Thursday, October 6, 2011

Puppet master, symlink and SELinux

I created a puppet module p4 under my home folder and symlinked the module folder into /etc/puppet/modules. I can run sudo puppet apply test.pp succefully on the master, but when I ran
sudo puppet agent --no-daemonize --verbose --onetime
on an agent machine, I got the following error:
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find class p4 at /etc/puppet/manifests/nodes.pp:2 on node

This page is helpful: But my situation is different, the permission of module folders is rwxrwxr-x. I ran this command
sudo strace -e trace=file -f puppet master --no-daemonize --debug 2>&1 | tee log
It turned out that there WAS a "permission denied" issue:
[pid 15508] stat("/etc/puppet/modules/p4", 0x7fff44cfb630) = -1 EACCES (Permission denied)
After I copied p4 folder to /usr/share/puppet/modules, everything worked. SELinux is installed on my CentOS. It must be SELinux that blocks puppet to access the file.

No comments:

Post a Comment