[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: master server confusion
From: |
jptxs |
Subject: |
Re: master server confusion |
Date: |
25 Jan 2004 05:56:09 -0800 |
I realized I sent a private reply. I wanted to say for the benefit of
the group that this was the problem. I did have all the right
directories in the admit section, but I had them in the form:
( /etc/cfengine/masters /usr/local/this /that/too /etc/etc )
When I changed the section to list one directory per line (as
suggested below) it worked fine.
Thanks to all.
"W. Ryan Merrick" <wrmine@heronetwork.com> wrote in message
news:<mailman.1289.1074990739.928.help-cfengine@gnu.org>...
> jptxs wrote:
> > As the help says many times, cfengine makes you think in a different
> > way. I don't think I have the hang of it yet. I've been reading
> > http://www.cfengine.org/docs/cfengine-Tutorial.html and even went to
> > the bookstore to read a bit of the book Automating Unix and Linux
> > Administration (isbn:1590592123) seeking answers.
> >
> > I have things up and working (to a point). What I just don't get is
> > what I need to put on the non-master hosts. In my update.conf I have:
> >
> > policyhost = ( bach.house.sander )
> > master_cfinput = ( /etc/cfengine/masters )
> >
> > And bit further down:
> >
> > copy:
> >
> > $(master_cfinput) dest=$(workdir)/inputs
> > r=inf
> > mode=700
> > type=binary
> > exclude=*.lst
> > exclude=*~
> > exclude=#*
> > server=$(policyhost)
> > trustkey=true
> >
> > I thought (but have come to doubt) this would grab the config files
> > from the policyhost and copy them to the local host. That has not
> > happened. And I keep getting errors when running cfagent -v on the
> > local host that look like:
> >
> > cfengine:: Server returned error: Host authentication failed. Did you
> > forget the domain name or IP/DNS address regist
> > ration (for ipv4 or ipv6)?
> > cfengine:: Can't stat /etc/cfengine/masters in copy
> >
> > I do not get these errors when I run cfagent -v on the policyhost,
> > which has an identical update.conf file and an identical file
> > structure (relative to what's referenced in cfengine's configuration,
> > anyway).
> >
> > I think that I'm just wrong about what I think this should do.
> >
> > So my questions are:
> >
> > 1. Am I wrong to think that the copy should be grabbing the file from
> > the policyhost with the above setup?
> >
> > 2. If I am wrong, how can that be done?
> >
> > I know this can be done from my reading. I just cannot figure out
> > how.
> > _______________________________________________
> > Help-cfengine mailing list
> > Help-cfengine@gnu.org
> > http://mail.gnu.org/mailman/listinfo/help-cfengine
> >
> Hello,
>
> I had this problem. Verify that your cfservd has a section like:
>
> admit: # or grant:
> /var/cfengine/bin/cfagent *.heronetwork.com
> /var/cfengine/inputs *.heronetwork.com
> /var/cfengine *.heronetwork.com
>
> The wildcard.domain.TLD should be the same as your defined domain and your
> server names.