Re: [Puppet Users] fileserver.conf -- files not serving
You could consider running SSH or rsync on port 8140...
Cheers,
Jonathan
On 27/07/15 19:58, Peter Berghold wrote:
Hi there,
I am trying to keep Puppet modules in sync between Puppet masters in
an environment where SSH is being blocked between the masters (long
story there, corporate security rules), Git and other such are not an
option but I can use port 8140 between them.
So I set up a fileserver.conf like thus:
[data]
path=/data
allow *
and added this to the auth.conf file:
path ~ ^/file_(metadata|content)s?/data/
auth yes
allow *
and one of the classes managing this looks like:
class puppet::master::classdir {
include puppet::params
$src_uri = 'puppet:///data/puppet-modules'
file { '/data/puppet-modules':
source = $src_uri,
owner = root,
group = root,
mode= '0755',
recurse = true
}
}
and when the Puppet agent runs I see this:
Error:
/Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Failed to generate additional resources using 'eval_generate': Error
400 on SERVER: Not authorized to call search on
/file_metadata/data/puppet-modules with {:recurse=true,
:checksum_type=md5, :links=manage}
Error:
/Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Could not evaluate: Could not retrieve file metadata for
puppet:///data/puppet-modules: Error 400 on SERVER: Not authorized to
call find on /file_metadata/data/puppet-modules with
{:source_permissions=use, :links=manage}
Wrapped exception:
Error 400 on SERVER: Not authorized to call find on
/file_metadata/data/puppet-modules with {:source_permissions=use,
:links=manage}
OK.. so what am I missing here?
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com
mailto:puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups Puppet
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/55B790D7.2030807%40bristol.ac.uk.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] fileserver.conf -- files not serving
Wouldn't thar collide with the Puppet master process listening on 8140?
On Tue, Jul 28, 2015, 10:25 Jonathan Gazeley jonathan.gaze...@bristol.ac.uk
wrote:
You could consider running SSH or rsync on port 8140...
Cheers,
Jonathan
On 27/07/15 19:58, Peter Berghold wrote:
Hi there,
I am trying to keep Puppet modules in sync between Puppet masters in an
environment where SSH is being blocked between the masters (long story
there, corporate security rules), Git and other such are not an option but
I can use port 8140 between them.
So I set up a fileserver.conf like thus:
[data]
path=/data
allow *
and added this to the auth.conf file:
path ~ ^/file_(metadata|content)s?/data/
auth yes
allow *
and one of the classes managing this looks like:
class puppet::master::classdir {
include puppet::params
$src_uri = 'puppet:///data/puppet-modules'
file { '/data/puppet-modules':
source = $src_uri,
owner = root,
group = root,
mode= '0755',
recurse = true
}
}
and when the Puppet agent runs I see this:
Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Failed to generate additional resources using 'eval_generate': Error 400 on
SERVER: Not authorized to call search on /file_metadata/data/puppet-modules
with {:recurse=true, :checksum_type=md5, :links=manage}
Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Could not evaluate: Could not retrieve file metadata for
puppet:///data/puppet-modules: Error 400 on SERVER: Not authorized to call
find on /file_metadata/data/puppet-modules with
{:source_permissions=use, :links=manage}
Wrapped exception:
Error 400 on SERVER: Not authorized to call find on
/file_metadata/data/puppet-modules with {:source_permissions=use,
:links=manage}
OK.. so what am I missing here?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/55B790D7.2030807%40bristol.ac.uk
https://groups.google.com/d/msgid/puppet-users/55B790D7.2030807%40bristol.ac.uk?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAArvnv07zRGxSJ74Pge2eAqpfRq-fbhWc3H_WBfP%3D%2BkpNGB3Lw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] fileserver.conf -- files not serving
Solved it. Had to play with /etc/puppet/auth.conf to get it to work. I've
published a blog page about it.
http://puppet-blog.berghold.net/?p=28#more-28
On Tue, Jul 28, 2015 at 11:45 AM Peter Berghold salty.cowd...@gmail.com
wrote:
Wouldn't thar collide with the Puppet master process listening on 8140?
On Tue, Jul 28, 2015, 10:25 Jonathan Gazeley
jonathan.gaze...@bristol.ac.uk wrote:
You could consider running SSH or rsync on port 8140...
Cheers,
Jonathan
On 27/07/15 19:58, Peter Berghold wrote:
Hi there,
I am trying to keep Puppet modules in sync between Puppet masters in an
environment where SSH is being blocked between the masters (long story
there, corporate security rules), Git and other such are not an option but
I can use port 8140 between them.
So I set up a fileserver.conf like thus:
[data]
path=/data
allow *
and added this to the auth.conf file:
path ~ ^/file_(metadata|content)s?/data/
auth yes
allow *
and one of the classes managing this looks like:
class puppet::master::classdir {
include puppet::params
$src_uri = 'puppet:///data/puppet-modules'
file { '/data/puppet-modules':
source = $src_uri,
owner = root,
group = root,
mode= '0755',
recurse = true
}
}
and when the Puppet agent runs I see this:
Error:
/Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]: Failed to
generate additional resources using 'eval_generate': Error 400 on SERVER:
Not authorized to call search on /file_metadata/data/puppet-modules with
{:recurse=true, :checksum_type=md5, :links=manage}
Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Could not evaluate: Could not retrieve file metadata for
puppet:///data/puppet-modules: Error 400 on SERVER: Not authorized to call
find on /file_metadata/data/puppet-modules with
{:source_permissions=use, :links=manage}
Wrapped exception:
Error 400 on SERVER: Not authorized to call find on
/file_metadata/data/puppet-modules with {:source_permissions=use,
:links=manage}
OK.. so what am I missing here?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/55B790D7.2030807%40bristol.ac.uk
https://groups.google.com/d/msgid/puppet-users/55B790D7.2030807%40bristol.ac.uk?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAArvnv0REiZiXCnh7wNfx2ajNQDvZC0t-YWe8wOkqf%3Dw1mPO3w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] fileserver.conf -- files not serving
Hi there,
I am trying to keep Puppet modules in sync between Puppet masters in an
environment where SSH is being blocked between the masters (long story
there, corporate security rules), Git and other such are not an option but
I can use port 8140 between them.
So I set up a fileserver.conf like thus:
[data]
path=/data
allow *
and added this to the auth.conf file:
path ~ ^/file_(metadata|content)s?/data/
auth yes
allow *
and one of the classes managing this looks like:
class puppet::master::classdir {
include puppet::params
$src_uri = 'puppet:///data/puppet-modules'
file { '/data/puppet-modules':
source = $src_uri,
owner = root,
group = root,
mode= '0755',
recurse = true
}
}
and when the Puppet agent runs I see this:
Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Failed to generate additional resources using 'eval_generate': Error 400 on
SERVER: Not authorized to call search on /file_metadata/data/puppet-modules
with {:recurse=true, :checksum_type=md5, :links=manage}
Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Could not evaluate: Could not retrieve file metadata for
puppet:///data/puppet-modules: Error 400 on SERVER: Not authorized to call
find on /file_metadata/data/puppet-modules with
{:source_permissions=use, :links=manage}
Wrapped exception:
Error 400 on SERVER: Not authorized to call find on
/file_metadata/data/puppet-modules with {:source_permissions=use,
:links=manage}
OK.. so what am I missing here?
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
