Hi, You only need to set the location of the ssl directory in the [main] section of the puppet..
If you are using puppet with apache/passenger you need to put apache in the puppet group. Create the ssl directory first by running puppetmasterd once. The other thing to watch is the versions of rack and passenger(don't have my version numbers with me). Cheers, Den On 02/02/2011, at 4:18, Dave Augustus <da...@ingraftedsoftware.com> wrote: > Hello Mark, > > I ran into trouble using symlinks with puppet/puppetmaster as puppet would > manage them directly and actually remove them. I know there is the > ability to tell puppet NOT to do this but I didn't explore that option. > > At this point, I have puppetmaster/passenger now running on /etc/puppet/ssl > which is not what I wanted but the only way I could get it to run. > > Thanks, > Dave > > > On 02/01/2011 10:56 AM, Mark Stanislav wrote: >> >> Dave, >> >> Just wondering if you tried to make a temporary symlink from >> /var/lib/puppet/ssl to /etc/puppet/ssl to see if the error changes or goes >> away (just to narrow the scope)? >> >> Also, take a look at http://blog.kumina.nl/2011/01/puppet-on-puppetmaster/ >> -- perhaps you're missing an ssldir declaration in the proper section(s). >> >> -Mark >> >> On Feb 1, 2011, at 11:51 AM, Dave Augustus wrote: >> >>> I have been working on converting puppetmaster to use passenger and I can't >>> seem to get past this error message: >>> >>> Could not prepare for execution: Got 1 failure(s) while initializing: >>> change from absent to directory failed: Could not set 'directory on ensure: >>> Permission denied - /etc/puppet/ssl >>> >>> First off, the directory it wants doesn't exist(by design, I have it in >>> /var/lib/puppet/ssl). >>> Now in /etc/puppet/puppet.conf I have: >>> >>> confdir=/etc/puppet >>> vardir = /var/lib/puppet >>> ssldir = $vardir/ssl >>> >>> in all of the sections: [main], [agent],and [master]. >>> >>> But for some reason, passenger "really wants" /etc/puppet/ssl to exist. >>> >>> So just for grins, I created it, and voila! I now have a whole newly >>> populated ssl directory complete with a new CA, ignoring my existing CA in >>> /var/lib/puppet/ssl. >>> >>> What am I doing wrong? Is puppetmaster with passenger hard-wired to >>> /etc/puppet/ssl ? >>> >>> rpm -qa|grep ruby shows: >>> >>> libselinux-ruby-1.33.4-5.5.el5 >>> rrdtool-ruby-1.2.27-3.el5 >>> ruby-1.8.6.287-2 >>> ruby-augeas-0.3.0-1.el5 >>> ruby-devel-1.8.6.287-2 >>> rubygem-fastthread-1.0.7-1.el5 >>> rubygem-rake-0.8.7-2.el5 >>> rubygems-1.3.1-1.el5 >>> ruby-irb-1.8.6.287-2 >>> ruby-ldap-0.9.7-3.el5 >>> ruby-libs-1.8.6.287-2 >>> ruby-mysql-2.7.3-1.el5 >>> ruby-rdoc-1.8.6.287-2 >>> ruby-RRDtool-0.6.0-6.el5 >>> ruby-shadow-1.4.1-7.el5 >>> >>> rpm -qa|grep puppet shows: >>> puppet-dashboard-1.0.4-1 >>> puppet-2.6.4-0.5.el5 >>> puppet-server-2.6.4-0.5.el5 >>> >>> >>> gem list --local shows: >>> >>> *** LOCAL GEMS *** >>> >>> actionmailer (2.2.2) >>> actionpack (2.2.2) >>> activerecord (2.2.2) >>> activeresource (2.2.2) >>> activesupport (2.2.2) >>> daemon_controller (0.2.5) >>> fastthread (1.0.7) >>> file-tail (1.0.5) >>> mysql (2.8.1) >>> passenger (2.2.5) >>> rack (1.1.0) >>> rails (2.2.2) >>> rake (0.8.7) >>> rubygems-update (1.3.6) >>> spruz (0.2.2) >>> >>> >>> >>> Thanks for your help, >>> Dave >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Users" group. >>> To post to this group, send email to puppet-users@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-users+unsubscr...@googlegroups.com. >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-users?hl=en. >>> >>> <davea.vcf> >> > > > -- > Dave Augustus > President and Lead Developer > Web: Ingrafted Software > Email: da...@ingraftedsoftware.com > Office: (817) 741-1288 > Cell: (817) 371-0585 > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > <davea.vcf> -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
