Port for ENC requests?

[Jon Yeargers]

I'm trying to debug a new ENC setup. I created a short perl script to output a few lines of YAML. It runs fine on the puppet server but when I try it on a client I get this error:

Warning: Error 400 on SERVER: Failed to find client.domain.org via exec: Execution of the '/etc/puppet/ENC/plug0.pl client.domain.org' returned 13:

What I've tried:

- turning off SELinux / adding exceptions

     * no change

- running the script locally

    * runs fine

- looking for errors in apache logs

    * nothing in there

- looking for errors in $LOGDIR/messages

    * nothing there either

What I'm wondering about is whether these requests need a certain port to be open in the firewall. The clients in question are connected via a VPN so the traffic is somewhat non-standard.

Somewhere else I should be looking for errors? What does error 13 imply?

[John Warburton]

On 4 February 2014 09:00, Jon Yeargers <ethr...@gmail.com> wrote:

I'm trying to debug a new ENC setup. I created a short perl script to output a few lines of YAML. It runs fine on the puppet server but when I try it on a client I get this error:

Warning: Error 400 on SERVER: Failed to find client.domain.org via exec: Execution of the '/etc/puppet/ENC/plug0.pl client.domain.org' returned 13:

 

Somewhere else I should be looking for errors? What does error 13 imply?

# grep 13 /usr/include/sys/errno.h
#define EACCES  13      /* Permission denied        

The user running the puppet master cannot access (read/execute?) your script. Try running it as that user from the command line

John

[JonY]

I'm stumped then.

Folder is 0777. Files are 0777. 

I'm running the p-master using Passenger in apache2 which runs as the 'puppet' account. I used this account to run the app in question without any problem. 'su - puppet -c "/tmp/test0.pl"'. 

SELinux is in 'permissive' mode.

What else should I look for?

[José Luis Ledesma]

Have you looked syslog and apache logs?

BTW /tmp should be 1777, but this shouldn't be the problem.

Regards,

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ee479fec-6bd9-41b0-9f7c-0e33f362fb1b%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[JonY]

chown puppet:puppet /etc/puppet/ENC/ENC.log

Perl was refusing to write to the log file when run under Passenger even though the file was as open as I could make it. And even though the script worked when run via the shell - passenger still wouldn't do it.