[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Again CFRUN auth probs
|
From: |
Daniel Riek |
|
Subject: |
Re: Again CFRUN auth probs |
|
Date: |
Mon, 25 Feb 2002 11:56:37 +0100 |
|
User-agent: |
Mutt/1.3.25i |
Hi Mark,
I did a unset CFINPUTS befor testing... Now I added the line
bzero(filename,bufsize);
in void ReadCfrunConf() after the variable declarations and now I
do noat get the error anymore...
Still I have the authentication problem. - Do you (or anybody else here)
have any hint for me? - I am really quite sure, that I configured the
Trustkey-stuff correctly, as the cfagent work very well on the individual
machines...
Regards,
Daniel
On Thu, Feb 21, 2002 at 10:30:51AM +0100, Mark.Burgess@iu.hio.no wrote:
>
> Very strange! My guess would be whereever you defined CFINPUTS
> to look in /etc/cfengine ...
>
> M
>
>
> On 21 Feb, Daniel Riek wrote:
> > Hi,
> >
> > I have cfengine 2.0.b2 up and running so far for the client side. This
> > means, that running cfagent on my hosts produces the expected results with
> > public key authentication and encryption (I had no time to do my extensive
> > copying test yet with encryption, but the encrypted transfer of sensitive
> > data and the unencrypted sw-distribution works very well :-). But I have
> > the problem, that cfrun produces the following error message:
> >
> > Unable to open cfrun.hosts
> >
> > Same with -f.
> >
> > Doing a strace show the following:
> > open("^A/etc/cfengine/cfrun.hosts", O_RDONLY) = -1 ENOENT (No such file or
> > directory)
> >
> > So the "^A" seems to be the problem. - I did not find out that fast, where
> > it
> > gets in - no obvious source (could it be my environment?). But when I modify
> > the fopen in cfrun.c to a hard coded file-name it runs but I get the
> > following:
> >
> > cfrun(0): .......... [ Hailing www1.mydomain ] ..........
> > Host authentication failed. Did you forget the domain
> > name?cfrun:struct1.mydomain: Couldn't recv
> > cfrun:struct1.mydomain: recv: Connection reset by peer
> >
> > I am on the server struct1.mydomain and my cfrun.hosts looks like this:
> >
> > #
> > domain=mydomain
> > #
> > access=root,riek
> > #
> > www1.mydomain
> > #
> >
> > My cfservd.conf looks like this:
> >
> > control:
> >
> > domain = ( mydomain )
> >
> > any::
> >
> > ChecksumDatabase = ( /tmp/testDATABASEcache )
> > IfElapsed = ( 1 )
> > MaxConnections = ( 10 )
> >
> > AllowConnectionsFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
> >
> > TrustKeysFrom = ( 192.168.13.20 192.168.13.21 192.168.13.41 )
> >
> > AllowUsers = ( root )
> >
> > #########################################################
> >
> > admit: # or grant:
> > any::
> > /usr/sbin/cfagent *.mydomain
> > /etc/cfengine *.mydomain
> > /var/lib/cfengine *.mydomain
> > /var/cfengine *.mydomain
> >
> >
> > struct1 is 192.168.13.21
> > www1 is 192.168.13.41
> >
> > Important to say could be, that struct1 has a virtual interface
> > with 192.168.13.20 an the name struct.mydomain - this will be
> > handled by heartbeat in a failover config...
> >
> > And really: running cfagent on www1 works fine with pubkeys, etc.
> >
> > Any ideas? - Am I blind to see the reason or is there a problem????
> >
> >
> > Regards,
> >
> > Daniel
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
> Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://mail.gnu.org/mailman/listinfo/help-cfengine
>
--
Daniel Riek <riek@de.alcove.com> - http://www.alcove.com/de/
* Technical Manager - Tel.: +49 (0)22 28 / 9 33-2 50
* ALCOVE Deutschland GmbH - Fax: +49 (0)22 28 / 9 33-2 55
* Liberating Software - Mobil: +49 (0)1 71 / 2 80 08 79
pgp61mlPRX6y_.pgp
Description: PGP signature