amazon-ebs/puppet-masterless scp permission denied uploading modules
169 views
Skip to first unread message
Chris Nappin
Sep 19, 2017, 4:52:53 AM9/19/17
to Packer
Hi,
The source AMI is the latest AWS Linux AMI for my region. The puppet module simply installs NGINX with some basic config and a simple webpage.
I've tried setting module_paths to various combinations but it seems to make no difference:
I've also tried setting manually creating the /tmp/packer-puppet-masterless directory in my shell provisioner, and setting explicit directory permissions, but again this makes no difference. Of course Packer is creating the module-0 subdirectory.
I have a packer template written about 9 months ago on a previous Packer version (v0.7, that worked fine) that isn't working with Packer 1.1.0 - it is erroring on the scp upload of the puppet modules files.
It's a really basic template to build a custom AWS AMI using the puppet-masterless provisioner. Here is the template:
{
"variables": {
"aws_access_key": "",
"aws_secret_key": ""
},
"provisioners": [
{
"type": "shell",
"script": "install_puppet.sh"
},
{
"type": "puppet-masterless",
"manifest_file": "puppet/manifests/site.pp",
"module_paths": [ "puppet/modules" ]
}
],
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "eu-west-1",
"source_ami": "ami-ebd02392",
"instance_type": "t2.micro",
"ssh_username": "ec2-user",
"ami_name": "basic-webserver-{{timestamp}}"
}
]
}
The source AMI is the latest AWS Linux AMI for my region. The puppet module simply installs NGINX with some basic config and a simple webpage.
The relevant section of the error log is as follows:
2017/09/19 09:40:31 ui: amazon-ebs: Uploading local modules from: ./puppet/modules/
amazon-ebs: Uploading local modules from: ./puppet/modules/
2017/09/19 09:40:31 ui: amazon-ebs: Creating directory: /tmp/packer-puppet-masterless/module-0
amazon-ebs: Creating directory: /tmp/packer-puppet-masterless/module-0
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 opening new ssh session
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 starting remote command: sudo mkdir -p '/tmp/packer-puppet-masterless/module-0'
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 [INFO] RPC endpoint: Communicator ended with: 0
2017/09/19 09:40:31 [INFO] 0 bytes written for 'stdout'
2017/09/19 09:40:31 [INFO] 0 bytes written for 'stderr'
2017/09/19 09:40:31 [INFO] RPC client: Communicator ended with: 0
2017/09/19 09:40:31 [INFO] RPC endpoint: Communicator ended with: 0
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 [INFO] 0 bytes written for 'stdout'
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 [INFO] 0 bytes written for 'stderr'
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 [INFO] RPC client: Communicator ended with: 0
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 Upload dir 'puppet/modules/' to '/tmp/packer-puppet-masterless/module-0'
2017/09/19 09:40:31 packer: 2017/09/19 09:40:31 opening new ssh session
2017/09/19 09:40:32 packer: 2017/09/19 09:40:32 Starting remote scp process: scp -rvt /tmp/packer-puppet-masterless/module-0
2017/09/19 09:40:32 packer: 2017/09/19 09:40:32 Started SCP session, beginning transfers...
2017/09/19 09:40:32 packer: 2017/09/19 09:40:32 SCP: starting directory upload: nginx
2017/09/19 09:40:32 packer: 2017/09/19 09:40:32 SCP: starting directory upload: files
2017/09/19 09:40:32 [INFO] (telemetry) ending puppet-masterless
2017/09/19 09:40:32 [INFO] (telemetry) found error: Error uploading modules: scp: /tmp/packer-puppet-masterless/module-0/nginx: Permission denied
I've tried setting module_paths to various combinations but it seems to make no difference:
- [ "puppet/modules" ]
- [ "./puppet/modules" ]
- [ "puppet/modules/" ]
I've also tried setting manually creating the /tmp/packer-puppet-masterless directory in my shell provisioner, and setting explicit directory permissions, but again this makes no difference. Of course Packer is creating the module-0 subdirectory.
Any ideas please, or is this a known defect?
Many thanks,
Chris
Rickard von Essen
Sep 19, 2017, 5:54:27 AM9/19/17
to packe...@googlegroups.com
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/12dd1681-ecde-4c4d-bdb1-e8b9396facd0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Chris Nappin
Sep 19, 2017, 8:06:09 AM9/19/17
to Packer
Yes, that looks like the issue.
The suggested work around (setting prevent_sudo) doesn't work (gives a permission denied creating the staging dir under /tmp) but adding creation of the directories and setting ownership and permissions in my pre-req install_puppet.sh scripts does work:
sudo mkdir /tmp/packer-puppet-masterless
sudo mkdir /tmp/packer-puppet-masterless/module-0
sudo mkdir /tmp/packer-puppet-masterless/manifests
sudo chown -R ec2-user:ec2-user /tmp/packer-puppet-masterless
sudo chmod -R 775 /tmp/packer-puppet-masterlessOn Tuesday, 19 September 2017 10:54:27 UTC+1, Rickard von Essen wrote:
Reply all
Reply to author
Forward
0 new messages