Re: [ClusterLabs] Q: HA_RSCTMP in SLES11 SP4 at first start after reboot
On 13/08/18 18:13 +0300, Vladislav Bogdanov wrote: > 10.08.2018 19:52, Ulrich Windl wrote: >> >> A simple question: One of my RAs uses $HA_RSCTMP in SLES11 SP4, and it >> reports the following problem: >> WARNING: Unwritable HA_RSCTMP directory /var/run/resource-agents - using >> /tmp > > Just make sure you avoid using that code in 'meta-data' action handler (it > is run by crmd which runs under hacluster user to obtain and cache agent > meta-data and I bet that message is from that run). Ah, this counterintuitivness didn't occur to me when answering, thanks. >> However the directory has the following permissions: >> drwxr-xr-t 2 root root 4096 Aug 10 18:05 /var/run/resource-agents >> >> My code to check this is: >> if [ ! -w "$HA_RSCTMP" -a "$(id -u)" -ne 0 ]; then >> ocf_log warn "Unwritable HA_RSCTMP directory $HA_RSCTMP - using /tmp" >> HA_RSCTMP=/tmp >> fi >> >> Did I overlook something obvious? Could it be that the directory is >> created after the error message? I suspect that the error is >> triggered during a parameter validation after the cluster node had >> been rebooted... -- Nazdar, Jan (Poki) pgpwVOMCrYpct.pgp Description: PGP signature ___ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
Re: [ClusterLabs] Q: HA_RSCTMP in SLES11 SP4 at first start after reboot
On 13/08/18 09:27 -0500, Ryan Thomas wrote: > I've had similar problems in the past. In my case, it was because > pacemaker was running as user 'hacluster' in group 'haclient', so it didn't > have permission to access the root owned file. So to fix the problem, I > changed the ownership of the file that was causing the permissions error. > e.g `chown hacluster:haclient ` > > On Fri, Aug 10, 2018 at 11:52 AM, Ulrich Windl < > ulrich.wi...@rz.uni-regensburg.de> wrote: >> >> A simple question: One of my RAs uses $HA_RSCTMP in SLES11 SP4, and it >> reports the following problem: >> WARNING: Unwritable HA_RSCTMP directory /var/run/resource-agents - using >> /tmp >> >> However the directory has the following permissions: >> drwxr-xr-t 2 root root 4096 Aug 10 18:05 /var/run/resource-agents >> >> My code to check this is: >> if [ ! -w "$HA_RSCTMP" -a "$(id -u)" -ne 0 ]; then >> ocf_log warn "Unwritable HA_RSCTMP directory $HA_RSCTMP - using /tmp" >> HA_RSCTMP=/tmp >> fi Honestly, I am baffled that both of you, Ulrich and Ryan, apparently encountered situations where the resource agent wasn't launched effectively with root permissions, something I can only explain with a fact these were actually "alert" handlers rather than the former, and it must have been prior to the change that even these get run as root (i.e. prior to 1.1.18). I must be missing something, but the respective daemons responsible for execution of either themselves normally run as root, which is then directly inherited in the agents. >> Did I overlook something obvious? Could it be that the directory is >> created after the error message? That would not explain that at the same time, effective user ID is non-zero (that's what buffles me), so perhaps no point in discussing hypotheses about the former condition. >> I suspect that the error is triggered during a parameter validation >> after the cluster node had been rebooted... -- Nazdar, Jan (Poki) pgp_apnQGdhmk.pgp Description: PGP signature ___ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
Re: [ClusterLabs] Q: HA_RSCTMP in SLES11 SP4 at first start after reboot
10.08.2018 19:52, Ulrich Windl wrote: Hi! A simple question: One of my RAs uses $HA_RSCTMP in SLES11 SP4, and it reports the following problem: WARNING: Unwritable HA_RSCTMP directory /var/run/resource-agents - using /tmp Just make sure you avoid using that code in 'meta-data' action handler (it is run by crmd which runs under hacluster user to obtain and cache agent meta-data and I bet that message is from that run). However the directory has the following permissions: drwxr-xr-t 2 root root 4096 Aug 10 18:05 /var/run/resource-agents My code to check this is: if [ ! -w "$HA_RSCTMP" -a "$(id -u)" -ne 0 ]; then ocf_log warn "Unwritable HA_RSCTMP directory $HA_RSCTMP - using /tmp" HA_RSCTMP=/tmp fi Did I overlook something obvious? Could it be that the directory is created after the error message? I suspect that the error is triggered during a parameter validation after the cluster node had been rebooted... Regards, Ulrich ___ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
Re: [ClusterLabs] Q: HA_RSCTMP in SLES11 SP4 at first start after reboot
I've had similar problems in the past. In my case, it was because pacemaker was running as user 'hacluster' in group 'haclient', so it didn't have permission to access the root owned file. So to fix the problem, I changed the ownership of the file that was causing the permissions error. e.g `chown hacluster:haclient ` Thanks, Ryan On Fri, Aug 10, 2018 at 11:52 AM, Ulrich Windl < ulrich.wi...@rz.uni-regensburg.de> wrote: > Hi! > > A simple question: One of my RAs uses $HA_RSCTMP in SLES11 SP4, and it > reports the following problem: > WARNING: Unwritable HA_RSCTMP directory /var/run/resource-agents - using > /tmp > > However the directory has the following permissions: > drwxr-xr-t 2 root root 4096 Aug 10 18:05 /var/run/resource-agents > > My code to check this is: > if [ ! -w "$HA_RSCTMP" -a "$(id -u)" -ne 0 ]; then > ocf_log warn "Unwritable HA_RSCTMP directory $HA_RSCTMP - using /tmp" > HA_RSCTMP=/tmp > fi > > Did I overlook something obvious? Could it be that the directory is > created after the error message? I suspect that the error is triggered > during a parameter validation after the cluster node had been rebooted... > > Regards, > Ulrich > > > ___ > Users mailing list: Users@clusterlabs.org > https://lists.clusterlabs.org/mailman/listinfo/users > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: http://bugs.clusterlabs.org > ___ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
[ClusterLabs] Q: HA_RSCTMP in SLES11 SP4 at first start after reboot
Hi! A simple question: One of my RAs uses $HA_RSCTMP in SLES11 SP4, and it reports the following problem: WARNING: Unwritable HA_RSCTMP directory /var/run/resource-agents - using /tmp However the directory has the following permissions: drwxr-xr-t 2 root root 4096 Aug 10 18:05 /var/run/resource-agents My code to check this is: if [ ! -w "$HA_RSCTMP" -a "$(id -u)" -ne 0 ]; then ocf_log warn "Unwritable HA_RSCTMP directory $HA_RSCTMP - using /tmp" HA_RSCTMP=/tmp fi Did I overlook something obvious? Could it be that the directory is created after the error message? I suspect that the error is triggered during a parameter validation after the cluster node had been rebooted... Regards, Ulrich ___ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org