Re: cfservd.conf admit: issues

Thu, 04 Dec 2008 03:02:49 -0800 

Lance Albertson schrieb:
> Mark Burgess wrote:
>>
>> Lance,
>>
>> the syntax for admit/deny is to use wildcards and substrings for
>> matching. There is no CIDR notation support there in version 2.
>>
>> I agree that this is not clear from the documentation and I will look
>> at this. For now, I recommend rewriting your rules e.g. 10.0.0
> 
> I just tried doing what you recommended and I get the same error. For
> the record, here's the exact line I'm trying:
> 
>     /var/cfengine/repository/ 10.0.0 10.1.0
> 
> This is using 2.2.7. Does anyone else get the same error I am?
> 
> Thanks-
> 
> 


Hello!

I've just started updating our systems from 2.2.3 to 2.2.8 and I get
this message while starting cfservd:

[EMAIL PROTECTED] ~]# service cfservd start
cfservd starten: cf:cfservd:/var/cfengine/inputs/cfservd.conf:69:
Missing absolute path to a directory
cfservd:/var/cfengine/inputs/cfservd.conf:Cannot continue
                                                           [FEHLGESCHLAGEN]

In my config I have these lines:

groups:

  cfengine_server       = ( XXX.rrz.uni-koeln.de )
        
control:

...

    workdir                     = ( /var/cfengine )
    config_repository           = ( /afs/.rrz/admin/cfengine/config )


and


admit:
        
  cfengine_server::

    ${config_repository}        *.rrz.uni-koeln.de
    ${workdir}/config/ppkeys    *.rrz.uni-koeln.de *.uni-koeln.de
                                encrypt=true
                
  any::
        
    ${workdir}/inputs           *.rrz.uni-koeln.de *.uni-koeln.de       
    ${workdir}/config           *.rrz.uni-koeln.de *.uni-koeln.de       
    ${workdir}/bin/cfagent      *.rrz.uni-koeln.de *.uni-koeln.de       
    ${cfrunCommand}             *.rrz.uni-koeln.de *.uni-koeln.de


Line 69 is the one with ${workdir}/config/ppkeys.


If I change this to

    ${workdir}/config/ppkeys    *.rrz.uni-koeln.de
    ${workdir}/config/ppkeys    *.uni-koeln.de
#                               encrypt=true

All is fine. But this one fails:

    ${workdir}/config/ppkeys    *.rrz.uni-koeln.de
                                encrypt=true
    ${workdir}/config/ppkeys    *.uni-koeln.de
                                encrypt=true

and this one too:

    ${workdir}/config/ppkeys    *.rrz.uni-koeln.de encrypt=true
    ${workdir}/config/ppkeys    *.uni-koeln.de encrypt=true


I know that "*.rrz.uni-koeln.de *.uni-koeln.de"  is redundant... I once
played with these options and never removed the lines...

The interesting part is that the lines in the 'any' section seem to be
okay ... and that the system I used for the test is not my cfengine
server. X-|

Oh.... and this one works:

admit:
  any::
#  cfengine_server::

    ${config_repository}        *.rrz.uni-koeln.de
    ${workdir}/config/ppkeys    *.rrz.uni-koeln.de *.uni-koeln.de encrypt=true
                
#  any::
        
    ${workdir}/inputs           *.rrz.uni-koeln.de *.uni-koeln.de       
    ${workdir}/config           *.rrz.uni-koeln.de *.uni-koeln.de       
    ${workdir}/bin/cfagent      *.rrz.uni-koeln.de *.uni-koeln.de       
    ${cfrunCommand}             *.rrz.uni-koeln.de *.uni-koeln.de


What am I missing?


Best Regards,
Berthold Cogel




_______________________________________________
Bug-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/bug-cfengine

Reply via email to