Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Configuring a System
Using Distributed Systems Administration Utilities
Chapter 3 177
3. Push the client’s public key to the master server’s ppkeys directory
using the following naming convention:
# scp localhost.pub
master_server
:\
/var/opt/cfengine/ppkeys/root-
client_IP_address
.pub
Note that its important to use a utility like secure copy (see scp (1))
when transferring the key in order to protect its integrity.
4. Finally, copy the master server’s key to this managed client:
# scp
master_server
:/var/opt/cfengine_master/ppkeys/localhost.pub \
root-
master_IP_address
.pub
5. Next, copy the master server update.conf to the managed client:
# mkdir -p /var/opt/dsau/cfengine/inputs
# cd /var/opt/dsau/cfengine/master_files/inputs
# cd /var/opt/dsau/cfengine/inputs
# scp
master_server
:/var/opt/dsau/cfengine/inputs/update.conf ./update.conf
To allow this client to accept cfrun requests, do the following:
1. Edit /etc/rc.config.d/cfservd and set the CSYNC_CONFIGURED
variable to “1” -- this will start cfservd at system boot time.
2. Start cfservd:
# /sbin/init.d/cfservd start
3. Test the configuration with cfagent (see cfagent (8)):
# cfagent --no-lock --verbose --no-splay
The verbose output will display the client checking for updated
copies of the master policy files, copying them down to
/var/opt/cfengine/inputs if needed, and then executing the
contents of cfagent.conf/cf.main.
For additional troubleshooting information, refer to the section “cfengine
Troubleshooting” on page 182.