Bug #4224

vardir and confdir should be in ~/.puppet if not run as root

Added by Matt Robinson almost 3 years ago. Updated 8 months ago.

Status:ClosedStart date:07/13/2010
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-
Affected Puppet version: Branch:
Keywords:defaults settings

Description

There’s currently logic (which_dir) in lib/puppet/util/run_mode.rb that uses /var/lib/puppet and /etc/puppet if you’re running puppetmaster regardless of if you’re running it as root. James agrees this is not correct behavior. I guess the logic at some point was that if you’re running puppetmaster you must need root. That seems backwards to me since master doesn’t really need root, except to maybe switch to run as the puppet user, and if anything this logic should apply to the agent, but perhaps not even then.

  def var_dir
    which_dir(
      (Puppet.features.microsoft_windows? ? File.join(Dir::WINDOWS, "puppet", "var") : "/var/lib/puppet"),
      "~/.puppet/var"
    )
  end

  def which_dir( global, user )
    #FIXME: we should test if we're user "puppet"
    #       there's a comment that suggests that we do that
    #       and we currently don't.
    expand_path case
      when name == :master; global
      when Puppet.features.root?; global
      else user
    end
  end

Related issues

Related to Puppet - Bug #4363: puppetd generating requests puppetmasterd can't understand Rejected 07/26/2010
Related to Puppet - Bug #4253: puppetmaster started in a non accessible directory for th... Accepted 07/16/2010
Related to Puppet - Bug #4385: vardir and confdir are set to '~' when running puppet mas... Closed 07/28/2010
Related to Puppet - Bug #5384: puppet apply --report fails if puppet master has not been... Accepted 11/24/2010
Duplicated by Puppet - Bug #16637: Puppet confdir and vardir are wrong when running non-root Closed 09/29/2012

History

#1 Updated by James Turnbull almost 3 years ago

  • Status changed from Unreviewed to Accepted

#2 Updated by Jesse Wolfe almost 3 years ago

  • Status changed from Accepted to Needs Decision

There may be more subtlety to this than it seems: what if you’re running as the “puppet” (or $service) user? There is also some question as to how this might affect passenger setups.

#3 Updated by Nigel Kersten over 2 years ago

  • Status changed from Needs Decision to Needs More Information
  • Affected Puppet version deleted (2.6.0rc2)

I’m a bit confused where the “bug” is here.

My questions are:

  • Are we talking about just puppetmaster? or all “puppet submodule” invocations?
  • When we use ‘user’ here, can we clearly distinguish between the user who launched the puppet process, and the system user as specified in the config file or supplied with command line arguments?

#4 Updated by Jeff McCune 9 months ago

  • Status changed from Needs More Information to Closed

Closing in favor of 16637

We discussed this in the puppet-dev IRC channel today and we feel we’ve missed the boat for fixing this bug in the 2.7 series. We do still accept responsibility for fixing this issue, but we do not intend to fix it in 2.7 because it would likely be an unwelcome surprise. Instead, we plan to fix it in 3.x as soon as possible.

[4:55pm] zaphod42: jmccune: I noticed that #16637 referenced #4224, which seems to be the exact same thing but against 2.7.x. What are your thoughts on what should be done on #4224?
[4:55pm] gepetto: zaphod42: jmccune: #16637 is http://projects.puppetlabs.com/issues/show/16637 "Bug #16637: Puppet confdir and vardir are wrong when running non-root - Puppet. It has a status of In Topic Branch Pending Review and is assigned to -"
[4:55pm] jmccune: looking
[4:55pm] zaphod42: gepetto doesn't understand me talking about multiple bugs.... #4224
[4:55pm] zaphod42: #4224
[4:55pm] gepetto: zaphod42: #4224 is http://projects.puppetlabs.com/issues/show/4224 "Bug #4224: vardir and confdir should be in ~/.puppet if not run as root - Puppet. It has a status of Needs More Information and is assigned to -"
[4:56pm] jmccune: Yeah
[4:56pm] zaphod42: gepetto--
[4:56pm] jmccune: I ran across that on Saturday and my eyes almost rolled out of my head.
[4:56pm] jmccune: I mean, we sort of missed the boat on that one for 2.7
[4:56pm] drewmania joined the chat room.
[4:56pm] zaphod42: that is what I'm thinking
[4:56pm] jmccune: Given that we've carried 20 releases of the master explicitly using the system directories.
[4:56pm] derpops joined the chat room.
[4:57pm] zaphod42: I think the 2.7 bug should just be closed
[4:57pm] jmccune: I think it would be an unwelcome surprise for users even if we did accept it as a bug over 2 years ago
[4:57pm] jmccune: Yeah
[4:57pm] jmccune: Doing that
[4:57pm] zaphod42: cool

#5 Updated by Andrew Parker 8 months ago

  • Target version deleted (2.7.x)

Also available in: Atom PDF