[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Grant Documentation
From: |
Brian E. Seppanen |
Subject: |
Grant Documentation |
Date: |
Fri, 17 Oct 2003 15:28:56 -0400 (EDT) |
Hi Folks:
I have printed copies of both the cfengine reference and the tutorial, and
I'm still having problems finding references about how to use grant
properly. I have 40+ servers that are now running cfengine-2.0.8p1, and
I'm getting constant errors about copying files off of my filesystems from
one box to another. In the past this has worked in my cfservd.conf that
has had
grant:
/var/cfengine 192.168.1.2 etc....
/ 192.168.1.2 etc...
Now each time I try to copy some file from /etc I get host authorization
denied, and I believe it is because I haven't explicitly granted this,
although it worked pre 2.0.8p1. How can I grant / and indicate that I
want to allow access to the entire filesystem. I do not have a file
repository that I'm using, I'm using a live filesystem. If it makes it
to the live filesystem it has been tested and is ready for production.
My /var/cfengine/inputs/cfservd.conf gets updated as do the rest of the
files in /var/cfengine so it would appear that the /var/cfengine grant works,
but
nothing else works.
Havekey(root-192.168.1.2)
Loaded /var/cfengine/ppkeys/root-192.168.1.2.pub
A public key was already known from host1.fake.net/192.168.1.2 - no trust
required
Adding IP 192.168.1.2 to SkipVerify - no need to check this if we have a key
Prepending 192.168.1.2
The public key identity was confirmed as root@host1.fake.net
Transaction Send[t 16][Packed text]
Attempting to send 24 bytes
SendSocketStream, sent 24
Transaction Send[t 16][Packed text]
Attempting to send 24 bytes
SendSocketStream, sent 24
ChecksumString(m)
Transaction Send[t 256][Packed text]
Attempting to send 264 bytes
SendSocketStream, sent 264
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 16][]
RecvSocketStream(16)
(Concatenated 16 from stream)
cfservd: Strongly authentication of client host1.fake.net/192.168.1.2
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 16][]
RecvSocketStream(16)
(Concatenated 16 from stream)
Got a session key...
RecvSocketStream(8)
(Concatenated 8 from stream)
Transaction Receive [t 56][]
RecvSocketStream(56)
(Concatenated 56 from stream)
Received: [SSYNCH 40] on socket 5
AccessControl(/etc/login.defs)
AccessControl(/etc/login.defs,host1.fake.net) encrypt request=1
cfservd: Host host1.fake.net denied access to /etc/login.defs
cfservd: Host authorization/authentication failed or access denied
Transaction Send[t 64][Packed text]
Attempting to send 72 bytes
SendSocketStream, sent 72
cfservd: From (host=host1.fake.net,user=root,ip=192.168.1.2)
RecvSocketStream(8)
Transmission empty or timed out...
Transaction Receive [][]
RecvSocketStream(0)
cfservd terminating NULL transmission!
Terminating thread...
***Closing socket 5 from 192.168.1.2
Deleted item 192.168.1.2
This is the transaction from the perspective of the cfservd on the host
from which the copy would have occured from
Any help...
Brian Seppanen
seppy@chartermi.net
906-475-0107 ext 1040
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Grant Documentation,
Brian E. Seppanen <=