Serviceguard Manager Version A.04.02 Release Notes, February 2005
Serviceguard Manager Version A.04.02 Release Notes
Installing and Running Serviceguard Manager
Chapter 1 33
In addition, there are four possible non-root roles that can be defined in
the cluster’s configuration files. These are specified as Access Control
Policies in the cluster and package configuration files. Each Access
Policy has three parts:
• User: A username from the host’s /etc/passwd file
• Host: Where the user will issue the command. For Serviceguard
Manager, this is the Session Server node
• Role: Which commands the user may issue on the cluster where the
policy is configured. There are 4 non-root roles:
— monitor (view, read-only), defined in the cluster configuration
file.
This is the only role that does not require the Host node to have
version A.11.16 of Serviceguard.
— (single package) package admin, defined in that package’s
configuration file
— (all cluster packages) package admin, defined in the cluster
configuration file
— full admin (cluster and all of its packages), defined in the cluster
configuration file
For more information about access control policies, see the online help
for Configuring Clusters: Roles.
If you upgraded a cluster to Serviceguard A.11.16, its cmclnodelist has
been migrated into Access Control Policies. With A.11.16, cmclnodelist
is gone. If your previous cmclnodelist file listed the pair
<sess.server> <user>, your cluster configuration now has an Access
Control Policy that lists this triplet:
• USER_NAME <user>
• USER_HOST <sess.server>
• USER_ROLE Monitor (All migrated pairs are signed the role of
Monitor, view-only.)
If your old cmclnodelist had the wildcard +, the configuration file now
has an Access Control Policy with wildcards in triplet:
• USER_NAME ANY_USER