Closed Bug 1149726 Opened 9 years ago Closed 9 years ago

investigate 2008 Puppet run errors

Categories

(Infrastructure & Operations :: RelOps: Puppet, task)

Product:
Infrastructure & Operations
Component:
RelOps: Puppet
Platform:
x86_64
Windows 7
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: markco, Assigned: markco)

Details

Attachments

(1 file, 1 obsolete file)

BUG1149726.patch
10.22 KB, patch
dustin
: review+
markco
: checked-in+
Details | Diff | Splinter Review 
/Stage[main]/Slave_secrets::Crash_stats_api_token/File[C:/builds/crash-stats-api.token] (err): Could not evaluate: Could not read file C:/builds/crash-stats-api.token: Permission denied - C:/builds/crash-stats-api.token 

/Stage[main]/Slave_secrets::Google_oauth_api_key/File[C:/builds/google-oauth-api.key] (err): Could not evaluate: Could not read file C:/builds/google-oauth-api.key: Permission denied - C:/builds/google-oauth-api.key 

/Stage[main]/Ssh::Config/Acl[C:/Program Files/KTS/publickey_logon.ini] (err): Could not evaluate: Failed to get security descriptor for path 'C:/Program Files/KTS/publickey_logon.ini': Failed to open 'C:/Program Files/KTS/publickey_logon.ini': The system cannot find the path specified. 

/Stage[main]/Ssh::Config/Acl[C:/Program Files/KTS/rsakey.ky] (err): Could not evaluate: Failed to get security descriptor for path 'C:/Program Files/KTS/rsakey.ky': Failed to open 'C:/Program Files/KTS/rsakey.ky': The system cannot find the path specified. 

Stage[main]/Slave_secrets::Ceph_config/File[C:/Users/cltbld/.boto] (err): Could not evaluate: Could not read file C:/Users/cltbld/.boto: Permission denied - C:/Users/cltbld/.boto
Assignee: relops → mcornmesser
Permissions : 
Crash_stats_api_token:

Own by cltbld 
System has full control 
cltbld has read/write
root has none 

google-oauth-api.key:

Own by cltbld 
System has full control 
cltbld has read/write
root has none 

publickey_logon.ini:

Owned by root
root has full control 
system has full control 

rsakey.ky:

Owned by root
root has full control 
system has full control

.boto:

Own by cltbld 
System has full control 
cltbld has read/write
root has none
additional errors: 

Thu Apr 02 11:29:44 -0700 2015 /Stage[main]/Ssh::Config/Acl[C:/Program Files/KTS/publickey_logon.ini] 

(err): Could not evaluate: Failed to get security descriptor for path 'C:/Program Files/KTS/publickey_logon.ini': Failed to open 'C:/Program Files/KTS/publickey_logon.ini': The system cannot find the path specified. 
Thu Apr 02 11:29:44 -0700 2015 /Stage[main]/Ssh::Config/Acl[C:/Program Files/KTS/rsakey.ky] 

(err): Could not evaluate: Failed to get security descriptor for path 'C:/Program Files/KTS/rsakey.ky': Failed to open 'C:/Program Files/KTS/rsakey.ky': The system cannot find the path specified. 
Thu Apr 02 11:31:32 -0700 2015 /Stage[main]/Rdp::Enable_rdp/Service[SessionEnv] (err): Failed to call refresh: CreateProcess() failed: The system cannot find the file specified. 

(err): Failed to call refresh: CreateProcess() failed: The system cannot find the file specified. 
Thu Apr 02 11:31:32 -0700 2015 /Stage[main]/Rdp::Enable_rdp/Service[SessionEnv] 

(err): CreateProcess() failed: The system cannot find the file specified. 
Thu Apr 02 11:31:32 -0700 2015 /Stage[main]/Rdp::Enable_rdp/Service[TermService] 

(err): Failed to call refresh: CreateProcess() failed: The system cannot find the file specified. 
Thu Apr 02 11:31:32 -0700 2015 /Stage[main]/Rdp::Enable_rdp/Service[TermService] (err): CreateProcess() failed: The system cannot find the file specified. 
Thu Apr 02 11:31:32 -0700 2015 /Stage[main]/Rdp::Enable_rdp/Service[UmRdpService] 

(err): Failed to call refresh: CreateProcess() failed: The system cannot find the file specified. 
Thu Apr 02 11:31:33 -0700 2015 /Stage[main]/Rdp::Enable_rdp/Service[UmRdpService] (err): CreateProcess() failed: The system cannot find the file
Attached patch BUG1149726.patch (obsolete) — Splinter Review 
For slave_secrets files, was weird. It seems that when the owner and group was set for google-oauth-api.key it was causing an issue for Crash_stats_api_token and the .boto. After separating out google-oauth-api.key manifests by OS case statements none of the three errors re-occurred. 

The rdp errors were being caused by Puppet not able to find the service name. Replaced the service resource with an exec with refresh only attribute. 

The ssh errors were resolved by placing the required attribute on the ACL resource. I think maybe it was executing before some of the files were in place.
Attachment #8588650 - Flags: review?(dustin)
Attachment #8588650 - Flags: review?(dustin)
Attached patch BUG1149726.patchSplinter Review 
Correction: both the ceph and crash token manifests needed conditional language based on OS. Without it, it causes errors on subsequent runs.
Attachment #8588650 - Attachment is obsolete: true
Attachment #8588689 - Flags: review?(dustin)
Comment on attachment 8588650 [details] [diff] [review]
BUG1149726.patch

Review of attachment 8588650 [details] [diff] [review]:
-----------------------------------------------------------------

::: modules/slave_secrets/manifests/google_oauth_api_key.pp
@@ -17,5 @@
> -            $google_oauth_api_key:
> -                content => secret("google_oauth_api_key"),
> -                owner  => $::users::builder::username,
> -                group  => $::users::builder::group,
> -                mode    => 0600,

Oh, I bet this was the problem!
Attachment #8588650 - Flags: review+
Attachment #8588689 - Flags: review?(dustin) → review+
Comment on attachment 8588689 [details] [diff] [review]
BUG1149726.patch

Review of attachment 8588689 [details] [diff] [review]:
-----------------------------------------------------------------

https://hg.mozilla.org/build/puppet/rev/ff8307784556
Attachment #8588689 - Flags: checked-in+
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: