[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Can't stat error message
From: |
Eric Levine (CO/EWU) |
Subject: |
RE: Can't stat error message |
Date: |
Thu, 10 Jul 2003 16:56:05 -0500 |
Yes! Changed from
> admit:
> ${cfrunCommand} *.${domain}
> /local/mnt/etc/yp *.${domain}
to
> admit:
> /pkg/gnu/cfengine/current/sbin/cfagent *.my.domain.com
> /local/mnt/etc/yp *.my.domain.com
and it worked. Thanks!
-eric
-----Original Message-----
From: Mark.Burgess@iu.hio.no [mailto:Mark.Burgess@iu.hio.no]
Sent: Thursday, July 10, 2003 3:30 PM
To: Eric Levine (CO/EWU)
Cc: help-cfengine@gnu.org
Subject: Re: Can't stat error message
Someone pointed out that in 2.0.7 variable expansion does not work in admit:
Replace the vars in admit: with the path and it shuldl be ok
M
On 10 Jul, Eric Levine (CO/EWU) wrote:
> Hi,
>
> I am running into a problem with copy from a remote host, in which I get the
> following error message:
>
> cfengine:coyote: Server returned error: Host authentication failed. Did you
> forget the domain name?
> cfengine:coyote: Can't stat /local/mnt/etc/yp/group in copy
>
> This is on Solaris, cfengine v2.0.7p3, with berkeley-db 4.1.25 and openssl
> 0.97b compiled in.
>
> If anyone can offer suggestions on how to fix this, I would appreciate it.
>
> thanks,
>
> -eric
>
>
> Here is the copy directive for cfagent:
> ---------------------------------------
> copy:
>
> coyote.Debug::
>
> /local/mnt/etc/yp/group
> dest=/etc/group
> m=644
> o=root
> g=other
> server=srcHost.${domain}
> trustkey=true
> encrypt=false
> type=checksum
>
> Here is the cfservd.conf:
> -------------------------
> control:
>
> AllowConnectionsFrom = ( 1.2 )
> AllowMultipleConnectionsFrom = ( 1.2 )
> AllowUsers = ( usr1 usr2 usr3 root )
> ### DenyBadClocks = ( false )
> IfElapsed = ( 30 )
> LogAllConnections = ( true )
> TrustKeysFrom = ( 1.2 )
> cfrunCommand = (
> "/pkg/gnu/cfengine/current/sbin/cfagent" )
> domain = ( my.domain.com )
>
> groups:
>
> import:
>
> admit:
>
> ${cfrunCommand} *.${domain} # Specify who can execute cfagent
> remotely
> /local/mnt/etc/yp *.${domain} # Specify who can access this
> directory
>
> deny:
>
>
> I ran cfservd with the '-v -d2' args on srcHost and saw the following:
> ...
> cfservd: Strongly authentication of client coyote.bo.us.am.ericsson.se/1.2.3.4
> RecvSocketStream(8)
> (Concatenated 8 from stream)
> Transaction Receive [t 16][]
> RecvSocketStream(16)
> (Concatenated 16 from stream)
> Got a session key...
> RecvSocketStream(8)
> (Concatenated 8 from stream)
> Transaction Receive [t 45][]
> RecvSocketStream(45)
> (Concatenated 45 from stream)
> Received: [SYNCH 1057861616 STAT /local/mnt/etc/yp/group] on socket 6
> AccessControl(/local/mnt/etc/yp/group)
> AccessControl(/local/mnt/etc/yp/group,coyote.bo.us.am.ericsson.se) encrypt
> request=1
> cfservd: Host coyote.bo.us.am.ericsson.se denied access to
> /local/mnt/etc/yp/group
> cfservd: Host authorization/authentication failed or access denied
> Transaction Send[t 64][Packed text]
> SendSocketStream, sent 72
> cfservd: From (host=coyote.my.domain.com,user=root,ip=1.2.3.4)
> RecvSocketStream(8)
> Transmission empty...
> Transaction Receive [][]
> RecvSocketStream(0)
> cfservd terminating NULL transmission!
> Terminating thread...
> ***Closing socket 6 from 1.2.3.4
> Deleted item 1.2.3.4
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://mail.gnu.org/mailman/listinfo/help-cfengine
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~