Forum: Cfengine Help
Subject: Error during NetCopy
Author: steffenf
Link to topic: https://cfengine.com/forum/read.php?3,21761,21761#msg-21761
Hi all!
We have had cfengine running for a while now in three different environments.
Today one of our machines in one of the environments stopped working.
The machine had stopped working due to missing /etc/shadow and /etc/passwd
files. In our cfengine scenario these two files are copied from the
policyserver using:
body copy_from securecopyfiles(from,server)
{
servers => {"$(server)"};
source => "$(from)";
compare => "digest";
preserve => "yes";
encrypt => "true";
verify => "true";
}
The passwd and shadow files were missing, but the x.cfsaved and the
x.cf-before-edit were still present.
We manually copied the x.cfsaved files to x and the machine was up and running
again.
Any thoughts?
I can elaborate more about our setup upon request :)
Regards,
Steffen
Here is a snippet from /var/adm/messages when cotton hit the fan:
--------------------------------------------------------------------------------------------------------
May 3 07:26:49 machine cf3[24254]: !! NetCopy to destination
policyserver:/etc/passwd.cfnew security - failed attempt to exploit a race?
(Not copied)
May 3 07:26:49 machine cf3[24254]: !!! System error for open: "File exists"
May 3 07:26:49 machine cf3[24254]: I: The promise was made to:
May 3 07:26:49 machine cf3[5503]: I: The promise was made to:
May 3 07:26:49 machine cf3[24254]: !! NetCopy to destination
policyserver:/etc/shadow.cfnew security - failed attempt to exploit a race?
(Not copied)
May 3 07:26:49 machine cf3[24254]: !!! System error for open: "File
exists"
May 3 07:26:49 machine cf3[24254]: I: The promise was made to:
May 3 07:26:49 machine cf3[5503]: I: The promise was made to:
--------------------------------------------------------------------------------------------------------
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
