thanks, found the issue... had to use auto.conf , all working now -- Ls
- " Remember.... No one travels faster than the speed of live " On Oct 23, 2010, at 5:05, Ohad Levy <ohadl...@gmail.com> wrote: > maybe http://theforeman.org/projects/foreman/wiki/Puppetrun will help. > > Ohad > > On Sat, Oct 23, 2010 at 3:45 AM, Luc Suryo <lsu...@gmail.com> wrote: > Can you please show the namespaceouth,conf file? I having the same > problem :( > > mine looks like this > > [puppetrunner] > path /run > auth any > allow noc01.cloud.aws > > > thanks > > -ls > > On Sep 10, 3:13 am, matonb <brett.ma...@googlemail.com> wrote: > > Hi Dou ZQ, > > > > I added the puppetmaster hostname to the path / section: > > > > path / > > allow <puppetmaster> > > auth any > > > > Probably not the most secure option, but solved my problems. > > > > Brett > > > > On Sep 10, 3:25 am, Dou ZQ <douzl0...@gmail.com> wrote: > > > > > Hi, > > > What you add in the auth.conf? The hostname of puppetmaster or others? > > > I got the sameerrorand didn't know how to resolve yet. > > > > > Thanks and expect your reply! > > > > > On Aug 24, 6:10 pm, matonb <brett.ma...@googlemail.com> wrote: > > > > > > Hi Patrick, > > > > > > I figured it out by adding --verbose when starting the client > > > > listener. Turns out I had to add the puppetmaster to auth.conf. > > > > I'm sure that it's probably documented somewhere. Be damned if I > > > > could find anything useful on "kick" though. > > > > > > Thanks, for your help all the same. > > > > > > On Aug 24, 9:37 am, matonb <brett.ma...@googlemail.com> wrote: > > > > > > >Errormessages have changed slightly (not sure when though) I didn't > > > > > notice the Denying access before: > > > > > > > Aug 24 09:31:26 puppet-agent[6724]: Denying access: Forbidden request: > > > > > my_fqdn_puppetmaster(192.168.x.x) access to /run/my_fqdn_host [save] > > > > >authenticated atline93 > > > > > Aug 24 09:31:26 puppet-agent[6724]: Forbidden request: > > > > > my_fqdn_puppetmaster(192.168.x.x) access to /run/my_fqdn_host [save] > > > > >authenticated atline93 > > > > > > > just checked /etc/puppet/namespaceauth.conf on the client node which > > > > > now only contains: > > > > > > > [puppetrunner] > > > > > allow * > > > > > [kick] > > > > > allow * > > > > > > > On Aug 24, 9:28 am, matonb <brett.ma...@googlemail.com> wrote: > > > > > > > > Sigh, > > > > > > > > Still a no-go. I tried adding a [kick] section to > > > > > > namespaceauth.conf and then with one in puppet.conf. > > > > > > Niether worked, still getting the403forbidden message.... > > > > > > > > On Aug 23, 8:05 pm, matonb <brett.ma...@googlemail.com> wrote: > > > > > > > > > I'll give it ago in the morning, fingers crossed :-) > > > > > > > > > On Aug 23, 5:26 pm, Patrick <kc7...@gmail.com> wrote: > > > > > > > > > > On Aug 23, 2010, at 2:10 AM, matonb wrote: > > > > > > > > > > > Hi Patrick, > > > > > > > > > > > The client and server are both version 2.6.0 > > > > > > > > > I am runningpuppetrunas root on the puppet master server. > > > > > > > > > And yes, a test run completes successfully.... > > > > > > > > > > > Thanks for your help, > > > > > > > > > Brett > > > > > > > > > > Puppet.conf had it's section names changed in 2.6.0 (see > > > > > > > > below). I'm wondering if the namespaceauth.conf could have had > > > > > > > > it's section names changed in 2.6.0. You might want to add a > > > > > > > > section for "kick" and test it. This is just a shot in the > > > > > > > > dark though because I'm running out of ideas. > > > > > > > > > > On Jul 18, 2010, at 8:31 PM, James Turnbull wrote: > > > > > > > > > > > Single Binary > > > > > > > > > > > Puppet is now available as a single binary with sub-arguments > > > > > > > > > for the > > > > > > > > > functions previously provided by the seperate binaries (the > > > > > > > > > existing > > > > > > > > > binaries remain for backwards compatibility). This includes > > > > > > > > > renaming > > > > > > > > > several Puppet functions to better fit an overall model. > > > > > > > > > > > List of binary changes > > > > > > > > > > > puppetmasterd –> puppet master > > > > > > > > > puppetd –> puppet agent > > > > > > > > > puppet –> puppet apply > > > > > > > > > puppetca –> puppet cert > > > > > > > > > ralsh –> puppet resource > > > > > > > > >puppetrun–> puppet kick > > > > > > > > > puppetqd –> puppet queue > > > > > > > > > filebucket –> puppet filebucket > > > > > > > > > puppetdoc –> puppet doc > > > > > > > > > pi –> puppet describe > > > > > > > > > > > This also results in a change in the puppet.conf > > > > > > > > > configuration file. > > > > > > > > > The sections, previously things like [puppetd], now should be > > > > > > > > > renamed to > > > > > > > > > match the new binary names. So [puppetd] becomes [agent]. > > > > > > > > > You will be > > > > > > > > > prompted to do this when you start Puppet with a log message > > > > > > > > > for each > > > > > > > > > section that needs to be renamed. This is merely a warning - > > > > > > > > > existing > > > > > > > > > configuration file will work unchanged. > > > > > > > > > > > On Aug 23, 9:31 am, Patrick <kc7...@gmail.com> wrote: > > > > > > > > >> Here are a couple more things: > > > > > > > > >> What version is your client? > > > > > > > > >> What version is your server? > > > > > > > > >> Make sure you'rerunningpuppetrunas root. > > > > > > > > >> Make sure that running "puppetd --test --verbose" as root on > > > > > > > > >> the client actually works. > > > > > > > > > > >> On Aug 23, 2010, at 12:53 AM, matonb wrote: > > > > > > > > > > >>> Didn't help unfortunaltely. Still getting the sameerror(s)! > > > > > > > > > > >>> On Aug 20, 4:07 pm, Patrick <kc7...@gmail.com> wrote: > > > > > > > > >>>> On Aug 20, 2010, at 6:05 AM, matonb wrote: > > > > > > > > > > >>>>> I'm trying to push client configurations from the > > > > > > > > >>>>> puppetmaster instead > > > > > > > > >>>>> of having scheduled runs on each client. > > > > > > > > >>>>> I thinkpuppetrunis what I'm after but I can't get it to > > > > > > > > >>>>> work! > > > > > > > > > > >>>> Try replacing thelinein puppetrunner with "allow *" and > > > > > > > > >>>> work back from there. If that doesn't work, try replacing > > > > > > > > >>>> everylinewith "allow *". > > > > > > > > > > > -- > > > > > > > > > You received this message because you are subscribed to the > > > > > > > > > Google Groups "Puppet Users" group. > > > > > > > > > To post to this group, send email to > > > > > > > > > puppet-us...@googlegroups.com. > > > > > > > > > To unsubscribe from this group, send email to > > > > > > > > > puppet-users+unsubscr...@googlegroups.com. > > > > > > > > > For more options, visit this group > > > > > > > > > athttp://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
