Hi Paul:
Try this the first time you run it... cfagent -f /etc/cfengine/update.conf
PAUL WILLIAMSON wrote:
I have an update.conf file that I've copied over to an client. I've created a public/private key with cfkey (after starting
cfenvd) and copied the public key over to the policy host server and also copied the public key from the policy host to the client. When I run cfagent on the client machine, I get an error saying there's no cfagent.cfg. I thought the update.conf would have taken care of pushing it out there?
My entire update.conf:
####### # # BEGIN update.conf # #######
control:
actionsequence = ( links copy processes tidy )
domain = ( myrealdomain.com )
# # Which host/dir is the master for configuration roll-outs? #
policyhost = ( policymasterserver ) master_cfinput = ( /var/cfengine/masterfiles/inputs )
AllowConnectionsFrom = ( x.x.x.x ) # (ip address of policy host)
AddInstallable = ( new_cfenvd new_cfservd )
# # Some convenient variables #
workdir = ( /var/cfengine )
solaris::
cf_install_dir = ( /usr/local/sbin )
linux::
cf_install_dir = ( /usr/local/sbin )
################################################################### # # Spread the load, make sure the servers get done first though # ###################################################################
SplayTime = ( 1 )
links:
$(workdir)/bin/cfagent -> $(cf_install_dir)/cfagent $(workdir)/bin/cfservd -> $(cf_install_dir)/cfservd $(workdir)/bin/cfexecd -> $(cf_install_dir)/cfexecd $(workdir)/bin/cfenvd -> $(cf_install_dir)/cfenvd
############################################################################ # # Make sure there is a local copy of the configuration and # the most important binaries in case we have no connectivity # e.g. for mobile stations or during DOS attacks #
copy:
$(master_cfinput) dest=$(workdir)/inputs r=inf mode=700 type=binary exclude=*.lst exclude=*~ exclude=#* server=$(policyhost) trustkey=true
#####################################################################
tidy:
# # Cfexecd stores output in this directory. # Make sure we don't build up files and choke on our own words! #
$(workdir)/outputs pattern=* age=7
#####################################################################
processes:
new_cfservd::
"cfservd" signal=term restart /var/cfengine/bin/cfservd
new_cfenvd::
"cfenvd" signal=kill restart "/var/cfengine/bin/cfenvd -H"
### # # END update.conf # ###
Does this make sense? Any help is appreciated...
Paul
_______________________________________________
Help-cfengine mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-cfengine
_______________________________________________ Help-cfengine mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-cfengine
