Where does dependency User[root] (has failures) arise in Puppet manifest

Question

The following Puppet manifest is meant for installing a binary and a systemd service description file, for starting the binary as a service, and for restarting the service when either the binary or the service description changes.

class my_module::my_service {

  file { '/usr/local/bin/my_service':
    notify => Service['my_service'],
    owner  => root,
    group  => root,
    mode   => '500',
    ensure => present,
    source => 'puppet:///modules/my_module/my_service',
  }

  file { '/lib/systemd/system/my_service.service':
    notify => Service['my_service'],
    owner  => root,
    group  => root,
    mode   => '400',
    ensure => present,
    source => 'puppet:///modules/my_module/my_service.service',
  }

  service { 'my_service':
    require  => [ File['/usr/local/bin/my_service'],
                  File['/lib/systemd/system/my_service.service'] ],
    enable   => true,
    ensure   => running,
    provider => systemd,
  }
}

When I try to apply it, I receive the following error messages:

Warning: /Stage[main]/My_module::My_service/File[/usr/local/bin/my_service]: 
Skipping because of failed dependencies
Notice: /Stage[main]/My_module::My_service/File[/lib/systemd/system/my_service.service]: 
Dependency User[root] has failures: true
Warning: /Stage[main]/My_module::My_service/File[/lib/systemd/system/my_service.service]: 
Skipping because of failed dependencies
Notice: /Stage[main]/My_module::My_service/Service[my_service]: 
Dependency User[root] has failures: true
Warning: /Stage[main]/My_module::My_service/Service[my_service]: 
Skipping because of failed dependencies

Where does the dependency on User[root] arise in this manifest and how can I resolve the resulting problem? (It seems to me that even if the files' citations of root caused an implicit dependency on User[root] this special user should already exist in any case.)

score 0 · Answer 1 · edited Sep 04 '17 at 18:28

0

You cannot really avoid such implicit relationships. Your catalog tries to manage the root user, and if that fails, Puppet will refuse to touch dependent resources.

You should either find out why the User[root] resource fails in the first place (this is a major red flag, certainly), or if possible, stop managing that resource (it's usually indeed pointless to manage this very account).

edited Sep 04 '17 at 18:28

gxx

5,483
2
21
42

answered Sep 04 '17 at 15:30

um-FelixFrank

1

What do you mean by the catalog failing to manage the root user? – rookie09 Sep 05 '17 at 09:27
@rookie09 Puppet runs into an error with a given resource (according to your answer, it was a permissions issue), so it marks it as failed. This state is not negotiable. – um-FelixFrank Sep 08 '17 at 09:33

rookie09 · Accepted Answer · 2017-09-06T06:14:53.010

0

The root cause was that I ran puppet agent -f from an unprivileged account. Adding sudo solved this problem.

edited Sep 06 '17 at 06:14

answered Sep 05 '17 at 11:31

rookie09

573
1
5
14

Where does dependency User[root] (has failures) arise in Puppet manifest

2 Answers2