Your message dated Sat, 19 Aug 2023 17:21:58 +0000 with message-id <[email protected]> and subject line Bug#1041323: fixed in debian-edu-config 2.12.35 has caused the Debian Bug report #1041323, regarding CFEngine agent connection errors to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 1041323: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041323 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: debian-edu-config Version: 2.12.32 There are regular failed connection attempts as follows logged: Jul 17 12:55:43 tjener.intern cf-serverd[1031]: error: Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-serverd[1031]: CFEngine(server) Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Failed to establish TLS connection: underlying network error (Broken pipe) Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/inputs' Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Promise belongs to bundle 'failsafe_cfe_internal_update' in file '/var/lib/cfengine3/inputs/failsafe.cf' near line 121 Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/inputs' Jul 17 12:55:43 tjener.intern cf-serverd[1031]: error: Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-serverd[1031]: CFEngine(server) Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Failed to establish TLS connection: underlying network error (Broken pipe) Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/modules' Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Promise belongs to bundle 'failsafe_cfe_internal_update' in file '/var/lib/cfengine3/inputs/failsafe.cf' near line 130 Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/modules' Jul 17 12:55:43 tjener.intern cf-serverd[1031]: error: Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-serverd[1031]: CFEngine(server) Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Failed to establish TLS connection: underlying network error (Broken pipe) Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/inputs' Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Promise belongs to bundle 'failsafe_cfe_internal_update' in file '/var/lib/cfengine3/inputs/failsafe.cf' near line 144 Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Comment is 'If we failed to fetch policy we try again using the legacy default in case we are fetching policy from a hub that is not serving mastefiles via a shortcut.' Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/inputs' Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Method 'failsafe_cfe_internal_update' failed in some repairs Jul 17 12:55:43 tjener.intern cf-serverd[1031]: error: Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-serverd[1031]: CFEngine(server) Remote host '::1' not in allowconnects, denying connection Jul 17 12:55:43 tjener.intern cf-agent[3731]: CFEngine(agent) Failed to establish TLS connection: underlying network error (Broken pipe) Jul 17 12:55:43 tjener.intern cf-agent[3731]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/inputs/cf_promises_validated' Jul 17 12:55:43 tjener.intern cf-agent[3731]: CFEngine(agent) Promise belongs to bundle 'cfe_internal_update_policy_cpv' in file '/var/lib/cfengine3/inputs/cfe_internal/update/update_policy.cf' near line 229 Jul 17 12:55:43 tjener.intern cf-agent[3731]: CFEngine(agent) Comment is 'Check whether a validation stamp is available for a new policy update to reduce the distributed load' Jul 17 12:55:43 tjener.intern cf-agent[3731]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/inputs/cf_promises_validated' Jul 17 12:55:43 tjener.intern cf-agent[3731]: CFEngine(agent) Method 'cfe_internal_update_policy_cpv' failed in some repairs Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) Q: ".../cf-agent" -f /": error: Failed to establish TLS connection: underlying network error (Broken pipe) Q: ".../cf-agent" -f /": error: No suitable server found for '/var/lib/cfengine3/inputs/cf_promises_validated' Q: ".../cf-agent" -f /": error: Promise belongs to bundle 'cfe_internal_update_policy_cpv' in file '/var/lib/cfengine3/inputs/cfe_internal/update/update_policy.cf' near line 229 Q: ".../cf-agent" -f /": error: Comment is 'Check whether a validation stamp is available for a new policy update to reduce the distributed load' Q: ".../cf-agent" -f /": error: Errors encountered when actuating files promise '/var/lib/cfengine3/inputs/cf_promises_validated' Q: ".../cf-agent" -f /": error: Method 'cfe_internal_update_policy_cpv' failed in some repairs Jul 17 12:55:43 tjener.intern cf-agent[3722]: CFEngine(agent) R: Built-in failsafe policy triggered It seems that the agent tries to contact the server using the IPv6 loopback address which does not seem to be allowed by the configuration. -- Guido Berhoerster
--- End Message ---
--- Begin Message ---Source: debian-edu-config Source-Version: 2.12.35 Done: Mike Gabriel <[email protected]> We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel <[email protected]> (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 19 Aug 2023 17:00:36 +0200 Source: debian-edu-config Architecture: source Version: 2.12.35 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers <[email protected]> Changed-By: Mike Gabriel <[email protected]> Closes: 1008599 1041323 1043407 1049396 Changes: debian-edu-config (2.12.35) unstable; urgency=medium . [ Guido Berhoerster ] * Remove configure-edu-gateway. (Closes: #1043407). The script is obsoleted by the more sophisticated configuration abilities provided by the debian-edu-router-config package. * Do not hardcode X2Go desktop to Xfce. (Closes: #1049396). Add a commandline option --x2go_desktop for specifying the default desktop and make a best effort finding a usable desktop if none is specified. * Disable cf-execd on installation. (Closes: #1041323). Currently cf-execd is enabled by default if systemd is used (see #1043353) but the agent should only be run on installation. * Do not attempt to fetch the rootCA cert outside of a DebianEdu network An error should only be reported if the machine is inside a DebianEdu network, i.e. www.intern is resolvable, but the download fails. (Closes: #1008599). . [ Mike Gabriel ] * debian/tests/control: Remove configure-edu-gateway from list of tests. Script and testscript are now gone. (Related to closure of #1043407, see above). * Silence lintian warnings of type 'bash-term-in-posix-shell' by using variable names that lintian can't confuse with bash-only pre-set variables (e.g. $HOSTNAME or $UID). Checksums-Sha1: e3fdb998a5f86bda83d00b73fa524aeb9058ba44 2017 debian-edu-config_2.12.35.dsc bbe1b2301099d9465e5e07596f266c471943384d 356628 debian-edu-config_2.12.35.tar.xz 1737e2af9c6b10402dd6605cb74bb52bcdd7335d 6733 debian-edu-config_2.12.35_source.buildinfo Checksums-Sha256: 820f9d89250cc0977c483c8dc2dbf9450557624d3acf524ea7d31fe7e35e018e 2017 debian-edu-config_2.12.35.dsc b8666d8c07b218132c9b3d1108d593bb47520170b8aa83c7af6b8fcd51903b6e 356628 debian-edu-config_2.12.35.tar.xz 54358304ba6f9f7139ace7e33fabdb18439c152079e344990dfc8d2d13e3d858 6733 debian-edu-config_2.12.35_source.buildinfo Files: 78199d44dd961610378262c64552382a 2017 misc optional debian-edu-config_2.12.35.dsc 4bc0787aed5bd8c14a80452eb00ca98b 356628 misc optional debian-edu-config_2.12.35.tar.xz e67d87c35799bdfec8fb1211afb4d218 6733 misc optional debian-edu-config_2.12.35_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmTg3hUVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsx3u4QALA1ao87hRy6WJcZ6XshQyavDoaZ i9CmIvMkb0OYCIsC3ShVZJhYXNW6kz/j10uZokiK/tINW/O/oyI6XTRGZiZYjEE0 7CSceM3Iuf1AjPwpT3qYzf3fHIEi85HFUEM//eh3wnJe3VaSYEE3WzAeyaIQyv17 2EBZwXFF+aXF1fFiMrfuJbGy+sofZroZYhUyWtw6pmHeYXuBEbGVtS+tFAUh8gLW jE65wRWRNgLmjtFj0DD2Ztgp/00naI4sqlC5wEGtFCcIiEQGfUGPsxZ73tnGTca1 h5JesQo2KRBSecrnz8cpdF282smbundaYsQeQimpb8+zF50RD1/kbVjyvnf5X8zq mLZiM83kDk0u43BQRhKWfMDbVoBzaJaP5Iftyh/P0Wr6bk1t2Mb4/HolXRccCwc4 fJpcjYxAXNa049e2TnHev9lH+sAobdSCQjM90CDLIM04j9fb+XQGrP2rFdf0FVUG 08MiKDpmd+3M0xFkSXZGQLv5HPtzT2IaVp4jACzY7JngmkB7OxwE1oYuPxWHaBFa uYYaPhh/oxhTdqrJ61phV7+cmifjejm97CqA2pDfRzqIL9SC4uzydfJnDWv/qfvt joEEY9S8lY4Jh0jq7R4VEZY0x5NXbj2Zrf1EmfKvB4Jr3Dy/NkYj3xbfsFeB6fiX JbUeiMXoAJ1079h5 =QwlE -----END PGP SIGNATURE-----
--- End Message ---
