Issue #2531 has been updated by Markus Roberts.
Yes, there are several issues here, the Array vs. String and also the reversing
(which has markedly different effects on arrays and strings, though it's valid
on both, e.g. www.google.com --> moc.elgoog.www vs. com.google.www).
If we weren't so close to 0.25.0 I'd be arguing for refactoring that whole
process, if only because the semantics of pattern are so goofy. Anytime
something like
self.pattern = self.pattern
will bork things up you're just asking for trouble.
Feel free to pass it back to me if you get stuck, otherwise have fun!
----------------------------------------
Bug #2531: opaque strings don't match for catalog retrieval via REST auth system
http://projects.reductivelabs.com/issues/2531
Author: Nigel Kersten
Status: Accepted
Priority: High
Assigned to: Nigel Kersten
Category: settings
Target version: 0.25.0
Complexity: Trivial
Affected version: 0.25.0
Keywords:
This is different, but still related to #2348 in a way.
<pre>
root# puppetd -t --server testserver.mydomain --masterport 8140 --certname
foobar.mydomain
info: Caching catalog for foobar.mydomain.com
info: Applying configuration version '1250128881'
notice: Finished catalog run in 0.01 seconds
root# puppetd -t --server testserver.mydomain --masterport 8140 --certname
c216f41a-f902-4bfb-a222-850dd957bebb
err: Could not retrieve catalog from remote server: Error 403 on SERVER:
Forbidden request: c216f41a-f902-4bfb-a222-850dd957bebb(x.x.x.x) access to
/catalog/c216f41a-f902-4bfb-a222-850dd957bebb [find] authenticated at line 52
info: Not using expired catalog for c216f41a-f902-4bfb-a222-850dd957bebb from
cache; expired at Wed Aug 12 18:54:49 -0700 2009
notice: Using cached catalog
err: Could not retrieve catalog; skipping run
</pre>
If I switch auth.conf from:
<pre>
# allow nodes to retrieve their own catalog (ie their configuration)
path ~ ^/catalog/([^/]+)$
method find
allow $1
</pre>
to:
<pre>
# allow nodes to retrieve their own catalog (ie their configuration)
path ~ ^/catalog/([^/]+)$
method find
allow *
</pre>
then it works happily.
I've just found a cluster of bugs together, so reporting this without more
detail until I have time to look into it.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://reductivelabs.com/redmine/my/account
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en
-~----------~----~----~----~------~----~------~--~---
