Hi there,

I am trying to keep Puppet modules in sync between Puppet masters in an
environment where SSH is being blocked between the masters (long story
there, corporate security rules), Git and other such are not an option but
I can use port 8140 between them.

So I set up a fileserver.conf like thus:

[data]
  path=/data
  allow *

and added this to the auth.conf file:

path ~ ^/file_(metadata|content)s?/data/
auth yes
allow *

and one of the classes managing this looks like:
class puppet::master::classdir {
  include puppet::params
  $src_uri = 'puppet:///data/puppet-modules'

  file { '/data/puppet-modules':
    source  => $src_uri,
    owner   => root,
    group   => root,
    mode    => '0755',
    recurse => true
  }
}

and when the Puppet agent runs I see this:

Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Failed to generate additional resources using 'eval_generate': Error 400 on
SERVER: Not authorized to call search on /file_metadata/data/puppet-modules
with {:recurse=>true, :checksum_type=>"md5", :links=>"manage"}
Error: /Stage[main]/Puppet::Master::Classdir/File[/data/puppet-modules]:
Could not evaluate: Could not retrieve file metadata for
puppet:///data/puppet-modules: Error 400 on SERVER: Not authorized to call
find on /file_metadata/data/puppet-modules with
{:source_permissions=>"use", :links=>"manage"}
Wrapped exception:
Error 400 on SERVER: Not authorized to call find on
/file_metadata/data/puppet-modules with {:source_permissions=>"use",
:links=>"manage"}


OK.. so what am I missing here?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAArvnv0V2GxEh_6kVB54VWf11MrX7LN5javu9ipL5T6r40kVaw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to