I am just trying out cfengine for the first time and cannot figure out
what I am doing wrong. Thinking it was a DNS issue, I tried this at work
and obtained the exact same results.....
cfagent.conf
-------------
##################################################
#
# cfagent.conf
#
# This is a simple file for getting started with
# cfengine. It is harmless. If you get cfengine
# running with this file, you can build on it.
#
##################################################
###
#
# BEGIN cfagent.conf (Only hard classes in this file )
#
###
control:
actionsequence = ( files shellcommands copy )
domain = ( kc.rr.com )
######################################################################
copy:
# Get a file from some trusted server, e.g. password sync
# To do this, you need to use cfkey to install keys
# /etc/shadow mode=0600 server=passwordserver
######################################################################
files:
# /etc/passwd
# mode=644 # make sure the file permissions are right
# owner=root # make sure it's owned by root
######################################################################
shellcommands:
"/bin/echo Replace me with something useful"
Wednesday.Hr00||Saturday.Hr02::
"/usr/local/bin/MyScript"
######################################################################
processes:
# "inetd" signal=hup
# "irc" signal=kill
###
#
# END cfagent.conf
#
###
cfservd.conf
------------
#########################################################
#
# This is a cfd config file
#
# The access control here follows after any tcpd
# control in /etc/hosts.allow and /etc/hosts.deny
#
#########################################################
#
# Could import cf.groups here and use a structure like
# in cfengine.conf, cf.main, cf.groups
#
control:
domain = ( kc.rr.com )
DenyBadClocks = ( false )
solaris::
cfrunCommand = ( "/usr/local/cfengine/sbin/cfagent --debug" )
linux::
cfrunCommand = ( "/usr/local/cfengine/sbin/cfagent" )
# AutoExecInterval = ( 60 )
# AutoExecCommand = ( "/iu/nexus/local/gnu/lib/cfengine/bin/cfwrap
/iu/nexus/local/gnu/lib/cfengine/bin/c
fhourly")
any::
# ChecksumDatabase = ( /tmp/testDATABASEcache )
IfElapsed = ( 1 )
MaxConnections = ( 10 )
#########################################################
admit: # or grant:
/usr/local/cfengine/sbin/cfagent mymasterserver
/usr/local/cfengine/mtong mymasterserver
From the 'master server' I issue the following command:
../sbin/cfrun -v -- -n myclientserver.kc.rr.com -v
and the output from the command :
Address given by nameserver: 192.168.1.6
Loaded /var/cfengine/ppkeys/localhost.priv
Loaded /var/cfengine/ppkeys/localhost.pub
Looking for a source of entropy in /var/cfengine/randseed
cfrun(0): .......... [ Hailing myclientserver.kc.rr.com ]
..........
Connecting to server myclientserver.kc.rr.com to port 0 with options -n
myclientserver.kc.rr.com -v
Loaded /var/cfengine/ppkeys/root-192.168.1.5.pub
Connect to myclientserver.kc.rr.com = 192.168.1.5 on port cfengine
Loaded /var/cfengine/ppkeys/root-192.168.1.5.pub
cfrun: mymasterserver.kc.rr.com: Strong authentication of
server=myclientserver.kc.rr.com connection confirmed
myclientserver.kc.rr.com replies..
Host authentication failed. Did you forget the domain name?Connection
with myclientserver.kc.rr.com completed
And from myclientserver messages file:
Feb 28 22:36:24 myclientserver cfservd[14342]: [ID 702911 daemon.notice]
Host authorization/authentication failed or access denied
Feb 28 22:36:24 myclientserver cfservd[14342]: [ID 702911 daemon.notice]
From (host=mymasterserver.kc.rr.com,user=root,ip=::ffff:192.168.1.6)
Feb 28 22:36:24 myclientserver cfservd[14342]: [ID 823470 daemon.error]
ID from connecting host: (EXEC -n myclientserver.kc.rr.com -v )
I know this is something obvious, but after reading the Tutorial and
Reference pages multiple times, I seem to be missing it.
Thanks,
Alan Fox