help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

host authentication works but fails


From: Kurt Lieber
Subject: host authentication works but fails
Date: Thu, 13 Nov 2003 15:01:20 -0500
User-agent: Mutt/1.5.4i

I'm trying to do a simple file copy using the following code:

--------------------------------------------------------------
copy:
  _rmbinaries.any::

     $(rm_master_dir)/bin/          dest=$(rm_work_dir)/bin/
                                    mode=755
                                    include=*
                                    repository=$(rm_backup_dir)/bin/
                                    backup=timestamp
                                    owner=root
                                    group=root
                                    recurse=inf
                                    type=checksum
                                    server=$(gold)
                                    verify=true
--------------------------------------------------------------

What's puzzling is first the server says that the client was authenticated, but
not allowed access to that directory: 

--------------------------------------------------------------
The public key identity was confirmed as address@hidden
[snip]
cfservd: Strongly authentication of client 10.0.2.1/10.0.2.1
[snip]
Got a session key...
[snip]
Received: [SYNCH 1068735334 STAT /opt/rightmedia/master/bin/] on socket 5
AccessControl(/opt/rightmedia/master/bin/)
AccessControl(/opt/rightmedia/master/bin,10.0.2.1) encrypt request=1
cfservd: Host 10.0.2.1 denied access to /opt/rightmedia/master/bin
cfservd: Host authorization/authentication failed or access denied
--------------------------------------------------------------


cfservd.conf explicitly allows access to that directory:

--------------------------------
control:
        domain = ( mydomain.com )
        AllowUsers = ( root )
        cfrunCommand = ( "/var/cfengine/bin/cfagent" )
        IfElapsed = ( 0 )
        MaxConnections = ( 15 )
        TrustKeysFrom = ( 10.0.15.0/20 )

admit:
    /opt/cfengine/repository/           *
    /opt/cfengine/configuration/        *
    /var/cfengine/bin/cfagent           *
    /opt/rightmedia/master/bin/         *
---------------------------------


Any ideas?

--kurt

Attachment: pgp9ucpz2d_J2.pgp
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]