gine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
--
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet http://www.es.net/ Desk: 510/495-2243
___
Help-cfengine ma
ne@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
--
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet http://www.es.net/ Desk: 510/495-2243
___
Help-cfengine mail
All,
I'm using Nova, latest release. However, this problem has been present
for all versions I've seen. I had hoped the latest release might have
fixed it, but no joy.
cf-report core-dumps on all our FreeBSD hosts running Nova:
Dec 1 10:18:44 washamp kernel: pid 48208 (cf-report), uid 0: ex
> { "143.207.0.0/16" },
> comment => "Access rules to the masterfiles";
> "/usr/sbin/cf-agent"
> admit => { "${globalset.cfmaster}" },
> comm
__
> Help-cfengine mailing list
> Help-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
--
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet
___
> Help-cfengine mailing list
> Help-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
--
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet http://www.es.net/ Desk: 510/495-2243
_
I need, but it
doesn't seem to have the ability to also assign a port.
Ideas?
deb
--
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://
David, I gave an incomplete answer. So sorry.
What I should add is that you need to install Cfengine on the client,
just as you did initially on the policy server. Then use cf-key and use
the bootstrap command I gave you in the last email. At the moment I'm
not sure where this is in the docu
I see Nick Anderson has responded with failsafe.cf and update.cf
for your enjoyment.
Have fun!!
deb
On 12/22/10 2:20 PM, Deb Heller wrote:
> David, I gave an incomplete answer. So sorry.
>
> What I should add is that you need to install Cfengine on the client,
> just as you did
So, couldn't you, at the command line on the client host, issue this
command to initiate the key exchange?
cf-agent -B -s policy_server
(where "policy_server" is the hostname or IP address of the policy server)
As long as the server trusts the client, the keys should be exchanged
and you're go
Excellent, Nicolas! I want to run the community edition on systems not
connected with our main network, and the nuances between that and Nova
can be baffling.
I found a section that says a little more about what you posted in the
Cfengine 3 Concept Guide, Section 7.3.3 Key exchange:
7
Folks,
I am not a programmer - wish that I were at this point. Regexes are the
bane of my existence right now.
I am attempting to update /etc/rc.d/init.d/functions on CentOS and RH
linux boxes with the .cf-before-edit extension. In this way, start-up
scripts like /etc/rc.d/init.d/networks wi
Neil,
I didn't want this query to the list go by without notice.
Thanks for bringing up the topic of iptables. This is indeed a very
crucial file to keep in sync with what's running in the kernel on
production hosts. I hadn't seen the articles, so they're now on my list
of important reads (al
Thanks, Jeang - It all seems so simple now...
Tested and works!
deb
On 1/4/11 4:29 PM, no-re...@cfengine.com wrote:
> Forum: Cfengine Help
> Subject: Re: Need a little regular expression help from my friends...
> Author: phnakarin
> Link to topic: https://cfengine.com/forum/read.php?3,20020,200
Found out this evening that my lastseen database has not updated since
December! Can anyone point me to what I might need to do to get this
working again?
If I have to start my databases from scratch, that's okay.
Thanks,
deb
___
Help-cfengine mailin
/11 6:10 PM, Deb Heller wrote:
> Found out this evening that my lastseen database has not updated since
> December! Can anyone point me to what I might need to do to get this
> working again?
>
> If I have to start my databases from scratch, that's okay.
Right, I'm using Nova (should've mentioned that, sorry). At the same
time, I appreciate the discussion on the communtiy version of lastseen
and cfengine.
I've got a ticket open with Cfengine wrt MAX_FD errors raising its ugly
head again. This is causing client authentication problems as well,
YAY!! This is GOOD NEWS, indeed! Thanks for all the hard work!
deb
On 1/20/11 6:59 AM, no-re...@cfengine.com wrote:
> Forum: Cfengine Help
> Subject: Cfengine 3.1.3 is released - stability release
> Author: eystein
> Link to topic: https://cfengine.com/forum/read.php?3,20221,20221#msg-20221
>
>
Just so that you know you're not along... This is something I've been
considering for cfengine to do, but haven't had any cycles to do more
than think about it. We're monitoring FreeBSD 7.3 and CentOS and Redhat
Linux 5.x flavors...
At the moment I have only moral support to offer you. :-)
de
I've tried logging into the forum with no success. The wizard says I
have an account, so I "asked" for my password to be sent to me - I never
received an email after waiting 24 hours. I've tried this a couple of times.
I'd prefer to use the forum, but I can't. Could someone help me out please?
s to scale well over hundreds of
systems, without the necessity of email floods. Haven't yet coupled Nagios with
Cfengine, but it's on my horizon.
Kind Regards,
deb
Deb Heller-Evans 1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet http://www.es.net
We're using a similar approach here with SVN, although we divvy the dir trees
up between groups - Engineering and Systems Administration.
I would like to pose a follow-on question to Jessica's: Using your favorite
repository software (insert subversion, Bazaar, or whatever here), we would
h
Elegant! Thanks for sharing!
Kind Regards,
deb ツ
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet http://www.es.net/ Desk: 510/495-2243
On Mon, 15 Mar 2010 14:26:24 -0700, Aleksey Tsalolikhin wrote:
> Dear Neil,
>
>
Hi Guys,
We use nagios to check port 5308 to make sure that cf-serverd is
responding. However, each time that the port is checked,
/var/log/messages records the probe:
Aug 20 09:06:17 proserver cf-serverd[4356]: Not allowing connection
from non-authorized IP 198.128.3.36
How can we allow
Yup. Talking to myself here... :-) I seem to have solved this by
including the nagios probing hosts in the acl slist...
If anyone has any better ideas, please let me know!
On 8/20/10 9:56 AM, Deb Heller-Evans wrote:
>Hi Guys,
>
> We use nagios to check port 5308 to make sur
Does anyone here have experience with multi-homed clients and
authentication? I have a case whereby a client has two network
interfaces, one is accesible as a management network interface, and one
is not. For example,
rainier-mgt.some.com - management, accessible via ssh; interface is
NOT
this complaint would be helpful...
Thanks!
--
Deb Heller-Evans1 Cyclotron Road
Computer Systems Engineer Berkeley, CA 94720
ESnet http://www.es.net/ Desk: 510/495-2243
___
Help-cfengine mailing list
Help-cfengine@cfe
Thanks!
That helps.
deb
On 11/7/10 3:37 PM, Frans Lawaetz wrote:
> As far as I know this is a bug with cf-execd where it does not release
> file descriptors and eventually runs out of them. I have a weekly cron
> job to restart cfengine3 services as a work around (non-ideal).
> I haven't upgra
The default port is 5308, not 5306, and you don't want to change it
> unless you definitely have no choice (say, 5308 is completely occupied
> in your infrastructure by bad coincidence). But, if you explicitly
> want to, look at "port" option of control bodies.
>
> 2010/
ime for the feature request?
>
> 2010/12/16 Deb Heller-Evans:
>> Thanks, Seve! Sorry, that was a typo on the port number. But, I think I
>> didn't make my point very well. Let me try again.
>>
>> I am not wanting to change the port number. I need to direct communic
nario to
> make sure we understand
>
> M
>
> On 12/16/2010 04:03 PM, Deb Heller-Evans wrote:
>> Seva,
>>
>> Yes, I think that's it.
>> I wonder how hard it would be to add this functionality...
>>
>> deb
>>
>> On 12/16/10 6:53 AM, Sev
I'm using the Nova version of Cfengine, but perhaps it's the same in the
community version. When I want to add a client, I would bootstrap it to
the policy server:
cf-agent -B -s
And they do a key exchange to enable a trust relationship.
I believe it works the same way - go to Section 2.6 of
32 matches
Mail list logo
