Package: drbd8-utils Version: 2:8.0.13-1 Hello,
this really applies to all versions, but I guess getting it fixed in sid/lenny will be the way to do it. Every time the drbd8-util package gets updated it happily smashes the ownership and protection of drbdsetup and drbdmeta needed to work with heartbeat (dopd). You know, these happy messages from the cluster resource manager after upgrading drbd8-utils: --- You are using the 'drbd-peer-outdater' as outdate-peer program. If you use that mechanism the dopd heartbeat plugin program needs to be able to call drbdsetup and drbdmeta with root privileges. You need to fix this with these commands: chgrp haclient /sbin/drbdsetup chmod o-x /sbin/drbdsetup chmod u+s /sbin/drbdsetup chgrp haclient /sbin/drbdmeta chmod o-x /sbin/drbdmeta chmod u+s /sbin/drbdmeta --- I'd reckon the majority of serious drbd users utilize heartbeat to manage their drbd resources and thus are potentially subject to some rude awakening if they are not aware of this in advance. Solutions would be either a debconf option to set these ownerships and protections all the time to the "correct" values or to check the state of these 2 binaries in pre-inst and then and reapply the same settings in post-inst. Of course the current post-install behavior of trying to stop the drbd resources and reload the module are also not very cooperative (or successful) with heartbeat on top of things and the resource likely to be mounted. Printing out dire warnings about wanting matching drbd module and util versions is one thing (the upstream drbd maintainer btw stated that running a higher version util with a lower version module should be safe) but trying to pull the rug out from under a running system is... rude. ;) Regards, Christian -- Christian Balzer Network/Systems Engineer NOC [EMAIL PROTECTED] Global OnLine Japan/Fusion Network Services http://www.gol.com/ https://secure3.gol.com/mod-pl/ols/index.cgi/?intr_id=F-2ECXvzcr6656 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
