[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Again CFRUN auth probs
From: |
Daniel Riek |
Subject: |
Again CFRUN auth probs |
Date: |
Thu, 21 Feb 2002 10:20:34 +0100 |
User-agent: |
Mutt/1.3.25i |
Hi,
I have cfengine 2.0.b2 up and running so far for the client side. This
means, that running cfagent on my hosts produces the expected results with
public key authentication and encryption (I had no time to do my extensive
copying test yet with encryption, but the encrypted transfer of sensitive
data and the unencrypted sw-distribution works very well :-). But I have
the problem, that cfrun produces the following error message:
Unable to open cfrun.hosts
Same with -f.
Doing a strace show the following:
open("^A/etc/cfengine/cfrun.hosts", O_RDONLY) = -1 ENOENT (No such file or
directory)
So the "^A" seems to be the problem. - I did not find out that fast, where it
gets in - no obvious source (could it be my environment?). But when I modify
the fopen in cfrun.c to a hard coded file-name it runs but I get the following:
cfrun(0): .......... [ Hailing www1.mydomain ] ..........
Host authentication failed. Did you forget the domain
name?cfrun:struct1.mydomain: Couldn't recv
cfrun:struct1.mydomain: recv: Connection reset by peer
I am on the server struct1.mydomain and my cfrun.hosts looks like this:
#
domain=mydomain
#
access=root,riek
#
www1.mydomain
#
My cfservd.conf looks like this:
control:
domain = ( mydomain )
any::
ChecksumDatabase = ( /tmp/testDATABASEcache )
IfElapsed = ( 1 )
MaxConnections = ( 10 )
AllowConnectionsFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
TrustKeysFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
AllowUsers = ( root )
#########################################################
admit: # or grant:
any::
/usr/sbin/cfagent *.mydomain
/etc/cfengine *.mydomain
/var/lib/cfengine *.mydomain
/var/cfengine *.mydomain
struct1 is 192.168.13.21
www1 is 192.168.13.41
Important to say could be, that struct1 has a virtual interface
with 192.168.13.20 an the name struct.mydomain - this will be
handled by heartbeat in a failover config...
And really: running cfagent on www1 works fine with pubkeys, etc.
Any ideas? - Am I blind to see the reason or is there a problem????
Regards,
Daniel
--
Daniel Riek <riek@de.alcove.com> - http://www.alcove.com/de/
* Technical Manager - Tel.: +49 (0)22 28 / 9 33-2 50
* ALCOVE Deutschland GmbH - Fax: +49 (0)22 28 / 9 33-2 55
* Liberating Software - Mobil: +49 (0)1 71 / 2 80 08 79
pgpRETmWEvzP5.pgp
Description: PGP signature
- Again CFRUN auth probs,
Daniel Riek <=