Managing Puppet Server(2.7.2) with foreman 1.12-14

Support
1

What is the recommended way to managed Puppet Server(2.7.2) under Foreman
1.12-14.

The issue I found is that if I install new gem packages and want to restart
puppet server (service puppetserver restart) it fails due to the fact that
foreman changes permissions on some of the files.

puppetserver.log:

java.io.FileNotFoundException: /etc/puppetlabs/puppet/ssl/crl.pem (
Permission denied)

and foreman-installer/foreman.log:

/File[/etc/puppetlabs/puppet/ssl/crl.pem]/owner: owner changed 'puppet' to
'root'

Actually there is quite few files which have been changed from owner
'puppet' to 'root'

Changing owner back to puppet fixes the issue.
chown puppet:puppet /etc/puppetlabs/puppet/ssl/crl.pem

Is this a bug or is there a way to restart puppet server from foreman?

How does one does it?

2

foreman-installer does not actively manage this file, it is more likely
to be Puppet managing internal file permissions while it runs "puppet
apply".

Ensure you're on the latest version of Puppet and check for any file
permissions overridden in puppet.conf (Foreman 1.15 will not use this
config file when running puppet apply).

··· On 27/01/17 16:36, 'mmt' via Foreman users wrote: > What is the recommended way to managed Puppet Server(2.7.2) under > Foreman 1.12-14. > > The issue I found is that if I install new gem packages and want to > restart puppet server (service puppetserver restart) it fails due to the > fact that foreman changes permissions on some of the files. > > puppetserver.log: > > > > java.io.FileNotFoundException:/etc/puppetlabs/puppet/ssl/crl.pem > (Permissiondenied) > > > > and foreman-installer/foreman.log: > > > > /File[/etc/puppetlabs/puppet/ssl/crl.pem]/owner:owner changed 'puppet'to > 'root' > >


Dominic Cleal
dominic@cleal.org