This section is relevant for yule only. Section heading:
[Clients]
Entries must be of the form:
Client=
hostname@salt@verifier
See Section 3 on how to compute a valid entry.
The hostname must be the same name that the client
retrieves from the host on which it runs. Usually, this will
be a fully qualified hostname, no numerical address. However,
there is no method that guarantees to yield the fully
qualified hostname (it is not even guaranteed that a host has
one ...). The only way to know for sure is to set up the
client, and check whether the connection is refused by the
server with a message like
Connection attempt from unregistered
host
hostname
In that case,
hostname is what you should use.
CAVEAT | |
---|---|
Problems and oddities encountered in client/server setups (like client messages from 127.0.0.1, server warnings about unknown/unresolved peer, etc. are always(at least so far) due to incorrect configuration of the DNS or the /etc/hosts file. A surprisingly large number of hosts are not able to determine the own hostname, or reverse lookup adresses on the own local network. Don't bother asking about such problems — fix your DNS. |
Alias=
alias@hostname
— This option allows
to define an alias for a hostname, which is evaluated when the 'SetClientFromAccept'
option is active. This may be used to fix the problem that the remote samhain client
reports itself with different hostname than known to the network layer on the side
of the yule server, which e.g. may happen if you route the samhain traffic through
a secondary management network that is different from the primary network of the
system.