in ubuntu it is in /var/log/rsyslog
On Sat, Aug 14, 2010 at 8:55 AM, Christian <
berwangerchrist...@googlemail.com> wrote:
> Where did you find the log? I opened a similar thread three days
> ago... with no results yet.
>
> like you I didn't found it in /var/log/puppet/.
>
>
>
> On 14 Aug., 01:46, Yushu <yao.yu...@gmail.com> wrote:
> > Just to add: in the puppet masterlog it shows below. What causes the
> > "Could not resolve 192.168.2.3: no name for 192.168.2.3" ?
> >
> > I'm running inside Eucalyptus, where the domainname is strange.
> >
> > Also, with exactly the same configuration/certs, if I run
> > puppetmasterd directly, it works fine.
> >
> > Thanks a lot!
> >
> > -Yushu
> >
> > Aug 13 23:43:22 ubuntu puppetmasterd[10619]: Handling request: GET /
> > production/certificate_revocation_list/ca
> > Aug 13 23:43:22 ubuntu puppetmasterd[10619]: Could not resolve
> > 192.168.2.3: no name for 192.168.2.3
> > Aug 13 23:43:22 ubuntu puppetmasterd[10619]: (access[/]) defaulting to
> > no access for 192.168.2.3
> > Aug 13 23:43:22 ubuntu puppetmasterd[10619]: Denying access: Forbidden
> > request: 192.168.2.3(192.168.2.3) access to /
> > certificate_revocation_list/ca [find] at line 93
> > Aug 13 23:43:22 ubuntu puppetmasterd[10619]: Forbidden request:
> > 192.168.2.3(192.168.2.3) access to /certificate_revocation_list/ca
> > [find] at line 93
> >
> > On Aug 13, 3:18 pm, Yushu Yao <yao.yu...@gmail.com> wrote:
> >
> > > Hi Experts,
> >
> > > I'm trying to run puppet via passenger _ apache2 on ubuntu 10.04 64bit
> and
> > > it refuse to work with an error:
> >
> > > *err: Could not retrieve catalog from remote server: Error 403 on
> SERVER:
> > > Forbidden request: 192.168.2.3(192.168.2.3) access to
> > > /certificate_revocation_list/ca [find] at line 93*
> >
> > > I googled around and found this problem was discussed some time ago,
> but
> > > there was no clear fix.
> >
> > > Any help is appreciated.
> >
> > > A side question is where are the logs of puppetmaster stored? They are
> not
> > > in /var/log/messages nor $logdir/*
> >
> > > Thanks a lot.
> >
> > > -Yushu
> >
> > > *dpkg -l|grep apache*
> >
> > > ii apache2 2.2.14-5ubuntu8 Apache
> HTTP
> > > Server metapackage
> > > ii apache2-mpm-worker 2.2.14-5ubuntu8 Apache
> HTTP
> > > Server - high speed threaded mod
> > > ii apache2-utils 2.2.14-5ubuntu8
> utility
> > > programs for webservers
> > > ii apache2.2-bin 2.2.14-5ubuntu8 Apache
> HTTP
> > > Server common binary files
> > > ii apache2.2-common 2.2.14-5ubuntu8 Apache
> HTTP
> > > Server common files
> > > ii libapache2-mod-passenger 2.2.7debian-1 Rails
> and
> > > Rack support for Apache2
> > > ii libapache2-mod-wsgi 2.8-2ubuntu1 Python
> WSGI
> > > adapter module for Apache
> >
> > > *dpkg -l|grep ruby*
> > > ii libaugeas-ruby1.8 0.2.0-2ubuntu3 Augeas
> > > bindings for the Ruby language
> > > ii libopenssl-ruby 4.2
> OpenSSL
> > > interface for Ruby
> > > ii libopenssl-ruby1.8 1.8.7.249-2
> OpenSSL
> > > interface for Ruby 1.8
> > > ii librack-ruby 1.1.0-3 A
> modular
> > > Ruby webserver interface
> > > ii librack-ruby1.8 1.1.0-3 A
> modular
> > > Ruby webserver interface (Ruby 1.8
> > > ii libreadline-ruby1.8 1.8.7.249-2
> Readline
> > > interface for Ruby 1.8
> > > ii libruby 4.2
> Libraries
> > > necessary to run Ruby 1.8.x
> > > ii libruby1.8 1.8.7.249-2
> Libraries
> > > necessary to run Ruby 1.8
> > > ii libshadow-ruby1.8 1.4.1-8build1
> Interface
> > > of shadow password for Ruby 1.8
> > > ii libxmlrpc-ruby 4.2
> > > transitional dummy package
> > > ii rdoc 4.2
> Generate
> > > documentation from ruby source file
> > > ii ruby 4.2 An
> > > interpreter of object-oriented scripting
> > > ii ruby1.8 1.8.7.249-2
> Interpreter
> > > of object-oriented scripting lan
> > > ii rubygems 1.3.5-1ubuntu2
> package
> > > management framework for Ruby librar
> > > ii rubygems1.8 1.3.5-1ubuntu2
> package
> > > management framework for Ruby librar
> >
> > > *cat ../puppetrack/puppetmasterd/config.ru *
> > > # a config.ru, for use with every rack-compatible webserver.
> > > # SSL needs to be handled outside this, though.
> >
> > > # if puppet is not in your RUBYLIB:
> > > # $:.unshift('/opt/puppet/lib')
> >
> > > $0 = "puppetmasterd"
> > > require 'puppet'
> >
> > > # if you want debugging:
> > > ARGV << "--debug"
> >
> > > ARGV << "--rack"
> > > require 'puppet/application/puppetmasterd'
> > > # we're usually running inside a Rack::Builder.new {} block,
> > > # therefore we need to call run *here*.
> > > run Puppet::Application[:puppetmasterd].run
> >
> > > *cat /etc/puppet/puppet.conf*
> > > [main]
> > > pluginsync = true
> >
> > > [puppetmasterd]
> > > confdir=/opt/cloudcrv/puppet
> > > vardir=/opt/cloudcrv/varpuppet
> > > ssldir = $vardir/ssl
> > > user = cloudcrv
> >
> > > # The Puppet log directory.
> > > # The default value is '$vardir/log'.
> > > logdir = $vardir/log
> >
> > > # Where Puppet PID files are kept.
> > > # The default value is '$vardir/run'.
> > > rundir = $vardir/run
> >
> > > # Where SSL certificates are kept.
> > > # The default value is '$confdir/ssl'.
> > > ssldir = $vardir/ssl
> >
> > > rails_loglevel = debug
> >
> > > *cat /etc/apache2/sites-available/puppetmaster *
> >
> > > # you probably want to tune these settings
> > > PassengerHighPerformance on
> > > PassengerMaxPoolSize 12
> > > PassengerPoolIdleTime 1500
> > > # PassengerMaxRequests 1000
> > > PassengerStatThrottleRate 120
> > > RackAutoDetect Off
> > > RailsAutoDetect Off
> >
> > > Listen 8140
> >
> > > <VirtualHost *:8140>
> > > ServerName 192.168.2.4
> > > SSLEngine on
> > > SSLProtocol -ALL +SSLv3 +TLSv1
> > > SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
> >
> > > SSLCertificateFile
> > > /opt/cloudcrv/varpuppet/ssl/certs/192.168.2.4.pem
> > > SSLCertificateKeyFile
> > > /opt/cloudcrv/varpuppet/ssl/private_keys/192.168.2.4.pem
> > > SSLCertificateChainFile
> /opt/cloudcrv/varpuppet/ssl/ca/ca_crt.pem
> > > SSLCACertificateFile
> /opt/cloudcrv/varpuppet/ssl/ca/ca_crt.pem
> > > # If Apache complains about invalid signatures on the CRL, you
> can
> > > try disabling
> > > # CRL checking by commenting the next line, but this is not
> > > recommended.
> > > #SSLCARevocationFile
> /opt/cloudcrv/varpuppet/ssl/ca/ca_crl.pem
> > > SSLVerifyClient optional
> > > SSLVerifyDepth 1
> > > SSLOptions +StdEnvVars
> >
> > > DocumentRoot /opt/cloudcrv/puppetrack/puppetmasterd/public
> > > RackBaseURI /
> > > <Directory /opt/cloudcrv/puppetrack/puppetmasterd/public >
> > > Options None
> > > AllowOverride None
> > > Order allow,deny
> > > allow from all
> > > </Directory>
> > > </VirtualHost>
> >
> > > *Client Error Message:*
> > > -bash-3.2# puppetd --test --debug --server=192.168.2.4 --trace
> > > debug: Puppet::Type::User::ProviderLdap: true value when expecting
> false
> > > debug: Puppet::Type::User::ProviderUser_role_add: file rolemod does not
> > > exist
> > > debug: Puppet::Type::User::ProviderPw: file pw does not exist
> > > debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl
> does
> > > not exist
> > > debug: Failed to load library 'ldap' for feature 'ldap'
> > > debug: /File[/etc/puppet/ssl/private_keys/192.168.2.3.pem]:
> Autorequiring
> > > File[/etc/puppet/ssl/private_keys]
> > > debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl/private]: Autorequiring
> File[/etc/puppet/ssl]
> > > debug: /File[/var/lib/puppet/facts]: Autorequiring
> File[/var/lib/puppet]
> > > debug: /File[/var/lib/puppet/clientbucket]: Autorequiring
> > > File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
> > > File[/etc/puppet/ssl]
> > > debug: /File[/var/lib/puppet/state/graphs]: Autorequiring
> > > File[/var/lib/puppet/state]
> > > debug: /File[/etc/puppet/ssl/certs/192.168.2.3.pem]: Autorequiring
> > > File[/etc/puppet/ssl/certs]
> > > debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
> > > File[/etc/puppet/ssl/certs]
> > > debug: /File[/var/lib/puppet/state]: Autorequiring
> File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring
> > > File[/etc/puppet/ssl]
> > > debug: /File[/var/lib/puppet/run]: Autorequiring File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
> > > debug: /File[/etc/puppet/ssl/certs]: Autorequiring
> File[/etc/puppet/ssl]
> > > debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
> > > File[/etc/puppet/ssl]
> > > debug: /File[/var/lib/puppet/client_yaml]: Autorequiring
> > > File[/var/lib/puppet]
> > > debug: Finishing transaction 70037710483600 with 0 changes
> > > debug: /File[/var/lib/puppet/log]: Autorequiring File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring
> > > File[/etc/puppet/ssl]
> > > debug: /File[/var/lib/puppet/state]: Autorequiring
> File[/var/lib/puppet]
> > > debug: /File[/var/lib/puppet/facts]: Autorequiring
> File[/var/lib/puppet]
> > > debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring
> > > File[/etc/puppet/ssl]
> > > debug: /File[/etc/puppet/ssl/certs/192.168.2.3.pem]: Autorequiring
> > > File[/etc/puppet/ssl/certs]
> > > debug: /File[/etc/puppet/ssl/private]: Autorequiring
> File[/etc/puppet/ssl]
> > > debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
> > > debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring
> >
> > ...
> >
> > Erfahren Sie mehr ยป
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com>
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
