help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

syntax changes in cfservd.conf, 2.0.8p1


From: Marion Hakanson
Subject: syntax changes in cfservd.conf, 2.0.8p1
Date: Wed, 19 Nov 2003 20:27:02 -0800

Folks,

I'm trying to upgrade from 2.0.5 (and 2.0.4) to 2.0.8p1, and my cfservd.conf
file is not working with the newer version.  Yes, I'm aware that 2.1.x is
out, but one thing at a time....

Here's the "admit" section:

=============================
admit:
  # Grant access to any hosts who can make connections,
  #  as we rely on AllowConnectionsFrom above as a limit.
  # Files should be world readable.

  # This controls which remote hosts can invoke cfagent here
  #  remotely via their cfrun command.

  $(cfrunCommand)       *


  # This directory should exist only on the policy host.

  policyhost::
    $(master_configs)   *
=============================

Running cfservd with -dddd gives the following on 2.0.8p1.  As you can
see, I end up with an empty file access list, where before I had a non-empty
(and working) access list.

Any guidance as to the "new syntax" would be appreciated.

Regards,

-- 
Marion Hakanson <address@hidden>
CSE Computing Facilities


===================================================
==============================BEGIN NEW ACTION Admit network 
access:=============

InitializeAction()

Resetting CLASS to ANY


CFSERVD-VAROBJ $(cfrunCommand)
CompareMacro(cfrunCommand,cfrunCommand=/var/local/cfengine2/bin/cfagent)=cfrunC
ommand
HandleServerRule($(cfrunCommand)=/var/local/cfengine2/bin/cfagent)
Check ParsingIPRange(/var/local/cfengine2/bin/cfagent)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()

CFSERVD-VAROBJ *
HandleServerRule(*=*)
Check ParsingIPRange(*)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()

NEW CLASS PREDICATE:: policyhost::
   (No actions pending in Admit network access:)
InitializeAction()
HandleClass(policyhost)
   (No actions pending in Admit network access:)
Simple class = (policyhost)

CFSERVD-VAROBJ $(master_configs)
CompareMacro(master_configs,master_configs=/var/opt/CFST/config)=master_configs
HandleServerRule($(master_configs)=/var/opt/CFST/config)
Check ParsingIPRange(/var/opt/CFST/config)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()

CFSERVD-VAROBJ *
HandleServerRule(*=*)
Check ParsingIPRange(*)
Build2DListFromVarstring(,sep=/)
Set2DLIst()
Get2DListEnt()
   (No actions pending in Admit network access:)
Delete Parser Object::(END OF PARSING cfservd.conf)
. . .
ACCESS GRANTED ----------------------:

ACCESS DENIAL ------------------------ :

Host IPs allowed connection access :

. . .
========================================================






reply via email to

[Prev in Thread] Current Thread [Next in Thread]