Manualshelf

Serviceguard Manager Version A.05.00 Release Notes, October 2005

ManualsBrandsHP ManualsSoftwareHP Serviceguard Manager Software
31323334353637383940
Serviceguard Manager Version A.05.00 Release Notes
Installing and Running Serviceguard Manager
Chapter 136
(all cluster packages) package admin, defined in the cluster
configuration file
full admin (cluster and all of its packages), defined in the cluster
configuration file
For more information about access control policies, see the online help
for Configuring Clusters: Roles.
If you upgraded a cluster to Serviceguard A.11.16 or A.11.17, its
cmclnodelist has been migrated into Access Control Policies. With
A.11.16 and A.11.17, cmclnodelist is gone. If your previous
cmclnodelist file listed the pair <sess.server> <user>, your cluster
configuration now has an Access Control Policy that lists this triplet:
USER_NAME <user>
USER_HOST <sess.server>
USER_ROLE Monitor (All migrated pairs are signed the role of
Monitor, view-only.)
If your old cmclnodelist had the wildcard +, the configuration file now
has an Access Control Policy with wildcards in triplet:
USER_NAME ANY_USER
USER_HOST ANY_SERVICEGUARD_NODE
USER_ROLE MONITOR (All migrated pairs area assigned the role of
Monitor, view-only.)
Only a root user can modify configuration to change Access Control
Policies. You do not have to halt the cluster or any packages, to add,
modify, or delete an Access Control Policy.
If you have a cluster on an A.11.16 or A.11.17 node, be sure to configure
at least one Access Control Policy so your COM has permission to
discover the cluster and its nodes in Serviceguard Manager. Once a
cluster is configured on an A.11.16 or A.11.17 node, Serviceguard will
only check access in the cluster’s configuration files. It will ignore the
.rhosts file and the cmclnodelist file.
Bootstrapping a new A.11.16 or A.11.17 node If no cluster is
configured, you can create a cmclnodelist file to act as a “bootstrap” for
non-root access. Then other session server nodes have Monitor
permission to access the node. Then you will be able to see it on the map
and tree, and read its status and properties. If it is not a part of a cluster