Server fails to serve client: Address family not supported by protocol
martin f krafft
I have a puppetmaster (mongrel behind apache, 0.25.1), which is
serving several dozens clients just fine. Today I tried to add a new
client, and fired up puppetd to set up the SSL certificates, but the
client doesn't seem to be able to get a certificate:
swan:/tmp# puppetd --no-daemonize --debug --onetime --waitforcert 30
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys/swan.madduck.net.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/run/puppet/puppetd.pid]: Autorequiring File[/var/run/puppet]
debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet]
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/csr_swan.madduck.net.pem]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private_keys/swan.madduck.net.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl]
debug: Finishing transaction -614074518 with 0 changes
debug: Using cached certificate for ca
warning: peer certificate won't be verified in this SSL session
debug: Using cached certificate_request for swan.madduck.net
debug: Using cached certificate for ca
warning: peer certificate won't be verified in this SSL session
debug: Using cached certificate for ca
warning: peer certificate won't be verified in this SSL session
The server sees the packets to port 8140 fine, and apache forwards
them on the load balancer. puppetmasterd sees them, but logs
puppetmasterd[7369]: Could not resolve 80.68.90.58: Address family
not supported by protocol - sendto(2)
80.68.90.58 is the client's IP, and it's a normal IPv4 IP, which the
server can ping and all that.
Any idea what's going on?
--
martin | http://madduck.net/ | http://two.sentenc.es/
"it is the customary fate of new truths
to begin as heresies and to end as superstitions.
-- thomas huxley
spamtraps: madduc...@madduck.net
martin f krafft
> I have a puppetmaster (mongrel behind apache, 0.25.1), which is
> serving several dozens clients just fine. Today I tried to add a new
> client, and fired up puppetd to set up the SSL certificates, but the
> client doesn't seem to be able to get a certificate:
> The server sees the packets to port 8140 fine, and apache forwards
> them on the load balancer. puppetmasterd sees them, but logs
>
> puppetmasterd[7369]: Could not resolve 80.68.90.58: Address family
> not supported by protocol - sendto(2)
>
> 80.68.90.58 is the client's IP, and it's a normal IPv4 IP, which the
> server can ping and all that.
--
martin | http://madduck.net/ | http://two.sentenc.es/
"wer in einem gewissen alter nicht merkt, daß er hauptsächlich von
idioten umgeben ist, merkt das aus einem gewissen grund nicht."
-- kurt götz
spamtraps: madduc...@madduck.net
Peter Meier
Hash: SHA1
> http://bugs.debian.org/561650
I think this is rather an upstream problem than a debian package related
problem. can you file this bug on redmine? ->
http://projects.reductivelabs.com/
cheers pete
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkssz4IACgkQbwltcAfKi3++DwCeI06eEEnAjrDUVE/pfVAxRBgY
T5sAoKAAiABws9jP3p95ciSXSqjkeUrr
=X5na
-----END PGP SIGNATURE-----
James Turnbull
Hash: SHA1
On 20/12/09 Peter Meier wrote:
> http://bugs.debian.org/561650
http://projects.reductivelabs.com/issues/2968
Martin - added you as a Watcher on the ticket.
Regards
James Turnbull
- --
Author of:
* Pro Linux System Administration (http://tinyurl.com/linuxadmin)
* Pulling Strings with Puppet (http://tinyurl.com/pupbook)
* Pro Nagios 2.0 (http://tinyurl.com/pronagios)
* Hardening Linux (http://tinyurl.com/hardeninglinux)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEVAwUBSy1PFiFa/lDkFHAyAQIeJwgA6NG6OeInk2YTrdtboRfC+VE4LU8x/X6e
Ke2Ke7m84iTDcANUO4lbKU+dDKItlqc1GrolNWYKtyjJh2bjbxPNYILgEu9MYy7z
LTvyhWpHWN86R+7djdmXVMNvnf45iaUSCdEz3RHJh0mz+DWS9FmzXnJyJFLXEbeX
/LS8MzTs7Q0k4LmwvtyNBHLP8yoemY8wLAKtONas7RTVEjFX8PD7TmDkgESeGCHI
wTlHN8/xvI5udk3eSSiWgg85VdO5HlYrk8Ve10Ompx+dtRiAHYSLSpiax128GLrx
WE59dPCGAXDMt40kpIfgosOx6VCAFyyuOAmp/RF9G6ZdckP4a2jtuA==
=VCrm
-----END PGP SIGNATURE-----