Project

General

Profile

Actions
Copy link

Bug #1885

closed

user: "foreman-proxy" is unable to read inventory.txt

Added by Rüdiger Block over 11 years ago. Updated over 11 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Puppet
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

I have installed a smart-proxy to manage PuppetCa.
The foreman-user is able to do sudo puppetca and list certificates.
But it can't read /var/lib/puppet/ssl/ca/inventory.txt since the folder ca is owned by puppet:root and it`s access-policy is set to 770.
Whenever I change permissions to file and folder it is going to be reset by puppet the next time I click on certificates from the foreman
Web-Ui.
Output from the foreman-proxy log:
E, [2012-10-04T11:32:20.947150 #27798] ERROR -- : Failed to list certificates: Unable to find CA inventory file at /var/lib/puppet/ssl/ca/inventory.txt

The inventory.txt is present. But the foreman-proxy user can't pass /var/lib/puppet/ssl/ca/ even for reading.

puppetd version = 2.6.17
foreman-proxy = 1.0.0-2

Actions
Copy link
 #1

Updated by Greg Sutcliffe over 11 years ago

Can you try making it owned by puppet:puppet? The foreman-proxy should be a member of the puppet group, will then be able to read the file.

Actions
Copy link
 #2

Updated by Rüdiger Block over 11 years ago

That worked!
Thank you!

Actions
Copy link
 #3

Updated by Greg Sutcliffe over 11 years ago

  • Status changed from New to Resolved
Actions
Copy link

Also available in: Atom PDF