help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ANNOYING Key Trust Issue. help.


From: Adam M. Dunn
Subject: Re: ANNOYING Key Trust Issue. help.
Date: Mon, 28 Nov 2005 09:44:25 -0600 (CST)

Hi
  I totaly agree with you Edward.  I did actually start with the simple.
I've tried all avenues I could think of.  The reason I sent the cfrun
debug output as opposed to the cfagent debug output was because I checked
both, and both had pretty much the same information and result, but it
seemed like cfrun had a little bit more information.  I'm sorry, I should
have explained that.  I also didn't want to make the email any longer than
it was so I was trying to cut what I could.  But, I'll go ahead and
include the relavent portion here.  Maybe there IS something I missed that
others can spot.

To answer your other question, cfagent on snake does the same thing, and
IS the main problem.  Here's the copy section from the debug.  Anyone else
have any ideas yet?  I just read someone else posting that they had what
seems like a similar issue, and think it's a 64bit problem.  Snake is a
64bit client.  I'm wondering if there's a 64bit relation?


snake's cfagent debug:
------------------------------------------
Actionsequence item copy
New server connection...
ExpandVarstring(lucy.mydomain.com)
ExpandVarstring(lucy.mydomain.com)
ExpandVarstring(/var/cfengine/masterfiles/inputs)
ExpandVarstring(/var/cfengine/inputs)
Checking copy from lucy.mydomain.com:/var/cfengine/masterfiles/inputs to
/var/cfengine/inputs
ExpandVarstring(lucy.mydomain.com)
Opening server connnection to lucy.mydomain.com
IPV4 address
sockaddr_ntop(10.10.13.12)
Connect to lucy.mydomain.com = 10.10.13.12 on port 5308
IPV4 address
sockaddr_ntop(10.10.13.12)
IPV4 address
sockaddr_ntop(10.10.13.12)
Found address (10.10.13.12) for host lucy.mydomain.com
Updating last-seen time for lucy.mydomain.com
Remote IP set to 10.10.13.12
IPV4 address
sockaddr_ntop(10.10.13.99)
Identifying this agent as 10.10.13.99 i.e. snake.mydomain.com, with
signature 0
IsIPV6Address(snake.mydomain.com)
SENT:::CAUTH 10.10.13.99 snake.mydomain.com root 0
Transaction Send[t 43][Packed text]
Attempting to send 51 bytes
SendSocketStream, sent 51
cfengine:snake: No public/private key pair found
cfengine:snake: Authentication dialogue with lucy.mydomain.com failed
Closing current connection
cfengine:snake: Unable to establish connection with lucy.mydomain.com
(failover)
Saving the setuid log in /var/cfengine/cfagent.snake.log
Job start time set to Mon Nov 28 03:48:35 2005




Thanks,
Adam


On Wed, 23 Nov 2005, Edward F. Brown wrote:

> On Wed, November 23, 2005 4:51 pm, Adam M. Dunn said:
> >
> > Hi all.  Don't you hate it when you get hung up on the most basic
> > basic problem...  I've been using cfengine for quite a while, and am in
> > the process of setting all back up on a new network with new servers and
> > everything
> 
> Even for the experienced user, and especially when there are problems,
> it's useful to approach a new setup in steps.  Starting with cfrun is
> starting pretty complicated: for example, you've got two cfservds (and
> cfservd.conf's, and cfservd outputs, etc) to consider, and multiple key
> exchanges...  For someone trying to follow along, it's also much harder.
> 
> First step I think would be to get cfagent on lucy talking to cfservd on
> lucy.  Then, cfagent on snake talking to cfservd on lucy, which is the
> main thing really.  Finally, executing cfagent on snake via cfrun on lucy.
> 
> What happens when you run cfagent on snake?  Could you post the debug
> output from both ends in that situation?
> 
> -Ed
> 
> 





reply via email to

[Prev in Thread] Current Thread [Next in Thread]