Jira (PUP-9478) puppet generate certificate gives linux permissions to ssldir
Title: Message Title Nick GW created an issue Puppet / PUP-9478 puppet generate certificate gives linux permissions to ssldir Issue Type: Bug Affects Versions: PUP 5.5.3 Assignee: Unassigned Components: Windows Created: 2019/02/06 11:58 AM Priority: Normal Reporter: Nick GW Running `puppet certificate generate --ca-location remote $hostname`, where $hostname is the FQDN of the node, gives ssldir, as well as other files on Windows Linux-style permissions, breaking puppet. The puppet certificate command does request and deliver the correct certificate, but the puppet agent can not open and read them: ```PS C:\Windows\system32> puppet agent -v Error: Could not request certificate: Permission denied @ rb_sysopen - C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/HOSTNAME.pem``` In addition, the cache folder in vardir has broken permissions: ```Error: Transaction store file C:/ProgramData/PuppetLabs/puppet/cache/state/transactionstore.yaml is corrupt (Permission denied @ rb_sysopen - C:/ProgramData/PuppetLabs/puppet/cache/state/transactionstore.yaml); replacing Wrapped exception: Permission denied @ rb_sysopen - C:/ProgramData/PuppetLabs/puppet/cache/state/transactionstore.yaml``` ```Error: Could not send report: ReplaceFile(C:/ProgramData/PuppetLabs/puppet/cache/state/last_run_report.yaml, C:/ProgramData/PuppetLabs/puppet/cache /state/last_run_report.yaml20190206-3632-7u91t6): Access is denied.```
Jira (PUP-9478) puppet generate certificate gives linux permissions to ssldir
Title: Message Title
Nick GW updated an issue
Puppet / PUP-9478
puppet generate certificate gives linux permissions to ssldir
Change By:
Nick GW
Running `puppet certificate generate --ca-location remote $hostname`, where $hostname is the FQDN of the node, gives ssldir, as well as other files on Windows Linux-style permissions, breaking puppet. The puppet certificate command does request and deliver the correct certificate, but the puppet agent can not open and read them: {code:java} ``` // PS C:\Windows\system32> puppet agent -vError: Could not request certificate: Permission denied @ rb_sysopen - C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/HOSTNAME.pem ``` {code} In addition, the cache folder in vardir has broken permissions: {code:java} ``` // Error: Transaction store file C:/ProgramData/PuppetLabs/puppet/cache/state/transactionstore.yaml is corrupt (Permission denied @ rb_sysopen - C:/ProgramData/PuppetLabs/puppet/cache/state/transactionstore.yaml); replacingWrapped exception:Permission denied @ rb_sysopen - C:/ProgramData/PuppetLabs/puppet/cache/state/transactionstore.yaml``` ```Error: Could not send report: ReplaceFile(C:/ProgramData/PuppetLabs/puppet/cache/state/last_run_report.yaml, C:/ProgramData/PuppetLabs/puppet/cache/state/last_run_report.yaml20190206-3632-7u91t6): Access is denied. ``` {code}
Add Comment
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Jira (FACT-3136) Bug in gce.project.attributes.sshKeys
Title: Message Title Nick GW commented on FACT-3136 Re: Bug in gce.project.attributes.sshKeys While the ssh-keys key in the gce fact is a blob of all the ssh-keys added to the project, it exceeds puppet's fact_value_length_soft_limit configuration setting. This throws a warning on every puppet run. Reverting the change back to facter 3's behavior will resolve this. Add Comment This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.454867.1657650158000.10260.1676400480071%40Atlassian.JIRA.
Jira (PUP-10589) Provide the ability to generate a CSR without submitting to the CA
Title: Message Title Nick GW commented on PUP-10589 Re: Provide the ability to generate a CSR without submitting to the CA Please implement this, it'd be super handy for working with external CAs Add Comment This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.366691.1595280947000.11623.1683652140096%40Atlassian.JIRA.
