[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29663 [Internal Services/Services Admin Team]: Deploy /etc/puppet as a role account

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #29663 [Internal Services/Services Admin Team]: Deploy /etc/puppet as a role account
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 04 Apr 2019 21:37:07 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 04 Apr 2019 17:37:17 -0400
In-reply-to: <043.f363bc4615604748c7ffa87399c4d748@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.f363bc4615604748c7ffa87399c4d748@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#29663: Deploy /etc/puppet as a role account
-------------------------------------------------+-------------------------
 Reporter:  ln5                                  |          Owner:  anarcat
     Type:  enhancement                          |         Status:
                                                 |  reopened
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Services Admin     |        Version:
  Team                                           |
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by anarcat):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 this was obviously naive, on hetzner-hel1-01:

 {{{
 Error: /Stage[main]/Ssl/File[/etc/ssl/torproject-
 auto/serverkeys/thishost.key]: Could not evaluate: Could not retrieve file
 metadata for puppet:///modules/ssl/certs/hetzner-
 hel1-01.torproject.org.key: Error 500 on SERVER: Server Error: Permission
 denied @ rb_sysopen -
 /srv/puppet.torproject.org/stages/production/modules/ssl/files/certs
 /hetzner-hel1-01.torproject.org.key
 }}}

 Those files are now:

 {{{
 -rw-rw-r-- 1 root adm  5550 mar 13 16:05 hetzner-
 nbg1-01.torproject.org.crt
 -rw--w---- 1 root adm  1675 mar 13 16:05 hetzner-
 nbg1-01.torproject.org.key
 }}}

 Not sure what the permissions were before, but I'll grant a+r.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29663#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #16585 [Core Tor/Tor]: Long-running activity in scheduler_run() blocks network, creating information leaks
Next by Author: Re: [tor-bugs] #30006 [Applications/Quality Assurance and Testing]: Monitor "aliveness" of default bridges in Tor Browser
Previous by thread: Re: [tor-bugs] #29663 [Internal Services/Services Admin Team]: Deploy /etc/puppet as a role account
Next by thread: Re: [tor-bugs] #29663 [Internal Services/Services Admin Team]: Deploy /etc/puppet as a role account
Index(es):
- Author
- Thread