Pacemaker ACLs allow disable actions but not enable actions

Solution Verified - Updated -

Issue

  • An ACL that is intended to allow a user to modify/enable/disable specific attributes does not allow an enable action.
  • User gets "Permission denied" error when enabling a resource or attribute.
[user1@rh76-node1 ~]$ pcs resource enable d2
Error: Unable to update cib
Call cib_apply_diff failed (-13): Permission denied

Environment

  • Red Hat Enterprise Linux 7 (with the High Availability Add-on)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content