Hello Larry, On 12/09/2011 11:15 PM, Larry Brigman wrote: > I have installed pacemaker 1.1.5 and configure ACLs based on the info from > http://www.clusterlabs.org/doc/acls.html > > It looks like the user still does not have read access. > > Here is the acl section of config > <acls> > <acl_role id="monitor"> > <read id="monitor-read" xpath="/cib"/> > </acl_role> > <acl_user id="nvs"> > <role_ref id="monitor"/> > </acl_user> > <acl_user id="acm"> > <role_ref id="monitor"/> > </acl_user> > </acls> > > Here is what the user is getting: > [nvs@sweng0057 ~]$ crm node show > Signon to CIB failed: connection failed > Init failed, could not perform requested operations > ERROR: cannot parse xml: no element found: line 1, column 0 > [nvs@sweng0057 ~]$ crm status > > Connection to cluster failed: connection failed > > > Any ideas as to why this wouldn't work and what to fix?
If you really followed exactly the guide ... did you check user nvs already is in group "haclient"? You may only need to "reload" group membership for nvs by doing a logout/login or a "su - nvs". Regards, Andreas -- Need help with Pacemaker? http://www.hastexo.com/now > > > > _______________________________________________ > Pacemaker mailing list: Pacemaker@oss.clusterlabs.org > http://oss.clusterlabs.org/mailman/listinfo/pacemaker > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: http://bugs.clusterlabs.org
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org
