Project

General

Profile

Bug #13522

Error 406 loading Puppet CA certificate list on Puppet 4 due to PATH difference

Added by Choon Ming Goh over 3 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Puppet
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

I'm currently running smart proxy from source with foreman 1.10. It is unable to list all the puppet certificates on the foreman dashboard. It returns error 406 on the /GET request.

D, [2016-02-02T12:43:15.849720 #5933] DEBUG -- : accept: 10.20.1.10:35867
D, [2016-02-02T12:43:15.850991 #5933] DEBUG -- : Rack::Handler::WEBrick is invoked.
D, [2016-02-02T12:43:15.856388 #5933] DEBUG -- : verifying remote client 10.20.1.10 against trusted_hosts ["master.olindata.vm"]
D, [2016-02-02T12:43:15.858154 #5933] DEBUG -- : Found puppetca at /opt/smart-proxy/vendor/ruby/bin/puppet
D, [2016-02-02T12:43:15.858351 #5933] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2016-02-02T12:43:15.858390 #5933] DEBUG -- : Executing /usr/bin/sudo -S /opt/smart-proxy/vendor/ruby/bin/puppet cert --ssldir /etc/puppetlabs/puppet/ssl --list --all
W, [2016-02-02T12:43:15.896385 #5933]  WARN -- : Failed to run puppetca:
E, [2016-02-02T12:43:15.896825 #5933] ERROR -- : Failed to list certificates: Execution of puppetca failed, check log files
I, [2016-02-02T12:43:15.897933 #5933]  INFO -- : 10.20.1.10 - - [02/Feb/2016 12:43:15] "GET /puppet/ca HTTP/1.1" 406 74 0.0418

The code below ought to fix it:

diff --git a/modules/puppetca/puppetca_main.rb b/modules/puppetca/puppetca_main.rb
index 228bb95..3e75456 100644
--- a/modules/puppetca/puppetca_main.rb
+++ b/modules/puppetca/puppetca_main.rb
@@ -103,7 +103,7 @@ module Proxy::PuppetCa
         raise "SSL/CA unavailable on this machine" 
       end

-      default_path = ["/opt/puppet/bin", "/opt/puppet/sbin"]
+      default_path = "/opt/puppetlabs/bin" 

       # puppetca is the old method of using puppet cert which is new in puppet 2.6
       if Puppet::PUPPETVERSION.to_i < 3

Associated revisions

Revision 9bd44701 (diff)
Added by Goh Choon Ming over 3 years ago

fixes #13522 - add correct path to puppet binary

Puppet 4 AIO uses /opt/puppetlabs/bin to store the puppet executable

History

#1 Updated by Dominic Cleal over 3 years ago

  • Subject changed from Puppet 4: smart proxy's puppetca returning error 406 to Error 406 loading Puppet CA certificate list on Puppet 4 due to PATH difference
  • Category set to Puppet

If you'd like to get your patch in, please follow the steps at http://theforeman.org/contribute.html to submit it (though the instructions for setting up Foreman are mostly irrelevant for the smart proxy). Feel free to stop by the foreman-dev mailing list or IRC channel if you'd like more help (http://theforeman.org/support.html).

http://theforeman.org/handbook.html is another useful resource for general coding styles etc.

I'd suggest having your patch append to the existing list of possible paths instead of replacing them entirely.

#2 Updated by The Foreman Bot over 3 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/smart-proxy/pull/375 added

#3 Updated by Anonymous over 3 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#4 Updated by Dominic Cleal over 3 years ago

  • Legacy Backlogs Release (now unused) set to 123

Also available in: Atom PDF