RE: cfrun runs without errors... but doesn't "do" anything

Thu, 25 Mar 2010 15:40:54 -0700 

... and I found another error.  I haven't found the solution to it, however:

The error:
   User root is not allowed on this server

My config (output of `grep -B2 -A2 -i AllowUse /var/cfengine/inputs/*.conf`):

cfservd.conf-  cfe_servers::
cfservd.conf-    AllowConnectionsFrom = ( 10.10.1 )
cfservd.conf:    AllowUsers = ( root )
cfservd.conf-    TrustKeysFrom = ( 10.10.1 )
cfservd.conf-
--
cfservd.conf-  cfe_clients::
cfservd.conf-    AllowConnectionsFrom = ( 10.10.1 )
cfservd.conf:    AllowUsers = ( root )
cfservd.conf-    TrustKeysFrom = ( 10.10.1 )


From: tscoltr...@hotmail.com
To: help-cfengine@cfengine.org
Subject: RE: cfrun runs without errors... but doesn't "do" anything
Date: Thu, 25 Mar 2010 16:42:50 -0500








I made an incorrect statement.  I DO get an error... but only one: "Couldn't 
recv."  Ooops.  Here's an excerpt from `cfrun -d`:

...............................................................
cfrun:myPolicyHost.myDomain.com: Strong authentication of 
server=myClient.myDomain.com connection confirmed
Receive counter challenge from server
RecvSocketStream(8)
    (Concatenated 8 from stream)
Transaction Receive [t 256][]
RecvSocketStream(256)
    (Concatenated 256 from stream)
ChecksumString(m)
Replying to counter challenge with md5
Transaction Send[t 16][Packed text]
Attempting to send 24 bytes
SendSocketStream, sent 24
BinaryBuffer(16)[5055ffffffa98000010001000] = 16
Generated session key
BinaryBuffer(16)[5055ffffffa98000010001000] = 16
BinaryBuffer(16)[5055ffffffa98000010001000] = 16
Encrypt 16 to 256
Encryption succeeded
Transaction Send[t 256][Packed text]
Attempting to send 264 bytes
SendSocketStream, sent 264
BinaryBuffer(256)[30ffffffb6ffffffa1ffffffdeffffff88ffffffcc2ffffff8b6261ffffff856effffff94ffffffbc533dffffffc3637778ffffff9f48ffffff93fffffff559ffffffcdd79ffffffebffffffc6ffffff8bfffffff518ffffffa41954ffffff9b641244794a5d132ffffff9b3f437d21655a22621a602cffffffd9ffffffaf537cffffffd7ffffff97fffffffe8ffffffb045ffffff89728662232cffffffacffffff96fffffff1fffffff769ffffffc44affffff8c38fffffff6663268ffffffaea3969ffffffddfffffffcffffff96ffffffecffffff8916ffffffc6ffffffcd3cffffffd1ffffffa5ffffffe1ffffff8576ffffffa6ffffffb828ffffffc8ffffffe9ffffffaaffffffd6fffffff918ffffffd815ffffff8278ffffffacffffffb0591dffffffaeffffffa14174ffffffca2fffffffdcffffffb9651e7bffffffbdb5a2e033dffffffb4ffffffaa2a522655ffffffadda4223ffffff90ffffff99ffffff8b66ffffffbe172dffffff8968dbffffff884ffffff8a115e35ffffffc84cfffffff1ffffffedffffffd96a5e29ffffffa12f7dc67ffffffedffffffdcffffffac1c281bffffffb6ffffffb14fffffffb735ffffffa0ffffffd37145ffffffce204355ffffff8b44ffffffd42821ffffffbdffffff95ffffff8c484ffffff8dffffff90ffffffaa6c7536737193fffffff8bffffffcd297163ffffffc1ffffffe0ffffff9c34ffffffe6ffffff924cffffffeb4a45ffffffe24734ffffff8cffffffbc683b67343ffffffb1ffffffeaffffff9e62ffffffc86d58ffffffecffffffb1ffffffc57e]
 = 256
Transaction Send[t 6][Packed text]
Attempting to send 14 bytes
SendSocketStream, sent 14
Transaction Send[t 27][Packed text]
Attempting to send 35 bytes
SendSocketStream, sent 35
RecvSocketStream(8)
    (Concatenated 8 from stream)
Transaction Receive [t 114][]
RecvSocketStream(114)
    (Concatenated 114 from stream)
RecvSocketStream(8)
cfrun:myPolicyHost.myDomain.com: Couldn't recv
cfrun:myPolicyHost.myDomain.com: recv
Connection with myClient.myDomain.com completed


From: tscoltr...@hotmail.com
To: help-cfengine@cfengine.org
Subject: cfrun runs without errors... but doesn't "do" anything
Date: Thu, 25 Mar 2010 16:29:29 -0500








It's likely that I've missed something "basic."  I'm able to run cfagent from 
clients, successfully (I modify a "test file" to ensure that CFengine corrects 
it).  When running `cfrun` from the policyhost (i.e., the "server"), I don't 
get errors.  My test file is also not "corrected..." nor do I see output 
suggesting that cfengine is evaluating promises/etc.  Authentication appears to 
proceed without incident:

KeyAuthentication(with IP keyname root-10.10.x.x)
cfrun:myServer.myDomain.com: Strong authentication of 
server=myClient.myDomain.com connection confirmed

I've run `cfrun -d[0-2]` on the policy host and `cfservd -d -F` on the 
client... and just don't see where I've gone wrong.  While the forward & 
reverse lookup (DNS) records exist for the policyhost/server, only the forward 
lookup exists for the clients (although I've added these IPs to the /etc/hosts 
file).  DNS does not appear to be relevant (for I'm not having authentication 
failures).  What doesn't happen is, well, "anything useful."

I'll gladly post any output/configs/etc.  Oh, yes, of course I've allowed 
(grant) all hosts/clients to access programs, exchange keys, etc.

>From cfservd.:
==========

 cfe_servers = ( 10.10.1 )
 cfe_clients = ( 10.10.1 )

grant:
 /usr/sbin/cfagent            10.10.1


You can be surly in your responses.  I reached the end of the Internet around 
thirty minutes ago.  I may just be dumb.

Thanks,
   Todd (aka, Dances with Config Files)

                                          
Hotmail: Trusted email with powerful SPAM protection. Sign up now.              
                          
The New Busy is not the old busy. Search, chat and e-mail from your inbox. Get 
started.                                           
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID27925::T:WLMTAGL:ON:WL:en-US:WM_HMP:032010_3
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to