Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-703

bootstrap incorrectly reported as successful when connection to policy hub failed

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.10.3
    • Component/s: Bootstrap
    • Labels:
      None

      Description

      I'm trying to re-bootstrap a client:

      <pre>

      1. cf-agent -B -s 192.168.160.22
        • CFEngine BOOTSTRAP probe initiated

      @@@
      @@@ CFEngine

      @ @@@ @ CFEngine Core 3.4.2
      @ @@@ @
      @ @@@ @
      @ @
      @@@
      @ @
      @ @
      @ @

      Copyright (C) CFEngine AS 2008-2013
      See Licensing at http://cfengine.com/3rdpartylicenses

      -> This host is: cloud1
      -> Operating System Type is linux
      -> Operating System Release is 3.2.0-33-generic
      -> Architecture = x86_64
      -> Internal soft-class is linux
      -> An existing policy was cached on this host in /var/cfengine/inputs
      -> Assuming the policy distribution point at: 192.168.160.22:/var/cfengine/masterfiles
      -> Attempting to initiate promised autonomous services...

      !! Not authorized to trust the server=192.168.160.22's public key (trustkey=false)
      !! Authentication dialogue with 192.168.160.22 failed
      -> Bootstrap to 192.168.160.22 completed successfully
      </pre>

      As you can see, the final line of the output reports successful
      completion of the bootstrap process, but the preceding lines alert
      that connection to the server actually failed. Indeed:

      <pre>
      root@cloud1:/var/cfengine/inputs# cf-agent -I -f failsafe.cf
      !! Not authorized to trust the server=192.168.160.22's public key (trustkey=false)
      !! Authentication dialogue with 192.168.160.22 failed
      Unable to establish connection with 192.168.160.22
      -> No suitable server responded to hail
      Promise (version Community Failsafe.cf 1.0.0) belongs to bundle 'update' in file '/var/cfengine/inputs/failsafe.cf' near line 110
      Comment: Check whether a validation stamp is available for a new policy update to reduce the distributed load
      </pre>

      The bootstrap should definitely not be considered successful if the
      connection to the server failed. I assume that the current bootstap
      promises check for existence of some files in `/var/cfengine/inputs`,
      which is correct for first-time bootstrap, but fails in case of a
      client being re-bootstrapped to a different server.

        Attachments

          Activity

            People

            • Assignee:
              a10042 Nick Anderson
              Reporter:
              riccardomurri Riccardo Murri
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Summary Panel