How about an rsync resource that runs on the passive node which synchronizes the user-facing passwd file with the backup on the passive? The failure action of the rsync resource could be to rename the backup to the live copy on the passive. This assumes that failure of rsync is equivalent to failure of the active node. It also assumes that you don't want your active node to know very much about your passive node, just in case the active is compromised.
- Conor -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robinson, Eric Sent: Friday, November 28, 2008 12:58 PM To: [EMAIL PROTECTED]; General Linux-HA mailing list Subject: RE: [Linux-HA] Rename an arbitrary file on failover (and keeping 2files in sync) Your question is basically the same as mine. We both want to perform some action on a failed node after a failover. Let me know if you get an answer. -- Eric Robinson -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Imran Chaudhry Sent: Friday, November 28, 2008 9:36 AM To: [email protected] Subject: [Linux-HA] Rename an arbitrary file on failover (and keeping 2files in sync) Hi All, I have a web application thats protected by Basic Auth and a password file (eg. what is typically done with .htaccess and a list of valid users). I have IP failover over 2 hosts, active and passive, with Heartbeat 2 + crm_mon working fine. The passive server hosts a live working version of the application also protected by Basic Auth but with an "admin only" version of the password file. [0] What I'd like to do is have a way of keeping the full password file [1] on the passive and rename this to be the real file on IP failover. Can I do this with heartbeat? Cheers! [0] The reason for this is to stop someone getting to the passive host and making changes. [1] I realize another problem is keeping the password lists on both hosts in sync as new accounts are being created all the time and passwords get changed. This is another problem but I'm happy for suggestions on that too. And yes I know that DRBD kills a lot of things with one stone but it's sadly not an option here :-(. Regards Imran Chaudhry Software Engineer SmoothWall Ltd 1 John Charles Way Leeds LS12 6QA Tel: +44 (0)870 1 999 500 Fax: +44 (0)870 1 991 399 SmoothWall Ltd. - http://www.smoothwall.net/ This email and any attachments transmitted with it are confidential to the intended recipient(s) and may not be communicated to any other person or published by any means without the express permission of SmoothWall Limited. Any views expressed in this message are solely those of the author. See: http://www.smoothwall.net/emailnotice.html for the full text of this notice. _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems Disclaimer - November 28, 2008 This email and any files transmitted with it are confidential and intended solely for [EMAIL PROTECTED],General Linux-HA mailing list. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of . Warning: Although has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. This disclaimer was added by Policy Patrol: http://www.policypatrol.com/ _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
