You didn't give trust level 5 to machine 10.11.29.117 on bbox.
Instead, you set trust level 5 for machine 10.11.29.117.* on bbox. The ip
address of 10.11.29.117 does not matach 10.11.29.117.* (as it doesn't have
a . after the 117).
You should set trust level 5 for 10.11.29.117 (not 10.11.29.117.*) on
bbox. For example:
STAF local TRUST SET MACHINE 10.11.29.117 LEVEL 5
or if setting in the STAF.cfg file:
trust machine 10.11.29.117 level 5
Or, if you want to give trust level 5 to all IP addresses that begin with
10.11.29, you could use the wildcard and specfiy 10.11.29.* (and that
would include 10.11.29.117).
You are using machine trust, not user trust, so the default user of
none://anonymous is fine.
Note that you can check the trust level another machine gives you by
submitting a WHOAMI request to the MISC service on the machine. For
example, if you submitted the following request from machine bxx to
machine bbox, then the result would include the trust level that machine
bbox really gives machine bxx:
[r...@bxx staf]# STAF bbox MISC WHOAMI
--------------------------------------------------------------
Sharon Lucas
IBM Austin, luc...@us.ibm.com
(512) 286-7313 or Tieline 363-7313
blbmdsm...@verizon.net
07/20/2010 09:14 AM
To
staf-users@lists.sourceforge.net
cc
Subject
[staf-users] Question about trust level settings between machines and
running PROCESS
Hello,
I am trying to run a remote process between to machines. I have checked
the STAF Users Guide. I have setup both machines to have a trust level of
5 between the two machines.
#######
First machine: bxx...ip 10.11.29.117
[r...@bxx ~]# staf local trust list
Response
--------
Type Entry Trust Level
------- ----------------- -----------
Default <None> 2
Machine *://10.11.31.38.* 5
Machine local://local 5
########
Second machine: bbox...ip 10.11.31.38
[r...@bbox staf]# staf local trust list
Response
--------
Type Entry Trust Level
------- ------------------ -----------
Default <None> 3
Machine *://10.11.29.117.* 5
Machine local://local 5
I am seeing that both boxes have a trust level of 5 for each other above.
I then run "process start shell" from bxx to bbox. I am getting the
following error:
[r...@bxx staf]# staf bbox process start shell command "java -vesion"
Error submitting request, RC: 25
Additional info
---------------
Trust level 5 required for the PROCESS service's START request
Requester has trust level 3 on machine bbox
Requesting machine: tcp://bsmith (tcp://10.11.29.117)
Requesting user : none://anonymous
What have I missed in the trust level configuation? Why is the request
being denied with "Requesting user : none://anonymous"?
Do I need to setup user anonymous with a trust level of 5 or would this be
a security issue?
Regards,
Bill
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
staf-users mailing list
staf-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/staf-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
staf-users mailing list
staf-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/staf-users
