Jermome, cfengine has nothing to do with ssh, so no root login is required.
You don't show the server half of your configuration, but I suspect you haven't configured the server properly. Run cf-serverd -vf ./unit_server_copy_remote.cf and look at the verbose output as you connect. You should have run cf-key to create keys, and then you should make sure you added your mystery IP address 1.2.3.4 to trustkeys and allowconnects, etc. Hope this helps. On 01/06/11 21:59, Jerome Yanga wrote: > Has anyone gotten copy_from running on cfengine-community-3.1.5-1.el5 to > work? Is root login required via ssh? What do I need to do on the hosts to > make this promise work? > > I have tried using the sample cf file from the link below. > > http://source.cfengine.com/websvn/filedetails.php?repname=Cfengine+core&path=%2Ftrunk%2Fexamples%2Funit_server_copy_remote.cf > > I tweaked this file a bit to fit my environment. > > Here is the version I am running. > "# rpm -qa | grep cfen > cfengine-community-3.1.5-1.el5" > > IP Addresses of hosts: > Server => 5.6.7.8 > client => 1.2.3.4 > > "# test remote copy > body common control > { > any:: > > bundlesequence => { > "testbundle" > }; > } > > > ############################################ > > bundle agent testbundle > > { > files: > > "/tmp/copy_of_remote_host_file" > > perms => system, > copy_from => mycopy("/etc/hosts","1.2.3.4"), > depth_search => recurse("inf"); > > } > > ############################################ > > body perms system > > { > mode => "0444"; > } > > ######################################################### > > body depth_search recurse(d) > > { > depth => "$(d)"; > } > > ######################################################### > > ######################################################### > > body depth_search recurse(d) > > { > depth => "$(d)"; > } > > ######################################################### > > body copy_from mycopy(from,server) > > { > source => "$(from)"; > #portnumber => "6789"; > servers => { "$(server)" , "1.2.3.4" }; > copy_backup => "true"; #/false/timestamp > stealth => "true"; #/on/false/off > preserve => "true"; > #linkcopy_patterns => { ".*fish.*" }; > #copylink_patterns => { "non-local.*"}; > #xdev => "true"; # /on/false/off > compare => "mtime"; # > ctime/mtime/checksum/sum/byte/binary/any > link_type => "absolute"; # /symbolic/relative/hard etc > type_check => "true"; > force_update => "false"; > force_ipv4 => "false"; > #copy_size => irange("0","50000"); > trustkey => "true"; > encrypt => "true"; > verify => "true"; > purge => "false"; > #findertype => "MacOSX"; > }" > > I still receive the same error as I have encountered the past few days. > > "cf3> ......................................................... > cf3> Promise handle: > cf3> Promise made by: /tmp/copy_of_remote_host_file > cf3> ......................................................... > cf3> > cf3> -> Copy file /tmp/copy_of_remote_host_file from /etc/hosts check > cf3> No existing connection to 1.2.3.4 is established... > cf3> Set cfengine port number to 5308 = 5308 > cf3> Set connection timeout to 10 > cf3> -> Connect to 1.2.3.4 = 1.2.3.4 on port 5308 > cf3> -> Did not find new key format /var/cfengine/ppkeys/root-.pub > cf3> -> Trying old style /var/cfengine/ppkeys/root-1.2.3.4.pub > cf3> -> Could not map key file to new format - we have no digest yet > (using /var/cfengine/ppkeys/root-1.2.3.4.pub) > cf3> -> Going to secondary storage for key > cf3> Couldn't send > cf3> !!! System error for send: "Connection reset by peer" > cf3> Couldn't send > cf3> !!! System error for send: "Broken pipe" > cf3> Couldn't send > cf3> !!! System error for send: "Broken pipe" > cf3> Challenge response from server 1.2.3.4/1.2.3.4 was incorrect! > cf3> I: Report relates to a promise with handle "" > cf3> I: Made in version 'not specified' of '/tmp/unit_server_copy_remote.cf' > near line > 21http://source.cfengine.com/browse/core/trunk/src/conversion.c?revision=2347&view=markup > cf3> !! Authentication dialogue with 1.2.3.4 failed > cf3> Unable to establish connection with 1.2.3.4 > cf3> No existing connection to 1.2.3.4 is established... > cf3> Set cfengine port number to 5308 = 5308 > cf3> Set connection timeout to 10 > cf3> -> Connect to 1.2.3.4 = 1.2.3.4 on port 5308 > cf3> -> Did not find new key format /var/cfengine/ppkeys/root-.pub > cf3> -> Trying old style /var/cfengine/ppkeys/root-1.2.3.4.pub > cf3> -> Could not map key file to new format - we have no digest yet > (using /var/cfengine/ppkeys/root-1.2.3.4.pub) > cf3> -> Going to secondary storage for key > cf3> Couldn't send > cf3> !!! System error for send: "Broken pipe" > cf3> Couldn't send > cf3> !!! System error for send: "Broken pipe" > cf3> Couldn't send > cf3> !!! System error for send: "Broken pipe" > cf3> Challenge response from server 1.2.3.4/1.2.3.4 was incorrect! > cf3> I: Report relates to a promise with handle "" > cf3> I: Made in version 'not specified' of '/tmp/unit_server_copy_remote.cf' > near line 21 > cf3> !! Authentication dialogue with 1.2.3.4 failed > cf3> Unable to establish connection with 1.2.3.4 > cf3> -> No suitable server responded to hail > cf3> Promise (version not specified) belongs to bundle 'testbundle' in file > '/tmp/unit_server_copy_remote.cf' near line 21 > " > > I ran the following command as root. > > "[root@5.6.7.8]# /usr/local/sbin/cf-agent -K -v -f > /tmp/unit_server_copy_remote.cf" > > Help. > > Regards, > j > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
