Re: Authentication issues

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authentication issues

From:	Ed Brown
Subject:	Re: Authentication issues
Date:	Tue, 07 Mar 2006 17:11:34 -0700

My first advice to Mark was wrong.  Offlist we found a problem in his
cfservd.conf.

We'll probably need more info in your case though.  Show us the errors.
Are they during cfrun or cfagent?  

-Ed


On Tue, 2006-03-07 at 15:30 -0800, weiler@pmc.ucsc.edu wrote:
> I'm having the same problem as Mark did above, and unfortunately the
> other suggestions mentioned didn't seem to help.  The paths are
> correct, the files are readable.  I compiled on Solaris 9, cfengine
> 2.1.19p1.  Here's my cfservd.conf file, if anyone can see anything
> wrong with it!:
> 
> groups:
>    cfengine_server = ( myserver )
> 
> control:
>    any::
>       domain = ( mydomain.com )
>       MaxConnections = ( 5 )
>       IfElapsed = ( 1 )
>       DenyBadClocks = ( false )
>       AllowUsers = ( root )
>       LogAllConnections = ( false )
>       cfrunCommand = ( "/var/cfengine/bin/cfagent" )
> 
>    cfengine_server::
>       AllowConnectionsFrom = ( 111.111.33 111.111.34 ) # subnets of the
> clients
>       TrustKeysFrom = ( 111.111.33 111.111.34 )
> 
>    !cfengine_server::
>       AllowConnectionsFrom = ( 111.111.33.55 ) # IP address of the
> server
>       TrustKeysFrom = ( 111.111.33.55 )
> 
> admit:
>    any::
>       $(cfrunCommand) myserver.mydomain.com
>       /var/cfengine/ppkeys/localhost.pub myserver.mydomain.com
> 
>    cfengine_server::
>       /var/cfengine/inputs *.mydomain.com encrypt=true
>       /var/cfengine/bin    *.mydomain.com
> 
> I've been tearing my hair out for days on this, help!
> 
> ciao, erich
> 
> Edward F. Brown wrote:
> > On Thu, March 2, 2006 3:01 pm, Wolf, Mark W. said:
> > >>cfengine:raptor: Can't stat /var/cfengine/dist/etc/motd in copy
> >
> > Apologies if you've already had responses on this, with the list delay
> > it's hard to know.  The line above is the real error, the
> > authentication/DNS warning is misleading.  Check the source in the copy
> > action, make sure it's there, and readable.
> > 
> > -Ed
> 
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine
-- 
Ed Brown <ebrown@lanl.gov>

[Prev in Thread]

Current Thread

[Next in Thread]

Authentication issues, Wolf, Mark W., 2006/03/02
- Re: Authentication issues, Edward F. Brown, 2006/03/04
- Message not available
  - Re: Authentication issues, weiler, 2006/03/07
    - Re: Authentication issues, Ed Brown <=
    - Message not available
    - Re: Authentication issues, Ed Brown, 2006/03/07
    - Re: Authentication issues, Marco van Beek, 2006/03/08
- Re: Authentication issues, Frank Ranner, 2006/03/06
- RE: Authentication issues, Wolf, Mark W., 2006/03/16
- RE: Authentication issues, Wolf, Mark W., 2006/03/16

Prev by Date: Re: Authentication issues
Next by Date: Change policyhost based on situations
Previous by thread: Re: Authentication issues
Next by thread: Re: Authentication issues
Index(es):
- Date
- Thread