help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hung cfservd


From: Mark . Burgess
Subject: Re: hung cfservd
Date: Wed, 29 Jan 2003 20:35:24 +0100 (MET)


Version, version, version????

Upgrade, upgrade, upgrade...!!

:)

M

On 29 Jan, Wipf, Stefan wrote:
> We observed that when cfengine connects to cfservd to
> copy files using an old or incorrect public key for the
> cfservd server, cfservd freezes and all further cfengine
> processes connecting to this cfservd instance hang
> indefinitely even if they use the correct public key.
> 
> has anybody come across this before?
> 
> platform: solaris 2.6
> 
> cfservd.conf:
>   control:  
>        domain                = ( htc.com )
>        AllowConnectionsFrom  = ( 139.172.0.0/16 )
>        AllowUsers            = ( root )
> 
>   admit:
>       /some_directory   *.htc.com
> 
> output from cfagent (on macbeth) using an old public key:
>  BAD: Host authentication failed. Did you forget the domain name?
>  Authentication dialogue with neutron.htc.com failed
>  Unable to establish connection with neutron.htc.com
> 
> from cfservd --debug:
>  ...
>  Canonical name matched host's assertion - id confirmed as
> macbeth.htc.com
>  Checking address number 0 for non-canonical names (aliases)
>  Reverse lookup succeeded
>  Host ID is macbeth.htc.com
>  User ID seems to be root
>  RecvSocketStream(8)
>     (Concatenated 8 from stream)
>  Transaction Receive [t 280][]
>  RecvSocketStream(280)
>     (Concatenated 280 from stream)
>  Received: [SAUTH y 256 37] on socket 6
>  Challenge encryption = y, nonce = 37, buf = 256
>  neutron.htc.com: Private decrypt failed = block type is not 02
>  neutron.htc.com: Host authorization/authentication failed or access
> denied
>  Transaction Send[t 64][Packed text]
>  SendSocketStream, sent 72
>  neutron.htc.com: From (host=macbeth.htc.com,user=root,ip=139.172.44.10)
>  Terminating thread...
>  ***Closing socket 6 from 139.172.44.10
>  Deleted item 139.172.44.10
> # here comes the next client
>  IPV4 address
>  sockaddr_ntop(139.172.44.3)
>  Obtained IP address of 139.172.44.3 on socket 6 from accept
>  FuzzyItemIn(139.172.44.3)
>  Purging Old Connections...
>  Done purging
>  FuzzyItemIn(139.172.44.3)
>  Prepending 139.172.44.3
> # never to return again
> 
> 
> 



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  Mark.Burgess@iu.hio.no
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






reply via email to

[Prev in Thread] Current Thread [Next in Thread]