This is an OS privilege issue. So puppet has to working within what can be done
on the OS.
By default mount requires root privileges to make changes. This is why it will
work as root but not as puppet.
So you either run as root or set it up so a non-root user can mount
Some OS's have options to allow mount to work for non-root users. Check your
mount man page and test.
Load a different app to handle user mounts. There are other apps available for
this type of thing. Fuse and apps based on fuse are the most common, but not
the only ones available.
Hope that helps a little,
Steven
Date: Mon, 8 Apr 2013 21:02:26 -0700
From: i.am.st...@gmail.com
To: puppet-users@googlegroups.com
Subject: [Puppet Users] Puppet mount fails due to kernel module
Greetings!
I am having a problem with puppet mounting a device and am hoping someone can
help. Here is the short version, if you have questions or need more detail,
please feel free to ask.
I have a Panasas storage device on my network on which my home directory
resides. The Panasas device mounts the filesystem via a kernel module (which
they call DirectFlow). Thus, when I run as root ` mount /home` a kernel module
is loaded and then the filesystem is loaded. I have certain restrictions in
place on my servers which I have to keep in line (Puppet is AMAZING for this!)
and the mounting of /home is one of those restrictions.
I have in my puppet manifest this:mount { "/home" :
ensure => mounted,
atboot => true,
device => "panfs://192.168.1.20/home",
fstype => "panfs",
options => "defaults,nodev",
remounts => true,
pass => 2,
dump => 1,
}
If I run, as root, `puppet agent --test` then the /home filesystem is mounted
and everything is wonderful. However, if I let the puppet agent daemon try to
mount /home I get errors in the log files without the mount ever happening.
Apr 2 13:01:08 testnode puppet-agent[29955]:
(/Stage[main]/mount::Homefilesystem/Mount[/home]/ensure) ensure changed
'unmounted' to 'mounted'Apr 2 13:01:08 testnode puppet-agent[29955]:
(/Stage[main]/mount::Homefilesystem/Mount[/home]) Could not evaluate: Execution
of '/bin/mount -o defaults,nodev /home' returned 1: mount.panfs error: cannot
init pan_sock_ping 0x239d (pan_sock: protected socket, permission denied)
Neither Panasas representatives I talked to seemed to have any idea what Puppet
was before I spoke to them. My coworkers, the Panasas reps, and I brainstormed
a few ideas but only three seemed to "work":
* Have the puppet daemon run as root instead of the puppet user (which is an
obvious issue)* Use auto-mount (which "works" but is causing some oddities in a
few of my jobs which I am fairly sure is due to the latency of the mount)* Have
Puppet call a script with the setuid bit configured which can mount /home
(which doesn't 100% address my needs of puppet being able to remount if one of
those parameters is wrong/missing/changed/whatever without that script getting
complicated).
Before I commit towards one option, I thought I would ask the other Puppet
masters out there for ideas. Given the popularity of Puppet in datacenters as
well as the popularity of SAN devices in datacenters I figure someone out there
has probably solved this problem. I am hoping that their solution is better
then the ones we have come up with. :-D
Can anyone help me out with this?
Thank you in advance!!
Stack
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
