[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Again CFRUN auth probs
From: |
Mark . Burgess |
Subject: |
Re: Again CFRUN auth probs |
Date: |
Thu, 21 Feb 2002 10:30:51 +0100 (MET) |
Very strange! My guess would be whereever you defined CFINPUTS
to look in /etc/cfengine ...
M
On 21 Feb, Daniel Riek wrote:
> Hi,
>
> I have cfengine 2.0.b2 up and running so far for the client side. This
> means, that running cfagent on my hosts produces the expected results with
> public key authentication and encryption (I had no time to do my extensive
> copying test yet with encryption, but the encrypted transfer of sensitive
> data and the unencrypted sw-distribution works very well :-). But I have
> the problem, that cfrun produces the following error message:
>
> Unable to open cfrun.hosts
>
> Same with -f.
>
> Doing a strace show the following:
> open("^A/etc/cfengine/cfrun.hosts", O_RDONLY) = -1 ENOENT (No such file or
> directory)
>
> So the "^A" seems to be the problem. - I did not find out that fast, where it
> gets in - no obvious source (could it be my environment?). But when I modify
> the fopen in cfrun.c to a hard coded file-name it runs but I get the
> following:
>
> cfrun(0): .......... [ Hailing www1.mydomain ] ..........
> Host authentication failed. Did you forget the domain
> name?cfrun:struct1.mydomain: Couldn't recv
> cfrun:struct1.mydomain: recv: Connection reset by peer
>
> I am on the server struct1.mydomain and my cfrun.hosts looks like this:
>
> #
> domain=mydomain
> #
> access=root,riek
> #
> www1.mydomain
> #
>
> My cfservd.conf looks like this:
>
> control:
>
> domain = ( mydomain )
>
> any::
>
> ChecksumDatabase = ( /tmp/testDATABASEcache )
> IfElapsed = ( 1 )
> MaxConnections = ( 10 )
>
> AllowConnectionsFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
>
> TrustKeysFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
>
> AllowUsers = ( root )
>
> #########################################################
>
> admit: # or grant:
> any::
> /usr/sbin/cfagent *.mydomain
> /etc/cfengine *.mydomain
> /var/lib/cfengine *.mydomain
> /var/cfengine *.mydomain
>
>
> struct1 is 192.168.13.21
> www1 is 192.168.13.41
>
> Important to say could be, that struct1 has a virtual interface
> with 192.168.13.20 an the name struct.mydomain - this will be
> handled by heartbeat in a failover config...
>
> And really: running cfagent on www1 works fine with pubkeys, etc.
>
> Any ideas? - Am I blind to see the reason or is there a problem????
>
>
> Regards,
>
> Daniel
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~