Managing HP Serviceguard for Linux, Seventh Edition, July 2007

Building an HA Cluster Configuration

Preparing Your Systems

Chapter 5 147

Using the cmclnodelist File

The cmclnodelist file is not created by default in new installations.

When you create it, you may want to add a comment such as the

following at the top of the file:

###########################################################

# Do not edit this file!

# Serviceguard uses this file only to authorize access to an

# unconfigured node. Once the node is configured,

# Serviceguard will not consult this file.

###########################################################

The format for entries in the cmclnodelist file is as follows:

[hostname or IP address] [user] [#Comment]

For example:

gryf root # Cluster 1,Node 1

gryf user1 # Cluster 1, Node 1

sly root # Cluster 1, Node 2

sly user1 # Cluster 1, Node 2

bit root # Administration /COM Server

In this example, root on the nodes gryf, sly, and bit all have root access

to the node with this file. The non-root user “user1” has the Monitor role

from nodes gryf and sly.

Serviceguard also accepts the use of a “+” in the cmclnodelist file which

indicates that any root user on any node may configure this node and any

non-root user has the Monitor role.

Setting Access Controls for Configured Cluster Nodes

Once nodes are configured in a cluster, access-control policies govern

cluster-wide security; changes to cmclnodelist are ignored. The root

user on each cluster node is automatically granted root access to all other

nodes. Other users can be authorized for non-root roles.