Bug #1117
closed
Permissions issue with RHEL package
Description
On RHEL the permissions for /var/lib/puppet/ssl/ca/inventory.txt require the foreman-proxy user to be part of the puppet group - otherwise it cannot see this file and constantly errors out.
Updated by Benjamin Papillon over 12 years ago
On Fedora 15 there is the same problem. (except path is /etc/puppet/ssl/ca)
Other issues in the same register :
- /etc/dhcp/dhcpd.conf is not accessible by default foreman-proxy user (note path is not /etc/dhcpd.conf)
- /etc/rndc.key is not accessible either
Updated by Ohad Levy over 12 years ago
does adding foreman-proxy to the puppet group solves the issue?
Updated by Benjamin Papillon over 12 years ago
for /etc/puppet/ssl/ca it should work. As it's a test machine I've been more direct, I changed foreman-proxy user to puppet group ;)
For the other 2, I added a+r. It's definitively wrong for prod. use, but for tests it's ok. Changing group is one way. Another could be sudo /bin/cat ...
Either way, I'd like smart-proxy logs told me it's a permission error and not "file not found" =)
Updated by Ohad Levy over 12 years ago
would you guys mind adding those extra issues? its hard to track all of the different bugs in one ticket :)
Updated by Ohad Levy over 11 years ago
- Status changed from New to Need more information
is still applicable with the latest 1.x packages?
Updated by Benjamin Papillon over 11 years ago
I think we discussed it with jmontleon and he already added foreman-proxy user to puppet group. I didn't check.
Good rights for dhcpd.conf are specified in the wiki.
The issue specified by the opener can be closed. The issues I reported as bad log information should be in another ticket, definitively not this one.
I think we can close the bug. Let's wait few days for the opener some ppl are still in vacation ;)
Updated by Greg Sutcliffe over 11 years ago
- Status changed from Need more information to Closed
Closing.