[Pkg-puppet-devel] Bug#1109161: Compiling crashes when providers are needed, after a puppetserver reload

Jérôme Charaoui jerome at riseup.net
Sun Jul 13 17:35:24 BST 2025


severity -1 serious
reassign -1 puppet-module-puppetlabs-firewall
thanks

Thanks for the report.

This bug is caused by a defect in the firewall module, which was fixed 
by upstream in a later version, so I'm reassigning the report to that 
package.

Also marking this as RC since installing and using the module is 
breaking puppetserver in a serious way.

-- Jérôme


Le 2025-07-12 à 21 h 20, Thomas Goirand a écrit :
> Source: puppetserver
> Version: 8.7.0-5
> Severity: important
> 
> Hi,
> 
> Steps to reproduce. Here's the config in the master:
> 
> root at zigo-puppet-master:~# cat /etc/puppet/puppet.conf
> [master]
> # Tell what type of ENC
> #node_terminus = exec
> 
> # Path to enc
> #external_nodes = /usr/bin/oci-puppet-external-node-classifier
> 
> # Path to standard hiera config
> hiera_config = /etc/puppet/hiera.yaml
> 
> top_level_facts_soft_limit = 8192
> 
> [main]
> #puppet master address
> server = zigo-puppet-master
> 
> root at zigo-puppet-master:~# cat /etc/puppet/code/environments/production/manifests/site.pp
> node /.*/ {
>    firewall {'102 allow all for 10.0.0.0/24':
>      proto => tcp,
>      jump => accept,
>      source => '10.0.0.0/24',
>    }
> }
> 
> In the slave node:
> 
> root at zigo-puppet-slave:~# cat /etc/puppet/puppet.conf
> # This file can be used to override the default puppet settings.
> # See the following links for more details on what settings are available:
> # - https://puppet.com/docs/puppet/latest/config_important_settings.html
> # - https://puppet.com/docs/puppet/latest/config_about_settings.html
> # - https://puppet.com/docs/puppet/latest/config_file_main.html
> # - https://puppet.com/docs/puppet/latest/configuration.html
> 
> [main]
> server = zigo-puppet-master
> 
> ssldir = /var/lib/puppet/ssl/ca
> 
> [master]
> vardir = /var/lib/puppet
> cadir  = /var/lib/puppet/ssl/ca
> dns_alt_names = puppet
> 
> Then after a "puppetserver reload", the server crashes the slave doing
> (rewrapped so it is easier to read):
> 
> Error: Could not retrieve catalog from remote server:
> Error 500 on SERVER: Server Error: Evaluation Error:
> Error while evaluating a Resource Statement,
> Could not autoload puppet/type/firewall:
> Could not autoload puppet/provider/firewall/firewall:
> no such file to load -- puppet_x/puppetlabs/firewall/ipcidr
> (file: /etc/puppet/code/environments/production/manifests/site.pp,
>       line: 2, column: 3) on node zigo-puppet-slave
> 
> Lavamind, I can add your ssh key to both the master and salve,
> so you can try by yourself.
> 
> Cheers,
> 
> Thomas Goirand (zigo)
> 



More information about the Pkg-puppet-devel mailing list