Can't get a client to authorize?

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Can't get a client to authorize?

From:	Josh Hurd
Subject:	Can't get a client to authorize?
Date:	Wed, 22 Feb 2006 12:28:31 -0800

I am seeing this error when I run cfagent on a new client I just built. I am stumped. Can someone help me understand this?

Denying connection from non-authorized IP 10.12.1.77

My update.conf:

# update.conf 2/15/05 Dougc
groups:
sea1_dc_digimine_com   = ( IPRange(192.168.0.0/16) IPRange(10.254.0.0/16) IPRange(10.1.0.0/16) )
qa_dmtest_com          = ( IPRange(172.16.0.0/16) IPRange(10.12.0.0/16) )
sb_dmtest_com          = ( IPRange(172.16.0.0/16) IPRange(10.12.0.0/16) )

control:
sea1_dc_digimine_com::
   domain               = ( sea1.dc.digimine.com )
   server               = ( sea1-util01 )
qa_dmtest_com::
   domain               = ( qa.dmtest.com )
   server               = ( qa-util01 )
sb_dmtest_com::
   domain               = ( sb.dmtest.com )
   server               = ( sea1-util01 )

any::
   actionsequence       = ( copy files )
   workdir              = ( /var/cfengine )
   configroot           = ( /var/cfengine/master/inputs )
   SplayTime            = ( 35 )

copy:
any::
"$(configroot)"   dest=$(workdir)/inputs
                    mode=664
                    owner=rsiadmin
                    include=*.conf
                    type=binary
                    recurse=inf
                    trustkey=true
                    server=$(server)
files:
any::
"$(workdir)/inputs/"
                    mode=664
                    owner=rsiadmin
                    group=rsiadmin
                    action="">
                    recurse=inf

My cfservd.conf:

# $Header: /cfengine/Production/cfservd.conf 3     2/03/05 10:47 JeffreyC $
control:
any::
   domain               = ( sea1.dc.digimine.com sb.dmtest.com )
   server               = ( sea1-util01 )
   TrustKeysFrom        = ( 192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0/24 10.12.0.0/16 )
   AllowConnectionsFrom = ( 192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0 10.12.0.0/16 )
   TrustKeysFrom        = ( 127.0.0.1 10.1 192.168 10.254 10.12.0.0/16 )
   AllowConnectionsFrom = ( 127.0.0.1 10.1 192.168 10.254 10.12.0.0/16 )
   SkipVerify           = ( 10.1 10.12 )
   AllowUsers           = ( root )
   cfrunCommand         = ( "/usr/sbin/cfexecd -F" )
   HostnameKeys         = ( off )

sea1_util01::
MaxConnections = ( 20 )

admit:
sea1_dc_digimine_com::
       /var/cfengine/master     192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0/24
       /usr/sbin/cfagent        192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0/24
       /usr/sbin/cfexecd        192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0/24
sb_dmtest_com::
       /var/cfengine/master     10.12.0.0/16
       /usr/sbin/cfagent        10.12.0.0/16
       /usr/sbin/cfexecd        10.12.0.0/16

sea1_util01::
/var/ftp/pub/linux 192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0/24 10.12.0.0/16
/mnt/rsi/logs02/Network/ExtractFiles 192.168.0.0/16 127.0.0.1/32 10.254.0.0/16 10.1.30.0/24 10.12.0.0/16

[Prev in Thread]

Current Thread

[Next in Thread]

Can't get a client to authorize?, Josh Hurd <=
- Re: Can't get a client to authorize?, christian pearce, 2006/02/23
- RE: Can't get a client to authorize?, Josh Hurd, 2006/02/22
  - RE: Can't get a client to authorize?, Mark Burgess, 2006/02/24
  - Re: Can't get a client to authorize?, christian pearce, 2006/02/24

Prev by Date: Re: Editfiles in inform mode
Next by Date: Re: Editfiles in inform mode
Previous by thread: Can't copy problem
Next by thread: Re: Can't get a client to authorize?
Index(es):
- Date
- Thread