Bug 908447

Summary: Use proper uid/gid for hacluster account as reserved in docs
Product: Red Hat Enterprise Linux 7 Reporter: Radek Steiger <rsteiger>
Component: pacemakerAssignee: Andrew Beekhof <abeekhof>
Status: CLOSED CURRENTRELEASE QA Contact: Cluster QE <mspqa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0CC: cluster-maint
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: pacemaker-1.1.10-6.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 908450 (view as bug list) Environment:
Last Closed: 2014-06-16 06:32:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Radek Steiger 2013-02-06 17:39:57 UTC 
Description of problem:


Pacemaker package uses groupadd/useradd without specifying the gid/uid number, making the OS assigning a non-system account with gid/uid >500:

getent group haclient >/dev/null || groupadd -r haclient
getent passwd hacluster >/dev/null || useradd -r -g haclient -s /sbin/nologin -c "heartbeat user" hacluster


Within bug 872208 request a gid/uid pair has been already reserved in the setup package as seen in the /usr/share/doc/setup-2.8.63/uidgid file:

# grep pacemaker -i /usr/share/doc/setup-2.8.63/uidgid
hacluster	189	-	/		/sbin/nologin	pacemaker
haclient	-	189	-		-	pacemaker


Please, fix the pre-inst script to correctly assign the reserved gid/uid when installing pacemaker rpms.


# rpm -q pacemaker setup
pacemaker-1.1.8-4.el7.x86_64
setup-2.8.63-1.el7.noarch
Comment 2 Andrew Beekhof 2013-02-27 02:04:47 UTC 
Spec file updated


-getent group %{gname} >/dev/null || groupadd -r %{gname}
-getent passwd %{uname} >/dev/null || useradd -r -g %{gname} -s /sbin/nologin -c "heartbeat user" %{uname}
+getent group %{gname} >/dev/null || groupadd -r %{gname} -g 189
+getent passwd %{uname} >/dev/null || useradd -r -g %{gname} -u 189 -s /sbin/nologin -c "cluster user" %{uname}


Will be included in the next build.