Re: New problem with multi-honed machine

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New problem with multi-honed machine

From:	PAUL WILLIAMSON
Subject:	Re: New problem with multi-honed machine
Date:	Thu, 19 May 2005 10:21:48 -0400

That was one of the first things I did.  To cover myself, I actually 
copied over the pub key from the client machine to the policy 
master as user-x.x.x.ce0.pub and user-x.x.x.ce1.pub where 
ce0 and ce1 are are last digits associated with each interface. 

e.g. 

ce0 - 172.16.5.50
ce0 - 172.16.5.100

I also have the public key from the policy master on the client 
machine where I'm having the problem.  Is there some trick 
to generating keys bound to specific ip addresses?

Paul

>>> "Kelly Brown" <kbbrown@anonymizerinc.com> 05/19/05 10:12 AM >>>
Hi Paul:

You need to exchange keys for each ip address.  The ip addresses get 
saved as username-1.2.3.4.pub.  If you copy keys for each ip address
you 
have in dns, I believe that your problem will go away.

-K

PAUL WILLIAMSON wrote:

>I've been able to successfully distribute a cfagent.conf file (after 
>scp'ing the update.conf)  to my test bed of machines except one.
>The unique thing about this machine is that it has two NICs and 
>is set up in sort of a virtual-failover mode.  I've tried 
>BindToInterface in the cfagent.conf file, but I get the same 
>error.  I get the error and cfagent.conf is never copied.  Here's 
>the output of cfagent -v:
>
>root@nameofthismachine: /var/cfengine/inputs# cfagent -v
>Setting cfengine new port to 5308
>Setting cfengine old port to 5308
>Reference time set to Wed May 18 18:35:54 2005
>
>GNU Configuration Engine -
>2.1.13
>Free Software Foundation 1994-
>Donated by Mark Burgess, Faculty of Engineering,
>Oslo University College, 0254 Oslo, Norway
>
>------------------------------------------------------------------------
>
>Host name is: nameofthismachine
>Operating System Type is sunos
>Operating System Release is 5.8
>Architecture = sun4u
>
>
>Using internal soft-class solaris for host solaris
>
>The time is now Wed May 18 18:35:54 2005
>
>
>------------------------------------------------------------------------
>
>Additional hard class defined as: 32_bit
>Additional hard class defined as: sunos_5_8
>Additional hard class defined as: sunos_sun4u
>Additional hard class defined as: sunos_sun4u_5_8
>Additional hard class defined as: sparc
>Additional hard class defined as: SUNW,Sun-Fire-480R
>Additional hard class defined as: sunos_sun4u_5_8_Generic_117350_13
>
>GNU autoconf class from compile time: compiled_on_solaris2_8
>
>Address given by nameserver: x.x.x.x    <----this is different from
the
>active ip address, but another ip address configured on the system
>Interface 1: lo0
>Interface 2: ce0
>Interface 3: ce0:1
>Interface 4: ce1
>Trying to locate my IPv6 address
>Looking for environment from cfenvd...
>Loading environment...
>Environment data loaded
>
>cfengine:: No preconfiguration file
>
>$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
> * (Changing context state to: update) *
>$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
>
>Looking for an input file /var/cfengine/inputs/update.conf
>Finished with update.conf
>
>---------------------------------------------------------------------
>Looking for remote method collaborations
>---------------------------------------------------------------------
>
>
>Finished with RPC
>
>LogDirectory = /var/cfengine
>Loaded /var/cfengine/ppkeys/localhost.priv
>Loaded /var/cfengine/ppkeys/localhost.pub
>Checksum database is /var/cfengine/checksum.db
>
>*********************************************************************
> Update Sched: links pass 1 @ Wed May 18 18:35:54 2005
>*********************************************************************
>
>cfengine:: Nothing scheduled for link. (0/1 minutes elapsed)
>cfengine:: Nothing scheduled for link. (0/1 minutes elapsed)
>cfengine:: Nothing scheduled for link. (0/1 minutes elapsed)
>cfengine:: Nothing scheduled for link. (0/1 minutes elapsed)
>
>*********************************************************************
> Update Sched: copy pass 1 @ Wed May 18 18:35:54 2005
>*********************************************************************
>
>Checking copy from comrcu02emsprod:/var/cfengine/masterfiles/inputs
to
>/var/cfengine/inputs
>Connect to policymaster = x.x.x.y on port cfengine
>Updating last-seen time for policymaster
>Loaded /var/cfengine/ppkeys/root-x.x.x.y.pub
>cfengine:: Couldn't send
>cfengine:: send
>cfengine:: Received signal 13 (SIGPIPE) while doing
>[lock.cfagent_conf.nameofthismachine.._573]
>cfengine:: Logical start time Wed May 18 18:35:54 2005
>cfengine:: This sub-task started really at Wed May 18 18:35:54 2005
>
>and then I'm returned to a command prompt.  Any hope to fixing this?
>It is one of our most important servers, and is the only one that is 
>multi-honed in the group.
>
>Paul
>
>
>
>_______________________________________________
>Help-cfengine mailing list
>Help-cfengine@gnu.org 
>http://lists.gnu.org/mailman/listinfo/help-cfengine 
>  
>



_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org 
http://lists.gnu.org/mailman/listinfo/help-cfengine

[Prev in Thread]

Current Thread

[Next in Thread]

New problem with multi-honed machine, PAUL WILLIAMSON, 2005/05/18
- Re: New problem with multi-honed machine, Kelly Brown, 2005/05/19
- Re: New problem with multi-honed machine, PAUL WILLIAMSON <=
  - Re: New problem with multi-honed machine, Ed Brown, 2005/05/19
  - Re: New problem with multi-honed machine, Ed Brown, 2005/05/19

Prev by Date: Re: New problem with multi-honed machine
Next by Date: RE: ChecksumDatabase more details wanted, /dev/random draining
Previous by thread: Re: New problem with multi-honed machine
Next by thread: Re: New problem with multi-honed machine
Index(es):
- Date
- Thread