Привет! кто настраивал, подскажите, как сделать закачку файла с сервера.. Сейчас у меня так сделано:
#cat cftest2.cf
bundle agent test2 {
files:
"/tmp/cf_test_file_2"
comment => "get file from server",
#perms => system("644"),
#create => "true";
copy_from => secure_cp("/var/cfengine/masterfiles/true","myhost");
}
bundle server access_rules {
access:
"/var/cfengine/masterfiles/true"
comment => "Test permit rule",
admit => { "0.0.0.0/0" };
#allowusers => { "root" };
}
# cat promises.cf
body common control {
bundlesequence => {
"def",
"test1",
"test2",
};
inputs => {
"def.cf",
"cfengine_stdlib.cf",
"cftest1.cf",
"cftest2.cf",
};
version => "Community Promises.cf 1.0.0";
}
дебаг сервера выводит вот такое
cf3> Summarize control promises
cf3> Granted access to paths :
cf3> Path: /var/cfengine/masterfiles/true (encrypt=0)
cf3> Admit: 0.0.0.0/0 root=
cf3> Denied access to paths :
cf3> Path: /var/cfengine/masterfiles/true
cf3> Granted access to literal/variable/query data :
cf3> Denied access to literal/variable/query data :
cf3> -> Host IPs allowed connection access :
cf3> Host IPs denied connection access :
cf3> Host IPs allowed multiple connection access :
cf3> Host IPs from whom we shall accept public keys on trust :
cf3> Users from whom we accept connections :
cf3> Host IPs from NAT which we don't verify :
cf3> Allowing 111.11.22.192 to connect without (re)checking ID
cf3> Non-verified Host ID is 111.11.pppoe.mtu-net.ru (Using skipverify)
cf3> Non-verified User ID seems to be root (Using skipverify)
cf3> -> Public key identity of host "111.11.22.192" is "MD5=f95fc3a9c59099a28bfe847346d4ecae"
cf3> A public key was already known from 111.11.pppoe.mtu-net.ru/111.11.22.192 - no trust required
cf3> Adding IP 111.11.22.192 to SkipVerify - no need to check this if we have a key
cf3> The public key identity was confirmed as root@111.11.pppoe.mtu-net.ru
cf3> -> Strong authentication of client 111.11.pppoe.mtu-net.ru/111.11.22.192 achieved
cf3> -> Receiving session key from client (size=256)...
cf3> Filename /var/cfengine/masterfiles/true is resolved to /var/cfengine/masterfiles/true
cf3> Found a matching rule in access list (/var/cfengine/masterfiles/true in /var/cfengine/masterfiles/true)
cf3> Host 111.11.pppoe.mtu-net.ru denied access to /var/cfengine/masterfiles/true
cf3> Access control in sync
cf3> From (host=111.11.pppoe.mtu-net.ru,user=root,ip=111.11.22.192)
cf3> REFUSAL of request from connecting host: (SYNCH 1362407127 STAT /var/cfengine/masterfiles/true)
cf3> Terminating thread...
как же сделать чтоб файл закачался, кто знает?