did you tried sudo pupetd --server=<myserver> --test
it will run puppet onetime as root and verbosely...
2011/6/21 John Nicholson <vilvic.j...@gmail.com>
> I'm in the process of setting up puppet and experiencing some issues.
> I'm running Ubuntu 11.04 desktop and server in two seperate VM's. I've
> installed puppet master (2.6.4) and puppet (2.6.4). The puppet master
> and agent are happily working together.
>
> I'm running the example in the book Pro Puppet. This is the first
> example;
>
> Code:
>
> class sudo {
> package { sudo:
> ensure => present,
> }
> if $operatingsystem == "Ubuntu" {
> package { "sudo-ldap":
> ensure => present,
> require => Package["sudo"],
> }
> }
> file { "/etc/sudoers":
> owner => "root",
> group => "root",
> mode => 0440,
> source => "puppet://$puppetserver/modules/sudo/etc/sudoers",
> require => Package["sudo"],
> }
> }
>
> On the agent I run the following command;
>
> puppet agent --server=<myserver> --no-daemonize --verbose --onetime
>
> The agent see's the change but I get an error;
>
> info: Caching catalog for <agentServer>
> info: Applying configuration version '123456789'
> err: /Stage[main]/Sudo/Package[sudo-ldap]/ensure: change from purged
> to present
> failed: Execution of '/usr/bin/apt-get -q -y -o DPkg::Options::=--
> force-confold
> install sudo-ldap' returned 100: E: Could not open lock file /var/lib/
> dpkg/lock
> - open (13: Permission denied)
> E: Unable to lick the administration directory (/var/lib/dpkg/), are
> you root?
>
> I don't have another package manager open.
>
> I understand what the problem is. The agent is being run as the
> current logged in user and that user doesn't have permission to run
> apt-get. Generally to run apt-get i have to do sudo apt-get.
>
> I've thought about modifying the sudoers file and adding nopasswd for
> my user (as suggested in other posts) for apt-get but that doesn't
> solve the problem since the command in the puppet agent is not run
> with sudo.
>
> I understand if I run the puppet agent as a daemon then it runs as
> user root which I guess would solve the problem. I'm not sure it's
> best to run the agent as a daemon. I might want to control when the
> agent pulls the updates from the puppet master (or through cron).
>
> If I run;
>
> sudo puppet agent --server=<myserver> --no-daemonize --verbose --
> onetime
>
> I get a different error;
>
> err: Could not request certificate: Retrieved certificate does not
> match private
> key; please remove certificate from server and regenerate it with the
> current key
>
> I've tried removing the ssl certs from both the puppet master and
> agent and run the command again. I get the same problem. When I remove
> the sudo from the start of the command the puppet agent is happy with
> the cert.
>
> I though about adding my user to the root group as a test. Even when I
> do that if I run apt-get update manually a permission denied. I
> wondered if this has something to do with the root user being disabled
> by default on Ubuntu.
>
> I'm a novice when it comes to these sorts of things. Has anyone got
> this working or have any suggestions of how I might solve this issue?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
