On Thu, Feb 14, 2008 at 6:47 PM, Dejan Muhamedagic <[EMAIL PROTECTED]> wrote: > > On Thu, Feb 14, 2008 at 09:54:05AM -0700, Serge Dubrouski wrote: > > On Thu, Feb 14, 2008 at 9:48 AM, Dejan Muhamedagic <[EMAIL PROTECTED]> > wrote: > > > Hi, > > > > > > > > > On Thu, Feb 14, 2008 at 06:33:11AM -0700, Serge Dubrouski wrote: > > > > On Thu, Feb 14, 2008 at 4:42 AM, Dejan Muhamedagic <[EMAIL > PROTECTED]> wrote: > > > > > Hi, > > > > > > > > > > > > > > > On Wed, Feb 13, 2008 at 08:47:42AM -0700, Serge Dubrouski wrote: > > > > > > > > > > > The problem is that by default PG_DATA isn't readable by > everybody, > > > > > > but OCF spec requires that "status" command should work for any > user, > > > > > > also "stop" command should report service down for for stopped > service > > > > > > for any user as well. That's why I have to use this double logic. > > > > > > > > > > Is that really so? Which specification? At any rate, all resource > > > > > agents are run as user root by lrmd. The RA is of course free to > > > > > switch to another uid where appropriate. > > > > > > > > > > > > > Just before 2.1.3 release I was told by Andrew that it had to work > > > > that way so I had to modify pgsql status function. May be I > > > > misuderstood something.
Did I? Possibly it was me that misunderstood what I was being asked to comment on :-) > > > > > > I think you did, unless Andrew can clarify further. The meta-data > > > and usage must work as any user. The status/monitor sometimes > > > definitely can't. Besides, as I said, all RAs are run as root by > > > the cluster. > > > > That's right. As far as I remember the main question was to report te > > correct status for a stopped resource. Old version of pgsql used to > > report OCF_ERROR instead of OCF_NOTRUNNING for non-root users, that > > was concidered incorrect. > > I still don't understand why should that be considered incorrect > if all RAs (OCF or other) are run as root. For example, some RAs > depend on this to do a su(1) which shouldn't ask for password. > It'd be simply impossible to implement all RAs without the > premise that they are going to run as root. > > > > Anyway the patch thia I attached earlier solves the problem with > > several instances of PostgreSQL running on the same node. You probably > > should put it into Mercury, unless Hideo reports some other problem. > > OK. I was also expecting a definite answer from him. > > Thanks, > > Dejan > > > > > > > Thanks. > > > > Serge Dubrouski. > > _______________________________________________ > > Linux-HA mailing list > > [email protected] > > http://lists.linux-ha.org/mailman/listinfo/linux-ha > > See also: http://linux-ha.org/ReportingProblems > _______________________________________________ > Linux-HA mailing list > [email protected] > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems > _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
