[Bug 950183] Re: puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error

Ubuntu Foundation's Bug Bot 950183 at bugs.launchpad.net
Fri Mar 9 12:14:21 UTC 2012 

The attachment "puppet_2.7.11-1ubuntu2.debdiff" of this bug report has
been identified as being a patch in the form of a debdiff.  The ubuntu-
sponsors team has been subscribed to the bug report so that they can
review and hopefully sponsor the debdiff.  In the event that this is in
fact not a patch you can resolve this situation by removing the tag
'patch' from the bug report and editing the attachment so that it is not
flagged as a patch.  Additionally, if you are member of the ubuntu-
sponsors team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by
Brian Murray.  Please contact him regarding any issues with the action
taken in this bug report.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/950183

Title:
  puppetmaster-passenger postinst creates wrong certificate files and
  puppetmaster vhost if puppet config print has an error

Status in “puppet” package in Ubuntu:
  Fix Committed

Bug description:
  How to reproduce:

  echo abc > /etc/puppet/puppet.conf

  root at host:~# puppet config print
  err: Could not parse /etc/puppet/puppet.conf: Could not match line abc at /etc/puppet/puppet.conf:abc

  root at host:~# aptitude install puppetmaster-passenger
  The following NEW packages will be installed:
    puppetmaster-common{a} puppetmaster-passenger 
  0 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
  Need to get 0 B/27.9 kB of archives. After unpacking 635 kB will be used.
  Do you want to continue? [Y/n/?] y
  Selecting previously unselected package puppetmaster-common.
  (Reading database ... 25302 files and directories currently installed.)
  Unpacking puppetmaster-common (from .../puppetmaster-common_2.7.11-1_all.deb) ...
  Selecting previously unselected package puppetmaster-passenger.
  Unpacking puppetmaster-passenger (from .../puppetmaster-passenger_2.7.11-1_all.deb) ...
  Processing triggers for man-db ...
  Processing triggers for ureadahead ...
  Setting up puppetmaster-common (2.7.11-1) ...
   * Starting puppet queue                                                                                                                                                                                     [ OK ] 
  Setting up puppetmaster-passenger (2.7.11-1) ...
  err: Could not parse /etc/puppet/puppet.conf: Could not match line abc at /etc/puppet/puppet.conf:abc
  notice: err: has a waiting certificate request
  notice: Signed certificate request for err:
  notice: Removing file Puppet::SSL::CertificateRequest err: at '/etc/puppet/ssl/ca/requests/err:.pem'
  notice: Removing file Puppet::SSL::CertificateRequest err: at '/etc/puppet/ssl/certificate_requests/err:.pem'
  notice: could has a waiting certificate request
  notice: Signed certificate request for could
  notice: Removing file Puppet::SSL::CertificateRequest could at '/etc/puppet/ssl/ca/requests/could.pem'
  notice: Removing file Puppet::SSL::CertificateRequest could at '/etc/puppet/ssl/certificate_requests/could.pem'
  notice: not has a waiting certificate request
  notice: Signed certificate request for not
  notice: Removing file Puppet::SSL::CertificateRequest not at '/etc/puppet/ssl/ca/requests/not.pem'
  notice: Removing file Puppet::SSL::CertificateRequest not at '/etc/puppet/ssl/certificate_requests/not.pem'
  notice: parse has a waiting certificate request
  notice: Signed certificate request for parse
  notice: Removing file Puppet::SSL::CertificateRequest parse at '/etc/puppet/ssl/ca/requests/parse.pem'
  notice: Removing file Puppet::SSL::CertificateRequest parse at '/etc/puppet/ssl/certificate_requests/parse.pem'
  crit: directory traversal detected in Puppet::SSL::Certificate::File: "/etc/puppet/puppet.conf:"
  err: Cached certificate for /etc/puppet/puppet.conf: failed: invalid key
  crit: directory traversal detected in Puppet::SSL::Certificate::Ca: "/etc/puppet/puppet.conf:"
  err: Could not call generate: invalid key
  Module ssl already enabled
  Enabling site puppetmaster.
  To activate the new configuration, you need to run:
    service apache2 reload
  Syntax error on line 18 of /etc/apache2/sites-enabled/puppetmaster:
  SSLCertificateFile: file '/etc/puppet/ssl/certs/squigley.namespace.at.pem' does not exist or is empty
  Action 'configtest' failed.
  The Apache error log may have more information.
     ...fail!
  invoke-rc.d: initscript apache2, action "restart" failed.
  dpkg: error processing puppetmaster-passenger (--configure):
   subprocess installed post-installation script returned error exit status 1
  Errors were encountered while processing:
   puppetmaster-passenger
  E: Sub-process /usr/bin/dpkg returned an error code (1)
  A package failed to install.  Trying to recover:
  Setting up puppetmaster-passenger (2.7.11-1) ...
  err: Could not parse /etc/puppet/puppet.conf: Could not match line abc at /etc/puppet/puppet.conf:abc
  err: Could not call generate: A Certificate already exists for err:
  Module ssl already enabled
  Site puppetmaster already enabled
  Syntax error on line 18 of /etc/apache2/sites-enabled/puppetmaster:
  SSLCertificateFile: file '/etc/puppet/ssl/certs/squigley.namespace.at.pem' does not exist or is empty
  Action 'configtest' failed.
  The Apache error log may have more information.
     ...fail!
  invoke-rc.d: initscript apache2, action "restart" failed.
  dpkg: error processing puppetmaster-passenger (--configure):
   subprocess installed post-installation script returned error exit status 1
  Errors were encountered while processing:
   puppetmaster-passenger

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/950183/+subscriptions

More information about the Ubuntu-sponsors mailing list