Thread: Puppet agent problem

i'm in process of setting puppet , experiencing issues. i'm running ubuntu 11.04 desktop , server in 2 seperate vm's. i've installed puppet master (2.6.4) , puppet (2.6.4). puppet master , agent happily working together.

i'm running example in book pro puppet. first example;

code:

class sudo {     package { sudo:         ensure => present,     }     if $operatingsystem == "ubuntu" {         package { "sudo-ldap":         ensure => present,         require => package["sudo"],     }     }     file { "/etc/sudoers":         owner => "root",         group => "root",         mode => 0440,         source => "puppet://$puppetserver/modules/sudo/etc/sudoers",         require => package["sudo"],     } }

on agent run following command;

puppet agent --server=<myserver> --no-daemonize --verbose --onetime

agent see's change error;

info: caching catalog <agentserver>
info: applying configuration version '123456789'
err: /stage[main]/sudo/package[sudo-ldap]/ensure: change purged present
failed: execution of '/usr/bin/apt-get -q -y -o dpkg::options::=--force-confold
install sudo-ldap' returned 100: e: not open lock file /var/lib/dpkg/lock
- open (13: permission denied)
e: unable lick administration directory (/var/lib/dpkg/), root?

don't have package manager open.

understand problem is. agent being run current logged in user , user doesn't have permission run apt-get. run apt-get have sudo apt-get.

i've thought modifying sudoers file , adding nopasswd user (as suggested in other posts) apt-get doesn't solve problem since command in puppet agent not run sudo.

understand if run puppet agent daemon runs user root guess solve problem. i'm not sure it's best run agent daemon. might want control when agent pulls updates puppet master (or through cron).

if run;

sudo puppet agent --server=<myserver> --no-daemonize --verbose --onetime

different error;

err: not request certificate: retrieved certificate not match private
key; please remove certificate server , regenerate current key

i've tried removing ssl certs both puppet master , agent , run command again. same problem. when remove sudo start of command puppet agent happy cert.

though adding user root group test. when if run apt-get update manually permission denied. wondered if has root user being disabled default on ubuntu.

i'm novice when comes these sorts of things. has got working or have suggestions of how might solve issue?

this late you, ran exact same problem morning , able figure out.

fix found either run puppet sudo, or run daemon. without sudo, looks home directory certificates. is, me, expected behavior.

stated in pro puppet, started command without sudo , signed certificate on master server. when running puppet sudo or daemon, fails not read or certificate files in home directory.

fix need run puppet on node sudo and/or daemon/service first need revoke certificate on puppet master , re-sign certificate on node you're running.

first on puppet master:

code:

puppet cert clean <node hostname>

second on puppet node:

code:

# 1 of following  sudo puppet agent --server=puppet.example.com --no-daemonize --verbose  # or  sudo service puppet start

lastly on puppet master:

code:

puppet cert sign node.example.com

references:
http://docs.puppetlabs.com/man/cert.html

Forum The Ubuntu Forum Community Ubuntu Specialised Support Ubuntu Servers, Cloud and Juju Server Platforms [ubuntu] Puppet agent problem

Ubuntu