Managing HP Serviceguard for Linux, Sixth Edition, August 2006
Building an HA Cluster Configuration
Preparing Your Systems
Chapter 5128
Setting access control policies uses different mechanisms depending on
the state of the node. Nodes not configured into a cluster use different
security configurations than nodes in a cluster. The following two
sections discuss how to configure these access control policies.
Setting Controls for an Unconfigured Node
Serviceguard access control policies define what a remote node can do to
the local node. A new install of Serviceguard will not have any access
control policies defined. To enable this node to be included in a cluster, a
policy must be defined to allow access for root from the other potential
cluster nodes. For Serviceguard Manager, policies must be defined to
allow remote COM servers to Monitor or configure the node. These
policies will only be in effect while a node is not configured into a cluster.
Unconfigured nodes may authorize two levels of access to remote users:
root and non-root. Users with root access may use any cluster
configuration commands. Users with non-root access are assigned the
Monitor role giving them read-only access to the nodes configuration.
When a Serviceguard node is not configured in a cluster it relies on one
of two possible security mechanisms for authorizing remote users:
• If the file $SGCONF/cmclnodelist file exists, Serviceguard will use
its contents to authorize remote users.
• The host equivalency files used by r-commands, ~/.rhosts and
/etc/hosts.equiv (hostsequiv).
The use of cmclnodelist is strongly recommended.
Serviceguard will check for the existence of $SGCONF/cmclnodelist
before attempting to access hostsequiv. If the file exists, Serviceguard
will not check other authorization mechanisms. With regard to
Serviceguard, using either cmclnodelist or hostsequiv provides the
same levels of security. Administrators may choose to use cmclnodelist
file instead of hostsequiv in installations which may wish to limit
r-command access.
For backwards compatibility, a node in an unconfigured state may define
access control policies based on IP address. The primary IP address on
each interface Serviceguard uses for communication must have it's own
policy if name services are not configured as specified above. Once a node
is configured into a cluster, IP addresses can no longer be used for these
policies.