Andrew Beekhof wrote:
> On 4/11/07, Terry L. Inzauro <[EMAIL PROTECTED]> wrote:
>> list,
>>
>> this is a continuation of another thread that was started a few weeks
>> back. the original thread was
>> started in regards
>> to the setup of pingd. this thread is in regards to pingd not being
>> able to start for whatever
>> reason and i suspect my resource
>> groups are not starting as a result ;(
>>
>> a little background:
>>
>> - two resource groups are defined. i want to split the two resource
>> groups between nodes when both
>> nodes are online. if both
>> nodes are not online, then obviously, fail the resource resource group
>> to the other available node.
>> - pingd configuration was previously verified correct by Alan R.
>> - crm_verify passes
>> - BasicSanityCheck 'does not pass' (fails on pingd checks)
>
> pingd isn't failing...
>
> Apr 11 12:44:07 roxetta CTS: BadNews: heartbeat[13770]:
> 2007/04/11_12:44:05 ERROR: glib: Error sending packet: Operation not
> permitted
> Apr 11 12:44:07 roxetta CTS: BadNews: heartbeat[13770]:
> 2007/04/11_12:44:05 ERROR: write failure on ping 127.0.0.1.: Operation
> not permitted
>
> these messages are from the heartbeat communications layer - and if
> thats not working, then pingd has no hope at all.
>
> i have no idea why pinging localhost should fail - firewall?
>
>> - without pingd, the resource groups function as expected
>> - heartbeat has been restarted
>> - heartbeat hangs on stopping so i do the following ;)
>> for i in `ps -ef | grep heart | awk '{print $2}'`; do kill
>> $i; done
>>
>> i have noticed log entries in the log file that are obviously related
>> to pingd. this however 'may'
>> not be the case.
>> would anyone be interested in lending a hand?
>>
>> heartbeat version = 2.0.8-r2
>> OS = gentoo 2006.1
>> kernel = 2.6.18 (i have tested both hardened<with grsecurity and pax>
>> as well as generic)
>>
>>
>>
>> cibadmin -Q output , ptest output, BasicSanityCheck output and
>> messages file are all attached as a
>> .tar.bz2.
>>
>>
>> believe me when i tell you that i am stumped. any assistance is
>> greatly appreciated.
Are you running one of the additional Linux security layers like
SE-Linux? (there are other ones, like AppArmor).
Firewalls are certainly a thought for this. But I don't remember ever
seeing a firewall that would cause system call failures.
Can you show us your firewall rules?
--
Alan Robertson <[EMAIL PROTECTED]>
"Openness is the foundation and preservative of friendship... Let me
claim from you at all times your undisguised opinions." - William
Wilberforce
_______________________________________________
Linux-HA mailing list
[EMAIL PROTECTED]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
