[Pacemaker] crm and sudo

Dejan Muhamedagic dejanmm at fastmail.fm
Mon Sep 27 18:45:57 UTC 2010 

Hi,

On Mon, Sep 27, 2010 at 08:50:21AM -0800, Justin Burket wrote:
>  Hi,
> 
> I'm just getting started using pacemaker and the crm shell but ran into
> a problem using crm via sudo.  Ignore the complaints about no stonith
> resources, like I said, i'm just getting started :)
> 
> 
> `--> sudo crm configure
> crm(live)configure# property stonith-enabled=true
> crm(live)configure# commit
> crm_verify[4677]: 2010/09/27_16:38:27 ERROR: unpack_resources: Resource
> start-up disabled since no STONITH resources have been defined
> crm_verify[4677]: 2010/09/27_16:38:27 ERROR: unpack_resources: Either
> configure some or disable STONITH with the stonith-enabled option
> crm_verify[4677]: 2010/09/27_16:38:27 ERROR: unpack_resources: NOTE:
> Clusters with shared data need STONITH to ensure data integrity
> Errors found during check: config not valid
> Do you still want to commit? y
> --norc: no such option: noprofile

Hmm, I've never seen this before.

> ERROR: creating tmp shadow __crmshell.4646 failed

Yes, I can recall this. There was a mismatch on where the shadow
files are created between the crm shell and the underlying tools.
It's been fixed recently (in August), more details here:

https://bugzilla.novell.com/show_bug.cgi?id=626638

> However, if I simulate a login shell for root with "sudo -i" it works
> just fine.
> `--> sudo -i crm configure
> crm(live)configure# property stonith-enabled=true
> crm(live)configure# commit
> crm_verify[4715]: 2010/09/27_16:39:18 ERROR: unpack_resources: Resource
> start-up disabled since no STONITH resources have been defined
> crm_verify[4715]: 2010/09/27_16:39:18 ERROR: unpack_resources: Either
> configure some or disable STONITH with the stonith-enabled option
> crm_verify[4715]: 2010/09/27_16:39:18 ERROR: unpack_resources: NOTE:
> Clusters with shared data need STONITH to ensure data integrity
> Errors found during check: config not valid
> Do you still want to commit? y
> crm(live)configure#
> 
> I poked around the archives and found a similar issue posted by Marco
> van Putten on 25 Apr 2010.  I suppose that makes this an "me too!"
> post.  My shell is zsh as my regular user and bash as the root user. 
> Looking at Marco's earlier problem I'm wondering if perhaps the users
> shell is being called with an option it doesn't support; namely
> "--noprofile".  Running with "sudo -i" will put the root shell into play
> which will support "noprofile" as by default it's /bin/bash.
> 
> This going to be a larger issue for Ubuntu users are we typically don't
> have a root password set and do most everything via sudo.

There's another option, i.e. do 'crm options user myuser' (root
or hacluster), then you don't have to use sudo anymore, the crm
will do that for you when necessary. Does that work for you?

Thanks,

Dejan
> 
> Thanks,
> Justin
> 

> begin:vcard
> fn:Justin Burket
> n:Burket;Justin
> org:NOAA/NESDIS;FCDAS
> adr:;;1300 Eisele Road;Fairbanks;Ak;99709;USA
> email;internet:justin.burket at noaa.gov
> title:O&M Technician
> tel;work:907-451-1221 (Desk) 907-451-1222 (Operations)
> x-mozilla-html:FALSE
> version:2.1
> end:vcard
> 

> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
> 
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://developerbugs.linux-foundation.org/enter_bug.cgi?product=Pacemaker

More information about the Pacemaker mailing list