[Bug 1439649] Re: Pacemaker unable to communicate with corosync on restart under lxc
Serge Hallyn
1439649 at bugs.launchpad.net
Fri Sep 4 15:46:24 UTC 2015
Hi Billy,
So can you confirm that pacemaker *is* running under haclient/hacluster
uid/gid?
Note, the comments above don't seem correct to me. The 'INSTALL' file
shipped with corosync says:
> Before running any of the test programs
> ---------------------------------------
> The corosync executive will ensure security by only allowing the UID 0(root) or
> GID 0(root) to connect to it. To allow other users to access the corosync
> executive, create a directory called /etc/corosync/uidgid.d and place a file in
> it named in some way that is identifiable to you. All files in this directory
> will be scanned and their contents added to the allowed uid gid database. The
> contents of this file should be
> uidgid {
> uid: username
> gid: groupname
> }
> Please note that these users then have full ability to transmit and receive
> messages in the cluster and are not bound by the threat model described in
> SECURITY.
So the 'workaround' in comment #14 seems to be not a a workaround but
required configuration (for the charm to do).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1439649
Title:
Pacemaker unable to communicate with corosync on restart under lxc
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1439649/+subscriptions
More information about the Ubuntu-server-bugs
mailing list