Hi, I'm sill looking at how to fix the ACLs support of pacemaker.
AFAICS, if a server is ran by root, when a client connects to it, the "/dev/shm/qb-*" file will be chown to the client's uid/gid. While if a server is ran by an ordinary user and being connected by another ordinary user, since the server doesn't have the permission to chown the file to another user, and the file mode is 0600, so the client will get "permission denied ".
Cib daemon runs as "uid: hacluster, gid: root", and we want all the users in "haclient" group have access to CIB. Is there any way for cib daemon to know the file path or the fd for a request, so that it can change the mode/group of the file? Or are there any other solutions for this?
Thanks, Gao,Yan