Bug #4372

syntax errors in config file do not abort daemon, and daemon continues with defaults

Added by John Warburton almost 2 years ago. Updated over 1 year ago.

Status:Accepted Start date:07/27/2010
Priority:Normal Due date:
Assignee:- % Done:

0%
Category:-
Target version:2.7.x
Affected Puppet version:0.25.5 Branch:
Keywords:
Votes: 0

Description

A syntax error in the puppetmasterd config file does not abort the daemon – it does the worst possible thing – continue with a “default” puppet configuration

In my case – I don’t run puppet from /etc/puppet, but it goes on and creates /etc/puppet. And worst – testing with the config file set to listen on another port, it ends up listening on 8140!

This is true for 0.25.5 as well

So, lets just make sure our config file is correct:

root@engncfm001# \rm -rf /local/puppet-2.6
root@engncfm001# \rm -rf /etc/puppet
root@engncfm001# mkdir /local/puppet-2.6
root@engncfm001# export RUBYLIB=/opt/local/pkgs/puppet-2.6.1rc1/lib:/opt/local/lib:/opt/local/lib/ruby/site_ruby/1.8  
root@engncfm001# /opt/local/pkgs/puppet-2.6.1rc1/sbin/puppetmasterd --config /tmp/puppetmasterd.conf-2.6-test --no-daemonize --debug                                                                    
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/local/puppet-2.6/var/reports]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/etc/ssl/certs]: Autorequiring File[/local/puppet-2.6/etc/ssl]
debug: /File[/local/puppet-2.6/var/bucket]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/var/server_data]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/var/log]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/etc/ssl/private_keys]: Autorequiring File[/local/puppet-2.6/etc/ssl]
debug: /File[/local/puppet-2.6/etc/ssl/private]: Autorequiring File[/local/puppet-2.6/etc/ssl]
debug: /File[/local/puppet-2.6/var/run]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/etc/ssl]: Autorequiring File[/local/puppet-2.6/etc]
debug: /File[/local/puppet-2.6/etc/manifests]: Autorequiring File[/local/puppet-2.6/etc]
debug: /File[/local/puppet-2.6/var/rrd]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/var/state]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/var/log/masterhttp.log]: Autorequiring File[/local/puppet-2.6/var/log]
debug: /File[/local/puppet-2.6/etc/ssl/public_keys]: Autorequiring File[/local/puppet-2.6/etc/ssl]
debug: /File[/local/puppet-2.6/etc/ssl/certificate_requests]: Autorequiring File[/local/puppet-2.6/etc/ssl]
debug: /File[/local/puppet-2.6/var/lib]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/var/yaml]: Autorequiring File[/local/puppet-2.6/var]
debug: /File[/local/puppet-2.6/var]/ensure: created
debug: /File[/local/puppet-2.6/var/lib]/ensure: created
debug: /File[/local/puppet-2.6/var/yaml]/ensure: created
debug: /File[/local/puppet-2.6/var/state]/ensure: created
debug: /File[/local/puppet-2.6/var/rrd]/ensure: created
debug: /File[/local/puppet-2.6/var/run]/ensure: created
debug: /File[/local/puppet-2.6/var/log]/ensure: created
debug: /File[/local/puppet-2.6/var/log/masterhttp.log]/ensure: created
debug: /File[/local/puppet-2.6/var/reports]/ensure: created
debug: /File[/local/puppet-2.6/var/bucket]/ensure: created
debug: /File[/local/puppet-2.6/var/server_data]/ensure: created
debug: /File[/local/puppet-2.6/etc]/ensure: created
debug: /File[/local/puppet-2.6/etc/manifests]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/public_keys]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/certificate_requests]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/private_keys]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/private]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/certs]/ensure: created
debug: Finishing transaction 8230860
debug: /File[/local/puppet-2.6/etc/ssl/ca/signed]: Autorequiring File[/local/puppet-2.6/etc/ssl/ca]
debug: /File[/local/puppet-2.6/etc/ssl/ca/requests]: Autorequiring File[/local/puppet-2.6/etc/ssl/ca]
debug: /File[/local/puppet-2.6/etc/ssl/ca/private]: Autorequiring File[/local/puppet-2.6/etc/ssl/ca]
debug: /File[/local/puppet-2.6/etc/ssl/ca]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/ca/private]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/ca/requests]/ensure: created
debug: /File[/local/puppet-2.6/etc/ssl/ca/signed]/ensure: created
debug: Finishing transaction 7484748
info: Creating a new SSL key for ca
info: Creating a new SSL certificate request for ca
info: Certificate Request fingerprint (md5): 4F:F1:65:B3:EB:D0:65:DC:1F:A8:E0:D4:12:B7:01:4F
notice: Signed certificate request for ca
notice: Rebuilding inventory file
debug: Using cached certificate for ca
info: Creating a new certificate revocation list
info: Creating a new SSL key for puppet-lab.bfm.com
debug: Using cached certificate for ca
info: Creating a new SSL certificate request for puppet-lab.bfm.com
info: Certificate Request fingerprint (md5): B8:18:FD:C0:40:FE:1A:F5:C9:C9:0B:5A:DF:56:52:ED
notice: puppet-lab.bfm.com has a waiting certificate request
debug: Using cached certificate for ca
debug: Using cached certificate_request for puppet-lab.bfm.com
notice: Signed certificate request for puppet-lab.bfm.com
notice: Removing file Puppet::SSL::CertificateRequest puppet-lab.bfm.com at '/local/puppet-2.6/etc/ssl/ca/requests/puppet-lab.bfm.com.pem'
notice: Removing file Puppet::SSL::CertificateRequest puppet-lab.bfm.com at '/local/puppet-2.6/etc/ssl/certificate_requests/puppet-lab.bfm.com.pem'
notice: Starting Puppet master version 2.6.1
debug: No file server configuration file; autocreating modules mount with default permissions
debug: No file server configuration file; autocreating plugins mount with default permissions
debug: Finishing transaction 4563276
^Cnotice: Caught INT; calling stop

So, lets create a syntax error

root@engncfm001# echo "the quick brown fox jumps over the lazy dog" >> /tmp/puppetmasterd.conf-2.6-test
root@engncfm001# /opt/local/pkgs/puppet-2.6.1rc1/sbin/puppetmasterd --config /tmp/puppetmasterd.conf-2.6-test --no-daemonize --debug

err: Could not parse /tmp/puppetmasterd.conf-2.6-test: Could not match line the quick brown fox jumps over the lazy dog at /tmp/puppetmasterd.conf-2.6-test:the quick brown fox jumps over the lazy dog

debug: Failed to load library 'selinux' for feature 'selinux'
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/bucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/etc/puppet/manifests]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/server_data]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/log/masterhttp.log]: Autorequiring File[/var/lib/puppet/log]
debug: /File[/var/lib/puppet/rrd]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/reports]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/run]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring File[/etc/puppet/ssl]
debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
debug: /File[/etc/puppet]/ensure: created
debug: /File[/etc/puppet/manifests]/ensure: created
debug: /File[/etc/puppet/ssl]/ensure: created
debug: /File[/etc/puppet/ssl/certificate_requests]/ensure: created
debug: /File[/etc/puppet/ssl/certs]/ensure: created
debug: /File[/etc/puppet/ssl/private]/ensure: created
debug: /File[/etc/puppet/ssl/public_keys]/ensure: created
debug: /File[/etc/puppet/ssl/private_keys]/ensure: created
debug: Finishing transaction 8219220
debug: /File[/etc/puppet/ssl/ca/private]: Autorequiring File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/requests]: Autorequiring File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca/signed]: Autorequiring File[/etc/puppet/ssl/ca]
debug: /File[/etc/puppet/ssl/ca]/ensure: created
debug: /File[/etc/puppet/ssl/ca/signed]/ensure: created
debug: /File[/etc/puppet/ssl/ca/private]/ensure: created
debug: /File[/etc/puppet/ssl/ca/requests]/ensure: created
debug: Finishing transaction 7560108
info: Creating a new SSL key for ca
info: Creating a new SSL certificate request for ca
info: Certificate Request fingerprint (md5): 34:E6:34:7A:C2:2D:00:CA:AA:FC:90:E0:6E:FF:FE:D8
notice: Signed certificate request for ca
notice: Rebuilding inventory file
debug: Using cached certificate for ca
info: Creating a new certificate revocation list
info: Creating a new SSL key for engncfm001.bfm.com
debug: Using cached certificate for ca
info: Creating a new SSL certificate request for engncfm001.bfm.com
info: Certificate Request fingerprint (md5): BA:CA:8F:F4:5C:18:B0:BC:A4:8C:93:C2:10:83:9C:9F
notice: engncfm001.bfm.com has a waiting certificate request
debug: Using cached certificate for ca
debug: Using cached certificate_request for engncfm001.bfm.com
notice: Signed certificate request for engncfm001.bfm.com
notice: Removing file Puppet::SSL::CertificateRequest engncfm001.bfm.com at '/etc/puppet/ssl/ca/requests/engncfm001.bfm.com.pem'
notice: Removing file Puppet::SSL::CertificateRequest engncfm001.bfm.com at '/etc/puppet/ssl/certificate_requests/engncfm001.bfm.com.pem'
notice: Starting Puppet master version 2.6.1
debug: No file server configuration file; autocreating modules mount with default permissions
debug: No file server configuration file; autocreating plugins mount with default permissions
debug: Finishing transaction 4654308

Wait! What? I didn’t order this!

root@engncfm001# ls -l /etc/puppet
total 6
drwxr-xr-x   2 root     root           2 Jul 26 23:57 manifests
drwxrwx--x   8 puppet   root           9 Jul 26 23:57 ssl

Which port?

root@engncfm001# grep masterport /tmp/puppetmasterd.conf-2.6-test
# The default value is '$masterport'.
# The default value is '$masterport'.
masterport = 8444

Good config file:

root@engncfm001# lsof -i:8140
COMMAND   PID   USER   FD   TYPE        DEVICE SIZE/OFF NODE NAME
httpd   24557   root    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24574 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24575 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24576 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24577 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24578 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24581 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24612 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)

root@engncfm001# lsof -i:8444
COMMAND   PID   USER   FD   TYPE        DEVICE SIZE/OFF NODE NAME
ruby    27020 puppet    7u  IPv4 0x60023186400      0t0  TCP *:8444 (LISTEN)

Bad config file

root@engncfm001# lsof -i:8140
COMMAND   PID   USER   FD   TYPE        DEVICE SIZE/OFF NODE NAME
httpd   24557   root    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24574 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24575 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24576 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24577 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24578 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24581 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
httpd   24612 puppet    6u  IPv6 0x30019d57640      0t0  TCP *:8140 (LISTEN)
ruby    27045 puppet    7u  IPv4 0x60011fdadc0      0t0  TCP *:8140 (LISTEN)

root@engncfm001# lsof -i:8444
<empty>

History

#1
Updated by James Turnbull almost 2 years ago

  • Status changed from Unreviewed to Investigating
  • Target version set to 2.6.1

#2
Updated by James Turnbull over 1 year ago

  • Target version changed from 2.6.1 to 2.6.2

#3
Updated by Jesse Wolfe over 1 year ago

  • Status changed from Investigating to Accepted
  • Target version changed from 2.6.2 to 2.7.x
  • Affected Puppet version changed from 2.6.1rc1 to 0.25.5

Also available in: Atom PDF