1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1109161: Compiling crashes when providers are needed, after a puppe

    From Thomas Goirand@21:1/5 to All on Sat Jul 12 21:30:02 2025
    Source: puppetserver
    Version: 8.7.0-5
    Severity: important

    Hi,

    Steps to reproduce. Here's the config in the master:

    root@zigo-puppet-master:~# cat /etc/puppet/puppet.conf
    [master]
    # Tell what type of ENC
    #node_terminus = exec

    # Path to enc
    #external_nodes = /usr/bin/oci-puppet-external-node-classifier

    # Path to standard hiera config
    hiera_config = /etc/puppet/hiera.yaml

    top_level_facts_soft_limit = 8192

    [main]
    #puppet master address
    server = zigo-puppet-master

    root@zigo-puppet-master:~# cat /etc/puppet/code/environments/production/manifests/site.pp
    node /.*/ {
    firewall {'102 allow all for 10.0.0.0/24':
    proto => tcp,
    jump => accept,
    source => '10.0.0.0/24',
    }
    }

    In the slave node:

    root@zigo-puppet-slave:~# cat /etc/puppet/puppet.conf
    # This file can be used to override the default puppet settings.
    # See the following links for more details on what settings are available:
    # - https://puppet.com/docs/puppet/latest/config_important_settings.html
    # - https://puppet.com/docs/puppet/latest/config_about_settings.html
    # - https://puppet.com/docs/puppet/latest/config_file_main.html
    # - https://puppet.com/docs/puppet/latest/configuration.html

    [main]
    server = zigo-puppet-master

    ssldir = /var/lib/puppet/ssl/ca

    [master]
    vardir = /var/lib/puppet
    cadir = /var/lib/puppet/ssl/ca
    dns_alt_names = puppet

    Then after a "puppetserver reload", the server crashes the slave doing (rewrapped so it is easier to read):

    Error: Could not retrieve catalog from remote server:
    Error 500 on SERVER: Server Error: Evaluation Error:
    Error while evaluating a Resource Statement,
    Could not autoload puppet/type/firewall:
    Could not autoload puppet/provider/firewall/firewall:
    no such file to load -- puppet_x/puppetlabs/firewall/ipcidr
    (file: /etc/puppet/code/environments/production/manifests/site.pp,
    line: 2, column: 3) on node zigo-puppet-slave

    Lavamind, I can add your ssh key to both the master and salve,
    so you can try by yourself.

    Cheers,

    Thomas Goirand (zigo)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?B?SsOpcsO0bWUgQ2hhcmFvdWk=?@21:1/5 to All on Sun Jul 13 18:40:01 2025
    severity -1 serious
    reassign -1 puppet-module-puppetlabs-firewall
    thanks

    Thanks for the report.

    This bug is caused by a defect in the firewall module, which was fixed
    by upstream in a later version, so I'm reassigning the report to that
    package.

    Also marking this as RC since installing and using the module is
    breaking puppetserver in a serious way.

    -- Jérôme


    Le 2025-07-12 à 21 h 20, Thomas Goirand a écrit :
    Source: puppetserver
    Version: 8.7.0-5
    Severity: important

    Hi,

    Steps to reproduce. Here's the config in the master:

    root@zigo-puppet-master:~# cat /etc/puppet/puppet.conf
    [master]
    # Tell what type of ENC
    #node_terminus = exec

    # Path to enc
    #external_nodes = /usr/bin/oci-puppet-external-node-classifier

    # Path to standard hiera config
    hiera_config = /etc/puppet/hiera.yaml

    top_level_facts_soft_limit = 8192

    [main]
    #puppet master address
    server = zigo-puppet-master

    root@zigo-puppet-master:~# cat /etc/puppet/code/environments/production/manifests/site.pp
    node /.*/ {
    firewall {'102 allow all for 10.0.0.0/24':
    proto => tcp,
    jump => accept,
    source => '10.0.0.0/24',
    }
    }

    In the slave node:

    root@zigo-puppet-slave:~# cat /etc/puppet/puppet.conf
    # This file can be used to override the default puppet settings.
    # See the following links for more details on what settings are available:
    # - https://puppet.com/docs/puppet/latest/config_important_settings.html
    # - https://puppet.com/docs/puppet/latest/config_about_settings.html
    # - https://puppet.com/docs/puppet/latest/config_file_main.html
    # - https://puppet.com/docs/puppet/latest/configuration.html

    [main]
    server = zigo-puppet-master

    ssldir = /var/lib/puppet/ssl/ca

    [master]
    vardir = /var/lib/puppet
    cadir = /var/lib/puppet/ssl/ca
    dns_alt_names = puppet

    Then after a "puppetserver reload", the server crashes the slave doing (rewrapped so it is easier to read):

    Error: Could not retrieve catalog from remote server:
    Error 500 on SERVER: Server Error: Evaluation Error:
    Error while evaluating a Resource Statement,
    Could not autoload puppet/type/firewall:
    Could not autoload puppet/provider/firewall/firewall:
    no such file to load -- puppet_x/puppetlabs/firewall/ipcidr
    (file: /etc/puppet/code/environments/production/manifests/site.pp,
    line: 2, column: 3) on node zigo-puppet-slave

    Lavamind, I can add your ssh key to both the master and salve,
    so you can try by yourself.

    Cheers,

    Thomas Goirand (zigo)


    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)