This should be fixed in svn code a while ago, please try to upgrade. There will probably be a new release of Cfengine soon that includes a few of the recent bugfixes.
-Eystein On 12/01/2009 06:27 PM, Jean-Noël Rivasseau wrote: > Hello, > > I am replying to this old thread (two monthes old only, actually) that I > found via Googling. I also have this problem and it is 100% reproducible > in my case. > > I am using Gentoo on both the server and the client, with version 3.0.2. > The version of OpenSSL is identical in both cases, 0.9.8l (note that it > also failed using 0.9.8l on the server and 0.9.8k on the client). > > This is my promises.cf <http://promises.cf>: > > bundle agent setupPhase > { > files: > "/srv/demo-phpbb/" copy_from => > fastCopyFromRemote("${global.OVERMIND_HOST}", > "${global.UNISON_REPOSITORY_PATH}demo-phpbb/"), depth_search => recurse, > perms => apache; > } > > body copy_from fastCopyFromRemote(server, path) > { > servers => {"${server}"}; > encrypt => "true"; > trustkey => "true"; > source => "${path}"; > compare => "digest"; > preserve => "false"; > purge => "true"; > copy_backup => "false"; > } > > body depth_search recurse > { > depth => "inf"; > } > > I am linking the demo-phpbb/ directory for you to reproduce the bug, as > I think it is somehow important (on other directories I am not hit by > this problem, so it is something strange in this directory that is > causing the bug, although I checked and everything seems normal...). It > is available at > > http://test.elvanor.net/bugs/demo-phpbb.zip > > I hope you can debug and fix this problem as it is quite critical IMHO > (not only it does not copy correctly the directory, it completely hangs > the cf-agent process while encountering garbage). > > Jean-Noel > > Mark, > > On the Ubuntu server I have OpenSSL 0.9.8g > On the Cygwin client I have OpenSSL 0.9.8k > > And on the Fedora client, I have OpenSSL 0.9.8k-fips > > So yes, it's more than likely that it is a OpenSSL issue since both > clients fails the same way, > > Regards, > Nicolas > > Mark Burgess a écrit : > > > Nicholas, > > > > I have been trying hard to reproduce this error but I have not been > able to. > > The problem is that encryption fails in the final transmission causing > file > > data > > to be apparent garbage. > > > > > I will try a few more things before giving up. May I ask what kind of > systems > > are running this? Do they have the same versions of OpenSSL? > > > > M > > > > > > Nicolas Charles wrote: > > > > >> Hi, > >> > >> I'm having a nasty behavior with the updating of promises when having > a > >> subfolder. > >> Here is myupdate.cf <http://update.cf> : > >> > > >> > >> # > >> # Define what an agent has to do when it updates > >> # its promises > >> # > >> > >> #simple copy method > >> body copy_from remote(server, path) { > > >> > >> servers => { > >> "${server}" > >> }; > >> encrypt => "true"; > >> trustkey => "true"; > >> source => "${path}"; > > >> compare => "digest"; > >> preserve => "false"; #preserver permissions > >> verify => "true"; > >> purge => "true"; > >> owners => {"slave"}; > > >> } > >> > >> #simple recurse method > >> > >> > >> bundle agent update { > >> vars: > >> any:: > >> "cfserved" string => "192.168.56.101"; #server IP > > >> "policy_files" string => "/srv/cf-served"; #directory where to look > for > >> promises in the server for that client > >> "server_inputs" string => "${policy_files}/inputs"; #actual > directory > > >> with promises, just to show the use of variables > >> "client_inputs" string => "${sys.workdir}/inputs"; #where to put the > >> files on the client when downloaded > >> > > >> files: > >> any:: > >> "${client_inputs}" #that's a loop on each files in client_inputs > >> copy_from => remote("${cfserved}","${server_inputs}"), > >> depth_search => recurse_visible("inf"); > > >> } > >> > >> > >> > >> On my server, I have > >> /srv/cf-served/inputs : the promises > >> /srv/cf-served/inputs/resources : variables, resources, etc > >> If resources folder is empty (or better, doesn't exist), it is great > > >> If there is one empty file, it works great > >> > >> But if /srv/cf-served/inputs/resources contains a file (let's call it > >> simple_its.txt) containing"foo baz" (or whatever), here is the update > > >> behavior : > >> cf3 ========================================================= > >> cf3 files in bundle update (1) > >> cf3 ========================================================= > >> cf3 > > >> cf3 Verifying SQL table promises is only available with Cfengine Nova > or > >> above > >> cf3 > >> cf3 ......................................................... > >> cf3 Promise handle: > > >> cf3 Promise made by: /var/cfengine/inputs > >> cf3 ......................................................... > >> cf3 > >> cf3 -> Handling file existence constraints on /var/cfengine/inputs > > >> cf3 -> Copy file /var/cfengine/inputs from /srv/cf-served/inputs > check > >> cf3 Found address (192.168.56.101) for host 192.168.56.101 > >> cf3 Found address (192.168.56.101) for host 192.168.56.101 > > >> cf3 No existing connection to 192.168.56.101 is established... > >> cf3 Set cfengine port number to 5308 = 5308 > >> cf3 Connect to 192.168.56.101 = 192.168.56.101, port = (5308=5308) > >> cf3 LastSaw host 192.168.56.101 now > > >> cf3 Found address (192.168.56.101) for host 192.168.56.101 > >> cf3 Loaded /var/cfengine/ppkeys/root-192.168.56.101.pub > >> cf3 .....................[.h.a.i.l.]................................. > > >> cf3 Strong authentication of server=192.168.56.101 connection > confirmed > >> cf3 Found address (192.168.56.101) for host 192.168.56.101 > >> cf3 !! (Destination purging enabled) > >> cf3 ->> Entering /srv/cf-served/inputs > > >> (snip) > >> cf3 -> Destination file /var/cfengine/inputs/site.cf > <http://site.cf> already exists > >> cf3 -> File permissions on /var/cfengine/inputs/site.cf > <http://site.cf> as promised > > >> cf3 -> File /var/cfengine/inputs/site.cf <http://site.cf> is an up > to date copy of source > >> cf3 -> /var/cfengine/inputs/update.cf <http://update.cf>~ wasn't at > destination (copying) > > >> cf3 -> Copying from 192.168.56.101:/srv/cf-served/inputs/update.cf > <http://update.cf>~ > >> cf3 -> Copy of regular file succeeded > /srv/cf-served/inputs/update.cf <http://update.cf>~ > > >> to /var/cfengine/inputs/update.cf <http://update.cf>~.cfnew > >> cf3 ?? Final verification of transmission ... > >> cf3 -> New file /var/cfengine/inputs/update.cf > <http://update.cf>~.cfnew transmitted > > >> correctly - verified > >> cf3 -> Group of /var/cfengine/inputs/update.cf <http://update.cf>~ > was 513, setting to 0 > >> cf3 -> File permissions on /var/cfengine/inputs/update.cf > <http://update.cf>~ as promised > > >> cf3 -> Updated file from > 192.168.56.101:/srv/cf-served/inputs/update.cf <http://update.cf>~ > >> cf3 ->> Entering /var/cfengine/inputs/resources > >> cf3 -> File permissions on /var/cfengine/inputs/resources as promised > > >> cf3 -> Destination file > /var/cfengine/inputs/resources/simple_ips.txt~ > >> already exists > >> cf3 -> File permissions on > >> /var/cfengine/inputs/resources/simple_ips.txt~ as promised > > >> cf3 -> File /var/cfengine/inputs/resources/simple_ips.txt~ is an up > to > >> date copy of source > >> cf3 -> /var/cfengine/inputs/resources/simple_ips.txt wasn't at > >> destination (copying) > > >> cf3 -> Copying from > >> 192.168.56.101:/srv/cf-served/inputs/resources/simple_ips.txt > >> cf3 !! Copy from > >> 192.168.56.101:/srv/cf-served/inputs/resources/simple_ips.txt failed > > >> cf3 !! Purging /var/cfengine/inputs/resources/simple_ips.txt.cfnew in > >> copy dest directory > >> cf3 Transmission refused or failed statting > >> /srv/cf-served/inputs/ocsi-agent.cf <http://ocsi-agent.cf> > > >> Got: ÉòÞ¡Íäí > >> cf3 !! (Can't stat /srv/cf-served/inputs/ocsi-agent.cf > <http://ocsi-agent.cf>) > >> cf3 !!! System error for cf_stat:"Operation not permitted" > >> cf3 -> Destination file /var/cfengine/inputs/promises.cf > <http://promises.cf> already exists > > >> cf3 !! Image file /var/cfengine/inputs/promises.cf > <http://promises.cf> has a wrong MD5 > >> checksum (should be copy of /srv/cf-served/inputs/promises.cf > <http://promises.cf>) > > >> cf3 -> Updated /var/cfengine/inputs/promises.cf > <http://promises.cf> from source > >> /srv/cf-served/inputs/promises.cf <http://promises.cf> on > 192.168.56.101 > >> cf3 Was not able to copy /srv/cf-served/inputs/promises.cf > <http://promises.cf> to > > >> /var/cfengine/inputs/promises.cf <http://promises.cf> > >> cf3 I: Report relates to a promise with handle"" > >> cf3 I: Made in version'not specified' of > >> '/var/cfengine/inputs/update.cf <http://update.cf>' near line 37 > > >> cf3 -> Destination file /var/cfengine/inputs/library.cf > <http://library.cf> already exists > >> cf3 !! Image file /var/cfengine/inputs/library.cf > <http://library.cf> has a wrong MD5 > > >> checksum (should be copy of /srv/cf-served/inputs/library.cf > <http://library.cf>) > >> cf3 -> Updated /var/cfengine/inputs/library.cf <http://library.cf> > from source > >> /srv/cf-served/inputs/library.cf <http://library.cf> on > 192.168.56.101 > > >> cf3 -> Copy of regular file succeeded > /srv/cf-served/inputs/library.cf <http://library.cf> > >> to /var/cfengine/inputs/library.cf.cfnew > >> cf3 !! New file /var/cfengine/inputs/library.cf.cfnew seems to have > been > > >> corrupted in transit (sizes 1304 and 0), aborting! > >> cf3 Was not able to copy /srv/cf-served/inputs/library.cf > <http://library.cf> to > >> /var/cfengine/inputs/library.cf <http://library.cf> > > >> cf3 I: Report relates to a promise with handle"" > >> cf3 I: Made in version'not specified' of > >> '/var/cfengine/inputs/update.cf <http://update.cf>' near line 37 > > >> cf3 -> Destination file /var/cfengine/inputs/update.cf > <http://update.cf> already exists > >> cf3 !! Image file /var/cfengine/inputs/update.cf <http://update.cf> > has a wrong MD5 > > >> checksum (should be copy of /srv/cf-served/inputs/update.cf > <http://update.cf>) > >> cf3 -> Updated /var/cfengine/inputs/update.cf <http://update.cf> > from source > >> /srv/cf-served/inputs/update.cf <http://update.cf> on 192.168.56.101 > > >> cf3 -> Copy of regular file succeeded > /srv/cf-served/inputs/update.cf <http://update.cf> to > >> /var/cfengine/inputs/update.cf.cfnew > >> cf3 ?? Final verification of transmission ... > > >> cf3 -> New file /var/cfengine/inputs/update.cf.cfnew transmitted > >> correctly - verified > >> cf3 -> Group of /var/cfengine/inputs/update.cf <http://update.cf> > was 513, setting to 0 > > >> cf3 -> Object /var/cfengine/inputs/update.cf <http://update.cf> > had permission 600, changed > >> it to 644 > >> cf3 -> Destination file /var/cfengine/inputs/failsafe.cf > <http://failsafe.cf> already exists > > >> cf3 !! Image file /var/cfengine/inputs/failsafe.cf > <http://failsafe.cf> has a wrong MD5 > >> checksum (should be copy of /srv/cf-served/inputs/failsafe.cf > <http://failsafe.cf>) > > >> cf3 -> Updated /var/cfengine/inputs/failsafe.cf > <http://failsafe.cf> from source > >> /srv/cf-served/inputs/failsafe.cf <http://failsafe.cf> on > 192.168.56.101 > >> cf3 Was not able to copy /srv/cf-served/inputs/failsafe.cf > <http://failsafe.cf> to > > >> /var/cfengine/inputs/failsafe.cf <http://failsafe.cf> > >> cf3 I: Report relates to a promise with handle"" > >> cf3 I: Made in version'not specified' of > >> '/var/cfengine/inputs/update.cf <http://update.cf>' near line 37 > > >> cf3 Transmission refused or failed statting > >> /srv/cf-served/inputs/cf-served.cf <http://cf-served.cf> > >> Got: CFD_TRUE > >> cf3 !! (Can't stat /srv/cf-served/inputs/cf-served.cf > <http://cf-served.cf>) > > >> cf3 !!! System error for cf_stat:"Operation not permitted" > >> cf3 -> Destination file /var/cfengine/inputs/yum.cf <http://yum.cf> > already exists > >> cf3 -> File permissions on /var/cfengine/inputs/yum.cf > <http://yum.cf> as promised > > >> cf3 -> File /var/cfengine/inputs/yum.cf <http://yum.cf> is an up > to date copy of source > >> cf3 Transmission refused or failed statting > >> /srv/cf-served/inputs/virtual-machines.cf > <http://virtual-machines.cf> > > >> Got: ŒFÚðQCa > >> cf3 !! (Can't stat /srv/cf-served/inputs/virtual-machines.cf > <http://virtual-machines.cf>) > >> cf3 !!! System error for cf_stat:"Operation not permitted" > > >> cf3 -> Destination file /var/cfengine/inputs/exim4.cf > <http://exim4.cf> already exists > >> cf3 !! Image file /var/cfengine/inputs/exim4.cf <http://exim4.cf> > has a wrong MD5 checksum > > >> (should be copy of /srv/cf-served/inputs/exim4.cf <http://exim4.cf>) > >> cf3 -> Updated /var/cfengine/inputs/exim4.cf <http://exim4.cf> > from source > >> /srv/cf-served/inputs/exim4.cf <http://exim4.cf> on 192.168.56.101 > > >> cf3 Was not able to copy /srv/cf-served/inputs/exim4.cf > <http://exim4.cf> to > >> /var/cfengine/inputs/exim4.cf <http://exim4.cf> > >> cf3 I: Report relates to a promise with handle"" > > >> cf3 I: Made in version'not specified' of > >> '/var/cfengine/inputs/update.cf <http://update.cf>' near line 37 > >> cf3 !! Purging /var/cfengine/inputs/exim4.cf.cfnew in copy dest > directory > > >> cf3 !! Purging /var/cfengine/inputs/failsafe.cf.cfnew in copy dest > directory > >> cf3 !! Purging /var/cfengine/inputs/library.cf.cfnew in copy dest > directory > >> cf3 !! Purging /var/cfengine/inputs/promises.cf.cfnew in copy dest > directory > > >> cf3 !! Purging /var/cfengine/inputs/update.cf.cfsaved in copy dest > directory > >> cf3 Performance(Copy(192.168.56.101:/srv/cf-served/inputs> > >> /var/cfengine/inputs)): time=2.0000 secs, av=2.6912 +/- 0.8668 > > >> cf3 Existing connection just became free... > >> > >> Then files content are messed up (ending with content from one file in > >> another one) > >> > >> Both client and server are the 3.0.2 release > > >> > >> Regards, > >> Nicolas > > > > > _______________________________________________ > Bug-cfengine mailing list > Bug-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/bug-cfengine _______________________________________________ Bug-cfengine mailing list Bug-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/bug-cfengine
