[Pacemaker] worl-writeable files in /var/lib/heartbeat/crm

Hello, during a security audit, our customer was wondering about the files in directory /var/lib/heartbeat/crm, for example: -rw-rw-rw- 1 hacluster root 32 Feb 13 18:59 cib-40.raw.sig -rw--- 1 hacluster root 6716 Feb 13 18:59 cib-41.raw -rw-rw-rw- 1 hacluster root 32 Feb 13 18:59 cib-41.r

[Pacemaker] behaviour of failure-timeout

Hi, I could not find any detailed explanation in the doc, how "failure-timeout" behaves, can someone clarify that? My rough understanding so far is, that after a failcount is increased, pacemaker "waits for the failure-timeout" to expire and then checks if the failure condition is still on. If no

Re: [Pacemaker] Expired fail-count doesn't get cleaned up.

Hi David, I understand the failcount only gets reset after a probe is run. So you need to give it a "crm resource reprobe" for the expiry timer to be evaluated. However: I do NOT know, when the probes are run (I see them in my logs only after failover or start/stop actions are taking place, but

Re: [Pacemaker] filesystem script block when umount a failed storage

DId you check (e.g. fuser, lsof) if any processes are still accessing your filesystem? that would definitely block it from being unmounted ... On Wed, 2012-08-08 at 15:16 +0200, emmanuel segura wrote: > Hello Dejan > > do you see any errors in your systemlog? what kind of controler you > are us

Re: [Pacemaker] Critical: Monitor operation of IPaddr2 timing out, taking more than 60s. Fails to recover.

Hi Parshvi, just a quick-shot and without analyzing your mail in detail: find attached an edited version of the IPaddr2 RA. I was trying to use the original script a while agho, and basically nothing worked: It did not recognize the link failures (due to the way how the test was implemented it wo