[Infrastructures] isconf v4 problem
Steve Traugott
stevegt@TerraLuna.Org
Fri, 15 Sep 2006 23:11:32 -0700
Hi Ryan! Sorry for the delay...
On Mon, Sep 11, 2006 at 05:37:27PM -0500, Ryan Nowakowski wrote:
> kernel: Traceback (most recent call last):
> File "/usr/lib/python2.3/site-packages/isconf/Kernel.py", line 427, in step
> argv = obj.next()
> File "/usr/lib/python2.3/site-packages/isconf/Cache.py", line 191, in puller
> self.resend()
> File "/usr/lib/python2.3/site-packages/isconf/Cache.py", line 217, in resend
> self.bcast(str(req))
> File "/usr/lib/python2.3/site-packages/isconf/Cache.py", line 116, in bcast
> self.sock.sendto(msg,0,(addr,self.udpport))
> error: (101, 'Network is unreachable')
What does main.cf look like, and what's in your nets file, if any? If
there's nothing funny in your main.cf or nets files, then I'd be
curious to know if you get the same error using python 2.4.
Otherwise, this looks like another in a class of problems related to
bugs #63 and 66. That UDP broadcast code in Cache.py was a temporary
workaround which has way outlived its usefulness.
I'm thinking of replacing the UDP broadcasts with an ssh-based mesh --
this would require that people manage ssh keys, authorized_keys, and a
local isconf user in /etc/password on each machine. This is instead
of the TCP mesh I haven't had time to write; in the latter, people
would have had to manage PGP keys and/or HMAC secrets anyway -- in
retrospect, ssh is probably simpler and better understood both
operationally and security-wise.
I'm probably going to hit my limit of frustration and rewrite Cache.py
within the next month, probably using ssh, and I'd be interested in
what people think one way or the other.
Steve
--
Stephen G. Traugott (KG6HDQ)
Managing Partner, TerraLuna LLC
stevegt@TerraLuna.Org -- http://www.t7a.org