Home / server / Questions / 496387
In Process
Tombart
Asked: 2013-04-06 00:53:38 +0800 CST

puppet fileserver serve non-module file

  • 772

I'd like to server file which is located in /etc/puppet/files/key.pgp

  file { "/var/www/key.gpg":
    ensure  => present,
    source  => 'puppet:///files/key.gpg',
  }

I'm getting this error:

Not authorized to call find on /file_metadata/files/key.gpg

auth.conf: (I understood that this should match file*)

path /file
allow *

fileserver.conf:

[files]
  path /etc/puppet/files
  allow *

Am I doing something wrong? I'm using librarian for managing my modules, so I don't wanna put anything configuration specific to modules dir.

puppet

2 Answers

  1. The file description should have the full path contained:

    file { '/etc/puppet/files/gpg.key'
...

    Check if files on server are accessible by the user that runs the puppet master. Also check if puppet is allowed to descend into the specified directory. If it is a gpg.key file, there is a very high chance that access mode is 0600 and puppet is not allowed to access it (maybe owned by root or somebody else).

    • 1

  2. This configuration looks correct, provided your Puppet agent is running on a host in the 192.168.1.x subnet.

    The deny is coming from fileserver.conf, since your auth.conf is allowing all the /file* resources. It would seem that your puppet agent is not connecting form an IP in this range -- try adding allow * to the fileserver.conf [files] section temporarily to confirm this.

    If your puppet agent host is multihomed, check which interface it is sending from.

    Also check the permissions and ownership on the fileserver.conf is correct.

    • 0