Forum: CFEngine Help
Subject: server access admit based on the ip/name of the connecting host
Author: JarleB
Link to topic: https://cfengine.com/forum/read.php?3,24872,24872#msg-24872
Hello,
I'm curious if there is a way of achieving this:
bundle server access_rules() {
access:
"/host-specific-files/$(name_of_the_connecting_host)" => admit {
$(ip_of_connecting_host) };
}
on the server side in order to both do this on the agent side:
bundle agent get_my_files {
files:
"/myfiles/file1"
copy_from => myrepo("file1"),
action => immediate,
pathtype => "literal";
}
body copy_from myrepo(file)
{
source => "/host-specific-files/$(sys.host)/";
servers => { "policyserver1","policyserver2" };
compare => "digest";
}
and at the same time not allow hosts where $(sys.host) != (PTR of connecting
ip-address)
Best regards
Jarle Bjørgeengen
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
