Re: hung cfservd

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hung cfservd

From:	Brian E. Seppanen
Subject:	Re: hung cfservd
Date:	Wed, 29 Jan 2003 14:42:36 -0500 (EST)

Yes.   I've had the same issue.    

I've deleted the keys before, and I just deleted the keys again to see if 
that will fix it.   In my situation killing cfservd and then restarting it 
seems to work.   It works for one update, then I have to kill cfservd 
again, because it will hang on the second update.   I posted to the list 
yesterday about the same problem.

I'm seeing the problem on several redhat linux 7.2, and 7.3 boxes. 




On Wed, 29 Jan 2003, Wipf, Stefan wrote:

> We observed that when cfengine connects to cfservd to
> copy files using an old or incorrect public key for the
> cfservd server, cfservd freezes and all further cfengine
> processes connecting to this cfservd instance hang
> indefinitely even if they use the correct public key.
> 
> has anybody come across this before?
> 
> platform: solaris 2.6
> 
> cfservd.conf:
>   control:  
>        domain                = ( htc.com )
>        AllowConnectionsFrom  = ( 139.172.0.0/16 )
>        AllowUsers            = ( root )
> 
>   admit:
>       /some_directory   *.htc.com
> 
> output from cfagent (on macbeth) using an old public key:
>  BAD: Host authentication failed. Did you forget the domain name?
>  Authentication dialogue with neutron.htc.com failed
>  Unable to establish connection with neutron.htc.com
> 
> from cfservd --debug:
>  ...
>  Canonical name matched host's assertion - id confirmed as
> macbeth.htc.com
>  Checking address number 0 for non-canonical names (aliases)
>  Reverse lookup succeeded
>  Host ID is macbeth.htc.com
>  User ID seems to be root
>  RecvSocketStream(8)
>     (Concatenated 8 from stream)
>  Transaction Receive [t 280][]
>  RecvSocketStream(280)
>     (Concatenated 280 from stream)
>  Received: [SAUTH y 256 37] on socket 6
>  Challenge encryption = y, nonce = 37, buf = 256
>  neutron.htc.com: Private decrypt failed = block type is not 02
>  neutron.htc.com: Host authorization/authentication failed or access
> denied
>  Transaction Send[t 64][Packed text]
>  SendSocketStream, sent 72
>  neutron.htc.com: From (host=macbeth.htc.com,user=root,ip=139.172.44.10)
>  Terminating thread...
>  ***Closing socket 6 from 139.172.44.10
>  Deleted item 139.172.44.10
> # here comes the next client
>  IPV4 address
>  sockaddr_ntop(139.172.44.3)
>  Obtained IP address of 139.172.44.3 on socket 6 from accept
>  FuzzyItemIn(139.172.44.3)
>  Purging Old Connections...
>  Done purging
>  FuzzyItemIn(139.172.44.3)
>  Prepending 139.172.44.3
> # never to return again
> 
> 
> 
> 

Brian Seppanen
seppy@chartermi.net
906-228-4226 ext 23

[Prev in Thread]

Current Thread

[Next in Thread]

hung cfservd, Wipf, Stefan, 2003/01/29
- Re: hung cfservd, Mark . Burgess, 2003/01/29
  - Re: hung cfservd, Wipf, Stefan, 2003/01/29
    - Re: hung cfservd, Mark . Burgess, 2003/01/29
    - Re: hung cfservd, Wipf, Stefan, 2003/01/29
    - Re: hung cfservd, Mark . Burgess, 2003/01/29
    - Re: hung cfservd, Wipf, Stefan, 2003/01/29
    - Re: hung cfservd, Mark . Burgess, 2003/01/29
    - Re: hung cfservd, Wipf, Stefan, 2003/01/29
    - Re: hung cfservd, Mark Burgess, 2003/01/30
- Re: hung cfservd, Brian E. Seppanen <=

Prev by Date: Re: hung cfservd
Next by Date: Re: hung cfservd
Previous by thread: Re: hung cfservd
Next by thread: editfiles AutoCreate options
Index(es):
- Date
- Thread