Jira (PUP-10894) codedir behaviour does not match documentation

15 views
Skip to first unread message

Jake Yip (Jira)

unread,
Feb 9, 2021, 10:19:03 PM2/9/21
to puppe...@googlegroups.com
Jake Yip created an issue
 
Puppet / Bug PUP-10894
codedir behaviour does not match documentation
Issue Type: Bug Bug
Affects Versions: PUP 6.20.0, PUP 5.5.22
Assignee: Unassigned
Created: 2021/02/09 7:18 PM
Priority: Normal Normal
Reporter: Jake Yip

Puppet Version: 6.18.0
Puppet Server Version: 6.18.0
OS Name/Version: Ubuntu 18.04.5 LTS \n \l

In the documentation https://puppet.com/docs/puppet/6.21/dirs_codedir.html#location, it states

When Puppet is running as root, as a Windows user with administrator privileges, or as the puppet user, it uses a system-wide codedir. When running as a non-root user, it uses a codedir in that user's home directory.

This doesn't seem to be true. As the puppet user,

puppet@puppet:~$ puppet config print codedir
/opt/puppetlabs/server/data/puppetserver/.puppetlabs/etc/code

My puppet version is

puppet@puppet:~$ apt-cache policy puppet-agent
puppet-agent:
{{ Installed: 6.20.0-1bionic}}
{{ Candidate: 6.20.0-1bionic}}
{{ Version table:}}
{{ *** 6.20.0-1bionic 500}}
{{ 500 http://apt.puppetlabs.com bionic/puppet6 amd64 Packages}}
{{ 100 /var/lib/dpkg/status}}

Desired Behavior:

It should use /etc/puppetlabs/code as stated in documentation

Actual Behavior:

puppet@puppet:~$ puppet config print codedir
/opt/puppetlabs/server/data/puppetserver/.puppetlabs/etc/code

 It uses /opt/puppetlabs/server/data/puppetserver/.puppetlabs/etc/code
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)
Atlassian logo

Josh Cooper (Jira)

unread,
Feb 25, 2021, 1:49:02 AM2/25/21
to puppe...@googlegroups.com
Josh Cooper updated an issue
Change By: Josh Cooper
Component/s: Docs

Josh Cooper (Jira)

unread,
Feb 25, 2021, 1:55:03 AM2/25/21
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-10894
 
Re: codedir behaviour does not match documentation

I think the puppet user’s home directory is /opt/puppetlabs/server/data/puppetserver/ so when puppet expands ~ we get the strange result. That said I’m curious why you’re running the command as the puppet user? Usually that account is only used when running puppetserver, since we don’t want a root process listening for network connections.

Josh Cooper (Jira)

unread,
Jun 3, 2021, 12:29:01 PM6/3/21
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-10894

Jake Yip the documentation is actually correct. When running as non-root the directory will be ~/.puppetlabs/etc/code, and it just so happens that the puppet user's home directory is /opt/puppetlabs/server/data/puppetserver/. As I mentioned earlier, the puppet user/group is the account that puppetserver runs under (for security reasons). If you want to run puppet agent as a non-root user, you'll want to create a user/service account for that purpose.
This message was sent by Atlassian Jira (v8.13.2#813002-sha1:c495a97)
Atlassian logo

Jake Yip (Jira)

unread,
Jun 3, 2021, 9:03:02 PM6/3/21
to puppe...@googlegroups.com
Jake Yip commented on Bug PUP-10894

Sorry I didn't get the first reply of the message, it's been a while since I opened this ticket so my memory may be hazy.

I think the confusion is in the first part of the message "When Puppet is running as root, as a Windows user with administrator privileges, or as the puppet user, it uses a system-wide codedir"

So I read it to be using a system-wide codedir /etc/puppetlabs/code, when

  • Puppet is running as root, or
  • Puppet is running as a Windows user with administrator privileges, or
  • Puppet is running as the puppet user

Josh Cooper (Jira)

unread,
Jun 3, 2021, 9:51:02 PM6/3/21
to puppe...@googlegroups.com
Josh Cooper commented on Bug PUP-10894

Ah! yeah that's a bug in the docs, we need to drop `or as the puppet user`.

Claire Cadman (Jira)

unread,
Jun 4, 2021, 5:46:02 AM6/4/21
to puppe...@googlegroups.com

Is this what you mean?

When Puppet is running as root or as a Windows user with administrator privileges, it uses a system-wide codedir — /etc/puppetlabs/code. When running as a non-root user, it uses a codedir in that user's home directory. If you are running as puppetserver, which runs as the puppet user, the home directory is /opt/puppetlabs/server/data/puppetserver/.
Reply all
Reply to author
Forward
0 new messages