[Pacemaker] Cluster group and name confusion
Andrew Beekhof
andrew at beekhof.net
Mon Jan 18 09:03:18 UTC 2010
On Sun, Jan 17, 2010 at 7:07 PM, Hunny Bunny <tmphb at yahoo.com> wrote:
> Hello folkz,
> I'm confused under which cluster group and name I should run the whole
> cluster environment root/root or hacluster/hauser.
>
hacluster/hauser
>
> I have compiled from most recent sources Corosync/OpenAIS, Cluster Glue,
> Resource Agents, Pacemaker, DRBD and OCFS2-Tools environment.
>
> This site http://www.clusterlabs.org/wiki/Install#From_Source
> suggests to create
>
> groupadd -r hacluster
> useradd -r -g hacluster -d /var/lib/heartbeat/cores/hacluster -s /sbin/nologin -c "cluster user" hauser
>
> However, Corosync/OpenAIS which starts all Pacemaker CRM stuff runs as user
> and group root
>
No it doesn't.
It starts the _parent_ process as root.
Some parts need to run as root so that they can do things like "add an ip
address to the system" or "start apache" - things non-root users can't do.
> in /etc/corosync/corosync.conf
>
> <--------- snipped ---------->
>
> service {
> # Load the Pacemaker Cluster Resource Manager
> name: pacemaker
> ver: 0
> }
>
> aisexec {
> user: root
> group: root
> }
>
> <--------- snipped ---------->
>
> DRBD, O2CB and OCFS2 start an run as user and group root
>
> So, should I now change to run all the cluster components as a root/root or
> hacluster/haclient
>
No.
>
> Could you please clarify this cluster group/user confusion for me.
>
Did you try running it and looking at the "ps axf" output?
>
> Many thanks in advance,
>
> Alex
>
>
> _______________________________________________
> Pacemaker mailing list
> Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clusterlabs.org/pipermail/pacemaker/attachments/20100118/70fd77e7/attachment-0002.htm>
More information about the Pacemaker
mailing list