Issue #4629 has been updated by Mohit Chawla.
Hi,
1) With just the namespaceauth.conf present with the following block:
[puppetrunner]
allow foo.server
, puppetrun --host foo.client --trace shows:
[email protected]:~# puppetrun --host foo.client --trace
Triggering foo.client
/usr/lib/ruby/1.8/puppet/indirector/rest.rb:57:in `deserialize'
/usr/lib/ruby/1.8/puppet/indirector/rest.rb:90:in `save'
/usr/lib/ruby/1.8/puppet/indirector/indirection.rb:253:in `save'
/usr/lib/ruby/1.8/puppet/indirector.rb:64:in `save'
/usr/lib/ruby/1.8/puppet/application/kick.rb:123:in `run_for_host'
/usr/lib/ruby/1.8/puppet/application/kick.rb:68:in `main'
/usr/lib/ruby/1.8/puppet/application/kick.rb:67:in `fork'
/usr/lib/ruby/1.8/puppet/application/kick.rb:67:in `main'
/usr/lib/ruby/1.8/puppet/application/kick.rb:42:in `run_command'
/usr/lib/ruby/1.8/puppet/application.rb:301:in `run'
/usr/lib/ruby/1.8/puppet/application.rb:398:in `exit_on_fail'
/usr/lib/ruby/1.8/puppet/application.rb:301:in `run'
/usr/sbin/puppetrun:4
Host foo.client failed: Error 403 on SERVER: Forbidden request:
foo.server(192.168.24.32) access to /run/foo.client [save] authenticated at
line 0
foo.client finished with exit code 2
Failed: foo.client
, puppetrun with debug shows the same 403 error.
The client reports the same message after puppet has inserted the various
default acl rules.
I am not getting the bad url error as posted above by Joy Huang.
2) With auth.conf present, but no namespaceauth.conf, then at the client:
2010-09-08_05:24:07.34024 err: Will not start without authorization file
/etc/puppet/namespaceauth.conf
Not sure if debug & trace can provide any more information, but here it is:
2010-09-08_05:31:10.95062 debug: Failed to load library 'rubygems' for
feature 'rubygems'
2010-09-08_05:31:10.95862 debug: Failed to load library 'selinux' for
feature 'selinux'
2010-09-08_05:31:10.98444 debug: Puppet::Type::User::ProviderPw: file pw
does not exist
2010-09-08_05:31:10.98495 debug: Failed to load library 'ldap' for feature
'ldap'
2010-09-08_05:31:10.98522 debug: Puppet::Type::User::ProviderLdap: feature
ldap is missing
2010-09-08_05:31:10.98556 debug:
Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
2010-09-08_05:31:10.99829 debug: Puppet::Type::User::ProviderUser_role_add:
file roleadd does not exist
2010-09-08_05:31:11.01708 debug:
Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is
missing
2010-09-08_05:31:11.06040 debug:
/File[/var/lib/puppet/ssl/private_keys/foo.client.pem]: Autorequiring
File[/var/lib/puppet/ssl/private_keys]
2010-09-08_05:31:11.06131 debug: /File[/var/log/puppet/http.log]:
Autorequiring File[/var/log/puppet]
2010-09-08_05:31:11.06224 debug: /File[/var/lib/puppet/facts]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.06296 debug: /File[/var/lib/puppet/client_data]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.06370 debug: /File[/var/lib/puppet/state]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.06442 debug: /File[/var/lib/puppet/state/graphs]:
Autorequiring File[/var/lib/puppet/state]
2010-09-08_05:31:11.06525 debug: /File[/var/lib/puppet/ssl/private]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.06609 debug: /File[/var/lib/puppet/state/classes.txt]:
Autorequiring File[/var/lib/puppet/state]
2010-09-08_05:31:11.06698 debug:
/File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.06819 debug:
/File[/var/lib/puppet/ssl/certs/foo.client.pem]: Autorequiring
File[/var/lib/puppet/ssl/certs]
2010-09-08_05:31:11.06889 debug: /File[/var/lib/puppet/clientbucket]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.06973 debug: /File[/var/lib/puppet/ssl/public_keys]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.07059 debug: /File[/var/lib/puppet/ssl]: Autorequiring
File[/var/lib/puppet]
2010-09-08_05:31:11.07147 debug: /File[/var/lib/puppet/ssl/certs]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.07231 debug:
/File[/var/lib/puppet/ssl/public_keys/foo.client.pem]: Autorequiring
File[/var/lib/puppet/ssl/public_keys]
2010-09-08_05:31:11.07315 debug: /File[/var/lib/puppet/ssl/crl.pem]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.07400 debug: /File[/var/lib/puppet/ssl/certs/ca.pem]:
Autorequiring File[/var/lib/puppet/ssl/certs]
2010-09-08_05:31:11.07520 debug: /File[/var/lib/puppet/reports]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.07593 debug: /File[/var/lib/puppet/client_yaml]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.07663 debug: /File[/var/lib/puppet/lib]: Autorequiring
File[/var/lib/puppet]
2010-09-08_05:31:11.07735 debug: /File[/etc/puppet/puppet.conf]:
Autorequiring File[/etc/puppet]
2010-09-08_05:31:11.07822 debug: /File[/var/lib/puppet/ssl/private_keys]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.07895 debug: /File[/var/lib/puppet/state/state.yaml]:
Autorequiring File[/var/lib/puppet/state]
2010-09-08_05:31:11.10647 debug: Finishing transaction -614113368
2010-09-08_05:31:11.14983 debug: /File[/var/lib/puppet/ssl/crl.pem]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.15063 debug: /File[/var/lib/puppet/facts]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.15148 debug: /File[/var/log/puppet/http.log]:
Autorequiring File[/var/log/puppet]
2010-09-08_05:31:11.15233 debug: /File[/var/lib/puppet/ssl/certs/ca.pem]:
Autorequiring File[/var/lib/puppet/ssl/certs]
2010-09-08_05:31:11.15317 debug:
/File[/var/lib/puppet/ssl/private_keys/foo.client.pem]: Autorequiring
File[/var/lib/puppet/ssl/private_keys]
2010-09-08_05:31:11.15399 debug:
/File[/var/lib/puppet/ssl/certs/foo.client.pem]: Autorequiring
File[/var/lib/puppet/ssl/certs]
2010-09-08_05:31:11.15473 debug: /File[/var/lib/puppet/lib]: Autorequiring
File[/var/lib/puppet]
2010-09-08_05:31:11.15559 debug:
/File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.15675 debug: /File[/var/lib/puppet/reports]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.15763 debug: /File[/var/lib/puppet/ssl]: Autorequiring
File[/var/lib/puppet]
2010-09-08_05:31:11.15851 debug: /File[/var/lib/puppet/ssl/private]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.15943 debug: /File[/var/lib/puppet/state]:
Autorequiring File[/var/lib/puppet]
2010-09-08_05:31:11.16046 debug: /File[/var/lib/puppet/ssl/private_keys]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.16131 debug: /File[/var/lib/puppet/ssl/public_keys]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.16218 debug:
/File[/var/lib/puppet/ssl/public_keys/foo.client.pem]: Autorequiring
File[/var/lib/puppet/ssl/public_keys]
2010-09-08_05:31:11.16323 debug: /File[/var/lib/puppet/ssl/certs]:
Autorequiring File[/var/lib/puppet/ssl]
2010-09-08_05:31:11.18354 debug: Finishing transaction -614558908
2010-09-08_05:31:11.18593 debug: Using cached certificate for ca
2010-09-08_05:31:11.18653 debug: Using cached certificate for foo.client
2010-09-08_05:31:11.18705 err: Will not start without authorization file
/etc/puppet/namespaceauth.conf
3) With auth.conf present, one can have anything (or nothing) in
namespaceauth.conf, but it will be disregarded.
----------------------------------------
Bug #4629: puppet run Error 403 on SERVER: Forbidden request
http://projects.puppetlabs.com/issues/4629
Author: joy huang
Status: Accepted
Priority: Normal
Assignee:
Category: plumbing
Target version: 2.6.1
Affected version: 0.25.0
Keywords:
Branch:
puppet master release:puppet-2.6.1rc2
puppet client release:puppet--0.25.5
[r...@master ~]# puppetrun -p 10 --host ubunu910.dvmns.com
Triggering ubunu910.dvmns.com
Host ubunu910.dvmns.com failed: Error 403 on SERVER: Forbidden request:
ctc92.dvmns.com(221.238.249.92) access to /run/ubunu910.dvmns.com [save]
authenticated at line 0
ubunu910.dvmns.com finished with exit code 2
Failed: ubunu910.dvmns.com
how to fix this
mymail is: [email protected]
thanks
joy
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
