I failed to run cf-runagent on centos7:
!! unspecified server refusal please see verbose server output ....
and the verbose server output is:
2014-10-14T10:08:24+0100 verbose: New connection (from 127.0.0.1, sd 7), spawning new thread...
2014-10-14T10:08:24+0100 info: 127.0.0.1> Accepting connection
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> Setting socket timeout to 600 seconds.
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> Peeked CAUTH in TCP stream, considering the protocol as Classic
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> Peer's identity is: MD5=36d114f3687b81915e7dc86421c4e86c
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> A public key was already known from localhost/
127.0.0.1 - no trust required
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> The public key identity was confirmed as root@localhost
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> Authentication of client localhost/
127.0.0.1 achieved
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> User root granted connection privileges
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> Filename /bin/sh is resolved to /usr/bin/bash
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> Found a matching rule in access list (/usr/bin/bash in /usr/bin/bash)
2014-10-14T10:08:24+0100 info: 127.0.0.1> Host localhost denied access to /bin/sh
2014-10-14T10:08:24+0100 info: 127.0.0.1> REFUSAL due to denied access to requested object
2014-10-14T10:08:24+0100 verbose: 127.0.0.1> REFUSAL to (user=root,ip=127.0.0.1) of request: EXEC
2014-10-14T10:08:24+0100 info: 127.0.0.1> Closed connection, terminating thread
Ideas?
Leo