Jira (PUP-9819) Puppet Failure on MacOS 10.15 'Catalina' Beta3

24 views
Skip to first unread message

Marshall Taylor (JIRA)

unread,
Jul 11, 2019, 1:42:02 PM7/11/19
to puppe...@googlegroups.com
Marshall Taylor updated an issue
 
Puppet / Bug PUP-9819
Puppet Failure on MacOS 10.15 'Catalina' Beta3
Change By: Marshall Taylor
Summary: {brief summary of issue} Puppet Failure on MacOS 10.15 'Catalina' Beta3
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Josh Cooper (JIRA)

unread,
Jul 11, 2019, 1:43:03 PM7/11/19
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-9819
 
Re: Puppet Failure on MacOS 10.15 'Catalina' Beta3

Thanks for the report. FWIW, I don't think Catalina is a supported OSX platform yet, but is planned to be.

Josh Cooper (JIRA)

unread,
Jul 11, 2019, 1:43:03 PM7/11/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
 
Change By: Josh Cooper
Team: Puppet Romania

Josh Cooper (JIRA)

unread,
Jul 15, 2019, 7:37:02 PM7/15/19
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Fix Version/s: PUP 6.4.0
Fix Version/s: PUP 6.y

Gabriel Nagy (JIRA)

unread,
Jan 21, 2020, 9:31:04 AM1/21/20
to puppe...@googlegroups.com
Gabriel Nagy commented on Bug PUP-9819
 
Re: Puppet Failure on MacOS 10.15 'Catalina' Beta3

This might be fixed by PUP-10241, but I"m not 100% sure since the error looks a bit different. I'm still poking around to see what else broke with the addition of Catalina.

Josh Cooper (Jira)

unread,
Jun 26, 2020, 12:50:03 PM6/26/20
to puppe...@googlegroups.com
Josh Cooper assigned an issue to Marshall Taylor
 
Change By: Josh Cooper
Assignee: Marshall Taylor
This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)
Atlassian logo

Josh Cooper (Jira)

unread,
Jun 26, 2020, 12:50:03 PM6/26/20
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-9819
 
Re: Puppet Failure on MacOS 10.15 'Catalina' Beta3

Marshall Taylor could you try a more recent version of puppet-agent and see if the issue is resolved?

Brian Call (Jira)

unread,
Sep 27, 2020, 12:22:03 AM9/27/20
to puppe...@googlegroups.com
Brian Call commented on Bug PUP-9819

Hey Josh Cooper, I'm still seeing this same issue when trying to manage users on Catalina.

bcall@bcall-ltm Desktop % sudo /opt/puppetlabs/puppet/bin/puppet --version
 
6.18.0
 
bcall@bcall-ltm Desktop % sw_vers
 
ProductName:	Mac OS X
 
ProductVersion:	10.15.6
 
BuildVersion:	19G2531
 
bcall@bcall-ltm Desktop % sudo /opt/puppetlabs/puppet/bin/puppet apply -e "user {'bcall': ensure => present}"
 
Notice: Compiled catalog for bcall-ltm.internal.salesforce.com in environment production in 0.02 seconds
 
Error: Could not prefetch user provider 'directoryservice': undefined method `[]' for nil:NilClass
 
Error: Failed to apply catalog: undefined method `[]' for nil:NilClass

I also tried explicitly setting LANG as mentioned in PUP-10241, to no avail:

bcall@bcall-ltm Desktop % sudo LANG=en_US.UTF-8 /opt/puppetlabs/puppet/bin/puppet apply -e "user {'bcall': ensure => present}"
 
Notice: Compiled catalog for bcall-ltm.internal.salesforce.com in environment production in 0.02 seconds
 
Error: Could not prefetch user provider 'directoryservice': undefined method `[]' for nil:NilClass
 
Error: Failed to apply catalog: undefined method `[]' for nil:NilClass

Brian Call (Jira)

unread,
Sep 27, 2020, 1:14:04 AM9/27/20
to puppe...@googlegroups.com
Brian Call updated an issue
 
Change By: Brian Call
Comment: Hey [~josh], I'm still seeing this same issue when trying to manage users on Catalina. This bug appears to fully break user management on macOS.

{code:bash}bcall@bcall-ltm Desktop % sudo /opt/puppetlabs/puppet/bin/puppet --version

6.18.0
bcall@bcall-ltm Desktop % sw_vers
ProductName: Mac OS X
ProductVersion: 10.15.6
BuildVersion: 19G2531

bcall@bcall-ltm Desktop % sudo /opt/puppetlabs/puppet/bin/puppet apply -e "user {'bcall': ensure => present}"
Notice: Compiled catalog for bcall-ltm.internal.salesforce.com in environment production in 0.02 seconds
Error: Could not prefetch user provider 'directoryservice': undefined method `[]' for nil:NilClass
Error: Failed to apply catalog: undefined method `[]' for nil:NilClass
{code}


I also tried explicitly setting LANG as mentioned in PUP-10241, to no avail:

{code:bash}

bcall@bcall-ltm Desktop % sudo LANG=en_US.UTF-8 /opt/puppetlabs/puppet/bin/puppet apply -e "user {'bcall': ensure => present}"
Notice: Compiled catalog for bcall-ltm.internal.salesforce.com in environment production in 0.02 seconds
Error: Could not prefetch user provider 'directoryservice': undefined method `[]' for nil:NilClass
Error: Failed to apply catalog: undefined method `[]' for nil:NilClass
{code}

Josh Cooper (Jira)

unread,
Sep 28, 2020, 8:11:04 PM9/28/20
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-9819
 
Re: Puppet Failure on MacOS 10.15 'Catalina' Beta3

Brian Call it looks like your comment was deleted/lost?

Brian Call (Jira)

unread,
Oct 16, 2020, 3:33:03 AM10/16/20
to puppe...@googlegroups.com
Brian Call commented on Bug PUP-9819

Hey Josh Cooper, thanks for the ping. ! I was a little confused about what I was seeing so wanted to gather some more information.

So in the end, it looks like I am seeing this same issue after all. The issue does not occur on a vanilla macOS install, but it does occur on our company-provisioned Macs. It looks like CFPropertyList is choking on a malformed plist somewhere. I'm hoping that if that's the case, it might be possible to fail more gracefully like in PUP-8545.

When trying to manage any user resource:

$ sudo puppet apply -e "user {'foo':ensure=>'present'}"
 
Notice: Compiled catalog for foobar in environment production in 0.02 seconds
 
Error: Could not prefetch user provider 'directoryservice': undefined method `[]' for nil:NilClass
 
Error: Failed to apply catalog: undefined method `[]' for nil:NilClass

Debug is output is similar to the earlier report:

Info: Applying configuration version '1602832575'
 
Debug: Prefetching directoryservice resources for user
 
Debug: Executing: '/usr/bin/dscl -plist . readall /Users'
 
Debug: Executing: '/usr/bin/dscl -plist . readall /Groups'
 
Debug: Converting binary plist to hash
 
Debug: Converting binary plist to hash
 
Debug: Converting binary plist to hash
 
Debug: Failed with CFFormatError on : #<CFFormatError: content after root object>
 
Error: Could not prefetch user provider 'directoryservice': undefined method `[]' for nil:NilClass
 
Debug: Storing state
 
Debug: Pruned old state cache entries in 0.00 seconds
 
Debug: Stored state in 0.00 seconds
 
Error: Failed to apply catalog: undefined method `[]' for nil:NilClass
 
Debug: Applying settings catalog for sections main, reporting, metrics


$ sw_vers
 
ProductName:	Mac OS X
 
ProductVersion:	10.15.7
 
BuildVersion:	19H2

Let me know if I can help test. Thanks.

Brian Call (Jira)

unread,
Oct 20, 2020, 5:27:03 AM10/20/20
to puppe...@googlegroups.com
Brian Call commented on Bug PUP-9819

I've determined the root cause of this issue in our environment. The directoryservice provider makes an assumption:

The plist embedded in the ShadowHashData key is a binary plist

In our environment, ShadowHashData contains an xml plist, so the conversion from a binary plist fails on L148, which causes embedded_binary_plist to unexpectedly get get assigned nil.

I need to do a bit more research on our end; I think this user password may be getting set by a security agent, not by a normal user on the system. If xml plists are supported, which I will try to verify, perhaps the provider can be updated to handle either.
Reply all
Reply to author
Forward
0 new messages