It seems the puppet agent, when invoked by the service or manually, is resetting the permissions on the files in the puppetdb ssldir (/etc/puppetlabs/puppetdb/ssl/*.pem) from puppetdb:puppetdb to puppet:puppet AND the mode on the mode on the 'private.pem' file to 0640, which means the next time the puppetdb service attempts to start, it fails due to a lack of permission.
This only seems to have come up in the past week or so, as we've only just started observing it, and causing problems. We have a temporary workaround where we chown the files back to puppetdb, start PuppetDB and that's fine, but next puppet agent invocation causes the above issue. Has anyone else observed this problem? Is it a bug? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/be8dffc3-c4cc-41b6-8c91-ad2182e7efd2n%40googlegroups.com.
