On Sep 10, 3:12 am, Brice Figureau <brice-pup...@daysofwonder.com>
wrote:
> On Wed, 2009-09-09 at 07:31 -0700, Martin Englund wrote:
> > After upgrading one of our puppetmasters to 0.25.0 we get the
> > following errors on the client (also running 0.25.0):
> > err: /File[/var/puppet/lib]: Failed to generate additional resources
> > using 'eval_generate': Error 403 on SERVER: Forbidden request: lab-
> > git2.SFBay.Sun.COM(10.6.48.12) access to /file_metadata/plugins
> > [search] at line 0
> > err: /File[/var/puppet/lib]: Failed to retrieve current state of
> > resource: Error 403 on SERVER: Forbidden request: lab-
> > git2.SFBay.Sun.COM(10.6.48.12) access to /file_metadata/plugins [find]
> > at line 0 Could not retrieve file metadata for
> > puppet://puppeteer.sfbay.sun.com/plugins:
> > Error 403 on SERVER: Forbidden request: lab-git2.SFBay.Sun.COM
> > (10.6.48.12) access to /file_metadata/plugins [find] at line 0
> > err: Could not retrieve catalog from remote server: Error 403 on
> > SERVER: Forbidden request: lab-git2.SFBay.Sun.COM(10.6.48.12) access
> > to /catalog/lab-git2.sfbay.sun.com [find] at line 0
>
> > I do not have an auth.conf file. Any hints to why this is happening
> > are very welcome :)
>
> Are you sure you don't have an auth.conf file?
>
> Because without an auth.conf file the ACL for file access is just:
> path /file
> allow *
>
> Which means all unauthenticated file accesses are allowed (which
> basically is the kind of thing that didn't work in your case).
>
> Can you open a redmine ticket with the whole puppetmaster log. Make sure
> you include all the relevant details including the master log part about
> the access stuff like those:
> info: access[^/catalog/([^/]+)$]: allowing 'method' find
Brice, I'm having a similar problem after upgrade to 0.25: look:
This is the syslog at puppetmasterd:
Sep 11 01:33:15 vps200 puppetmasterd[3705]: (access[/]) defaulting to
no access for 67.212.94.125
Sep 11 01:33:15 vps200 puppetmasterd[3705]: Denying access: Forbidden
request: 67.212.94.125(67.212.94.125) access to /catalog/
vps204.speedyrails.ca [find] at line 0
Sep 11 01:33:15 vps200 puppetmasterd[3705]: Forbidden request:
67.212.94.125(67.212.94.125) access to /catalog/vps204.speedyrails.ca
[find] at line 0
and, this is the error at puppet client:
vps204:~# puppetd -tv
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for ca
warning: peer certificate won't be verified in this SSL session
err: Could not retrieve catalog from remote server: Error 403 on
SERVER: Forbidden request: 67.212.94.125(67.212.94.125) access to /
catalog/vps204.speedyrails.ca [find] at line 0
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
Where can I find info about this auth.conf file? it has be in /etc/
puppet/auth.conf at puppetmaster or puppet client?
regards,
Israel
> ...
>
> Thanks,
> --
> Brice Figureau
> My Blog:http://www.masterzen.fr/
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
