[Pacemaker] Running pacemaker as non-root user
Andrew Beekhof
andrew at beekhof.net
Tue Feb 24 15:01:27 EST 2015
> On 24 Feb 2015, at 10:36 pm, N, Ravikiran <ravikiran.n at hp.com> wrote:
>
> Hi all,
>
> I was trying to find out whether it is possible to START/STOP pacemaker, and also run PCS commands as non-root user (in my case it is ‘admin’ user).
> I did add the user(‘admin’) to haclient group, but it is of no help. I get the following error on start :
>
> [admin at vm4 ~]$ service pacemaker start
> Only root can execute /etc/init.d/cman script
> Starting Pacemaker Cluster Manager: touch: cannot touch `/var/lock/subsys/pacemaker': Permission denied
> /etc/init.d/pacemaker: line 94: /var/run/pacemakerd.pid: Permission denied
> [ OK ]
> [admin at vm4 ~]$ id admin
> uid=500(admin) gid=500(admin) groups=500(admin),10(wheel),496(haclient)
>
> Can anybody help me here or point me to any resource to resolve this.. ?
These are OS-level security mechanisms.
Adding admin to the haclient group doesn't magically give you the ability to run commands like 'service' or modify files as root.
You tried 'pcs cluster start' too?
>
> Thanks in advance.. J
>
> Regards,
> Ravikiran N
>
>
> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
>
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org
More information about the Pacemaker
mailing list