This is the default umask change, I guess. The mode "go+r" explicitly
means 044, so basically they get what they defined. Perhaps, earlier
versions started with default mode 600, so that go+r worked fine, but
now they have mode 000 by default.
I wonder, why not just specify mode 644 instead of go+
We've not seen or heard of anything like this from anyone else, but
we'll look into it. No code has changed here for quite a while. Please
tell us what OS you are running this on. There is always the possibility
of a build error.
On 02/01/2011 11:01 PM, Jean-Noël Rivasseau wrote:
> Hello,
>
> I
Eystein,
Thanks for the tip. That works "kind of"... Here is what I had on my
server configs:
body server control
{
allowconnects => { "127.0.0.1" , "::1" , "10." };
allowallconnects => { "127.0.0.1" , "::1" , "10." };
trustkeysfrom => { "127.0.0.1" , "::1" , "10." };
...
Neil,
This is the same issue I had with my updates a few weeks back. I used
a tidy promise on the root-.pub file to clean it up which is a mess
but at least it gets past the constant failure for updates.
I slipped this into the update bundle and it at least takes care of
the key but I am not sure
Understood, thank you, Eystein. I've checked the bug tracker and
reported the bug:
https://cfengine.com/bugtracker/view.php?id=464
Cheers,
Aleksey
On Tue, Feb 1, 2011 at 1:17 PM, Eystein Måløy Stenberg
wrote:
> Yes, when you specify "suspiciousnames" the promise has meaning, so
> should be ex
Hello,
I just upgraded to 3.1.4 (from 3.0.5) and am facing a critical bug
that breaks all our code. Basically the following promise:
files:
"/srv/${global.INTERNAL_REVERSED_DOMAIN}/hudson/plugins/text-finder.hpi"
copy_from => fastCopyFromRemote("${global.OVERMIND_HOST}",
"${globa
On 1 February 2011 20:18, Eystein Måløy Stenberg wrote:
> Perhaps it got stuck in some spam filter?
> That seems to be the case with some of the emails that are sent out
> (like the activation email for Engine Room signups).
>
>
Of course, you are right - no less than 53 cfengine conversations cl
Yes, when you specify "suspiciousnames" the promise has meaning, so
should be executed.
My use of the transformer was just to force Cfengine to run the promise.
Perhaps you would care to check if Dan did already report this in the
bug tracker and add a note about suspiciousnames if so, otherwise
>
> why isn't
>
> files: "/root/tmp2" depth_search => recurse("inf");
>
> a promise to search /root/tmp2? It looks like one to me. Because I
> defined the suspiciousnames slist, I am expecting cf-agent to search
> the /root/tmp2 directory.
In order to find suspicious files.
Aleksey
__
On Tue, Feb 1, 2011 at 12:27 PM, Eystein Måløy Stenberg
wrote:
> Ah, now I remember - I did a slight change to your policy.
> As it was, your files:-promise had no intention about the state, and was
> thus skipped.
>
> Try this (just to check).
>
> --
> files:
>
> "/root/tmp2"
> transformer => "/
On Tue, Feb 01, 2011 at 03:57:11PM -0500, no-re...@cfengine.com wrote:
>Forum: Cfengine Help
>Subject: Re: Issue with action => background
>Author: daveseff
>Link to topic: https://cfengine.com/forum/read.php?3,20387,20391#msg-20391
>
>Thanks Neil, That works better. Strange, however, I wonder if i
Forum: Cfengine Help
Subject: Re: Issue with action => background
Author: daveseff
Link to topic: https://cfengine.com/forum/read.php?3,20387,20391#msg-20391
Thanks Neil, That works better. Strange, however, I wonder if it still waits
for the process to finish before cf-agent exits.
# cfagent -
Forum: Cfengine Help
Subject: Re: Issue with action => background
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,20387,20390#msg-20390
Background in this case is the name of the action body part. It does not imply
any type of action. You defined the action in the actio
Ah, now I remember - I did a slight change to your policy.
As it was, your files:-promise had no intention about the state, and was
thus skipped.
Try this (just to check).
--
files:
"/root/tmp2"
transformer => "/bin/true $(this.promiser)",
depth_search => recurse("inf");
--
--Eystein
On
Forum: Cfengine Help
Subject: Re: Issue with action => background
Author: daveseff
Link to topic: https://cfengine.com/forum/read.php?3,20387,20389#msg-20389
Thank you. The documentation wasn't clear.
I've defined this using the example from the manual (section 6.4.1):
body action background
{
On Tue, Feb 1, 2011 at 4:56 AM, wrote:
> Forum: Cfengine Help
> Subject: Re: checking for suspicious file names with "suspiciousnames" does
> not work or am I using it wrong? (3.1.3)
> Author: neilhwatson
> Link to topic: https://cfengine.com/forum/read.php?3,20369,20384#msg-20384
>
> What happe
On Tue, Feb 1, 2011 at 11:16 AM, Eystein Måløy Stenberg
wrote:
> Perhaps run it in verbose mode to see if it enters the directories?
> I ran your policy earlier today, and it worked.
> Note that the suspiciousnames list is only matched against regular
> files, not directories/symlinks/etc.
>
> --E
Perhaps it got stuck in some spam filter?
That seems to be the case with some of the emails that are sent out
(like the activation email for Engine Room signups).
--Eystein
On 02/01/2011 07:58 PM, Aleksey Tsalolikhin wrote:
> On Tue, Feb 1, 2011 at 10:39 AM, Erlend Leganger
> wrote:
>> From t
Perhaps run it in verbose mode to see if it enters the directories?
I ran your policy earlier today, and it worked.
Note that the suspiciousnames list is only matched against regular
files, not directories/symlinks/etc.
--Eystein
On 02/01/2011 07:55 PM, Aleksey Tsalolikhin wrote:
> Dear Eystein,
Forum: Cfengine Help
Subject: Re: Issue with action => background
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,20387,20388#msg-20388
You need a background body part defined.
___
Help-cfengine mailing list
Help-cfengine@cfengi
On Tue, Feb 1, 2011 at 10:39 AM, Erlend Leganger
wrote:
> From the email trail below I understand that Cfengein 3.1.4 has been
> released. However, I did not see the original 3.1.4 announcement message on
> the mailing list, I only see this response with title "Re: Cfengine Help:
> Cfengine 3.1.4
Forum: Cfengine Help
Subject: Issue with action => background
Author: daveseff
Link to topic: https://cfengine.com/forum/read.php?3,20387,20387#msg-20387
Hello,
I am trying to execute a command on the Linux CLI using a similar method in the
documentation:
bundle agent example
{
commands:
Dear Eystein,
Thank you. I tried with r1762. I don't get a syntax error any more,
but it does not actually work to detect suspicious file names.
For example:
# cat /var/cfengine/inputs/aleksey_test.cf
body common control
{
bundlesequence => { "report_suspicious_file_names" };
inputs => { "
Forum: Cfengine Help
Subject: Upgrade 3.0.2 to 3.1.2 pains
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,20386,20386#msg-20386
Getting this problem with more than a few hosts.
cf3 -> Connect to configa01.example.com = 10.249.249.2 on port 5308
cf3 -> Did not find new
>From the email trail below I understand that Cfengein 3.1.4 has been
released. However, I did not see the original 3.1.4 announcement message on
the mailing list, I only see this response with title "Re: Cfengine Help:
Cfengine 3.1.4 is released". Is this a problem only I have or do others see
the
>From the server, "Denying repeated connection from
":::10.10.10.11" means that your client is trying to make two
connections at the same time.
If you want that to be allowed, see allowallconnects:
http://www.cfengine.org/manuals/cf3-reference.html#allowallconnects-in-server
--Eystein
On Tue,
>
> Please don't do this. RPMs should not install anything under /usr/local
> as that's reserved for local modifications of the system. rpmlint warns
> you if your RPM makes this mistake.
>
>
I see your point however this is the existing behavior of the community
RPMs.
# rpm -ql cfengine-communi
Frans Lawaetz wrote:
>>
>> The extended change log should be online within a few days, so will also
>> the Linux packages.
>>
>
> When generating the CentOS5 RPMs, might I request that the post-install
> logic be fixed to ensure binaries are in place in both /usr/local/sbin/ and
> /var/cfengine/bin
Hi Neil,
Well I did this policy:
"$(sys.workdir)/ppkeys/root-.pub"
comment => "Clean up the bad ppkey copy",
handle => "ppkey_garbage",
delete => tidy,
classes => update_repaired("garbage_ppkey");
I was one of the initial folks effected by this root-.pub key issue.
So far I move
>
> The extended change log should be online within a few days, so will also
> the Linux packages.
>
When generating the CentOS5 RPMs, might I request that the post-install
logic be fixed to ensure binaries are in place in both /usr/local/sbin/ and
/var/cfengine/bin?
I filed a bug regarding such:
Hi,
I'm trying to do a script for provisioning/de-provisioning unix user accounts.
It works sometimes, and sometimes not. It feels like an intermittent error, but
I've changed the script a bit to make the logic better, and for debugging, but
now it's probably broken. (Now I see "Scalar variable
Forum: Cfengine Help
Subject: Re: Cfengine 3.1.4 is released
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,20344,20385#msg-20385
> Reading and writing of key name "root-.pub" eliminated (bug #442, #453).
When one runs into this bug how can it be worked around without up
Hi Folks,
I was wondering if anyone has built and run the new v3.1.4?
I did today in my development policysrv2 host but I am seeing some
issues on key exchanges (protocol transaction reset). If some of you
recall this is the development env with the root-.pub issues on the
3.1.2. Today I removed
Hi,
We're currently testing cfengine 3.0.2 (because that's what you get then
running Ubuntu 10.04).
I've used some examples from the CFengine Solutions
(http://www.cfengine.org/manuals/cf3-solutions.html)
Some things work, and some doesn't.
For instance, the distribution of ssh keys
(http://w
Hey,
Hope you are sleeping well.
Have verified it works on my end now.
--Eystein
On Tue, Feb 1, 2011 at 9:12 AM, Aleksey Tsalolikhin
wrote:
> On Mon, Jan 31, 2011 at 11:53 PM, Eystein Måløy Stenberg
> wrote:
>> The validation of suspiciousnames was too strict, can you retry svn trunk?
>
> Dear
Forum: Cfengine Help
Subject: Re: checking for suspicious file names with "suspiciousnames" does not
work or am I using it wrong? (3.1.3)
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,20369,20384#msg-20384
What happens if you escape the period and other characters that
Forum: Cfengine Help
Subject: Re: cf-execd.cf mailto
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,20348,20383#msg-20383
I think that an email alias would be the best way for you to approach this
problem. You can even have cfengine set it up for you.
_
Forum: Cfengine Help
Subject: Re: Cfengine Help: Re: Processes in Solaris 10 and latest trunk r1736
Author: berntjernberg
Link to topic: https://cfengine.com/forum/read.php?3,20356,20382#msg-20382
I really hope that none of you have to deal with the leftovers of a person
close to you who killed h
On Mon, Jan 31, 2011 at 11:53 PM, Eystein Måløy Stenberg
wrote:
> The validation of suspiciousnames was too strict, can you retry svn trunk?
Dear Eystein,
Thanks! I retried svn trunk, but still no go:
community>:/root/core/src/aleksey_test.cf:9,47: Scalar item in
suspiciousnames => { .mo } i
39 matches
Mail list logo
