[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [No match of class]?
|
From: |
Luke A. Kanies |
|
Subject: |
Re: [No match of class]? |
|
Date: |
Wed, 25 Feb 2004 16:52:55 -0600 (CST) |
On Wed, 25 Feb 2004, Lev Lvovsky wrote:
> groups:
>
> smarthost = ( tsthvy1-smarthost )
>
> admit:
>
> smarthost::
> /file *.domain.com
My guess is that this is the reverse of what you want. I think you are
trying to set up a single server to allow access to many machines (a
group).
Groups do not work that way in the cfservd.conf file (I'm pretty sure
about this, anyway). In the above case, if the cfserver's name is
tsthvy1-smarthost, it will admit access to that file tree; otherwise it
will not. I'm assuming that's the client's name, though, right?
If you are trying to collect a group of clients and allow them all access
at once, you need something else. I haven't used this, but Mark mentioned
in his previous email that you can make a list:
control:
list = ( host1:host2:host3 )
admit:
/file ${list}
I'm not real fond of that, and I haven't tried it, but if it works, then
great.
I usually use a '*.domain.com' mechanism, even though it also seems
marginally unclean. I agree that it would be nice if cfservd could
somehow know which classes matched the incoming client, but that's not
really possible -- it would have no way of knowing, for instance, whether
a client was an aix server or a sunos server.
So, you have to essentially redo all of your classifications in both
cfservd.conf and cfagent.conf.
Luke
--
Is life worth living? That is a question for an embryo, not a man.
--Samuel Butler