Jira (PUP-9642) puppet device permissions preventing reading dirs

[David Schmitt (JIRA)]

David Schmitt moved an issue

Puppet / PUP-9642 puppet device permissions preventing reading dirs Change By: David Schmitt Key: FM PUP - 7133 9642 Project: Modules [Internal] Puppet Add Comment

This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)

[David Schmitt (JIRA)]

David Schmitt updated an issue

Puppet / PUP-9642 puppet device permissions preventing reading dirs

While I was able to reproduce this on 5.5, the effect is not reproducible on 6.4.1. Change By: David Schmitt Affects Version/s: PUP 5.5.13 Affects Version/s: PUP 5.5.1 Fix Version/s: PUP 6.4.1

Add Comment

[Dimitri Tischenko (JIRA)]

Dimitri Tischenko commented on PUP-9642

Re: puppet device permissions preventing reading dirs David Schmitt As per the docs at https://puppet.com/docs/pe/2018.1/component_versions_in_recent_pe_releases.html, the current LTS release of PE uses agent 5.5.10, so customers currently using this version (including Deutsche Telekom) have this issue. Do we have a work-around for them short of upgrading to PE 2019.0?

Add Comment

[David Schmitt (JIRA)]

David Schmitt commented on PUP-9642

Re: puppet device permissions preventing reading dirs

Dimitri Tischenko The long-term solution is to not run puppet device as root. I'd love to hear your opinion about that. Meanwhile I've got some code changes in https://github.com/puppetlabs/puppet/pull/7483 which will likely fix the initialisation problem. I'm a bit concerned that it went away with 6.4, because that means that there is sometihng else going on that I do not fully understand yet (or I have messed up my testing).

Add Comment

[Josh Cooper (JIRA)]

Josh Cooper updated an issue

Puppet / PUP-9642

puppet device permissions preventing reading dirs

Change By: Josh Cooper Fix Version/s: PUP 6.4.1 Fix Version/s: PUP 6.4.z

Add Comment

[David Schmitt (JIRA)]

David Schmitt updated an issue

Puppet / PUP-9642 puppet device permissions preventing reading dirs

Change By: David Schmitt Release Notes Summary: Under certain circumstances `puppet device` would get confused with directory permissions when initialising new device certificates. This fixes `puppet device` to always initialise the ssl directories with the correct permissions. Release Notes: Bug Fix

Add Comment

[David Schmitt (JIRA)]

David Schmitt commented on PUP-9642

Re: puppet device permissions preventing reading dirs https://puppet.slack.com/archives/CF466J67L/p1558546760042800 Hey, there's a really nasty looking merge conflict in `lib/puppet/application/device.rb` trying to merge 5.5.x up into 6.0.x, and it looks like it's from commits you had a hand in. Could you take a crack at resolving that? There's also some conflicts in `pip` related files that aren't 100% straight-forward, but feel free to ping @jorie or myself on that.

Add Comment

[David Schmitt (JIRA)]

David Schmitt updated an issue

Puppet / PUP-9642

puppet device permissions preventing reading dirs

Change By: David Schmitt Fix Version/s: PUP 6.4.z Fix Version/s: PUP 5.5.z

Add Comment

[David Schmitt (JIRA)]

David Schmitt updated an issue

Puppet / PUP-9642 puppet device permissions preventing reading dirs

Change By: David Schmitt Affects Version/s: PUP 6.0.10

Add Comment

[David Schmitt (JIRA)]

David Schmitt commented on PUP-9642

Re: puppet device permissions preventing reading dirs Checked against 6.0.10 from puppet-enterprise-2019.0.4-rc1-47-gb975b36-ubuntu-18.04-amd64 and the problem exists there too.   I could not reproduce it with 6.4.3 from puppet-enterprise-2019.1.1-rc1-77-g4687836-ubuntu-18.04-amd64.

Add Comment

[David Schmitt (JIRA)]

David Schmitt updated an issue

Puppet / PUP-9642

puppet device permissions preventing reading dirs

Change By: David Schmitt Fix Version/s: PUP 6.0.z

Add Comment

[David Mallon (JIRA)]

David Mallon commented on PUP-9642

Re: puppet device permissions preventing reading dirs Hey Mihai Buzgau, I think this change is still in need of a promote from 6.0.x up to 6.4.x - is that something on your radar?

Add Comment

[Mihai Buzgau (JIRA)]

Mihai Buzgau commented on PUP-9642

Re: puppet device permissions preventing reading dirs

David Mallon the promotions happen automatically during merge-ups. Merge-ups are done by Jenkins once the tests pass for a specific branch. Currently, the agent CI is still stuck because of this issue: https://tickets.puppetlabs.com/browse/QENG-7269

Add Comment

[Oana Tanasoiu (JIRA)]

Oana Tanasoiu updated an issue

Puppet / PUP-9642

puppet device permissions preventing reading dirs

Change By: Oana Tanasoiu Fix Version/s: PUP 6.5.0

Add Comment

[Oana Tanasoiu (JIRA)]

Oana Tanasoiu commented on PUP-9642

Re: puppet device permissions preventing reading dirs Hi David Schmitt this was merged into master and will be part of the 6.5.0 release. Can you please let us know if this is resolved by closing the ticket ?

Add Comment

[David Schmitt (JIRA)]

David Schmitt commented on PUP-9642

Re: puppet device permissions preventing reading dirs

Hi David Schmitt this was merged into master and will be part of the 6.5.0 release. Can you please let us know if this is resolved by closing the ticket ?

The commit has acceptance tests. If those pass, the problem won't be seen by customers any more.

Add Comment

[Heston Hoffman (JIRA)]

Heston Hoffman updated an issue

Puppet / PUP-9642

puppet device permissions preventing reading dirs

Change By: Heston Hoffman Labels: dtt resolved-issue-added

Add Comment

[Gheorghe Popescu (JIRA)]

Gheorghe Popescu updated an issue

Puppet / PUP-9642 puppet device permissions preventing reading dirs

Change By: Gheorghe Popescu Fix Version/s: PUP 6.0.z Fix Version/s: PUP 5.5.z Fix Version/s: PUP 6.4.3 Fix Version/s: PUP 6.0.10 Fix Version/s: PUP 5.5.15

Add Comment