From time to time, Bcfg2 produces results that the user finds surprising. This can happen either due to bugs or user error. This page describes several techniques to gain visibility into the bcfg2 client and server and understand what is going on.
This file contains all aspects of client configuration. It is structured as a series of bundles and base entries.
Note
Most often the entry is not correct and the issue lies in the specification.
The bcfg2-server process logs to syslog facility LOG_DAEMON. The server produces a series of messages upon a variety of events and errors.
Bcfg2 comes with XML schemas describing all of the XML formats used in the server repository. A validation command bcfg2-repo-validate is included with the source distribution and all packages. Run it with the -v flag to see each file and the results if its validation.
If this fixes the problem, it is either a bug in the underlying file monitoring system (fam or gamin) or a bug in Bcfg2’s file monitoring code. In either case, file a ticket in the tracking system. In the ticket, include:
Bcfg2 server operations can be simulated using the bcfg2-info command. The command is interactive, and has commands to allow several useful operations
Type help in bcfg2-info for more information.
This page describes error messages produced by Bcfg2 and steps that can be taken to remedy them.
Error | Location | Meaning | Repair |
---|---|---|---|
Incomplete information for entry <EntryTag>:<EntryName> cannot verify | Client | The described entry is not fully specified by the server, so no verification can be performed. | [1] |
Incomplete information for entry <EntryTag>:<EntryName> cannot install | Client | The described entry is not fully specified by the server, so no verification can be performed. | [1] |
The following entries are not handled by any tool: <EntryTag>:<EntryName> | Client | The client cannot figure out how to handle this entry. | [2] |
No ca is specified. Cannot authenticate the server with SSL. | Client | The client is unable to verify the server | [3] |
Failed to bind entry: <EntryTag> <EntryName> | Server | The server was unable to find a suitable version of entry for client. | [4] |
Failed to bind to socket | Server | The server was unable to bind to the tcp server socket. | [5] |
Failed to load ssl key <path> | Server | The server was unable to read and process the ssl key. | [6] |
Failed to read file <path> | Server | The server failed to read the specified file | [7] |
Failed to parse file <path> | Server | The server failed to parse the specified XML file | [8] |
Client metadata resolution error for <IP> | Server | The server cannot resolve the client hostname or the client is associated with a non-profile group. | [9] |
[1] | (1, 2) This entry is not being bound. Ensure that a version of this entry applies to this client. |
[2] | Add a type to the generator definition for this entry |
[3] | Copy the Bcfg2 server’s CA certificate to the client and specify it using the ca option in the [communication] section of bcfg2.conf |
[4] | This entry is not being bound. Ensure that a version of this entry applies to this client. |
[5] | Ensure that another instance of the daemon (or any other process) is not listening on the same port. |
[6] | Ensure that the key is readable by the user running the daemon and that it is well-formed. |
[7] | Ensure that this file still exists; a frequent cause is the deletion of a temp file. |
[8] | Ensure that the file is properly formed XML. |
[9] | Fix hostname resolution for the client or ensure that the profile group is properly setup. |
If your server doesn’t seem to be starting and you see no error messages in your server logs, try running it in the foreground to see why.
If you get a traceback, please let us know by reporting it on Trac, via the mailing list, or on IRC. Your best bet to get a quick response will be to jump on IRC during the daytime (CST).
Often it corresponds to entries that aren’t bound by the server (for which you’ll get error messages on the server). You should try inspecting the logs on the server to see what may be the cause.