Bug 1276483

Summary: Unprivileged account used for geo-replication needs access to SSL/TLS private key when using TLS on the Management Path
Product: [Community] Gluster-Documentation Reporter: ajs124 <redhat-bugzilla>
Component: OtherAssignee: Anjana Suparna Sriram <asriram>
Status: NEW --- QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: bugs
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description ajs124 2015-10-29 19:55:23 UTC
Description of problem:
As stated in the summary, the unprivileged account used together with mountbroker need to be able to access the TLS private key if glusterd is also set up to use TLS on the management path. This is not mentioned in the admin guide at all.

How reproducible:
Always

Steps to Reproduce:
1. Set up GlusterFS with TLS and enable TLS for the management daemon
2. Try to set up geo replication by following the admin guide (+ no root user)
3. Take hours/days to figure out that the geoaccount needs access to the tls key