Issue #15567 has been updated by Charlie Sharpsteen.
Redmine Issue [#15567](http://projects.puppetlabs.com/issues/15567) has been migrated to JIRA: <https://tickets.puppetlabs.com/browse/PDB-137> ---------------------------------------- Bug #15567: Document use of PuppetDB with SELinux https://projects.puppetlabs.com/issues/15567#change-101422 * Author: Deepak Giridharagopal * Status: Accepted * Priority: Normal * Assignee: * Category: * Target version: * Keywords: * Branch: * Affected PuppetDB version: ---------------------------------------- >From the mailing list: <pre> I've configured puppet to use storedconfigs and puppetDB, If I start the puppet master using the init script puppetmaster I get a permission denied error when a node connects: Master: [root@puppet ~]# service puppetmaster start Starting puppetmaster: [ OK ] Node: [root@puppet-slave ~]# puppet agent --test err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for puppet-slave.test.net to PuppetDB at puppet.test.net:8081: Permission denied - connect(2) warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run If I start the puppet master using the script puppet command, it works fine: Master: [root@puppet ~]# puppet master start Node: [root@puppet-slave ~]# puppet agent --test info: Caching catalog for puppet-slave.test.net info: Applying configuration version '1340967639' notice: /Stage[main]/Drupal/Exec[install-drupal]/returns: executed successfully notice: Finished catalog run in 17.72 seconds Anyone come across this behaviour before, or found a solution? All packages are from RPM installs (except ruby gems for pupetdb....) [root@puppet ~]# rpm -qa | grep puppet puppet-server-2.7.17-1.el6.noarch puppetlabs-release-6-1.noarch puppet-2.7.17-1.el6.noarch puppetdb-0.9.1-2.el6.noarch puppetdb-terminus-0.9.1-2.el6.noarch </pre> I think that, at a minimum, we should document in the installation docs what ports and permissions need to be there for puppetdb to work in an selinux environment. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.