[Debian-ha-maintainers] Bug#974563: corosync unable to communicate with pacemaker 1.1.16-1+deb9u1 which contains the fix for CVE-2020-25654
Pallai Roland
pallair at magex.hu
Thu Nov 12 17:21:28 GMT 2020
Hi Markus,
The problem is still the same here:
Nov 12 18:14:46 srv1 lrmd[990]: warning: Rejecting IPC request
'lrmd_rsc_info' from unprivileged client crmd
Nov 12 18:14:46 srv1 lrmd[990]: warning: Rejecting IPC request
'lrmd_rsc_register' from unprivileged client crmd
Nov 12 18:14:46 srv1 crmd[993]: error: Could not add resource
dummy_activenode to LRM nmsrv1
Nov 12 18:14:46 srv1 crmd[993]: error: Invalid resource definition for
dummy_activenode
[root at srv1 root]# dpkg -l pacemaker
ii pacemaker 1.1.16-1+deb9u1.1 amd64 cluster
resource manager
Downgrading to "pacemaker=1.1.16-1" fixed it again.
On 2020. november 12., csütörtök 17:51:28 CET, Markus Koschany wrote:
> Thanks for reporting. This is a permission problem. I assume
> your clients are
> local and not remote and you don't use the tls_backend. I have
> prepared another
> update that should grant the local hacluser clients the
> necessary privileges.
> You can download the source and binary files from
>
> https://people.debian.org/~apo/lts/pacemaker/
>
> Please report back if this fixes the problem. If not, please
> send me your log
> file via private email after you have set the logfile_priority to debug in
> corosync.conf.
More information about the Debian-ha-maintainers
mailing list