Bug 1359154
| Summary: | pcs authentication command does not trigger authentication of nodes against each other | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Miroslav Lisik <mlisik> | ||||
| Component: | pcs | Assignee: | Tomas Jelinek <tojeline> | ||||
| Status: | CLOSED ERRATA | QA Contact: | cluster-qe <cluster-qe> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 7.2 | CC: | cfeist, cluster-maint, idevat, jpokorny, omular, rsteiger, tojeline | ||||
| Target Milestone: | rc | Keywords: | Regression | ||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | pcs-0.9.152-5.el7 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2016-11-03 20:59:30 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
This would also let adherents of clufter's "pcs commands" output down. ISTR it used to work correctly. Fixing this defect should be prioritized. Clarification of the reproducer: When I wrote "cluster node(s)" I actually meant nodes set apart for cluster. There should not be any cluster configuration on the nodes at the time of executing pcs authentication command. Created attachment 1184205 [details]
proposed fix
Before Fix: [vm-rhel72-1 /tmp] $ rpm -q pcs pcs-0.9.152-4.el7.x86_64 [vm-rhel72-1 /tmp] $ pcs cluster auth vm-rhel72-1 booth1 Username: hacluster Password: booth1: Authorized vm-rhel72-1: Authorized [booth1 ~pcs # booth-master] $ rpm -q pcs pcs-0.9.152-4.el7.x86_64 [booth1 ~pcs # booth-master] $ pcs status pcsd vm-rhel72-1 vm-rhel72-1: Unable to authenticate After Fix: [vm-rhel72-1 /tmp] $ rpm -q pcs pcs-0.9.152-5.el7.x86_64 [vm-rhel72-1 /tmp] $ pcs cluster auth vm-rhel72-1 booth1 Username: hacluster Password: booth1: Authorized vm-rhel72-1: Authorized [booth1 ~pcs # booth-master] $ rpm -q pcs pcs-0.9.152-5.el7.x86_64 [booth1 ~pcs # booth-master] $ pcs status pcsd vm-rhel72-1 vm-rhel72-1: Online Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2596.html |
Description of problem: The pcs authentication command (pcs cluster auth ...) does not trigger authentication of nodes against each other. Only the node where authentication command was executed is authenticated against listed nodes on command line. Version-Release number of selected component (if applicable): pcs-0.9.152-4.el7.x86_64 How reproducible: always Steps to Reproduce: 1. Run pcs authentication command on a cluster node virt-270 - cluster node virt-269 - cluster node [root@virt-270 ~]# pcs cluster auth virt-269 virt-270 Username: hacluster Password: virt-270: Authorized virt-269: Authorized 2. Check pcd status on other cluster node [root@virt-269 ~]# pcs status pcsd virt-269 virt-270 virt-269: Unable to authenticate virt-270: Unable to authenticate Actual results: Only the node where pcs authentication command was executed is authenticated against listed nodes on the command line. Expected results: The node where the authentication command was executed is authenticated against listed nodes and listed nodes are authenticated against themselves [root@virt-100 ~]# pcs cluster auth virt-{101..110} Username: hacluster Password: virt-109: Authorized virt-108: Authorized virt-107: Authorized virt-110: Authorized virt-105: Authorized virt-104: Authorized virt-103: Authorized virt-102: Authorized virt-101: Authorized virt-106: Authorized [root@virt-100 ~]# pcs status pcsd virt-{101..110} virt-101: Online virt-102: Online virt-103: Online virt-104: Online virt-105: Online virt-106: Online virt-107: Online virt-108: Online virt-109: Online virt-110: Online Also there should be the same result of 'pcs status pcsd virt-101..110}' on the nodes virt-{101..110}.