Ask Your Question
0

Puppet console fails after file permissions change

asked 2013-05-11 22:50:36 -0500

Hello,

I recently broke my puppet master after some file owner/permission problems that caused agent runs to fail. I corrected the permissions and agents are now running normally but the puppet console will not load.

I'm using Puppet master version 2.7.19 (Puppet Enterprise 2.6.1)

When accessing the puppet console it fails with "Ruby application could not be started"

Error message:
Permission denied - ./lib/casserver/../../config.yml

Exception class:
Errno::EACCES

Application root:
/opt/puppet/share/rubycas-server

The above config.yml file is owned by pe-auth with rw acces. Doing chown root:root had no ... (more)

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
0

answered 2013-06-19 10:28:42 -0500

I needed to make sure the file was owned by pe-auth then the login page would appear

edit flag offensive delete link more
0

answered 2013-05-13 02:23:31 -0500

Ancillas gravatar image

Here's the file that's causing the problem.

Error message:
Permission denied - ./lib/casserver/../../config.yml

do an ls -l on that entire directory and paste the result into a comment so that we can see the permissions and ownership.

edit flag offensive delete link more

Comments

In that directory, config.yml is symlink. Here's the directory and the target of the symlink.

lrwxrwxrwx  1 root root    41 Oct 22  2012 config.yml -> /etc/puppetlabs ...
(more)
Cornellio gravatar imageCornellio ( 2013-05-13 14:13:39 -0500 )edit

Did you accidentally truncate the 'l' from the filename of '/etc/puppetlabs/rubybas-server', or is it actually missing an 'l'?

Did you do a recursive chmod or chown that may ...(more)

Ancillas gravatar imageAncillas ( 2013-05-13 16:52:12 -0500 )edit

I truncated the l. The filename is correct. Inside /opt/puppet/share/rubycas-server, both lib and casserver have read and execute. I did chmod +rx /etc/puppetlabs/rubycas-server/config.yml ...(more)

Cornellio gravatar imageCornellio ( 2013-05-13 17:52:14 -0500 )edit

Are you sure the console is running in the right user context? I checked my master and config.yml was pe-auth:pe-auth with 0600, just like yours was. Is the ...(more)

Ancillas gravatar imageAncillas ( 2013-05-13 18:20:19 -0500 )edit

/opt/puppet/share/puppet-dashboard is running as puppet-dashboard, but the output of ps -ef shows it by uid, not by name, which seems odd. pe-httpd.worker is running as pe-apache.

Cornellio gravatar imageCornellio ( 2013-05-13 20:14:34 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-05-11 22:50:36 -0500

Seen: 1,537 times

Last updated: Jun 19 '13