On 12/23/2010 01:56 PM, no-re...@cfengine.com wrote:
> Thanks again Nick!
> I copied your failsafe.cf and the unmodified default update.cf that comes
> with the installation to /var/cfengine/inputs on the agent, then issued this
> command:
> cf-agent -B -s dbraz17
>
> and I get this error:
>
> cf3:/var/cfengine/inputs/update.cf:26,1: Redefinition of bundle update for
> agent is a broken promise, near token '{'
> Protocol transaction broken off (1)
> !!! System reports error for recv: "Connection reset by peer"
> I: Made in version 'not specified' of '/var/cfengine/inputs/failsafe.cf' near
> line 39
> !! Authentication dialogue with dbraz17 failed
>
>
> Here's the contents of the default update.cf that comes with the installation:
Yeah I noticed that when I tried to bootstrap a new host. The problem is
because the client dosnt have the policy hosts key. I guess I
miss-understood all that was required to bootstrap a host. You need a
way to get that server key trusted. I poked at several things and got
mine working again but I am not clear on what exactly my process will be
yet. ....
I have decided I dont need update.cf so I pushed everything from it
into failsafe.cf. My body server control specifys my cfrun command as
cfruncommand => "$(sys.workdir)/bin/cf-agent -f failsafe.cf &&
$(sys.workdir)/bin/cf-agent";
This forces update then run so that the latest policy will be evaluated.
I have attached my latest failsafe.cf for your enjoyment, please excuse
any mess in it if I havent cleaned up some of the syntax.
--
Nick Anderson <n...@cmdln.org>
# Copyright (C) Cfengine AS
# This file is part of Cfengine 3 - written and maintained by Cfengine AS.
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; version 3.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
# To the extent this program is licensed as part of the Enterprise
# versions of Cfengine, the applicable Commerical Open Source License
# (COSL) may apply to this file if you as a licensee so wish it. See
# included file COSL.txt.
#
# Failsafe file
#
body common control
{
bundlesequence => { "update" };
#inputs => { "update.cf" };
}
############################################
bundle agent update {
vars:
"policyhost" string => "192.168.56.101";
files:
any::
"/var/cfengine/inputs/"
#perms => m("600"),
copy_from =>
update_policy("/var/cfengine/masterfiles","$(policyhost)"),
classes => policy_updated("policy_updated"),
depth_search => recurse("inf");
policy_updated::
"/etc/motd"
comment => "Update /etc/issue with last policy update
time",
create => "true",
edit_defaults => empty,
edit_line =>
expand_template("/var/cfengine/inputs/templates/motd.tpl");
}
body depth_search recurse(d) {
depth => "$(d)";
}
body edit_defaults empty{
empty_file_before_editing => "true";
edit_backup => "false";
max_file_size => "300000";
}
bundle edit_line expand_template(templatefile) {
# Read in the named text file and expand $(var)
# inside the file
insert_lines:
"$(templatefile)"
insert_type => "file",
comment => "Expand variables in the template file",
expand_scalars => "true";
}
body copy_from update_policy(from,server) {
servers => { "$(server)" };
source => "$(from)";
purge => "true";
preserve => "true";
compare => "digest";
# exclude .svn and .git revision control files
exclude_dirs => { "\.svn", "\.git", "dist"};
}
body classes policy_updated(new_class) {
promise_kept => { "$(new_class)" };
promise_repaired => { "$(new_class)" };
}
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
