help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hung cfservd


From: Wipf, Stefan
Subject: Re: hung cfservd
Date: Wed, 29 Jan 2003 13:51:01 -0600

sorry I should know better:

version 2.0.5pre2

address@hidden wrote:
> 
> Version, version, version????
> 
> Upgrade, upgrade, upgrade...!!
> 
> :)
> 
> M
> 
> On 29 Jan, Wipf, Stefan wrote:
> > We observed that when cfengine connects to cfservd to
> > copy files using an old or incorrect public key for the
> > cfservd server, cfservd freezes and all further cfengine
> > processes connecting to this cfservd instance hang
> > indefinitely even if they use the correct public key.
> >
> > has anybody come across this before?
> >
> > platform: solaris 2.6
> >
> > cfservd.conf:
> >   control:
> >        domain                = ( htc.com )
> >        AllowConnectionsFrom  = ( 139.172.0.0/16 )
> >        AllowUsers            = ( root )
> >
> >   admit:
> >       /some_directory   *.htc.com
> >
> > output from cfagent (on macbeth) using an old public key:
> >  BAD: Host authentication failed. Did you forget the domain name?
> >  Authentication dialogue with neutron.htc.com failed
> >  Unable to establish connection with neutron.htc.com
> >
> > from cfservd --debug:
> >  ...
> >  Canonical name matched host's assertion - id confirmed as
> > macbeth.htc.com
> >  Checking address number 0 for non-canonical names (aliases)
> >  Reverse lookup succeeded
> >  Host ID is macbeth.htc.com
> >  User ID seems to be root
> >  RecvSocketStream(8)
> >     (Concatenated 8 from stream)
> >  Transaction Receive [t 280][]
> >  RecvSocketStream(280)
> >     (Concatenated 280 from stream)
> >  Received: [SAUTH y 256 37] on socket 6
> >  Challenge encryption = y, nonce = 37, buf = 256
> >  neutron.htc.com: Private decrypt failed = block type is not 02
> >  neutron.htc.com: Host authorization/authentication failed or access
> > denied
> >  Transaction Send[t 64][Packed text]
> >  SendSocketStream, sent 72
> >  neutron.htc.com: From (host=macbeth.htc.com,user=root,ip=139.172.44.10)
> >  Terminating thread...
> >  ***Closing socket 6 from 139.172.44.10
> >  Deleted item 139.172.44.10
> > # here comes the next client
> >  IPV4 address
> >  sockaddr_ntop(139.172.44.3)
> >  Obtained IP address of 139.172.44.3 on socket 6 from accept
> >  FuzzyItemIn(139.172.44.3)
> >  Purging Old Connections...
> >  Done purging
> >  FuzzyItemIn(139.172.44.3)
> >  Prepending 139.172.44.3
> > # never to return again
> >
> >
> >
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Work: +47 22453272            Email:  address@hidden
> Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-- 
Stefan Wipf
address@hidden
voice: (312) 697-2540
fax:   (312) 697-2785




reply via email to

[Prev in Thread] Current Thread [Next in Thread]