interested in mtime. I have a bunch of large files (compressed disk images) that almost never change, and would certainly change size on update. They are on a lot of hosts. So as it stands I'm running 'md5' on both the master and the agent on every puppet run on each of these hosts, which noticeably slows things down. Add Comment Puppet / PUP-1208 md5lite, mtime not honoured for file type/provider It seems I can't get the puppetmaster to honour the checksum = mtime setting, or the md5lite setting. So the following example has no performance improvement over just using md5: {code} file { /testtransfer: ensure = directory, recurse = remote, purge = true, checksum = mtime, source = puppet:///modules/${module_name}/bigfilesh... This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this
Jira (FACT-724) Warnings about X86PlatformPlugin on OS X 10.10 Yosemite
Title: Message Title Dustin J. Mitchell created an issue Facter / FACT-724 Warnings about X86PlatformPlugin on OS X 10.10 Yosemite Issue Type: Bug Assignee: Eric Sorenson Created: 14/Oct/14 8:14 AM Priority: Normal Reporter: Dustin J. Mitchell I see lots of 2014-10-14 08:12:45.734 system_profiler[12767:255836] platformPluginDictionary: Can't get X86PlatformPlugin, return value 0 from, it appears, every fact that ends up invoking system_profiler. This appears to not have any effect beyond the warning. Add Comment This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede)
Jira (PUP-3381) directoryservice provider creates users with low ids
Title: Message Title Dustin J. Mitchell updated an issue Puppet / PUP-3381 directoryservice provider creates users with low ids There's a pull request with some review in https://github.com/puppetlabs/puppet/pull/1944 Change By: Dustin J. Mitchell Component/s: TypesandProviders Affects Version/s: PUP3.3.0 Add Comment This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-3381) directoryservice provider creates users with low ids
Title: Message Title Dustin J. Mitchell commented on an issue Re: directoryservice provider creates users with low ids Worth noting, too, that the comment above next_system_id is a lie: # Get the next available uid on the system by getting a list of user ids, # sorting them, grabbing the last one, and adding a 1. Scientific stuff here. def next_system_id(min_id=20) dscl_output = dscl '.', '-list', '/Users', 'uid' # We're ok with throwing away negative uids here. Also, remove nil values. user_ids = dscl_output.split.compact.collect { |l| l.to_i if l.match(/^\d+$/) } ids = user_ids.compact!.sort! { |a,b| a.to_f = b.to_f } # We're just looking for an unused id in our sorted array. ids.each_index do |i| next_id = ids[i] + 1
Jira (PUP-1061) Install multiple package within a single call to the package manager
Title: Message Title Dustin J. Mitchell commented on an issue Re: Install multiple package within a single call to the package manager It's worth noting that this bug makes updating puppet itself a dangerous operation. In trying to install puppet-3.7.0 (with ensure = '3.7.0-1.el6) on a puppet master, I got Error: Could not update: Failed to update to version 3.7.0-1.el6, got version 3.7.1-1.el6 instead Wrapped exception: Failed to update to version 3.7.0-1.el6, got version 3.7.1-1.el6 instead Error: /Stage[main]/Packages::Puppet/Package[puppet]/ensure: change from 3.6.1-1.el6 to 3.7.0-1.el6 failed: Could not update: Failed to update to version 3.7.0-1.el6, got version 3.7.1-1.el6 instead Notice: /Stage[main]/Packages::Puppetserver/Package[puppet-server]: Dependency Package[puppet] has failures: true Warning: /Stage[main]/Packages::Puppetserver/Package[puppet-server]: Skipping because of failed dependencies which is to say, because of the bidirectional dependency between puppet and puppet-server, the pinning operation failed and puppet installed an untested version of itself (which version subsequently failed and caused an outage). So, if only for the PR benefit of puppet not destroying itself on upgrade, it'd be good to see motion here Regarding command-line length, at least with yum it's possible to build up a transaction one package at a time, then trigger the entire transaction.
Jira (PUP-3160) uid 500 is not purged
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-3160 uid 500 is not purged Issue Type: Bug Affects Versions: 3.x Assignee: Kylo Ginsberg Components: Types and Providers Created: 29/Aug/14 9:24 AM Priority: Normal Reporter: Dustin J. Mitchell The docs for unless_system_user specify This keeps system users from being purged. By default, it does not purge users whose UIDs are less than or equal to 500, but you can specify a different UID as the inclusive limit. which is the observed behavior, but it not correct. System users are 500, not = 500. The patch to fix this is trivial, but figuring out how to ship it is not. I'd suggest amending the documentation in 3.x, and possibly adding a warning that uid 500 will not be purged, then changing the default to 499 in 4.x. Add Comment
Jira (PUP-3145) pkgdmg.rb should report timeout failure if destination is not reachable
Title: Message Title Dustin J. Mitchell updated an issue Puppet / PUP-3145 pkgdmg.rb should report timeout failure if destination is not reachable Change By: Dustin J. Mitchell Component/s: TypesandProviders Affects Version/s: 3.6.1 Add Comment This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2976) File { checksum = .. } doesn't work
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-2976 File { checksum = .. } doesn't work Issue Type: Bug Assignee: Unassigned Created: 25/Jul/14 12:49 PM Environment: Puppet-3.6.1 on CentOS. Priority: Normal Reporter: Dustin J. Mitchell site.pp: file { /tmp/ultravnc.msi: source = puppet:///repos/MSIs/UltraVnc_10962_x64.msi, checksum = 'md5lite'; } [r...@releng-puppet1.srv.releng.scl3.mozilla.com MSIs]# puppet agent --test --environment=dmitchell --server=releng-puppet1.srv.releng.scl3.mozilla.com Info: Retrieving pluginfacts Info: Retrieving plugin Info: Caching catalog for releng-puppet1.srv.releng.scl3.mozilla.com Info: Applying configuration version 'unknown' Error: File written to disk did not match checksum; discarding changes ({md5lite}e7bf157e1bba889eee8711a7fd1dfbf7 vs {md5lite}313772784558c552dbda1a58021ab846) Error: /Stage[main]/Main/File[/tmp/ultravnc.msi]/ensure: change from absent to file failed: File written to disk did not match checksum; discarding changes ({md5lite}e7bf157e1bba889eee8711a7fd1dfbf7 vs {md5lite}313772784558c552dbda1a58021ab846) Notice: Finished catalog run in 1.29 seconds [r...@releng-puppet1.srv.releng.scl3.mozilla.com MSIs]# md5sum /data/repos/MSIs/UltraVnc_10962_x64.msi e7bf157e1bba889eee8711a7fd1dfbf7 /data/repos/MSIs/UltraVnc_10962_x64.msi
Jira (PUP-2977) Support checksum methods that catch common problems.
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-2977 Support checksum methods that catch common problems. Issue Type: New Feature Assignee: Unassigned Created: 25/Jul/14 12:53 PM Priority: Normal Reporter: Dustin J. Mitchell sha256lite is great in that it doesn't try to read the entire file. However, a common error in downloading large files is truncation, and sha256lite totally misses that possibility. I propose another checksum method, maybe called sha256quick, which hashes the concatentation of the first 512 bytes, the last 512 bytes, and the file length in decimal. This would catch truncation as well as download offsets, while still only reading 1024 bytes from disk. I can implement this once PUP-2976 – which is over my head – is fixed. Add Comment
Jira (PUP-2961) Node regexps generate invalid tags
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-2961 Node regexps generate invalid tags Issue Type: Bug Assignee: Unassigned Created: 22/Jul/14 11:20 AM Priority: Normal Reporter: Dustin J. Mitchell node /.*-\d+.test.releng.scl3.mozilla.com/ { .. } will try to generate the tag -d.test.releng.scl3.mozilla.com for matching hosts, and that tag is invalid, leaving the nodes unable to run puppet. Tue Jul 22 11:13:27 -0700 2014 Puppet (err): Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid tag -d.test.releng.scl3.mozilla.com on node t-snow-r4-0009.test.releng.scl3.mozilla.com Add Comment This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede)
Jira (PUP-2785) Error Max Connections (30) reached - try again later whiile trying rsync yum.puppetlabs.com::packages/yum/el
Title: Message Title Dustin J. Mitchell commented on an issue Re: Error Max Connections (30) reached - try again later whiile trying rsync yum.puppetlabs.com::packages/yum/el This appears to be OK now. Nathaniel, do you see the same? Add Comment Puppet / PUP-2785 Error Max Connections (30) reached - try again later whiile trying rsync yum.puppetlabs.com::packages/yum/el [root@mirror1ext puppet]# rsync -avSHP --stats --copy-links --exclude 5* --exclude 7* --exclude SRPMS --exclude sources --exclude apt --exclude apt-enterprise yum.puppetlabs.com::packages/yum/el . @ERROR: max connections (30) reached -- try again later rsync error: error starting client-server protocol (code 5) at main.c(1503) [receiver=3.0.6] This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit
Jira (PUP-2665) Increased rate of 404's for legitimate file_metadata resources with 3.6.0
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-2665 Increased rate of 404's for legitimate file_metadata resources with 3.6.0 Issue Type: Bug Affects Versions: 3.6.0 Assignee: Unassigned Created: 27/May/14 8:51 AM Environment: 3.6.0 master, 3.4.2 and 3.6.0 agents (Ubuntu 12.04 and CentOS 6.2) Priority: Normal Reporter: Dustin J. Mitchell We've seen errors like Tue May 27 08:38:34 -0700 2014 /Stage[main]/Puppet::Puppetize_sh/File[/root/puppetize.sh] (err): Could not evaluate: Could not retrieve information from environment production source(s) puppet:///modules/puppet/puppetize.sh occasionally for a long time now. Out of 4000 or so hosts, we would see maybe 10-20 of these per day. The files seem to be randomly selected from those for which we use source = puppet:// I have assumed this was related to some occasional rails failure, as seems to be common with the framework. After a partial upgrade to 3.6.0, we're now seeing hundreds per hour. This makes it a lot more difficult to find real errors! To take one particular example: Tue May 27 08:29:59 -0700 2014 /Stage[main]/Shellprofile::Base/File[/etc/profile] (err): Could not evaluate: Could not retrieve information from environment production source(s)
Jira (PUP-2665) Increased rate of 404's for legitimate file_metadata resources with 3.6.0
Title: Message Title Dustin J. Mitchell commented on an issue Re: Increased rate of 404's for legitimate file_metadata resources with 3.6.0 Checking around these entries in access_log, I see 200's for this and other hosts around the same time. Add Comment Puppet / PUP-2665 Increased rate of 404's for legitimate file_metadata resources with 3.6.0 We've seen errors like Tue May 27 08:38:34 -0700 2014 /Stage[main]/Puppet::Puppetize_sh/File[/root/puppetize.sh] (err): Could not evaluate: Could not retrieve information from environment production source(s) puppet:///modules/puppet/puppetize.sh occasionally for a long time now. Out of 4000 or so hosts, we would see maybe 10-20 of these per day. ... This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit
Jira (PUP-2665) Increased rate of 404's for legitimate file_metadata resources with 3.6.0
Title: Message Title Dustin J. Mitchell commented on an issue Re: Increased rate of 404's for legitimate file_metadata resources with 3.6.0 Possibly related: on other runs we're seeing failures becuse facts aren't set. In those reports, I also see: notice /File[/var/lib/puppet/lib/facter]/ensure removed So puppet is deleting the plugin dirs before requesting the catalog. From access_log: 10.132.57.181 - - [27/May/2014:08:53:32 -0700] GET /production/file_metadatas/plugins?ignore=.svnignore=CVSignore=.gitlinks=managerecurse=truechecksum_type=md5 HTTP/1.1 200 283 yet on the previous, successful run: 10.132.57.181 - - [27/May/2014:08:29:09 -0700] GET /production/file_metadatas/plugins?recurse=trueignore=.svnignore=CVSignore=.gitlinks=managechecksum_type=md5 HTTP/1.1 200 46760 (note the wildly smaller size on the failed run). The files here aren't on NFS or anything funky. They're just on a regular ext4 filesystem. Any idea what would be causing these incorrect results? Add Comment Puppet / PUP-2665 Increased rate of 404's for legitimate file_metadata resources with 3.6.0 We've seen errors like Tue May 27 08:38:34 -0700 2014 /Stage[main]/Puppet::Puppetize_sh/File[/root/puppetize.sh] (err): Could not evaluate: Could not retrieve information from environment production source(s) puppet:///modules/puppet/puppetize.sh occasionally for a long time now. Out of 4000 or so hosts, we would see maybe 10-20 of these per day. ...
Jira (PUP-2665) Increased rate of 404's for legitimate file_metadata resources with 3.6.0
Title: Message Title Dustin J. Mitchell commented on an issue Re: Increased rate of 404's for legitimate file_metadata resources with 3.6.0 From a question on irc, none of the files we're seeing probelms with have sources = ['..', '..']. All have a single source. And this doesn't behave consistently from run to run, nor is it just a warning. The HTTP status code being returned is actually incorrect (404 when the file does exist). So this isn't the regression fixed in 3.6.1. Add Comment Puppet / PUP-2665 Increased rate of 404's for legitimate file_metadata resources with 3.6.0 We've seen errors like Tue May 27 08:38:34 -0700 2014 /Stage[main]/Puppet::Puppetize_sh/File[/root/puppetize.sh] (err): Could not evaluate: Could not retrieve information from environment production source(s) puppet:///modules/puppet/puppetize.sh occasionally for a long time now. Out of 4000 or so hosts, we would see maybe 10-20 of these per day. ... This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and
Jira (PUP-2616) 'json' gem not available on mountain lion
Title: Message Title Dustin J. Mitchell created an issue Puppet / PUP-2616 'json' gem not available on mountain lion Issue Type: Bug Affects Versions: 3.6.0 Assignee: Unassigned Created: 19/May/14 2:31 PM Environment: OS X Mountain Lion Priority: Normal Reporter: Dustin J. Mitchell Unlike Lion or Mavericks, Mountain Lion appears not to include the 'json' gem: [r...@talos-mtnlion-r5-006.test.releng.scl3.mozilla.com ~]# irb require 'json' LoadError: no such file to load -- json from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rubygems/custom_require.rb:31:in `require' from (irb):1 this means that puppet fails to load: [r...@talos-mtnlion-r5-006.test.releng.scl3.mozilla.com ~]# puppet /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require': no such
Jira (PUP-2616) 'json' gem not available on mountain lion
Title: Message Title Dustin J. Mitchell commented on an issue Re: 'json' gem not available on mountain lion Ah, I had indeed missed that. Still, this should just work, particularly with the criticality of upgrading puppet with puppet – if something goes wrong, you've got a lot of manual touches! Could the packaging include json_pure directly? Add Comment Puppet / PUP-2616 'json' gem not available on mountain lion Unlike Lion or Mavericks, Mountain Lion appears not to include the 'json' gem: {code} [r...@talos-mtnlion-r5-006.test.releng.scl3.mozilla.com ~]# irb require 'json' LoadError: no such file to load -- json from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/rubygems/custom_require.rb:31:in `gem_original_require' ... This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this