[Bug 950183] [NEW] puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error
Launchpad Bug Tracker
950183 at bugs.launchpad.net
Fri Mar 9 12:14:19 UTC 2012
You have been subscribed to a public bug by Ubuntu Foundation's Bug Bot (crichton):
How to reproduce:
echo abc > /etc/puppet/puppet.conf
root at host:~# puppet config print
err: Could not parse /etc/puppet/puppet.conf: Could not match line abc at /etc/puppet/puppet.conf:abc
root at host:~# aptitude install puppetmaster-passenger
The following NEW packages will be installed:
puppetmaster-common{a} puppetmaster-passenger
0 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/27.9 kB of archives. After unpacking 635 kB will be used.
Do you want to continue? [Y/n/?] y
Selecting previously unselected package puppetmaster-common.
(Reading database ... 25302 files and directories currently installed.)
Unpacking puppetmaster-common (from .../puppetmaster-common_2.7.11-1_all.deb) ...
Selecting previously unselected package puppetmaster-passenger.
Unpacking puppetmaster-passenger (from .../puppetmaster-passenger_2.7.11-1_all.deb) ...
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Setting up puppetmaster-common (2.7.11-1) ...
* Starting puppet queue [ OK ]
Setting up puppetmaster-passenger (2.7.11-1) ...
err: Could not parse /etc/puppet/puppet.conf: Could not match line abc at /etc/puppet/puppet.conf:abc
notice: err: has a waiting certificate request
notice: Signed certificate request for err:
notice: Removing file Puppet::SSL::CertificateRequest err: at '/etc/puppet/ssl/ca/requests/err:.pem'
notice: Removing file Puppet::SSL::CertificateRequest err: at '/etc/puppet/ssl/certificate_requests/err:.pem'
notice: could has a waiting certificate request
notice: Signed certificate request for could
notice: Removing file Puppet::SSL::CertificateRequest could at '/etc/puppet/ssl/ca/requests/could.pem'
notice: Removing file Puppet::SSL::CertificateRequest could at '/etc/puppet/ssl/certificate_requests/could.pem'
notice: not has a waiting certificate request
notice: Signed certificate request for not
notice: Removing file Puppet::SSL::CertificateRequest not at '/etc/puppet/ssl/ca/requests/not.pem'
notice: Removing file Puppet::SSL::CertificateRequest not at '/etc/puppet/ssl/certificate_requests/not.pem'
notice: parse has a waiting certificate request
notice: Signed certificate request for parse
notice: Removing file Puppet::SSL::CertificateRequest parse at '/etc/puppet/ssl/ca/requests/parse.pem'
notice: Removing file Puppet::SSL::CertificateRequest parse at '/etc/puppet/ssl/certificate_requests/parse.pem'
crit: directory traversal detected in Puppet::SSL::Certificate::File: "/etc/puppet/puppet.conf:"
err: Cached certificate for /etc/puppet/puppet.conf: failed: invalid key
crit: directory traversal detected in Puppet::SSL::Certificate::Ca: "/etc/puppet/puppet.conf:"
err: Could not call generate: invalid key
Module ssl already enabled
Enabling site puppetmaster.
To activate the new configuration, you need to run:
service apache2 reload
Syntax error on line 18 of /etc/apache2/sites-enabled/puppetmaster:
SSLCertificateFile: file '/etc/puppet/ssl/certs/squigley.namespace.at.pem' does not exist or is empty
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
invoke-rc.d: initscript apache2, action "restart" failed.
dpkg: error processing puppetmaster-passenger (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
puppetmaster-passenger
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install. Trying to recover:
Setting up puppetmaster-passenger (2.7.11-1) ...
err: Could not parse /etc/puppet/puppet.conf: Could not match line abc at /etc/puppet/puppet.conf:abc
err: Could not call generate: A Certificate already exists for err:
Module ssl already enabled
Site puppetmaster already enabled
Syntax error on line 18 of /etc/apache2/sites-enabled/puppetmaster:
SSLCertificateFile: file '/etc/puppet/ssl/certs/squigley.namespace.at.pem' does not exist or is empty
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
invoke-rc.d: initscript apache2, action "restart" failed.
dpkg: error processing puppetmaster-passenger (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
puppetmaster-passenger
** Affects: puppet (Ubuntu)
Importance: Undecided
Assignee: Marc Cluet (lynxman)
Status: Fix Committed
** Tags: patch
--
puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error
https://bugs.launchpad.net/bugs/950183
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list