In the below example, I have two policy servers one in Atlanta and another
in Dallas and my clients have keys for both policy servers.
If I run this promise manually I get key errors (shown below), however if I
add the "packages_update" to the promises.cf file it works just fine.
What am I missing?
////////////////////////////////////////////////////
# cf-agent -K -f ./packages_update.cf -v
<extra lines removed>
cf3 No existing connection to 10.102.71.233 is established...
cf3 Set cfengine port number to 5308 = 5308
cf3 Set connection timeout to 10
cf3 -> Connect to 10.102.71.233 = 10.102.71.233 on port 5308
cf3 -> Did not find new key format /var/cfengine/ppkeys/root-.pub
cf3 -> Trying old style /var/cfengine/ppkeys/root-10.102.71.233.pub
cf3 !! Not authorized to trust the server=10.102.71.233's public key
(trustkey=false)
cf3 Promise (version not specified) belongs to bundle 'packages_update' in
file './packages_update.cf' near line 28
cf3 !! Authentication dialogue with 10.102.71.233 failed
cf3 Unable to establish connection with 10.102.71.233
cf3 -> No suitable server responded to hail
cf3 Promise (version not specified) belongs to bundle 'packages_update' in
file './packages_update.cf' near line 28
///////////////////////////////////////////////////////////////////
body common control
{
bundlesequence => { packages_update };
inputs => { "systems.cf", "cfengine_stdlib.cf" };
}
bundle common g {
classes:
vars:
atlanta_datacenter::
"phost" string => "10.102.71.233";
dallas_datacenter::
"phost" string => "10.225.11.203";
}
bundle agent packages_update {
classes:
vars:
"masterfiles" string => "/var/cfengine/masterfiles";
"ps_servers" slist => { @(g.phost) };
files:
redhat_5::
"/tmp/somefile"
perms => mog("0640","root","root"),
copy_from =>
remote_copy2("$(masterfiles)/somefile","$(ps_servers)"),
action => immediate;
}
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
