RE: Can't stat error message

[Eric Levine (CO/EWU)]

Yes!  Changed from

> admit:
>     ${cfrunCommand}     *.${domain}
>     /local/mnt/etc/yp   *.${domain}

to

> admit:
>     /pkg/gnu/cfengine/current/sbin/cfagent     *.my.domain.com
>     /local/mnt/etc/yp                          *.my.domain.com

and it worked.  Thanks!

-eric

-----Original Message-----
From: Mark.Burgess@iu.hio.no [mailto:Mark.Burgess@iu.hio.no]
Sent: Thursday, July 10, 2003 3:30 PM
To: Eric Levine (CO/EWU)
Cc: help-cfengine@gnu.org
Subject: Re: Can't stat error message



Someone pointed out that in 2.0.7 variable expansion does not work in admit:
Replace the vars in admit: with the path and it shuldl be ok

M

On 10 Jul, Eric Levine (CO/EWU) wrote:
> Hi,
> 
> I am running into a problem with copy from a remote host, in which I get the 
> following error message:
> 
> cfengine:coyote: Server returned error:  Host authentication failed. Did you 
> forget the domain name?
> cfengine:coyote: Can't stat /local/mnt/etc/yp/group in copy
> 
> This is on Solaris, cfengine v2.0.7p3, with berkeley-db 4.1.25 and openssl 
> 0.97b compiled in.
> 
> If anyone can offer suggestions on how to fix this, I would appreciate it.
> 
> thanks,
> 
> -eric
> 
> 
> Here is the copy directive for cfagent:
> ---------------------------------------
> copy:
> 
> coyote.Debug::
> 
>     /local/mnt/etc/yp/group
>         dest=/etc/group
>         m=644
>         o=root
>         g=other
>         server=srcHost.${domain}
>         trustkey=true
>         encrypt=false
>         type=checksum
> 
> Here is the cfservd.conf:
> -------------------------
> control:
> 
>     AllowConnectionsFrom            = ( 1.2 )
>     AllowMultipleConnectionsFrom    = ( 1.2 )
>     AllowUsers                      = ( usr1 usr2 usr3 root )
> ### DenyBadClocks                   = ( false )
>     IfElapsed                       = ( 30 )
>     LogAllConnections               = ( true )
>     TrustKeysFrom                   = ( 1.2 )
>     cfrunCommand                    = ( 
> "/pkg/gnu/cfengine/current/sbin/cfagent" )
>     domain                          = ( my.domain.com )
> 
> groups:
> 
> import:
> 
> admit:
> 
>     ${cfrunCommand}     *.${domain}     # Specify who can execute cfagent 
> remotely
>     /local/mnt/etc/yp   *.${domain}     # Specify who can access this 
> directory
> 
> deny:
> 
> 
> I ran cfservd with the '-v -d2' args on srcHost and saw the following:
> ...
> cfservd: Strongly authentication of client coyote.bo.us.am.ericsson.se/1.2.3.4
> RecvSocketStream(8)
>     (Concatenated 8 from stream)
> Transaction Receive [t 16][]
> RecvSocketStream(16)
>     (Concatenated 16 from stream)
> Got a session key...
> RecvSocketStream(8)
>     (Concatenated 8 from stream)
> Transaction Receive [t 45][]
> RecvSocketStream(45)
>     (Concatenated 45 from stream)
> Received: [SYNCH 1057861616 STAT /local/mnt/etc/yp/group] on socket 6
> AccessControl(/local/mnt/etc/yp/group)
> AccessControl(/local/mnt/etc/yp/group,coyote.bo.us.am.ericsson.se) encrypt 
> request=1
> cfservd: Host coyote.bo.us.am.ericsson.se denied access to 
> /local/mnt/etc/yp/group
> cfservd: Host authorization/authentication failed or access denied
> Transaction Send[t 64][Packed text]
> SendSocketStream, sent 72
> cfservd: From (host=coyote.my.domain.com,user=root,ip=1.2.3.4)
> RecvSocketStream(8)
> Transmission empty...
> Transaction Receive [][]
> RecvSocketStream(0)
> cfservd terminating NULL transmission!
> Terminating thread...
> ***Closing socket 6 from 1.2.3.4
> Deleted item 1.2.3.4
> 
> 
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://mail.gnu.org/mailman/listinfo/help-cfengine



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  Mark.Burgess@iu.hio.no
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~