Red Hat Bugzilla – Bug 485462
Normal users cannot run CPG clients if corosync is started by cman.
Last modified: 2016-04-26 19:49:05 EDT
Description of problem:
Run cman, run a CPG client as a non-root user with gid=ais: cpg_init
returns error 11 - access denied. Running the CPG client as root works.
If corosync is started without cman, then running CPG client as non-root user with gid=ais works correctly.
(11:50:11 AM) sdake: if root is uid gid is not checked
(11:51:33 AM) sdake: my guess is the config loader is setting the uid or gid fields in the config file
(11:51:38 AM) sdake: mainconfig.c should do this automatically
(11:51:50 AM) sdake: by config loader, i mean the cman config loader
(11:51:57 AM) sdake: you can put that in the bz aswell
cman sets uid/gid to root. This was mainly to avoid configuration troubles as we otherwise would have had to add users & groups in the packaging for "ais".
If we can add these entries then I'll change cman's config loader.
I've committed fix for this to git. It should turn up in the next Fedora package.
Author: Christine Caulfield <email@example.com>
Date: Wed Feb 18 11:11:56 2009 +0000
cman: Allow connections from unprivileged user/group "ais"