This is where full-blown certificates might be nicer to work with
-- deleting just selected (per some identification) authentication
holders, etc.  On the other hand, such approach might turn to be
Pandora's box on its own.

Provide way to reset certificates and other files as well.

Note: Tomas has already created the ability to use customer certificates and sync them to all nodes.

Fixed upstream here:

https://github.com/feist/pcs/commit/2e74ea2059383cbf247ccc0166b3be5602c4a8c0

Command is 'pcs pcsd clear-auth [--remote] [--local]'.

If you're root it will remove /var/lib/pcsd/tokens, if not ~/.pcs/tokens (with --local)

With --remote it remove /var/lib/pcsd/pcs_users.conf

And without --local or --remote it removes both files.

After Fix:

[root@c3 ~]# rpm -q pcs
pcs-0.9.142-1.el7.x86_64
[root@c3 ~]# ls -lh /var/lib/pcsd/tokens 
-rw-------. 1 root root 357 Jul 10 16:33 /var/lib/pcsd/tokens
[root@c3 ~]# ls -lh /var/lib/pcsd/pcs_users.conf 
-rw-r--r--. 1 root root 1.4K Jul 10 16:33 /var/lib/pcsd/pcs_users.conf
[root@c3 ~]# pcs pcsd clear-auth --remote
[root@c3 ~]# ls -lh /var/lib/pcsd/tokens 
-rw-------. 1 root root 357 Jul 10 16:33 /var/lib/pcsd/tokens
[root@c3 ~]# ls -lh /var/lib/pcsd/pcs_users.conf 
ls: cannot access /var/lib/pcsd/pcs_users.conf: No such file or directory
[root@c3 ~]# pcs pcsd clear-auth --local
[root@c3 ~]# ls -lh /var/lib/pcsd/pcs_users.conf 
ls: cannot access /var/lib/pcsd/pcs_users.conf: No such file or directory
[root@c3 ~]# ls -lh /var/lib/pcsd/tokens 
ls: cannot access /var/lib/pcsd/tokens: No such file or directory
[root@c3 ~]#

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-2290.html