so even more wierdness.... I moved the auth.conf and the namespaceauth.conf files on the puppetmaster, restarted the puppetmaster daemon in debug mode.....and...
no error...not a single one -- puppetclients connect just fine, and puppetrun works correctly... I must be missing something here ....since the docs are saying at least one of these files are needed on the puppetmaster. On Feb 22, 7:20 pm, tu2bg...@gmail.com wrote: > From the docs: > ---------------------------- > auth.conf > > rest_authconfig = $confdir/auth.conf > > The auth.conf doesn't exist by default, but Puppet has some default > settings that will be put in place if you don't create an auth.conf. You'll > see these settings if you run your puppetmaster in debug mode and then > connect with a client. > --------------------------- > namespaceauth.conf > > authconfig = $confdir/namespaceauth.conf > > This file controls the http connections to the puppet agent. It is > necessary to start the puppet agent with the listen true option. > > There's an example namespaceauth.conf file in the puppet source in > conf/namespaceauth.conf. > ---------------------------- > > auth.conf: controls access to puppetmaster - lives on puppetmaster > > namespaceauth.conf: bit harder to discern from doco and the link to the > example returns 404. (points to old reductivelabs > github)https://github.com/puppetlabs/puppet/blob/master/conf/namespaceauth.conf > > # This is an example namespaceauth.conf file, > # which you'll need if you want to start a client > # in --listen mode. > [fileserver] > allow *.domain.com > > [puppetmaster] > allow *.domain.com > > [puppetrunner] > allow culain.domain.com > > [puppetbucket] > allow *.domain.com > > [puppetreports] > allow *.domain.com > > [resource] > allow server.domain.com > > That would be on the client from my reading but I haven't implemented this > at all. > > On , Douglas Garstang <doug.garst...@gmail.com> wrote: > > > On Tue, Feb 22, 2011 at 2:58 PM, Jed jedbl...@gmail.com> wrote: > > Thanks Denmat... > > I've seen the page already, but its so vague... > > it doesnt mention anywhere what files belong where... > > I gather auth.conf would need to be on the puppetmaster... > > however, from what it says about namespaceauth.conf, it seems that > > needs to live on the puppet client machines.... > > not sure.... > > On Feb 22, 4:58 pm, Denmat tu2bg...@gmail.com> wrote: > > > I think only on master. This might help you > > further.http://docs.puppetlabs.com/guides/security.html > > > > On 23/02/2011, at 8:29, Jed jedbl...@gmail.com> wrote: > > > > > I'm trying to wrap my head around these files... > > > > > do both of them need to reside on the client and master? > > > > > are there any docs that describe these files and what all the option/ > > > > sections are and what they do? > > > > > Thanks all.... > > Yeah, it is horribly confusing isn't it. Glad it's not just me that can't > > quite work it out. > > Doug > > -- > > You received this message because you are subscribed to the Google > > Groups "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com. > > For more options, visit this group at > >http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
