Nicholas,
I have been trying hard to reproduce this error but I have not been able to.
The problem is that encryption fails in the final transmission causing file data
to be apparent garbage.
I will try a few more things before giving up. May I ask what kind of systems
are running this? Do they have the same versions of OpenSSL?
M
Nicolas Charles wrote:
> Hi,
>
> I'm having a nasty behavior with the updating of promises when having a
> subfolder.
> Here is my update.cf :
>
>
> #
> # Define what an agent has to do when it updates
> # its promises
> #
>
> #simple copy method
> body copy_from remote(server, path) {
>
> servers => {
> "${server}"
> };
> encrypt => "true";
> trustkey => "true";
> source => "${path}";
> compare => "digest";
> preserve => "false"; #preserver permissions
> verify => "true";
> purge => "true";
> owners => {"slave"};
> }
>
> #simple recurse method
>
>
> bundle agent update {
> vars:
> any::
> "cfserved" string => "192.168.56.101"; #server IP
> "policy_files" string => "/srv/cf-served"; #directory where to look for
> promises in the server for that client
> "server_inputs" string => "${policy_files}/inputs"; #actual directory
> with promises, just to show the use of variables
> "client_inputs" string => "${sys.workdir}/inputs"; #where to put the
> files on the client when downloaded
>
> files:
> any::
> "${client_inputs}" #that's a loop on each files in client_inputs
> copy_from => remote("${cfserved}","${server_inputs}"),
> depth_search => recurse_visible("inf");
> }
>
>
>
> On my server, I have
> /srv/cf-served/inputs : the promises
> /srv/cf-served/inputs/resources : variables, resources, etc
> If resources folder is empty (or better, doesn't exist), it is great
> If there is one empty file, it works great
>
> But if /srv/cf-served/inputs/resources contains a file (let's call it
> simple_its.txt) containing "foo baz" (or whatever), here is the update
> behavior :
> cf3 =========================================================
> cf3 files in bundle update (1)
> cf3 =========================================================
> cf3
> cf3 Verifying SQL table promises is only available with Cfengine Nova or
> above
> cf3
> cf3 .........................................................
> cf3 Promise handle:
> cf3 Promise made by: /var/cfengine/inputs
> cf3 .........................................................
> cf3
> cf3 -> Handling file existence constraints on /var/cfengine/inputs
> cf3 -> Copy file /var/cfengine/inputs from /srv/cf-served/inputs check
> cf3 Found address (192.168.56.101) for host 192.168.56.101
> cf3 Found address (192.168.56.101) for host 192.168.56.101
> cf3 No existing connection to 192.168.56.101 is established...
> cf3 Set cfengine port number to 5308 = 5308
> cf3 Connect to 192.168.56.101 = 192.168.56.101, port = (5308=5308)
> cf3 LastSaw host 192.168.56.101 now
> cf3 Found address (192.168.56.101) for host 192.168.56.101
> cf3 Loaded /var/cfengine/ppkeys/root-192.168.56.101.pub
> cf3 .....................[.h.a.i.l.].................................
> cf3 Strong authentication of server=192.168.56.101 connection confirmed
> cf3 Found address (192.168.56.101) for host 192.168.56.101
> cf3 !! (Destination purging enabled)
> cf3 ->> Entering /srv/cf-served/inputs
> (snip)
> cf3 -> Destination file /var/cfengine/inputs/site.cf already exists
> cf3 -> File permissions on /var/cfengine/inputs/site.cf as promised
> cf3 -> File /var/cfengine/inputs/site.cf is an up to date copy of source
> cf3 -> /var/cfengine/inputs/update.cf~ wasn't at destination (copying)
> cf3 -> Copying from 192.168.56.101:/srv/cf-served/inputs/update.cf~
> cf3 -> Copy of regular file succeeded /srv/cf-served/inputs/update.cf~
> to /var/cfengine/inputs/update.cf~.cfnew
> cf3 ?? Final verification of transmission ...
> cf3 -> New file /var/cfengine/inputs/update.cf~.cfnew transmitted
> correctly - verified
> cf3 -> Group of /var/cfengine/inputs/update.cf~ was 513, setting to 0
> cf3 -> File permissions on /var/cfengine/inputs/update.cf~ as promised
> cf3 -> Updated file from 192.168.56.101:/srv/cf-served/inputs/update.cf~
> cf3 ->> Entering /var/cfengine/inputs/resources
> cf3 -> File permissions on /var/cfengine/inputs/resources as promised
> cf3 -> Destination file /var/cfengine/inputs/resources/simple_ips.txt~
> already exists
> cf3 -> File permissions on
> /var/cfengine/inputs/resources/simple_ips.txt~ as promised
> cf3 -> File /var/cfengine/inputs/resources/simple_ips.txt~ is an up to
> date copy of source
> cf3 -> /var/cfengine/inputs/resources/simple_ips.txt wasn't at
> destination (copying)
> cf3 -> Copying from
> 192.168.56.101:/srv/cf-served/inputs/resources/simple_ips.txt
> cf3 !! Copy from
> 192.168.56.101:/srv/cf-served/inputs/resources/simple_ips.txt failed
> cf3 !! Purging /var/cfengine/inputs/resources/simple_ips.txt.cfnew in
> copy dest directory
> cf3 Transmission refused or failed statting
> /srv/cf-served/inputs/ocsi-agent.cf
> Got: ÉòÞ¡Íäí
> cf3 !! (Can't stat /srv/cf-served/inputs/ocsi-agent.cf)
> cf3 !!! System error for cf_stat: "Operation not permitted"
> cf3 -> Destination file /var/cfengine/inputs/promises.cf already exists
> cf3 !! Image file /var/cfengine/inputs/promises.cf has a wrong MD5
> checksum (should be copy of /srv/cf-served/inputs/promises.cf)
> cf3 -> Updated /var/cfengine/inputs/promises.cf from source
> /srv/cf-served/inputs/promises.cf on 192.168.56.101
> cf3 Was not able to copy /srv/cf-served/inputs/promises.cf to
> /var/cfengine/inputs/promises.cf
> cf3 I: Report relates to a promise with handle ""
> cf3 I: Made in version 'not specified' of
> '/var/cfengine/inputs/update.cf' near line 37
> cf3 -> Destination file /var/cfengine/inputs/library.cf already exists
> cf3 !! Image file /var/cfengine/inputs/library.cf has a wrong MD5
> checksum (should be copy of /srv/cf-served/inputs/library.cf)
> cf3 -> Updated /var/cfengine/inputs/library.cf from source
> /srv/cf-served/inputs/library.cf on 192.168.56.101
> cf3 -> Copy of regular file succeeded /srv/cf-served/inputs/library.cf
> to /var/cfengine/inputs/library.cf.cfnew
> cf3 !! New file /var/cfengine/inputs/library.cf.cfnew seems to have been
> corrupted in transit (sizes 1304 and 0), aborting!
> cf3 Was not able to copy /srv/cf-served/inputs/library.cf to
> /var/cfengine/inputs/library.cf
> cf3 I: Report relates to a promise with handle ""
> cf3 I: Made in version 'not specified' of
> '/var/cfengine/inputs/update.cf' near line 37
> cf3 -> Destination file /var/cfengine/inputs/update.cf already exists
> cf3 !! Image file /var/cfengine/inputs/update.cf has a wrong MD5
> checksum (should be copy of /srv/cf-served/inputs/update.cf)
> cf3 -> Updated /var/cfengine/inputs/update.cf from source
> /srv/cf-served/inputs/update.cf on 192.168.56.101
> cf3 -> Copy of regular file succeeded /srv/cf-served/inputs/update.cf to
> /var/cfengine/inputs/update.cf.cfnew
> cf3 ?? Final verification of transmission ...
> cf3 -> New file /var/cfengine/inputs/update.cf.cfnew transmitted
> correctly - verified
> cf3 -> Group of /var/cfengine/inputs/update.cf was 513, setting to 0
> cf3 -> Object /var/cfengine/inputs/update.cf had permission 600, changed
> it to 644
> cf3 -> Destination file /var/cfengine/inputs/failsafe.cf already exists
> cf3 !! Image file /var/cfengine/inputs/failsafe.cf has a wrong MD5
> checksum (should be copy of /srv/cf-served/inputs/failsafe.cf)
> cf3 -> Updated /var/cfengine/inputs/failsafe.cf from source
> /srv/cf-served/inputs/failsafe.cf on 192.168.56.101
> cf3 Was not able to copy /srv/cf-served/inputs/failsafe.cf to
> /var/cfengine/inputs/failsafe.cf
> cf3 I: Report relates to a promise with handle ""
> cf3 I: Made in version 'not specified' of
> '/var/cfengine/inputs/update.cf' near line 37
> cf3 Transmission refused or failed statting
> /srv/cf-served/inputs/cf-served.cf
> Got: CFD_TRUE
> cf3 !! (Can't stat /srv/cf-served/inputs/cf-served.cf)
> cf3 !!! System error for cf_stat: "Operation not permitted"
> cf3 -> Destination file /var/cfengine/inputs/yum.cf already exists
> cf3 -> File permissions on /var/cfengine/inputs/yum.cf as promised
> cf3 -> File /var/cfengine/inputs/yum.cf is an up to date copy of source
> cf3 Transmission refused or failed statting
> /srv/cf-served/inputs/virtual-machines.cf
> Got: ŒFÚðQCa
> cf3 !! (Can't stat /srv/cf-served/inputs/virtual-machines.cf)
> cf3 !!! System error for cf_stat: "Operation not permitted"
> cf3 -> Destination file /var/cfengine/inputs/exim4.cf already exists
> cf3 !! Image file /var/cfengine/inputs/exim4.cf has a wrong MD5 checksum
> (should be copy of /srv/cf-served/inputs/exim4.cf)
> cf3 -> Updated /var/cfengine/inputs/exim4.cf from source
> /srv/cf-served/inputs/exim4.cf on 192.168.56.101
> cf3 Was not able to copy /srv/cf-served/inputs/exim4.cf to
> /var/cfengine/inputs/exim4.cf
> cf3 I: Report relates to a promise with handle ""
> cf3 I: Made in version 'not specified' of
> '/var/cfengine/inputs/update.cf' near line 37
> cf3 !! Purging /var/cfengine/inputs/exim4.cf.cfnew in copy dest directory
> cf3 !! Purging /var/cfengine/inputs/failsafe.cf.cfnew in copy dest directory
> cf3 !! Purging /var/cfengine/inputs/library.cf.cfnew in copy dest directory
> cf3 !! Purging /var/cfengine/inputs/promises.cf.cfnew in copy dest directory
> cf3 !! Purging /var/cfengine/inputs/update.cf.cfsaved in copy dest directory
> cf3 Performance(Copy(192.168.56.101:/srv/cf-served/inputs >
> /var/cfengine/inputs)): time=2.0000 secs, av=2.6912 +/- 0.8668
> cf3 Existing connection just became free...
>
> Then files content are messed up (ending with content from one file in
> another one)
>
> Both client and server are the 3.0.2 release
>
> Regards,
> Nicolas
>
> _______________________________________________
> Bug-cfengine mailing list
> Bug-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/bug-cfengine
--
Mark Burgess
-------------------------------------------------
Professor of Network and System Administration
Oslo University College, Norway
Personal Web: http://www.iu.hio.no/~mark
Office Telf : +47 22453272
-------------------------------------------------
_______________________________________________
Bug-cfengine mailing list
Bug-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/bug-cfengine
