CFEngine Help: understanding cfexecd process output

[no-reply]

Forum: CFEngine Help
Subject: understanding cfexecd process output
Author: julian924s
Link to topic: https://cfengine.com/forum/read.php?3,26978,26978#msg-26978

Hi - very much a n00b when it comes to cfengine, we have an existing cfengine 
setup and I've installed a new client that needs to fall in line with all other 
clients from the policyhost. The client itself is on a different network to the 
policyhost but they can see each other and the initial cfagent INSTALL command 
appears to work, command run was:

/opt/tools/sbin/cfagent --version
GNU cfengine 2.2.10

/opt/tools/sbin/cfagent --debug --no-splay --verbose --define DINSTALL

Both servers are Solaris 10 servers and I'm trying to figure out why the 
/etc/inet/hosts file from the policyhost is not getting copied as I'd expect. 
Our cfengine setup does a lot more than just this for a wide number of files 
and servers but I think if I can figure this out it will be the same for the 
other issues around files I'm having.

The results I have are:

1) If I edit  /etc/inet/hosts on the client and then run the above command my 
edited version remains and is not replaced with the version from the policyhost 
which is what I would expect to happen .. I think.

File object /etc/inet/hosts will promise attributes if context matches 
 Attribute constraint body:
     Mode +444,-7333 | BSD +0,-0
     Uids = ( 0 )
     Gids = ( 3 )
 Behaviour constraint body:
     Action on deviation: fixall
     Traverse links=?
     IfElapsed=1, ExpireAfter=240
     Search recursion limit=0
     Record checksum-type = n
     Filesystem boundaries (xdev) = n
     Define  on convergent change
     ElseDefine  on no change
     Rule from /var/cfengine/inputs/cf.hosts at/before line 12

/etc/inet/hosts promises to be a copy of 
policyhost://export/home/admin/cfengine/masterfiles/system/live/hosts if 
context = ExtNets.!FWHosts
   Behaviour constraint body:
         Action on deviation: fix
         Comparison method = t (time/checksum)
         Ask server = policyhost (encrypt=n,verified=n)
         Accept the server's public key on trust? n
         Purge local files if not on server = n
         Override mode with: +444,-7333
         Copy if size > -1
         File search recursion limit 0
         File search boundary (xdev) = n
         Using uids = ( 0 )
         Using gids = ( 3 )
         Using filters:
         Excluding file patterns:
         Ignoring file/directory patterns:
         Using symlink for patterns:
         Including file patterns:
         Defining hosts if deviation corrected
         ElseDefine
         Providing FailoverClasses  if server unavailable
         Promise single backup archive
         Root directory attributes will NOT be copied from source
         IfElapsed=1, ExpireAfter=240
Rule from /var/cfengine/inputs/cf.hosts at/before line 12

/etc/hosts will be a link to ./inet/hosts if context matches any
 Behaviour constraint body:
   force=y, attr=0 type=s nofile=0
   Define
   ElseDefine
   IfElapsed=1, ExpireAfter=240
   Rule from /var/cfengine/inputs/cf.hosts at/before line 12

Checking copy from 
policyhost:/export/home/admin/cfengine/masterfiles/system/live/hosts to 
/etc/inet/hosts
Performance(Copy(policyhost:/export/home/admin/cfengine/masterfiles/system/live/hosts
 > /etc/inet/hosts)): time=0.1389 secs, av=0.1351 +/- 0.0368

cf:tdukunxtest03: Commence checking file(s) in /etc/inet/hosts

cf:tdukunxtest03: Link (/etc/hosts->./inet/hosts) exists.


So the result is my /etc/inet/hosts remains unchanged and is not the same as on 
the policyhost.

2) If I then run the cfexecd command in debug mode again the result is the same.


As for the policyhost I've ensured the new client exists in the cf.groups file 
as the others do and also added an entry for the new network, we currently have 
ipv4_192_168_75, ipv4_192_168_65 etc and I've added ipv4_192_168_55

ExtNets = ( ipv4_192_168_75 ipv4_192_168_20 ipv4_192_168_65 ipv4_192_168_55 
ipv4_62_105_91 ipv4_192_168_77 tdukwbfw02 )

There's also a cf.hosts file which by the looks of it should be responsible for 
the copy of /etc/inet/hosts out to the clients as such:

######################################################################
copy:
        # FWHosts have different (local) aliases
        ExtNets.!FWHosts::
                $(masterdir)/system/live/hosts  dest=/etc/inet/hosts 
server=$(mainserver) mode=444 define=hosts o=root g=sys

        IntNets::
                $(masterdir)/system/UAT/hosts   dest=/etc/inet/hosts 
server=$(mainserver) mode=444 define=hosts o=root g=sys

######################################################################
files:

        /etc/inet/hosts mode=444 owner=root group=sys action=fixall

######################################################################
links:

        /etc/hosts ->! ./inet/hosts

######################################################################

Any help with this would be greatly appreciated.

Thanks - Julian.

_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine