[Pacemaker] How to run heartbeat and pacemaker resources as a non-root user
Andrew Beekhof
andrew at beekhof.net
Thu Feb 23 23:28:05 UTC 2012
On Tue, Feb 21, 2012 at 2:41 PM, neha chatrath <nehachatrath at gmail.com> wrote:
> Hello,
>
> Thanks for the reply.
> I have been successfully using Heartbeat as a root user.
> But I have a system requirement for which I need to run my different custom
> applications (configured using crm) as a non root user.
> Can this be done?
"su - otheruser" in the resource agent
have a look in the existing agents for how they do it
>
> Regards
> Neha Chatrath
>
> Date: Mon, 20 Feb 2012 22:05:30 +1100
> From: Andrew Beekhof <andrew at beekhof.net>
> To: The Pacemaker cluster resource manager
> <pacemaker at oss.clusterlabs.org
>>
> Subject: Re: [Pacemaker] How to run heartbeat and pacemaker resources
> as a non-root user
> Message-ID:
> <CAEDLWG2OK25f4jRg8Y0KWsgC6n35_bzzDy6np+EGK0TUtJGB-A at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
>
> On Mon, Feb 20, 2012 at 2:39 PM, neha chatrath <nehachatrath at gmail.com>
> wrote:
>> Hello,
>>
>> I need to run heartbeat and pacemaker resources as non-root users.
>> When I try to run heartbeat as a "hacluster" user,
>
> That probably wont work. We already try to drop as much privilege as
> we can, but some processes need to be root or that can't do anything -
> like add an IP address to a machine.
>
>> it fails to run with the
>> following error:
>>
>> "Starting High-Availability services: chmod: changing permissions of
>> `/var/run/heartbeat/rsctmp': Operation not permitted
>> Done. touch: cannot touch `/var/lock/subsys/heartbeat': Permission denied"
>>
>> I have tried changing ownership and permissions for the above directories
>> and files but still the same result.
>>
>> Can somebody help me in this?
>>
>> Thanks and regards
>> Neha Chatrath
>
>
> On Mon, Feb 20, 2012 at 9:09 AM, neha chatrath <nehachatrath at gmail.com>
> wrote:
>>
>> Hello,
>>
>> I need to run heartbeat and pacemaker resources as non-root users.
>> When I try to run heartbeat as a "hacluster" user, it fails to run with
>> the following error:
>>
>> "Starting High-Availability services: chmod: changing permissions of
>> `/var/run/heartbeat/rsctmp': Operation not permitted
>> Done. touch: cannot touch `/var/lock/subsys/heartbeat': Permission denied"
>>
>> I have tried changing ownership and permissions for the above directories
>> and files but still the same result.
>>
>> Can somebody help me in this?
>>
>> Thanks and regards
>> Neha Chatrath
>>
>
>
>
>
>
> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org
>
More information about the Pacemaker
mailing list