Forum: Cfengine Help
Subject: cfengine 3.1.3 issues
Author: Beto
Link to topic: https://cfengine.com/forum/read.php?3,20269,20269#msg-20269
Initial testing of 3.1.3 on a client upgraded from 3.0.5p1 shows a couple of
problems. This is compiled with the 3.1.3 Ammended source tarball:
1. The 3.1.3 client can't find the server's key:
Couldn't find a public key (/var/cfengine/ppkeys/root-.pub)
!!! System error for fopen: "No such file or directory"
!! Not authorized to trust the server=wilma.dcpds.cpms.osd.mil's public key
(trustkey=false)
!! Authentication dialogue with wilma.dcpds.cpms.osd.mil failed
neo:/var/cfengine/outputs# ll /var/cfengine/ppkeys/
total 48
-rw------- 1 root sys 1743 Apr 15 2010 localhost.priv
-rw------- 1 root sys 426 Apr 15 2010 localhost.pub
-rw------- 1 root sys 426 Apr 15 2010
root-172.27.227.221.pub
2. Errors when running an edit bundle:
!! Attempt to add variable "HomeDir[0]" to non-existant scope "dot_file_check"
- ignored
!! Attempt to add variable "HomeDir[1]" to non-existant scope "dot_file_check"
- ignored
!! Attempt to add variable "HomeDir[2]" to non-existant scope "dot_file_check"
- ignored
!! Attempt to add variable "HomeDir[3]" to non-existant scope "dot_file_check"
- ignored
!! Attempt to add variable "HomeDir[4]" to non-existant scope "dot_file_check"
- ignored
!! Attempt to add variable "HomeDir[5]" to non-existant scope "dot_file_check"
- ignored
!! Attempt to add variable "HomeDir[6]" to non-existant scope "dot_file_check"
- ignored
These errors are produced by the following bundle:
bundle agent check_user_files
{
vars:
# Put all users in /etc/passwd into the array "HomeDir", excluding
# uids 1-199, nobody (-2), oracle (204), applmgr (205), hpsmh (430),
# nfsnobody (65534, 4294967294) and ids (1000).
"HomeDirn" int => readstringarray(
"HomeDir",
"/etc/passwd",
".*:[*x]:([1-9]|\d{2}|1\d{1,2}|-2|204|205|430|65534|4294967294|1000):.*",
":",
"300",
"12000"
);
!dotFilesList!dotFilesFound::
"HomeUsr" slist => getindices("HomeDir"),
policy => "overridable";
dotFilesFound::
"dotFilesList" slist => splitstring("$(FindDotFiles.dotFiles)","
","800");
classes:
"dotFilesList" expression => isvariable("dotFilesList");
# FindDotFiles finds user initialization ("dot") files of interest and
returns
# them in the cfengine variable "dotFiles". A module is used because
cfengine
# doesn't support file_select with an edit_line promise.
"dotFilesFound" expression => usemodule("FindDotFiles","");
files:
any::
"$(HomeDir[$(HomeUsr)][5])"
comment => "GEN001860, GEN001880",
perms =>
mog("o-rwx,g-wx","$(HomeDir[$(HomeUsr)][2])","$(HomeDir[$(HomeUsr)][3])"),
depth_search => recurse("1"),
file_select => by_name("\..*");
"$(HomeDir[$(HomeUsr)][5])"
comment => "GEN001480, GEN001500, GEN001520, GEN001540,
GEN001560",
perms =>
mog("o-rwx,g-w","$(HomeDir[$(HomeUsr)][2])","$(HomeDir[$(HomeUsr)][3])"),
depth_search => recurse_include_basedir("inf");
dotFilesList::
"$(dotFilesList)"
comment => "GEN002560",
edit_line => dot_file_check,
edit_defaults => no_edit_backup;
reports:
homereport::
# This class can be used for testing with the following command:
# cf-agent -KInb check_user_files -Dhomereport -f ./promises.cf
"Checking $(HomeDir[$(HomeUsr)][0]) \
$(HomeDir[$(HomeUsr)][2]):$(HomeDir[$(HomeUsr)][3]) \
$(HomeDir[$(HomeUsr)][5])";
dotReport.dotFilesList::
# This class can be used for testing with the following command:
# cf-agent -KIb check_user_files -DdotReport -f ./promises.cf
"$(dotFilesList)";
"$(FindDotFiles.dotFiles)";
}
#########################################################
#
# Bodies
#
bundle edit_line dot_file_check
{
replace_patterns:
"umask\s*0*22"
replace_with => value("umask 077 # GEN002560");
}
body edit_defaults no_edit_backup
{
edit_backup => "false";
}
This bundle has been running fine on the last several cfengine releases
including 3.1.2.
Any ideas?
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
