Hi, On Thu, Sep 27, 2012 at 04:40:15PM +0200, Lars Marowsky-Bree wrote: > On 2012-09-27T14:57:08, Colin McCormack <colin.mccorm...@openet.com> wrote: > > > I installed pacemaker/corosync as root (details below): > > Pacemaker version 1.0.12, release 1.el5.centos, x86_64 > > Corosync version 1.2.7, release 1.1.el5, x86_64 > > You have the user in the haclient group, and thus it should be able to > control the cluster. Perhaps > > > Allow user with privileged access to configure the node: > > crm options user colinlinux > > This doesn't "allow" the user to configure the cluster, but runs all > commands from crm as this user (even if running as root). I'm not sure > this is very well tested.
It should be. I'm using it most of the time myself. > > WITH SUDO: > > colinlinux# sudo crm configure primitive xclock ocf:tester:xclock op > > monitor interval=20 timeout=20 start-delay=30s params run_user=colinlinux > > meta failure-timeout="360" migration-threshold=5 > > error given: > > # cibadmin not available, check your installation > > I have the impression that the user colinlinux doesn't have /usr/sbin in > its path. Definitely. > If you want to restrict the commands that a non-root user can execute on > the cluster, check out the CIB and the shell's ACL support. This could be a slightly different use case. The shell runs most of the time as the real user, then doing sudo just when invoking cibadmin and perhaps a few more things. Cheers, Dejan > Regards, > Lars > > -- > Architect Storage/HA > SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, > HRB 21284 (AG Nürnberg) > "Experience is the name everyone gives to their mistakes." -- Oscar Wilde > > > _______________________________________________ > Pacemaker mailing list: Pacemaker@oss.clusterlabs.org > http://oss.clusterlabs.org/mailman/listinfo/pacemaker > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: http://bugs.clusterlabs.org _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
