Bug 2049747

Summary: ha_cluster - set permissions for haclient group
Product: Red Hat Enterprise Linux 8 Reporter: Rich Megginson <rmeggins>
Component: rhel-system-rolesAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: David Jež <djez>
Severity: unspecified Docs Contact: Steven J. Levine <slevine>
Priority: unspecified    
Version: 8.6CC: djez, gfialova, lkuprova, mnovacek, nhosoi, pkettman, slevine, spetrosi, tojeline
Target Milestone: rc   
Target Release: 8.6   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: role:ha_cluster
Fixed In Version: rhel-system-roles-1.14.0-1.el8 Doc Type: Bug Fix
Doc Text:
.Default `pcsd` permissions for HA Cluster System Role now allow access for group `haclient` Previously, when a user ran the HA Cluster System Role with the default `pcsd` permissions that were set with the `ha_cluster_pcs_permission_list` variable, only members of the group `hacluster` had access to the cluster. With this fix, the default `pcsd` permissions allow the group `haclient` to manage the cluster and all members of `haclient` can now access and manage the cluster.
 Story Points: ---
Clone Of:
: 2049754 (view as bug list) Environment:
Last Closed: 2022-05-10 14:12:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2049754    
Deadline: 2022-02-08   

Description Rich Megginson 2022-02-02 16:19:42 UTC 
Description of problem:

Previously, permissions were set for 'hacluster' group. Correct name of the group is 'haclient'.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Tomas Jelinek 2022-02-03 10:02:28 UTC 
Verification instructions:
1) run the ha_cluster role with default settings
2) cat /var/lib/pcsd/pcs_settings.conf
3) find "permissions" section
before fix:
  "permissions": {
    "local_cluster": [
      {
        "type": "group",
        "name": "hacluster",
        "allow": [
          "grant",
          "read",
          "write"
        ]
      }
    ]
  }
after fix:
  "permissions": {
    "local_cluster": [
      {
        "type": "group",
        "name": "haclient",
        "allow": [
          "grant",
          "read",
          "write"
        ]
      }
    ]
  }
Comment 19 errata-xmlrpc 2022-05-10 14:12:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:1896
Comment 20 Red Hat Bugzilla 2023-09-15 01:51:34 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 365 days