[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
syntax changes in cfservd.conf, 2.0.8p1
From: |
Marion Hakanson |
Subject: |
syntax changes in cfservd.conf, 2.0.8p1 |
Date: |
Wed, 19 Nov 2003 20:27:02 -0800 |
Folks,
I'm trying to upgrade from 2.0.5 (and 2.0.4) to 2.0.8p1, and my cfservd.conf
file is not working with the newer version. Yes, I'm aware that 2.1.x is
out, but one thing at a time....
Here's the "admit" section:
=============================
admit:
# Grant access to any hosts who can make connections,
# as we rely on AllowConnectionsFrom above as a limit.
# Files should be world readable.
# This controls which remote hosts can invoke cfagent here
# remotely via their cfrun command.
$(cfrunCommand) *
# This directory should exist only on the policy host.
policyhost::
$(master_configs) *
=============================
Running cfservd with -dddd gives the following on 2.0.8p1. As you can
see, I end up with an empty file access list, where before I had a non-empty
(and working) access list.
Any guidance as to the "new syntax" would be appreciated.
Regards,
--
Marion Hakanson <hakanson@cse.ogi.edu>
CSE Computing Facilities
===================================================
==============================BEGIN NEW ACTION Admit network
access:=============
InitializeAction()
Resetting CLASS to ANY
CFSERVD-VAROBJ $(cfrunCommand)
CompareMacro(cfrunCommand,cfrunCommand=/var/local/cfengine2/bin/cfagent)=cfrunC
ommand
HandleServerRule($(cfrunCommand)=/var/local/cfengine2/bin/cfagent)
Check ParsingIPRange(/var/local/cfengine2/bin/cfagent)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()
CFSERVD-VAROBJ *
HandleServerRule(*=*)
Check ParsingIPRange(*)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()
NEW CLASS PREDICATE:: policyhost::
(No actions pending in Admit network access:)
InitializeAction()
HandleClass(policyhost)
(No actions pending in Admit network access:)
Simple class = (policyhost)
CFSERVD-VAROBJ $(master_configs)
CompareMacro(master_configs,master_configs=/var/opt/CFST/config)=master_configs
HandleServerRule($(master_configs)=/var/opt/CFST/config)
Check ParsingIPRange(/var/opt/CFST/config)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()
CFSERVD-VAROBJ *
HandleServerRule(*=*)
Check ParsingIPRange(*)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()
(No actions pending in Admit network access:)
Delete Parser Object::(END OF PARSING cfservd.conf)
. . .
ACCESS GRANTED ----------------------:
ACCESS DENIAL ------------------------ :
Host IPs allowed connection access :
. . .
========================================================
- syntax changes in cfservd.conf, 2.0.8p1,
Marion Hakanson <=