HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: package user
Operating System - HP-UX
1836644
Members
1916
Online
110102
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2010 11:26 PM
07-27-2010 11:26 PM
package user
Hi All,
How can we create a package-user for serviceguard package. This user will be present where the package runs.
I know there are some "Access Control Policy Pararmeters" in cluster config file. I am not sure if this is exactly the thing.
But is there anything apart from this related to "package user"?
Thanks
How can we create a package-user for serviceguard package. This user will be present where the package runs.
I know there are some "Access Control Policy Pararmeters" in cluster config file. I am not sure if this is exactly the thing.
But is there anything apart from this related to "package user"?
Thanks
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-28-2010 12:42 AM
07-28-2010 12:42 AM
Re: package user
Hello,
in the cluster config file, there are 3 access control policy for the CLUSTER
USER_NAME
USER_HOST
USER_ROLE
for USER_ROLE
* MONITOR: read-only capabilities for the cluster and packages
# * PACKAGE_ADMIN: MONITOR, plus administrative commands for packages
# in the cluster
# * FULL_ADMIN: MONITOR and PACKAGE_ADMIN plus the administrative
# commands for the cluster.
Access control policy does not set a role for configuration
# capability. To configure, a user must log on to one of the
# clusterâ s nodes as root (UID=0). Access control
# policy cannot limit root usersâ access.
#
# MONITOR and FULL_ADMIN can only be set in the cluster configuration file,
# and they apply to the entire cluster. PACKAGE_ADMIN can be set in the
# cluster or a package configuration file. If set in the cluster
# configuration file, PACKAGE_ADMIN applies to all configured packages.
# If set in a package configuration file, PACKAGE_ADMIN applies to that
# package only.
in the cluster config file, there are 3 access control policy for the CLUSTER
USER_NAME
USER_HOST
USER_ROLE
for USER_ROLE
* MONITOR: read-only capabilities for the cluster and packages
# * PACKAGE_ADMIN: MONITOR, plus administrative commands for packages
# in the cluster
# * FULL_ADMIN: MONITOR and PACKAGE_ADMIN plus the administrative
# commands for the cluster.
Access control policy does not set a role for configuration
# capability. To configure, a user must log on to one of the
# clusterâ s nodes as root (UID=0). Access control
# policy cannot limit root usersâ access.
#
# MONITOR and FULL_ADMIN can only be set in the cluster configuration file,
# and they apply to the entire cluster. PACKAGE_ADMIN can be set in the
# cluster or a package configuration file. If set in the cluster
# configuration file, PACKAGE_ADMIN applies to all configured packages.
# If set in a package configuration file, PACKAGE_ADMIN applies to that
# package only.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-28-2010 01:44 AM
07-28-2010 01:44 AM
Re: package user
Hi,
Sample "Access Control Policy":
USER_NAME root
USER_HOST node1
USER_ROLE full_admin
USER_NAME root
USER_HOST node2
USER_ROLE full_admin
# Advanced user
USER_NAME user1
USER_HOST CLUSTER_MEMBER_NODE
USER_ROLE package_admin
# Monitor user
USER_NAME user2
USER_HOST CLUSTER_MEMBER_NODE
USER_ROLE monitor
# cmgetconf -v -K -c cluster_name cluster_name.txt
Modify cluster_name.txt to add Policy Parameter.
# cmcheckconf -v -k -C cluster_name.txt
# cmapplyconf -v -k -C cluster_name.txt
rgs,
Sample "Access Control Policy":
USER_NAME root
USER_HOST node1
USER_ROLE full_admin
USER_NAME root
USER_HOST node2
USER_ROLE full_admin
# Advanced user
USER_NAME user1
USER_HOST CLUSTER_MEMBER_NODE
USER_ROLE package_admin
# Monitor user
USER_NAME user2
USER_HOST CLUSTER_MEMBER_NODE
USER_ROLE monitor
# cmgetconf -v -K -c cluster_name cluster_name.txt
Modify cluster_name.txt to add Policy Parameter.
# cmcheckconf -v -k -C cluster_name.txt
# cmapplyconf -v -k -C cluster_name.txt
rgs,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-28-2010 04:52 AM
07-28-2010 04:52 AM
Re: package user
Newer versions of Serviceguard support package-level administration by users.
The modular package configuration file contains the following text:
# Access Control Policy Parameters.
#
# "user_name", "user_host" and "user_role" specify who can administer
# this package.
#
# Three entries set the access control policy for the package: the
# first line must be "user_name", the second "user_host", and the third "user_role".
# Enter a value after each.
#
# 1. "user_name" can either be "any_user", or a maximum of
# 8 login names from the /etc/passwd file on user host.
# 2. "user_host" is where the user can issue Serviceguard commands.
# Choose one of these three values: "any_serviceguard_node",
# or (any) "cluster_member_node", or a specific node. For node,
# use the name portion of the official hostname supplied by the
# domain name server, not the IP addresses or fully qualified name.
# 3. "user_role" must be "package_admin". This role grants permission
# to "monitor", plus for administrative commands for the package.
#
# These policies do not affect root users. Access Policies defined in
# this file must not conflict with policies defined in the cluster
# configuration file.
#
# Example: to configure a role for user john from node noir to
# administer the package, enter:
# user_name john
# user_host noir
# user_role package_admin
#
# Legal values for user_name:
# A string of tokens each of which starts with alphanumeric character and contains
# only alphanumeric and underscore(_) characters. The tokens must be separated by a space
# or a tab character.
# Maximum length of each user_name is 39 character.
#
# Legal values for user_host:
# Any string that starts and ends with an alphanumeric character, and
# contains only alphanumeric characters, dot(.), dash(-), or underscore(_)
# in the middle.
# Maximum length is 39 character.
#
# Legal values for user_role: package_admin.
#user_name
#user_host
#user_role
The modular package configuration file contains the following text:
# Access Control Policy Parameters.
#
# "user_name", "user_host" and "user_role" specify who can administer
# this package.
#
# Three entries set the access control policy for the package: the
# first line must be "user_name", the second "user_host", and the third "user_role".
# Enter a value after each.
#
# 1. "user_name" can either be "any_user", or a maximum of
# 8 login names from the /etc/passwd file on user host.
# 2. "user_host" is where the user can issue Serviceguard commands.
# Choose one of these three values: "any_serviceguard_node",
# or (any) "cluster_member_node", or a specific node. For node,
# use the name portion of the official hostname supplied by the
# domain name server, not the IP addresses or fully qualified name.
# 3. "user_role" must be "package_admin". This role grants permission
# to "monitor", plus for administrative commands for the package.
#
# These policies do not affect root users. Access Policies defined in
# this file must not conflict with policies defined in the cluster
# configuration file.
#
# Example: to configure a role for user john from node noir to
# administer the package, enter:
# user_name john
# user_host noir
# user_role package_admin
#
# Legal values for user_name:
# A string of tokens each of which starts with alphanumeric character and contains
# only alphanumeric and underscore(_) characters. The tokens must be separated by a space
# or a tab character.
# Maximum length of each user_name is 39 character.
#
# Legal values for user_host:
# Any string that starts and ends with an alphanumeric character, and
# contains only alphanumeric characters, dot(.), dash(-), or underscore(_)
# in the middle.
# Maximum length is 39 character.
#
# Legal values for user_role: package_admin.
#user_name
#user_host
#user_role
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-01-2010 10:26 PM
08-01-2010 10:26 PM
Re: package user
Thanks to all for confirming....!
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP