I applied the fixes to my test/staging config and it's not very happy. I think I'll just wait for the official fix to be out before I move forward with 3.x. :-)
For giggles, here's the log: # puppet agent --test Ignoring --listen on onetime run Warning: Unable to fetch my node definition, but the agent run will continue: Warning: Error 403 on SERVER: Forbidden request: stage1.myserver.com(127.0.0.1) access to /node/stage1.myserver.com [find] authenticated at :102 Info: Retrieving plugin Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate: Error 403 on SERVER: Forbidden request: stage1.myserver.com(127.0.0.1) access to /file_metadata/plugins [search] authenticated at :102 Error: /File[/var/lib/puppet/lib]: Could not evaluate: Error 403 on SERVER: Forbidden request: stage1.myserver.com(127.0.0.1) access to /file_metadata/plugins [find] authenticated at :102 Could not retrieve file metadata for puppet://stage1.myserver.com/plugins: Error 403 on SERVER: Forbidden request: stage1.myserver.com(127.0.0.1) access to /file_metadata/plugins [find] authenticated at :102 Info: Caching catalog for stage1.myserver.com Info: Applying configuration version '1351113815' Error: /Stage[main]/Ntp-client/File[/etc/ntp.conf]: Could not evaluate: Error 403 on SERVER: Forbidden request: stage1.myserver.com(127.0.0.1) access to /file_metadata/etc/ntp.conf [find] authenticated at :102 Could not retrieve file metadata for puppet:///etc/ntp.conf: Error 403 on SERVER: Forbidden request: stage1.myserver.com(127.0.0.1) access to /file_metadata/etc/ntp.conf [find] authenticated at :102 /Stage[main]/Ntp-client/Service[ntpd]: Dependency File[/etc/ntp.conf] has failures: true Warning: /Stage[main]/Ntp-client/Service[ntpd]: Skipping because of failed dependencies Everything under /var/lib/puppet was created by the puppetmaster -- /var/lib/puppet/lib is owned by root:root as it is on my /working/ puppet master. [ fileserver.conf ] [files] path /etc/puppet/files allow * [ auth.conf ] path ~ ^/file_(metadata|content)/files/ auth yes allow /^(.+\.)?example.com$/ allow_ip 10.101.0.0/24 allow_ip 10.103.0.0/24 allow_ip 127.0.0.0/24 I tried the last one, 127/24, to see if the issue was with the client connecting locally; made no difference. Everything else in auth.conf is "allow *" We have a set of files in /etc/puppet/files/etc/blah-blah that are copied over to the clients. They are not in a module (don't need to be). I read somewhere that you need to put your files in the modules that belong to them, this doesn't apply here as far as I can tell. In any case... that's all going off on a tangent. I hope the fix will be out soon :-) Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/cx8NwigZpBAJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.