Closed flynn1973 closed 7 years ago
Most likely caused by the input data file. Can you provide it?
root@nimmsag: /var/cfengine # cat /var/cfengine/masterfiles/efl_data/bundle_params/efl_main.json [ { "promisee" : "nimmsag", "class" : "any", "path" : "/usr/local/bin", "admit" : [ "127.0.0.1" , "172.17.8.0/21" , "172.18.33.101" , "172.18.33.201", ] },
{ "promisee" : "nimmsag", "class" : "any", "path" : "/etc/sudoers.d", "admit" : [ "127.0.0.1" , "172.17.8.0/21" , "172.18.33.101" , "172.18.33.201", ] },
{ "promisee" : "nimmsag", "class" : "any", "path" : "/cferoot", "admit" : [ "127.0.0.1" , "172.17.8.0/21" , "172.18.33.101" , "172.18.33.201", ] },
]
That's not the correct format for the efl_main bundle. That data looks to be meant for cf-serverd access rules. To apply those see
https://github.com/neilhwatson/evolve_cfengine_freelib/blob/master/HOWTO.md#cf-serverd-acls http://watson-wilson.ca/blog/2015/10/13/simple-cfengine-setup-with-efl/
For efl_main:
https://github.com/neilhwatson/evolve_cfengine_freelib/blob/master/INSTALL.md#building-data-files
yes its meant for serverd acls. i wasnt aware there are any format restrictions and btw. i can not really spot any differences. however i changed it accordingly but the errors still persits.
changed file content:
[ { "promisee" : "cfengine server", "class" : "am_policy_hub", "path" : "/usr/local/bin/", "admit" : [ "127.0.0.1" , "172.17.8.0/21" , "172.18.33.101" , "172.18.33.201", ] },
{ "promisee" : "cfengine server", "class" : "am_policy_hub", "path" : "/etc/sudoers.d/", "admit" : [ "127.0.0.1" , "172.17.8.0/21" , "172.18.33.101" , "172.18.33.201", ] },
{ "promisee" : "cfengine server", "class" : "am_policy_hub", "path" : "/cferoot/", "admit" : [ "127.0.0.1" , "172.17.8.0/21" , "172.18.33.101" , "172.18.33.201", ] },
]
If you want to assign server acls then rename that data file to sys_workdir/inputs/efl_data/bundle_params/efl_server.json. Cf-serverd bundles do not allow parameters, so this filename and path are hard coded: https://github.com/neilhwatson/evolve_cfengine_freelib/blob/master/masterfiles/lib/3.7/EFL/efl_common.cf#L80
uhh,did not even notice that there are two different files (efl_server.json,efl_main.json). thank you.
while we are at it, i am forced by management to try out your delta reporting thingy (sigh). is there any step by step setup documentation with examples?
especially these steps needs examples or even better, working templates, the rest is already done more or less.
I don't offer exact instructions because everyone's CFEngine install is different. I suggest you get EFL going first then move on to DR. If you get stuck, post questions on the CFEngine mailing list or find me on #cfengine on freenode. Finally, I do sell support and professional services. http://watson-wilson.ca/page/about/
cfengine 3.7.0
error: A variable seems to have been used for the name of the method. In this case, the promiser also needs to contain the unique name of the method error: A method attempted to use a bundle '${d[0][bundle]}' that was apparently not defined error: Method 'efl_bug2638' failed in some repairs error: A variable seems to have been used for the name of the method. In this case, the promiser also needs to contain the unique name of the method error: A method attempted to use a bundle '${d[1][bundle]}' that was apparently not defined error: Method 'efl_bug2638' failed in some repairs error: A variable seems to have been used for the name of the method. In this case, the promiser also needs to contain the unique name of the method error: A method attempted to use a bundle '${d[2][bundle]}' that was apparently not defined error: Method 'efl_bug2638' failed in some repairs error: Method 'efl_main' failed in some repairs error: Method 'efl_run' failed in some repairs