Re: [Pacemaker] Running pacemaker as non-root user
On 24 Feb 2015, at 10:36 pm, N, Ravikiran ravikira...@hp.com wrote: Hi all, I was trying to find out whether it is possible to START/STOP pacemaker, and also run PCS commands as non-root user (in my case it is ‘admin’ user). I did add the user(‘admin’) to haclient group, but it is of no help. I get the following error on start : [admin@vm4 ~]$ service pacemaker start Only root can execute /etc/init.d/cman script Starting Pacemaker Cluster Manager: touch: cannot touch `/var/lock/subsys/pacemaker': Permission denied /etc/init.d/pacemaker: line 94: /var/run/pacemakerd.pid: Permission denied [ OK ] [admin@vm4 ~]$ id admin uid=500(admin) gid=500(admin) groups=500(admin),10(wheel),496(haclient) Can anybody help me here or point me to any resource to resolve this.. ? These are OS-level security mechanisms. Adding admin to the haclient group doesn't magically give you the ability to run commands like 'service' or modify files as root. You tried 'pcs cluster start' too? Thanks in advance.. J Regards, Ravikiran N ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
Re: [Pacemaker] Running pacemaker as non-root user
I could resolve this by adding user 'admin' to sudoers list.. I added the user to 'wheel' user. With this I can run all commands with a sude appended.. Thanks for your help.. :) Ravikiran -Original Message- From: N, Ravikiran Sent: Wednesday, February 25, 2015 10:11 AM To: The Pacemaker cluster resource manager Subject: Re: [Pacemaker] Running pacemaker as non-root user Hi Andrew, Yes I tried 'pcs' commands. Even they do not work, they throw the same error. Ravikiran -Original Message- From: Andrew Beekhof [mailto:and...@beekhof.net] Sent: Wednesday, February 25, 2015 1:31 AM To: The Pacemaker cluster resource manager Subject: Re: [Pacemaker] Running pacemaker as non-root user On 24 Feb 2015, at 10:36 pm, N, Ravikiran ravikira...@hp.com wrote: Hi all, I was trying to find out whether it is possible to START/STOP pacemaker, and also run PCS commands as non-root user (in my case it is ‘admin’ user). I did add the user(‘admin’) to haclient group, but it is of no help. I get the following error on start : [admin@vm4 ~]$ service pacemaker start Only root can execute /etc/init.d/cman script Starting Pacemaker Cluster Manager: touch: cannot touch `/var/lock/subsys/pacemaker': Permission denied /etc/init.d/pacemaker: line 94: /var/run/pacemakerd.pid: Permission denied [ OK ] [admin@vm4 ~]$ id admin uid=500(admin) gid=500(admin) groups=500(admin),10(wheel),496(haclient) Can anybody help me here or point me to any resource to resolve this.. ? These are OS-level security mechanisms. Adding admin to the haclient group doesn't magically give you the ability to run commands like 'service' or modify files as root. You tried 'pcs cluster start' too? Thanks in advance.. J Regards, Ravikiran N ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
Re: [Pacemaker] Running pacemaker as non-root user
Hi Andrew, Yes I tried 'pcs' commands. Even they do not work, they throw the same error. Ravikiran -Original Message- From: Andrew Beekhof [mailto:and...@beekhof.net] Sent: Wednesday, February 25, 2015 1:31 AM To: The Pacemaker cluster resource manager Subject: Re: [Pacemaker] Running pacemaker as non-root user On 24 Feb 2015, at 10:36 pm, N, Ravikiran ravikira...@hp.com wrote: Hi all, I was trying to find out whether it is possible to START/STOP pacemaker, and also run PCS commands as non-root user (in my case it is ‘admin’ user). I did add the user(‘admin’) to haclient group, but it is of no help. I get the following error on start : [admin@vm4 ~]$ service pacemaker start Only root can execute /etc/init.d/cman script Starting Pacemaker Cluster Manager: touch: cannot touch `/var/lock/subsys/pacemaker': Permission denied /etc/init.d/pacemaker: line 94: /var/run/pacemakerd.pid: Permission denied [ OK ] [admin@vm4 ~]$ id admin uid=500(admin) gid=500(admin) groups=500(admin),10(wheel),496(haclient) Can anybody help me here or point me to any resource to resolve this.. ? These are OS-level security mechanisms. Adding admin to the haclient group doesn't magically give you the ability to run commands like 'service' or modify files as root. You tried 'pcs cluster start' too? Thanks in advance.. J Regards, Ravikiran N ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org ___ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
