Your message dated Fri, 10 Jul 2009 15:48:29 -0700
with message-id <[email protected]>
and subject line 0.23.2 hoses certs on systems that are using puppetd.conf
has caused the Debian Bug report #440346,
regarding 0.23.2 hoses certs on systems that are using puppetd.conf
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
440346: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440346
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: puppet
Version: 0.23.2-3
Severity: important
Our Debian systems already have certs in /etc/puppet/ssl. Installing
the latest puppet client package seems to destroy those certs and create
new ones.
{{{
if [ "$1" = "configure" ]; then
if [ -d /etc/puppet/ssl ] && [ ! -e /var/lib/puppet/ssl ] &&
grep -q 'ssldir=/var/lib/puppet/ssl' /etc/puppet/puppet.conf; then
mv /etc/puppet/ssl /var/lib/puppet/ssl
fi
fi
}}}
The above doesn't work b/c many of us are still using puppetd.conf and
therefore, this moves our ssl certs over to /var/lib/puppet/ssl (which is
the wrong place for certs but that is another discussion entirely) and creates
new certs and then basically sits there until we go in and fix it.
(Keep in mind, since we don't use puppet.conf yet, having been on 0.22.4
until now, the package drops in the puppet.conf and then looks at it
and says "Ah, that's where you want these certs so I'll move them for you"
but when we run puppet, it sees our puppetd.conf and looks for the certs
in /etc/puppet/ssl, doesn't find them, so recreates them.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-amd64
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages puppet depends on:
ii adduser 3.102 Add and remove users and groups
ii facter 1.3.7-1 a library for retrieving facts fro
ii libopenssl-ruby 1.0.0+ruby1.8.2-1 OpenSSL interface for Ruby
ii libshadow-ruby1.8 1.4.1-7 Interface of shadow password for R
ii libxmlrpc-ruby 1.8.2-1 XML-RPC support for Ruby
ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip
ii ruby 1.8.2-1 An interpreter of object-oriented
Versions of packages puppet recommends:
ii rdoc 1.8.2-1 Generate documentation from ruby s
-- no debconf information
--- End Message ---
--- Begin Message ---
(please reopen if you don't believe this has actually been fixed)
Digant, I ran into similar issues around this time period, and they
were all upstream bugs where parts of the code would still look at
puppetd.conf even though it had supposedly been deprecated. All of
these were fixed a while ago afaik.
--- End Message ---
