Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-8109

puppet device cannot create certs when run as root (5.3.x backport)

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Template:
    • Team:
      Platform Core
    • CS Priority:
      Normal
    • QA Risk Assessment:
      No Action

      Description

      Backport fix into 5.3.x

      broken – output of `puppet device --debug` when ran as root:

      info: Creating a new SSL key for 10.0.1.3
      err: Could not request certificate: Could not write /var/opt/lib/pe-puppet/devices/10.0.1.3/ssl/private_keys/10.0.1.3.pem to privatekeydir: Permission denied - /var/opt/lib/pe-puppet/devices/10.0.1.3/ssl/private_keys/10.0.1.3.pem
      

      success – output of `puppet device --debug` when ran as a normal user:

      warning: peer certificate won't be verified in this SSL session
      info: Caching certificate for ca
      warning: peer certificate won't be verified in this SSL session
      warning: peer certificate won't be verified in this SSL session
      info: Creating a new SSL certificate request for 10.0.1.3
      info: Certificate Request fingerprint (md5): 6C:1C:4C:37:A7:1D:B3:6E:F3:94:25:67:55:27:89:4C
      warning: peer certificate won't be verified in this SSL session
      debug: Using cached certificate for ca
      warning: peer certificate won't be verified in this SSL session
      info: Caching certificate for 10.0.1.3
      

      Note, that you have to copy `/etc/puppetlabs/puppet/device.conf` to `~/.puppet/`

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                richard.sherman Rick Sherman
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support