Forum: Cfengine Help Subject: can not execute a user-only and non-root executable Author: santa Link to topic: https://cfengine.com/forum/read.php?3,21010,21010#msg-21010
Hello, I'm a new user of cfengine. I have a similar problem than this one : https://cfengine.com/forum/read.php?3,15966,15966#msg-15966 I compiled cfengine 3.1.4 on HP-UX. I'd like to launch "inetd -c" after disabling several services in /etc/inetd.conf . But inetd is owned by the bin user. And cfengine refuses to launch it ! Rights are 544. For test purpose it can launch inetd if I add executable right on group (because root has bin as secondary group probably). # ls -l /usr/sbin/inetd -r-xr--r-- 1 bin bin 172332 Oct 31 2006 /usr/sbin/inetd Here is the output of cf-execd -F -v : -------------------------------------------------------------------------------------------- community> -> Command => "/var/cfengine3/bin/cf-agent" -f failsafe.cf && "/var/cfengine3/bin/cf-agent" -Dfrom_cfexecd community> -> Command is executing..."/var/cfengine3/bin/cf-agent" -f failsafe.cf && "/var/cfengine3/bin/cf-agent" -Dfrom_cfexecd community> /usr/sbin/inetd promises to be executable but isn't community> I: Made in version 'not specified' of '/var/cfengine3/inputs/cf.hpux' near line 17 community> I: Comment: relaunch inetd community> /usr/sbin/inetd promises to be executable but isn't community> I: Made in version 'not specified' of '/var/cfengine3/inputs/cf.hpux' near line 17 community> I: Comment: relaunch inetd community> /usr/sbin/inetd promises to be executable but isn't community> I: Made in version 'not specified' of '/var/cfengine3/inputs/cf.hpux' near line 17 community> I: Comment: relaunch inetd community> -> Command is complete community> -> Mailing result -------------------------------------------------------------------------------------------- And the content of cf.hpux : bundle agent hpux_common { vars: "disable_services" slist => { "login", "shell", "exec", "kshell", "klogin" }; files: "/etc/default/security" comment => "Add a default umask", edit_line => append_if_no_line("UMASK=077"); "/etc/inetd.conf" comment => "reco secu rsh and co", edit_line => mycomment_lines_matching("$(disable_services)","#ohoh"); commands: "/usr/bin/inetd" args => "-c", comment => "relaunch inetd"; } bundle edit_line mycomment_lines_matching(regex,mycomment) { replace_patterns: "^($(regex))" replace_with => comment("$(mycomment)"), comment => "Search and replace string"; } Do you know if it's a normal behaviour of cfengine ? Is there a better way to execute a file with such rights ? I've created a script on a linux host, with the same right and owner and I get the same error : community> /tmp/toto promises to be executable but isn't community> I: Made in version 'not specified' of '/var/cfengine3/inputs/cf.linux' near line 42 Thanks. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
