[Pkg-puppet-devel] Bug#1079793: puppetserver 7 upgrade doesn't clean up old puppetmaster 5 files
Antoine Beaupre
anarcat at debian.org
Tue Aug 27 14:50:53 BST 2024
Package: puppetserver
Version: 7.9.5-2
Severity: minor
This is a followup for #1078911 which was interpreted as only an
emergency fix to cleanup large report directories.
But it seems to me there's more work to be done here: in that bug
report, I described a situation where I had lots of old reports lying
around from the old puppetmaster in /var/lib/puppet. I have also just
realized I have "facts" from the previous puppetmaster here:
anarcat at marcos:~$ sudo ls -al /var/lib/puppet/yaml/facts
total 164
drwxr-xr-x 2 puppet puppet 4096 4 avr 2023 .
drwxr-x--- 3 puppet puppet 4096 22 jun 2020 ..
-rw-rw---- 1 puppet puppet 19614 25 jan 2023 angela.anarc.at.yaml
-rw-rw---- 1 puppet puppet 15192 25 jan 2023 curie.anarc.at.yaml
-rw-rw---- 1 puppet puppet 13463 21 aoû 2020 emma.anarc.at.yaml
-rw-rw---- 1 puppet puppet 14625 25 jan 2023 louise.anarc.at.yaml
-rw-rw---- 1 puppet puppet 54690 25 jan 2023 marcos.anarc.at.yaml
-rw-rw---- 1 puppet puppet 24955 25 jan 2023 tubman.anarc.at.yaml
I'm not sure how to tell the "client" from the "server" stuff apart, so
this is a bit tricky. But I even found an old CA in there... Perhaps we
could move over or delete the files owned by "puppet" in there?
anarcat at marcos:~$ sudo find /var/lib/puppet -user puppet -type d
/var/lib/puppet
/var/lib/puppet/bucket
/var/lib/puppet/ssl
/var/lib/puppet/ssl/private_keys
/var/lib/puppet/ssl/certificate_requests
/var/lib/puppet/ssl/public_keys
/var/lib/puppet/ssl/private
/var/lib/puppet/ssl/certs
/var/lib/puppet/ssh_keys
/var/lib/puppet/ssh_keys/curie.anarc.at
/var/lib/puppet/ssh_keys/emma.anarc.at
/var/lib/puppet/ssh_keys/angela.anarc.at
/var/lib/puppet/preview
/var/lib/puppet/yaml
/var/lib/puppet/yaml/facts
/var/lib/puppet/server_data
Not sure how to untangle this, but we should at least have an upgrade
procedure for this.
-- System Information:
Debian Release: 12.6
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'stable'), (1, 'unstable'), (1, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-23-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages puppetserver depends on:
ii default-jre-headless 2:1.17-74
ii facter 4.3.0-2
ii hiera 3.10.0-1
ii jruby 9.3.9.0+ds-8
ii libclj-time-clojure 0.15.2-2
ii libclj-yaml-clojure 0.7.2-1
ii libclojure-java 1.11.1-2
ii libcomidi-clojure 0.3.2-2
ii libcommons-exec-java 1.3-2
ii libcommons-io-java 2.11.0-2
ii libcommons-lang-java 2.6-10
ii libdropwizard-metrics-java 3.2.6-1
ii libdujour-version-check-clojure 0.2.3-1
ii libjruby-utils-clojure 4.0.3-4
ii libkitchensink-clojure 3.2.1-1
ii libliberator-clojure 0.15.3-1
ii libprismatic-schema-clojure 1.2.0-4
ii libpuppetlabs-http-client-clojure 2.1.1-1
ii libpuppetlabs-i18n-clojure 0.9.2-2
ii libpuppetlabs-ring-middleware-clojure 1.3.1-3
ii libraynes-fs-clojure 1.5.2-1
ii libsemver-clojure 0.3.0-2
ii libshell-utils-clojure 1.0.2-3
ii libslingshot-clojure 0.12.2-3
ii libssl-utils-clojure 3.5.0-2
ii libtrapperkeeper-authorization-clojure 1.0.0-4
ii libtrapperkeeper-clojure 3.2.0-4
ii libtrapperkeeper-comidi-metrics-clojure 0.1.2-2
ii libtrapperkeeper-filesystem-watcher-clojure 1.2.2-3
ii libtrapperkeeper-metrics-clojure 1.5.0-5
ii libtrapperkeeper-scheduler-clojure 1.1.3-7
ii libtrapperkeeper-status-clojure 1.1.1-4
ii libtrapperkeeper-webserver-jetty9-clojure 4.4.1-5
ii libyaml-snake-java 1.33-2
ii puppet-agent 7.23.0-1
ii ruby 1:3.1
ii ruby-deep-merge 1.1.1-2
ii ruby-fast-gettext 2.0.3-2
ii ruby-gettext 3.3.3-2
ii ruby-hocon 1.3.1-2
ii ruby-locale 2.1.3-1
ii ruby-puppet-resource-api 1.8.16-2
ii ruby-puppetserver-ca-cli 2.4.0-4
ii ruby-semantic-puppet 1.0.4-1
ii ruby-text 1.3.1-1
Versions of packages puppetserver recommends:
ii puppet-module-puppetlabs-augeas-core 1.1.2-1
ii puppet-module-puppetlabs-cron-core 1.1.0+dfsg1-1
pn puppet-module-puppetlabs-host-core <none>
pn puppet-module-puppetlabs-mount-core <none>
pn puppet-module-puppetlabs-selinux-core <none>
ii puppet-module-puppetlabs-sshkeys-core 2.3.0-1
puppetserver suggests no packages.
-- Configuration Files:
/etc/puppet/puppetserver/conf.d/auth.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/auth.conf'
/etc/puppet/puppetserver/conf.d/ca.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/ca.conf'
/etc/puppet/puppetserver/conf.d/global.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/global.conf'
/etc/puppet/puppetserver/conf.d/metrics.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/metrics.conf'
/etc/puppet/puppetserver/conf.d/puppetserver.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/puppetserver.conf'
/etc/puppet/puppetserver/conf.d/web-routes.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/web-routes.conf'
/etc/puppet/puppetserver/conf.d/webserver.conf [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/conf.d/webserver.conf'
/etc/puppet/puppetserver/logback.xml [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/logback.xml'
/etc/puppet/puppetserver/request-logging.xml [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/request-logging.xml'
/etc/puppet/puppetserver/services.d/bootstrap.cfg [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/services.d/bootstrap.cfg'
/etc/puppet/puppetserver/services.d/ca.cfg [Errno 13] Permission non accordée: '/etc/puppet/puppetserver/services.d/ca.cfg'
-- no debconf information
More information about the Pkg-puppet-devel
mailing list