Re: OS X cfengine

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OS X cfengine

From:	Yves
Subject:	Re: OS X cfengine
Date:	Thu, 7 Jul 2005 18:58:14 +0200

On Wed, 06 Jul 2005 12:13:40 -0400, Jeff McCune wrote:
> Brendan Strejcek wrote:
>> Brendan Strejcek wrote:
>>
>>
>>> I'm getting output like this when I try to run "cfagent -q -K -
>>> v -B":
>>>
>>> Checking copy from server:/path to /path
>>> Connect to server = XXX.XXX.XXX.XXX, port =5308
>>> Found address (XXX.XXX.XXX.XXX) for host server
>>> Updating last-seen time for server
>>> cfengine:: Couldn't lookup IP address
>>> cfengine:: gethostbyaddr: Unknown error: 0
>>> cfengine:: Id-authentication for client failed
>>> cfengine:: Unable to establish connection with server (failover)
>>>
>>
>> These problems ended up being specific to a particular client.
>> I'm still not sure what the issues was, but it is not happening
>> on other machines.
>>
>> The Darwinports install worked fine. For the list, this is how I
>> set up cfengine on a Mac running OS X (10.3).
>>
>> Assuming you already have Xcode installed, this will work:
>>
>> ftp http://darwinports.opendarwin.org/downloads/DarwinPorts-
>> 1.0.dmg hdiutil attach ./DarwinPorts-1.0.dmg cd
>> /Volumes/DarwinPorts1.0
>> installer -pkg DarwinPorts.mpkg -target / # Can use -verbose
>> option cd /; umount /Volumes/DarwinPorts1.0 export
>> PATH=$PATH:/opt/local/bin port install cfengine
>> # Create /opt/local/var/cfengine/ppkeys/root-${CFSERVD_IP}.pub #
>> Create /opt/local/var/cfengine/inputs/update.conf ln -s
>> /opt/local/var/cfengine /var/cfengine cp /opt/local/sbin/cfagent
>> /var/cfengine/bin echo /opt/local/sbin/cfexecd >>/etc/rc.local
>> chmod 755 /etc/rc.local /opt/local/sbin/cfexecd
>>
>
> We run an extensive cfengine setup on about 200 Mac OSX machines
> here at the Mathematics department of Ohio State University.  I'm
> currently in the process of rolling out my Tiger adaptation of our
> cfengine configuration.
>
> In my experience, authentication errors with the policy host are
> the most common problem.  In my shop, they're mostly a result of a
> host that moves from one hostname to another and the ppkeys no
> longer match what the policy host's copy.
>
> Your message seems to indicate that the client can't perform a
> reverse DNS lookup on the IP address to determine the hostname of
> the policy host or it can't determine it's own hostname.  I'd make
> sure that your network configuration of the client is good to go.
>
> Hope this helps,
> Jeff McCune
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine

Some days ago, I had the same error message.
DNS was not set up and it was not possible to ping the own hostname.
Reason:  the client didn't lookup his local files
Solution: (for HP-UX) create /etc/nsswitch.conf with hosts=local,nis,bind

Yves

 Y99@gmx.de am 07.07.2005 18:51:48Uhr

[Prev in Thread]

Current Thread

[Next in Thread]

Re: OS X cfengine, Jeff McCune, 2005/07/06
- Re: OS X cfengine, Yves <=

Prev by Date: Re: Regcmp not working?
Next by Date: Re: Locking Issues
Previous by thread: Re: OS X cfengine
Next by thread: Data from cfenvd
Index(es):
- Date
- Thread