I’m relatively new to chef, so I hope I’m not asking a silly question, but
I can’t seem to find any information relating to my problem anywhere else.
I’ve bootstrapped some Centos 6 nodes sucessfully, both using the rbel
yum/rpm method which yields a chef-client of version 10.6 and
(alternatively) using gems which yields a chef-client of version 10.14.4.
The nodes communicate just fine with my chef-server (10.8 running on Ubuntu
11.10), but I’m seeing some behavior I can’t explain when I use templates.
I have a custom recipe that, for example, replaces /etc/sshd_config with a
template in order to change the location of the authorized_keys file. The
recipe also creates the authorized_keys file (at /etc/ssh/publicSSHkeys)
and ensures it’s there. Permissions on the files are correct, and set in
the recipe. The files are created successfully by the recipe.
However, when I restart the sshd service (either from the recipe, or from
the command line on the server itself) I get an error. Specifically,
“Starting sshd: /etc/ssh/sshd_config: Permission denied [FAILED]”. At first
I thought this may be related to the permissions on the file itself, but
those are set properly, to 600 just like the file that was created by yum
when the openssh-server package was initially installed.
It seems, for some reason, that existing files which are overwritten by
chef templates in recipes can’t then be found by the system.
The same sort of problem occurs when I use a chef recipe to install nrpe
and overwrite /etc/nrpe.cfg with a template.
The oddest part is that the exact same recipe works properly in Ubuntu
11.10/12.04, templates overwrite the conf files on the node, and the
services (sshd, nrpe) start fine.
I’ve been racking my brain about this for some time now, and
google/documentation/knowledge base haven’t provided an answer, but I must
be missing something.
Anyone have any ideas?
Charles J. Burns