Can't copy problem

[Christopher Browne]

I'm having a problem copying files which *appear* to have something to
do with what user is requesting files.

I have a copy clause thus...  The file, crontab.dbserver, is
ultimately something I want to stow in each user's crontab...

   q9.!dba520cluster::
        /opt/home/postgres/GoldenServer/crontab.dbserver
                                dest=$(HOME)/crontab.dbserver
                                mode=0600
                                server=$(GOLDEN_SERVER)
                                trustkey=on

According to the cfagent --verbose run, access is being denied, thus:

Checking copy from 
10.9.130.182:/opt/home/postgres/GoldenServer/crontab.dbserver to 
/opt/home/pgrt/crontab.dbserver
cfengine:TOR-550-DB901: /opt/home/pgrt/crontab.dbserver wasn't at destination 
(copying)
cfengine:TOR-550-DB901: Copying from 
10.9.130.182:/opt/home/postgres/GoldenServer/crontab.dbserver
cfengine:TOR-550-DB901: Network access to cleartext 
10.9.130.182:/opt/home/postgres/GoldenServer/crontab.dbserver denied

Here appears to be the relevant portion of this...

FuzzyItemIn(LIST,10.9.130.167)
No root privileges granted
IsWildItem(tor-550-db901.int.libertyrms.com,*.int.libertyrms.com)
Access privileges - match found
cfservd: Host tor-550-db901.int.libertyrms.com granted access to 
/opt/home/postgres/GoldenServer/crontab.dbserver
CfGetFile(/opt/home/postgres/GoldenServer/crontab.dbserver on sd=5), size=138
Caller pgrt is not the owner of the file
cfservd: Host authorization/authentication failed or access denied

Two details that are probably relevant...

1.  The user running the cfengine script is "pgrt"

2.  The user running the cfservd is "postgres"

I am allowing all the relevant users access in the cfservd.conf
AllowUsers directive, so I'm not sure what's wrong here...

(No, none of the above involves anyone being root.  That be
verboten...)
-- 
output = reverse("ofni.sailifa.ac" "@" "enworbbc")
<http://dba2.int.libertyrms.com/>
Christopher Browne
(416) 673-4124 (land)