Avatar of 1oo4
1oo4Flag for Gibraltar asked on

cfengine 3 security

Below is my security configuration in promises.cf
Cfengine server distributes it to all the clinets. But I do not want to allow 195.168.1.* on the clients I only want allow 192.168.1.10 on the clients and 192.168.1.* on the server.
What is the best way to have different security settings on cfengine server and cfengine client?
body server control

{
allowconnects         => { "192.168.1.*" };
allowallconnects      => { "192.168.1.*" };
trustkeysfrom         => { "192.168.1.*" };

# Make updates and runs happen in one

cfruncommand          => "$(sys.workdir)/bin/cf-agent -f failsafe.cf &&
$(sys.workdir)/bin/cf-agent";
allowusers            => { "root" , "aleksey" };
}

Open in new window

IT AdministrationLinuxLinux Security

Avatar of undefined
Last Comment
1oo4

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
1oo4

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck