Rudder

• patch fusion to enforce somethginh in fqdn (editing /opt/rudder/share/fusioninventory/lib/FusionInventory/Agent/Task/Inventory/Generic.pm, to add
  

  use Sys::Hostname;
  
  ...
      my $base_fqdn = hostfqdn();
      my $FQDN = length($base_fqdn) ? $base_fqdn : hostname();
  

  
  but this solution will need an up to date agent
• don't enforce that FQDN is filled, and if it is not, use HARDWARE/NAME

Applied in changeset rudder-packages|da2b7768659748c3c6682738815fc93f511b12e5.

Some more details...

I can still have a host (3.1.5 server and agent) that can be accepted to rudder but will be denied access to its own policy after the first run.

Problem seems to be specific to CentOS6 with network manager installed and DOMAIN not set in the interface config.
I can fix it by setting that variable in the interface config file, the HOSTNAME setting in /etc/sysconfig/network (which is supposed to be a fqdn) is not sufficient since the init scripts now set a hostname of host.domain.tld (that means, it'll show this in both 'hostname' and 'hostname --fqdn).

So this means the hostname setup code in CentOS6 is broken, assuming that host.domain.tld is a single WORD.
I wish those people would be convicted to get a job outside IP.

The fix of setting it in the interface config (so a partial / mis-configuration for this purpose - because unless you have only one interface there might be multiple DOMAINS for per-interface hostnames) does get the job done.
A post-rudder-accept update also works and then magically unlocks ACLs for the client access.

In the reverse that means it's still having problems if there's some mismatch even though the inventory is probably correctly signed and the node is generally accepted.

Oh, lovely.
On a later run it broke again. I'm now again getting refusals.
NOT working, cannot update node's policy.

Please make sure your tests for this issue involve multiple runs of the agent on the master and client.

Will gladly give access to affected node and master for debugging.