Distributed Replicated Block Device (DRBD) development
 help / color / mirror / Atom feed
From: Heming Zhao <heming.zhao@suse.com>
To: drbd-dev@lists.linbit.com, roland.kammerer@linbit.com
Subject: Re: [PATCH v2 2/2] remove lock file after using it
Date: Thu, 29 May 2025 15:55:07 +0800	[thread overview]
Message-ID: <e9147e87-0a09-41d0-827a-b007d9a30f3a@suse.com> (raw)
In-Reply-To: <6f471202-c821-4d73-ac3c-96b07f605cf1@suse.com>

On 5/29/25 14:59, Heming Zhao wrote:
> Hello,
> 
> On 5/28/25 16:11, Roland Kammerer wrote:
>> On Thu, May 15, 2025 at 10:48:15AM +0800, Heming Zhao wrote:
>>> In a SELinux env, if a user runs as root to set up a DRBD device,
>>> it will leave a lock file in "/var/run/drbd/lock/". Then HA pacemaker
>>> will fail to set up DRBD because of a permission issue.
>>
>> ... ...
> 
> 
> ---- following are the reproducible steps -----
> 
> ## setup vm
> 
> create two VMs:
> - 4 VCPU, 4G mem, one 100M *shared* disk for sbd, one 1G disk for drbd.
> - the sbd is using scsi bus type, drbd disk is using virtio bus type
> 
> 

I forgot to mention that to reproduce this issue, please make sure SELinux
is enabled (default configuration) and the port 7799 is open (or disable firewalld).

- Heming

  reply	other threads:[~2025-05-29  7:55 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-15  2:48 [PATCH v2 0/2] fix drbd-utils minor issues Heming Zhao
2025-05-15  2:48 ` [PATCH v2 1/2] build: changing SUSE release file Heming Zhao
2025-05-28  8:03   ` Roland Kammerer
2025-05-28 10:08     ` Heming Zhao
2025-05-15  2:48 ` [PATCH v2 2/2] remove lock file after using it Heming Zhao
2025-05-28  8:11   ` Roland Kammerer
2025-05-29  6:59     ` Heming Zhao
2025-05-29  7:55       ` Heming Zhao [this message]
2025-05-29  7:57       ` Heming Zhao

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=e9147e87-0a09-41d0-827a-b007d9a30f3a@suse.com \
    --to=heming.zhao@suse.com \
    --cc=drbd-dev@lists.linbit.com \
    --cc=roland.kammerer@linbit.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox