help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Again CFRUN auth probs


From: Mark . Burgess
Subject: Re: Again CFRUN auth probs
Date: Thu, 21 Feb 2002 10:30:51 +0100 (MET)

Very strange! My guess would be whereever you defined CFINPUTS
to look in /etc/cfengine ...

M


On 21 Feb, Daniel Riek wrote:
> Hi,
> 
> I have cfengine 2.0.b2 up and running so far for the client side. This 
> means, that running cfagent on my hosts produces the expected results with
> public key authentication and encryption (I had no time to do my extensive
> copying test yet with encryption, but the encrypted transfer of sensitive
> data and the unencrypted sw-distribution works very well :-). But I have
> the problem, that cfrun produces the following error message:
> 
> Unable to open cfrun.hosts
> 
> Same with -f.
> 
> Doing a strace show the following:
> open("^A/etc/cfengine/cfrun.hosts", O_RDONLY) = -1 ENOENT (No such file or 
> directory)
> 
> So the "^A" seems to be the problem. - I did not find out that fast, where it
> gets in - no obvious source (could it be my environment?). But when I modify
> the fopen in cfrun.c to a hard coded file-name it runs but I get the 
> following:
> 
> cfrun(0):         .......... [ Hailing www1.mydomain ] ..........
>  Host authentication failed. Did you forget the domain 
> name?cfrun:struct1.mydomain: Couldn't recv
>  cfrun:struct1.mydomain: recv: Connection reset by peer
> 
> I am on the server struct1.mydomain and my cfrun.hosts looks like this:
> 
> #
> domain=mydomain
> #
> access=root,riek
> #
> www1.mydomain
> #
> 
> My cfservd.conf looks like this:
> 
> control:
> 
> domain = ( mydomain )
> 
> any::
> 
>  ChecksumDatabase = ( /tmp/testDATABASEcache )
>  IfElapsed = ( 1 )
>  MaxConnections = ( 10 )
> 
>  AllowConnectionsFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
> 
>  TrustKeysFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
> 
>  AllowUsers = ( root )
> 
> #########################################################
> 
>  admit:   # or grant:
>      any::
>       /usr/sbin/cfagent    *.mydomain
>       /etc/cfengine        *.mydomain
>       /var/lib/cfengine    *.mydomain
>       /var/cfengine        *.mydomain
> 
> 
> struct1 is 192.168.13.21
> www1 is 192.168.13.41
> 
> Important to say could be, that struct1 has a virtual interface       
> with 192.168.13.20 an the name struct.mydomain - this will be
> handled by heartbeat in a failover config...
> 
> And really: running cfagent on www1 works fine with pubkeys, etc.
> 
> Any ideas? - Am I blind to see the reason or is there a problem????
> 
> 
> Regards,
> 
> Daniel



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  address@hidden
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





reply via email to

[Prev in Thread] Current Thread [Next in Thread]