Forum: Cfengine Help Subject: Re: please advise on cfengine3 security design best practices Author: matter Link to topic: https://cfengine.com/forum/read.php?3,19246,19253#msg-19253
Very strange indeed. It does appear to be running: promises.cf cfruncommand => "$(sys.workdir)/bin/cf-agent -KB && $(sys.workdir)/bin/cf-agent"; cf-agent -Kv cf3 *********************************************************** cf3 Starting executor cf3 *********************************************************** cf3 Extended process options are only available with Cfengine Nova or above cf3 Sleeping for splaytime 0 seconds cf3 ------------------------------------------------------------------ cf3 LocalExec(not scheduled) at Mon Nov 15 12:02:59 2010 cf3 ------------------------------------------------------------------ cf3 -> Command => /var/cfengine/bin/cf-agent -KB && /var/cfengine/bin/cf-agent cf3 -> Command is executing.../var/cfengine/bin/cf-agent -KB && /var/cfengine/bin/cf-agent cf3 -> Command is complete cf3 -> No output Just to make sure cfruncommand => "$(sys.workdir)/bin/cf-agent -KBv && $(sys.workdir)/bin/cf-agent -v"; $(sys.workdir)/outputs did contain a log of cf-agent -KBv running then cf-agent -v running. cf3 Outcome of version (not specified) (agent-0): Promises observed to be kept 94%, Promises repaired 6%, Promises not repaired 0% cf3 Estimated system complexity as touched objects = 132, for 25 promises cf3 -> Writing last-seen observations cf3 -> Last saw +MD5=xxxx (alias x.xx.xx.xx) at Mon Nov 15 12:06:24 2010 (noexpiry 0.0 <= 168.0) cf3 Cfengine - autonomous configuration engine - commence self-diagnostic prelude cf3 ------------------------------------------------------------------------ cf3 Work directory is /var/cfengine cf3 Making sure that locks are private... cf3 Checking integrity of the state database cf3 Checking integrity of the module directory cf3 Checking integrity of the PKI directory cf3 Looking for a source of entropy in /var/cfengine/randseed cf3 -> Loaded private key /var/cfengine/ppkeys/localhost.priv cf3 -> Loaded public key /var/cfengine/ppkeys/localhost.pub cf3 Setting cfengine default port to 5308 = 5308 cf3 Reference time set to Mon Nov 15 12:06:31 2010 cf3 Cfengine - 3.1.0 Copyright (C) Cfengine AS 2008,2010- I must be missing something or I have something magical going on. I am glad it does work as I use the bootstrap to update my configuration before actually running it. This is cfengine-3.1.0. If this feature were disabled, I would have to rethink the whole strategy. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
