Well, I got around the problem, but I don’t understand the solution… I edited /etc/pam.d/password-auth and commented out the following line:
auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900 Anyone have any idea why this was interfering? -- [ jR ] @: ja...@eramsey.org there is no path to greatness; greatness is the path On 8/25/16, 9:50 PM, "Jason A Ramsey" <ja...@eramsey.org> wrote: Still stuck, but here’s the output of the command with --debug turned on: Error: node1: Username and/or password is incorrect Error: node2: Username and/or password is incorrect Running: /usr/bin/ruby -I/usr/lib/pcsd/ /usr/lib/pcsd/pcsd-cli.rb auth --Debug Input Start-- {"username": "hacluster", "local": false, "nodes": ["node1", "node2"], "password": "xxxxxxxxxxxxxxxxxxxx", "force": false} --Debug Input End-- Return Value: 0 --Debug Output Start-- { "status": "ok", "data": { "sync_responses": { }, "sync_nodes_err": [ ], "auth_responses": { "node2": { "status": "bad_password" }, "node1": { "status": "bad_password" } }, "sync_successful": true }, "log": [ "I, [2016-08-25T21:46:40.848381 #4825] INFO -- : PCSD Debugging enabled\n", "D, [2016-08-25T21:46:40.848448 #4825] DEBUG -- : Detected RHEL 6\n", "I, [2016-08-25T21:46:40.848489 #4825] INFO -- : Running: /usr/sbin/corosync-objctl cluster\n", "I, [2016-08-25T21:46:40.848526 #4825] INFO -- : CIB USER: hacluster, groups: \n", "D, [2016-08-25T21:46:40.850328 #4825] DEBUG -- : []\n", "D, [2016-08-25T21:46:40.850378 #4825] DEBUG -- : [\"Failed to initialize the objdb API. Error 6\\n\"]\n", "D, [2016-08-25T21:46:40.850429 #4825] DEBUG -- : Duration: 0.001807s\n", "I, [2016-08-25T21:46:40.850501 #4825] INFO -- : Return Value: 1\n", "W, [2016-08-25T21:46:40.850555 #4825] WARN -- : Cannot read config 'cluster.conf' from '/etc/cluster/cluster.conf': No such file\n", "W, [2016-08-25T21:46:40.850609 #4825] WARN -- : Cannot read config 'cluster.conf' from '/etc/cluster/cluster.conf': No such file or directory - /etc/cluster/cluster.conf\n", "I, [2016-08-25T21:46:40.851457 #4825] INFO -- : SRWT Node: node1 Request: check_auth\n", "I, [2016-08-25T21:46:40.851554 #4825] INFO -- : SRWT Node: node2 Request: check_auth\n" ] } --Debug Output End-- -- [ jR ] @: ja...@eramsey.org there is no path to greatness; greatness is the path On 8/25/16, 5:36 PM, "Jason A Ramsey" <ja...@eramsey.org> wrote: Thanks for the response, Ken. I thought that might be the case, so I tried it with selinux disabled (setenforce=0). Same exact error. :-/ -- [ jR ] M: +1 (703) 628-2621 @: ja...@eramsey.org there is no path to greatness; greatness is the path On 8/25/16, 5:29 PM, "Ken Gaillot" <kgail...@redhat.com> wrote: On 08/25/2016 03:04 PM, Jason A Ramsey wrote: > Please help. Just getting this thing stood up on a new set of servers > and getting stymied right out the gate: > > > > # pcs cluster auth node1 node2 > > Username: hacluster > > Password: > > > > I am **certain** that the password I’m providing is correct. Even still > I get: > > > > Error: node1: Username and/or password is incorrect > > Error: node2: Username and/or password is incorrect > > > > I also see this is /var/log/audit/audit.log: > > > > type=USER_AUTH msg=audit(1472154922.415:69): user pid=1138 uid=0 > auid=4294967295 ses=4294967295 subj=system_u:system_r:initrc_t:s0 > msg='op=PAM:authentication acct="hacluster" exe="/usr/bin/ruby" > hostname=? addr=? terminal=? res=failed' That's an SELinux error. To confirm, try again with SELinux disabled. I think distributions that package pcs also provide any SELinux policies it needs. I'm not sure what those are, or the best way to specify them if you're building pcs yourself, but it shouldn't be difficult to figure out. > I’ve gone so far as to change the password to ensure that it didn’t have > any “weird” characters in it, but the error persists. Appreciate the help! > > > > -- > > > > *[ jR ]* > > @: ja...@eramsey.org <mailto:ja...@eramsey.org> > > > > /there is no path to greatness; greatness is the path/ _______________________________________________ Users mailing list: Users@clusterlabs.org http://clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org _______________________________________________ Users mailing list: Users@clusterlabs.org http://clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org _______________________________________________ Users mailing list: Users@clusterlabs.org http://clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org _______________________________________________ Users mailing list: Users@clusterlabs.org http://clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org