[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Réf. : Re: several questions on running cfengine
|
From: |
paguerlais |
|
Subject: |
Réf. : Re: several questions on running cfengine |
|
Date: |
Wed, 12 Mar 2003 09:45:57 +0100 |
Hi Eva,
I didn't look seriously at the beginning of your thread so I don't remember
very well what have been already said. But a few things bother me in your
cfservd traces :
- your client seems to be named nexus.io.hio.no and the user mark. That's
M. Burgess, isn't it ?
- at the end of the output you can find 'No previous key found, and unable
to accept this one on trust'. This means that your server didn't get the
client cfengine key. Did you put that key on the server, or is there a
TrustKeysFrom line in your cfservd.conf ?
Patrice
help-cfengine-bounces+paguerlais=airfrance.fr@gnu.org@iu.hio.no le
12/03/2003 08:40:29
Envoyé par : Mark.Burgess@iu.hio.no
Pour : hocks@sdsc.edu
cc : help-cfengine@gnu.org
Objet : Re: several questions on running cfengine
Eva - if this is all the output that comes out of cfservd -d2, even when
you
connect to the host then there is something badly wrong. No connection is
even
arriving at the machine. After what you have sent, you should see someting
like this: (my hosts are running IPv6 .. but imagine it says IPv4 there)
Your server claims "address family 0" -- which I think is localhost. It
does not seem to know about IP at all!! Perhaps this is an AIX thing.
Something that needs to be configured? Note that it says below
"bound to address ::". On IPv4 it should say "bound to address 0 or
0.0.0.0".
You don't seem to get that far.
Here is my guess: your system has the new getaddrinfo() calls (see what
configure
tells you) and these have to be specially configured to read the right
results with whatever name service / directory service you are using.
For instance, on solaris, one has to alter nsswitch.conf to make this work.
Any other AIX users have ideas??
Mark
IPV6 address
sockaddr_ntop(::)
Bound to address :: on solaris=7
Listening for connections ...
Checking file updates on /local/iu/cfengine/inputs/cfservd.conf
(3e574eef/3e6ee085)
IPV6 address
sockaddr_ntop(2001:700:700:3:a00:20ff:fe9b:dd4a)
Obtained IP address of 2001:700:700:3:a00:20ff:fe9b:dd4a on socket 6 from
accept
FuzzyItemIn(2001:700:700:3:a00:20ff:fe9b:dd4a)
FuzzyItemIn(2001:700:700:3:a00:20ff:fe9b:dd4a)
Purging Old Connections...
Done purging
FuzzyItemIn(2001:700:700:3:a00:20ff:fe9b:dd4a)
Prepending 2001:700:700:3:a00:20ff:fe9b:dd4a
*** New socket [6]
New connection...(from 2001:700:700:3:a00:20ff:fe9b:dd4a/6)
Spawning new thread...
Checking file updates on /local/iu/cfengine/inputs/cfservd.conf
(3e574eef/3e6ee085)
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 62][]
RecvSocketStream(62)
(Concatenated 62 from stream)
Received: [CAUTH 2001:700:700:3:a00:20ff:fe9b:dd4a nexus.iu.hio.no mark 0]
on socket 6
Connecting host identifies itself as 2001:700:700:3:a00:20ff:fe9b:dd4a
nexus.iu.hio.no mark 0
(ipstring=[2001:700:700:3:a00:20ff:fe9b:dd4a],fqname
=[nexus.iu.hio.no],username=[mark],socket
=[2001:700:700:3:a00:20ff:fe9b:dd4a])
FuzzyItemIn(2001:700:700:3:a00:20ff:fe9b:dd4a)
Socket caller address appears honest (2001:700:700:3:a00:20ff:fe9b:dd4a
matches 2001:700:700:3:a00:20ff:fe9b:dd4a)
cfservd: Socket originates from
2001:700:700:3:a00:20ff:fe9b:dd4a=nexus.iu.hio.no
Attempting to verify honesty by looking up hostname (nexus.iu.hio.no)
Using v6 compatible lookup...
IPV6 address
sockaddr_ntop(2001:700:700:3:a00:20ff:fe9b:dd4a)
CMP: 2001:700:700:3:a00:20ff:fe9b:dd4a 2001:700:700:3:a00:20ff:fe9b:dd4a
IPV6 address
sockaddr_ntop(2001:700:700:3:a00:20ff:fe9b:dd4a)
Found match
IPV4 address
sockaddr_ntop(128.39.89.10)
CMP: 2001:700:700:3:a00:20ff:fe9b:dd4a 128.39.89.10
IPV4 address
sockaddr_ntop(128.39.89.10)
Host ID is nexus.iu.hio.no
User ID seems to be mark
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 280][]
RecvSocketStream(280)
(Concatenated 280 from stream)
Received: [SAUTH y 256 37] on socket 6
Challenge encryption = y, nonce = 37, buf = 256
ChecksumString(m)
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 261][]
RecvSocketStream(261)
(Concatenated 261 from stream)
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 5][]
RecvSocketStream(5)
(Concatenated 5 from stream)
Modulus (2048 bit):
00:c1:b4:1b:46:b0:da:e4:13:81:b8:27:6b:e5:dc:
e1:a8:a6:cc:e3:d3:43:aa:5c:95:71:04:37:8a:61:
5c:05:90:73:d0:4c:2a:ca:c1:29:36:17:27:9a:f4:
70:45:87:a2:30:ec:93:6c:83:34:6f:e2:f5:ce:09:
d8:45:67:68:2b:63:a7:3f:90:96:a0:42:84:a0:b6:
34:6f:0c:80:c9:86:07:87:aa:b3:98:59:ee:51:c4:
60:74:46:9f:a1:46:58:02:49:77:b1:20:c8:ef:37:
11:b1:95:a7:9a:28:93:a5:ed:b5:d6:84:21:ef:7d:
fa:89:cc:6b:35:24:a5:e6:50:ac:81:ae:7e:74:49:
5b:2b:92:4a:67:10:fa:71:da:61:92:65:48:18:55:
af:c7:98:fe:b9:ac:e4:aa:56:b8:fa:a5:e1:10:26:
be:10:f7:5f:1e:64:7b:26:96:0e:3d:48:07:90:4b:
d1:e3:c9:ee:7c:c3:84:df:6a:50:ca:f9:ad:40:fe:
b9:96:44:91:38:fe:4e:5f:84:cc:c1:bf:de:db:85:
9c:94:dd:c7:6b:13:00:8b:8b:80:9d:4a:4b:f9:87:
b4:1a:fd:b2:a0:c5:8c:61:33:f7:b4:17:fe:72:b6:
7c:e9:b3:24:da:16:fa:2b:2e:20:89:19:e1:c5:60:
df:37
Exponent: 35 (0x23)
Havekey(mark-2001:700:700:3:a00:20ff:fe9b:dd4a)
Did not have key mark-2001:700:700:3:a00:20ff:fe9b:dd4a
No previous key found, and unable to accept this one on trust
Transaction Send[t 39][Packed text]
SendSocketStream, sent 47
cfservd: Host authorization/authentication failed or access denied
Transaction Send[t 64][Packed text]
SendSocketStream, sent 72
cfservd: From
(host=nexus.iu.hio.no,user=mark,ip=2001:700:700:3:a00:20ff:fe9b:dd4a)
Terminating thread...
***Closing socket 6 from 2001:700:700:3:a00:20ff:fe9b:dd4a
Deleted item 2001:700:700:3:a00:20ff:fe9b:dd4a
^Ccfservd: Received signal 2 (SIGINT) while doing [cfservd]
cfservd: Logical start time Wed Mar 12 08:23:49 2003
cfservd: This sub-task started really at Wed Mar 12 08:23:49 2003
On 11 Mar, Eva Hocks wrote:
>
>
> On Tue, 11 Mar 2003 Mark.Burgess@iu.hio.no wrote:
>
>>
>> I have to sleep now, but if you send the -d2 output from cfservd I
promise
>> to look at it tomorrow.
>>
>> Mark
>>
>
>
> Mark,
>
> thanks you very much for your patience. I really appriciate the help of
> all of you. Appended the output from the cfservd. I couldn't see anything
> wrong but then I don't know what it should look like.
>
> Thnaks again,
> Eva
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://mail.gnu.org/mailman/listinfo/help-cfengine
----------------
L'acces immediat aux meilleurs tarifs Air France et au billet electronique sur
http://www.airfrance.com
For immediate access to the best Air France fares and to electronic tickets,
visit our website http://www.airfrance.com
----------------
Les donnees et renseignements contenus dans ce message sont personnels,
confidentiels et secrets. Ce message est adresse a l'individu ou l'entite dont
les coordonnees figurent ci-dessus. Si vous n'etes pas le bon destinataire,
nous vous demandons de ne pas lire, copier, utiliser ou divulguer cette
communication. Nous vous prions de notifier cette erreur a l'expediteur et
d'effacer immediatement cette communication de votre systeme.
The information contained in this message is privileged, confidential, and
protected from disclosure. This message is intended for the individual or
entity adressed herein. If you are not the intended recipient, please do not
read, copy, use or disclose this communication to others; also please notify
the sender by replying to this message, and then delete it from your system.
- Réf. : Re: several questions on running cfengine,
paguerlais <=