Allan Marcus wrote: > Ug. > > does anyone have any idea why my clients can connect just fine when > using webrick but cannot when using passenger? this only happens with > puppetmasterd 0.25.x. When the client tries to connect I see: > > puppetmasterd[3485] <Notice>: Starting Puppet server version 0.25.1 > puppetmasterd[3485] <Warning>: Denying access: Forbidden request: > marcusmini-a.lanl.gov(128.165.129.167) access to /file_metadata/facts \ > [search\] at line 0 > puppetmasterd[3485] <Error>: Forbidden request: marcusmini- > a.lanl.gov(128.165.129.167) access to /file_metadata/facts \[search\] > at line 0 > puppetmasterd[3485] <Warning>: Denying access: Forbidden request: > marcusmini-a.lanl.gov(128.165.129.167) access to /file_metadata/facts \ > [find\] at line 0 > puppetmasterd[3485] <Error>: Forbidden request: marcusmini- > a.lanl.gov(128.165.129.167) access to /file_metadata/facts \[find\] at > line 0 > puppetmasterd[3485] <Warning>: Denying access: Forbidden request: > marcusmini-a.lanl.gov(128.165.129.167) access to /catalog/marcusmini- > a.lanl.gov \[find\] at line 0 > puppetmasterd[3485] <Error>: Forbidden request: marcusmini- > a.lanl.gov(128.165.129.167) access to /catalog/marcusmini-a.lanl.gov \ > [find\] at line 0 > puppetmasterd[3485] <Warning>: Denying access: Forbidden request: > marcusmini-a.lanl.gov(128.165.129.167) access to /file_metadata/ > dlanlbaseline/getDefsDate.sh \[find\] at line 0 > puppetmasterd[3485] <Error>: Forbidden request: marcusmini- > a.lanl.gov(128.165.129.167) access to /file_metadata/dlanlbaseline/ > getDefsDate.sh \[find\] at line 0 > > If I use the sample auth.conf file and set > auth no > allow * > everything works, but I'm pretty sure that is not a good idea. Since > it all works when using webrick and doesn't work when using passenger, > could the issue be that passenger is not passing the clients certs to > puppetmasterd, and therefore puppetmasterd is thinking the client in > unauthenticated? > > > --- > Thanks, > > Allan Marcus > 505-667-5666 > > > > On Sep 24, 2009, at 10:13 AM, Allan Marcus wrote: > > >> Hello, >> >> When I run puppetmasterd (0.25.1.rc1) with webrick, it works fine and >> my test client and connect and do everything it needs to do. >> >> When I run pappetmasterd with passenger (2.2.2) I see the following >> error in the log: >> >> Thu Sep 24 10:09:43 puppet-dev puppetmasterd[732] <Notice>: Denying >> unauthenticated client marcusmini-a.lanl.gov(<ip removed>) access to >> fileserver.list >> >> there are a number of related errors all seemingly stemming from this >> authentication error. >> >> Any ideas? Any more info that could help? >> >> --- >> Thanks, >> >> Allan Marcus >> 505-667-5666 >> >> >> >> >> > > > > > You might be running puppet master under a different user or the puppet master certificate changed because puppet thinks it has a different name. Other than that I have no ideea. :-?
Silviu --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
