Description of problem: Run cman, run a CPG client as a non-root user with gid=ais: cpg_init returns error 2 - library. Running the CPG client as root works. If openais is started without cman, then running CPG client as non-root user with gid=ais works correctly. This bug is almost identical to 485462, but cpg_init returns a different error code.
The fix is trivial, and in Fedora 10. If you really need this in RHEL-5 we'll need some ACKs.
Committed for RHEL5.4 commit 49e8d4b32390184b1794b90b11865d8d60ee352d Author: Christine Caulfield <ccaulfie> Date: Fri Mar 27 15:23:30 2009 +0000 cman: Allow connections from unprivileged user/group "ais"
Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: cman set the objdb keys "user" and "group" to the value "root" so that only root could access openais services. Consequence: Any user other than root that tried to run service that connected to openais would be rejected as a privilege violation. Fix: The values of "user" and "group" were set to be "ais" Result: Users that are a member of the "ais" group can now run openais service programs
~~ Attention - RHEL 5.4 Beta Released! ~~ RHEL 5.4 Beta has been released! There should be a fix present in the Beta release that addresses this particular request. Please test and report back results here, at your earliest convenience. RHEL 5.4 General Availability release is just around the corner! If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity. Please do not flip the bug status to VERIFIED. Only post your verification results, and if available, update Verified field with the appropriate value. Questions can be posted to this bug or your customer or partner representative.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-1341.html