ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » Clustering » Not authorized RDQM

Post new topic  Reply to topic
 Not authorized RDQM « View previous topic :: View next topic » 
Author Message
Ganford
PostPosted: Sat Feb 09, 2019 9:26 am    Post subject: Not authorized RDQM Reply with quote

Novice

Joined: 09 Aug 2011
Posts: 22

Hello , I want to ask you just regarding behavior of RDQM. We are just implementing new solution and want to discover if this light version of cluster is the right thing for us. I god stuck while testing the functionality. I have successfully created QM replication, and it is working, but I got strange security issue, no matter what I do, I cannot overcome it. I have worries that I cannot provide you with exact analysis, but I will try at least provide you with configuration details. I hope that somebody has already encountered similar issue and that there just glitch in configuration or minor bug in application which can be easy fixed. This issue is not happening when I do exactly the same just with ordinary locally created QM. All file rights seems to be intact, I have also tried to setup 777 , but with no change. Thank you very much )

---error:
Quote:
endmqm QMRTEST2 (under mqm user or with sudo, or under root)
AMQ7077E: You are not authorized to perform the requested operation.
no error in MQ error logs, no related error in system log, no error in security logs

---OS version:
Quote:
Linux devsrv1.local.com 3.10.0-862.el7.x86_64 #1 SMP Wed Mar 21 18:14:51 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux,

MQ version:
Quote:
Name: IBM MQ
Version: 9.1.0.0
Level: p910-L180709.DE
BuildType: IKAP - (Production)
Platform: IBM MQ for Linux (x86-64 platform)
Mode: 64-bit
O/S: Linux 3.10.0-862.el7.x86_64
InstName: Installation1
InstDesc:
Primary: Yes
InstPath: /opt/mqm
DataPath: /var/mqm
MaxCmdLevel: 910
LicenseType: Developer

---users details:
Quote:
bash-4.2$ groups
mqm root wheel
bash-4.2$ id
uid=985(mqm) gid=1001(mqm) groups=1001(mqm),0(root),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
bash-4.2$ whoami
mqm
bash-4.2$ groups root
root : root mqm

bash-4.2$ dspmq
QMNAME(QMRTEST1) STATUS(Running)
QMNAME(QMRTEST2) STATUS(Running)
QMNAME(TEST1) STATUS(Ended normally)

--FS details
Quote:
ash-4.2$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/rhel-root 47285700 22309988 24975712 48% /
devtmpfs 915644 0 915644 0% /dev
tmpfs 932652 39216 893436 5% /dev/shm
tmpfs 932652 10668 921984 2% /run
tmpfs 932652 0 932652 0% /sys/fs/cgroup
/dev/sda1 1038336 173340 864996 17% /boot
.host:/ 961409020 837229424 124179596 88% /mnt/hgfs
tmpfs 186532 24 186508 1% /run/user/985
/dev/drbd100 487566 52431 405443 12% /var/mqm/vols/qmrtest1
/dev/drbd101 487566 52229 405645 12% /var/mqm/vols/qmrtest2
bash-4.2$ sudo -s
[root@devsrv1 qmgrs]# pvs
PV VG Fmt Attr PSize PFree
/dev/sda2 rhel lvm2 a-- <49.00g 4.00m
/dev/sdb1 drbdpool lvm2 a-- <5.00g <4.02g
[root@devsrv1 qmgrs]# pvsdisplay
bash: pvsdisplay: command not found...
[root@devsrv1 qmgrs]# pvsdisplay^C
[root@devsrv1 qmgrs]# pvdisplay
--- Physical volume ---
PV Name /dev/sda2
VG Name rhel
PV Size <49.00 GiB / not usable 3.00 MiB
Allocatable yes
PE Size 4.00 MiB
Total PE 12543
Free PE 1
Allocated PE 12542
PV UUID pTO6Sk-xNTz-Dw47-cGAG-2Jrp-T08F-VQxnHe

--- Physical volume ---
PV Name /dev/sdb1
VG Name drbdpool
PV Size 5.00 GiB / not usable 4.00 MiB
Allocatable yes
PE Size 4.00 MiB
Total PE 1279
Free PE 1029
Allocated PE 250
PV UUID qbd60Q-sLYN-ZMAc-hHmE-bjJH-0e1j-h6GQ52

[root@devsrv1 qmgrs]# vgs
VG #PV #LV #SN Attr VSize VFree
drbdpool 1 2 0 wz--n- <5.00g <4.02g
rhel 1 2 0 wz--n- <49.00g 4.00m
[root@devsrv1 qmgrs]# vgdisplay drbdpool
--- Volume group ---
VG Name drbdpool
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 3
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 2
Open LV 2
Max PV 0
Cur PV 1
Act PV 1
VG Size <5.00 GiB
PE Size 4.00 MiB
Total PE 1279
Alloc PE / Size 250 / 1000.00 MiB
Free PE / Size 1029 / <4.02 GiB
VG UUID 0hdy0q-63Je-Z14V-loT5-BrmA-L3my-T0R4n6

[root@devsrv1 qmgrs]# lvdisplay ^C
[root@devsrv1 qmgrs]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/rhel-root 47285700 22310008 24975692 48% /
devtmpfs 915644 0 915644 0% /dev
tmpfs 932652 39216 893436 5% /dev/shm
tmpfs 932652 10676 921976 2% /run
tmpfs 932652 0 932652 0% /sys/fs/cgroup
/dev/sda1 1038336 173340 864996 17% /boot
.host:/ 961409020 837229424 124179596 88% /mnt/hgfs
tmpfs 186532 24 186508 1% /run/user/985
/dev/drbd100 487566 52431 405443 12% /var/mqm/vols/qmrtest1
/dev/drbd101 487566 52229 405645 12% /var/mqm/vols/qmrtest2

bash-4.2$ rdqmstatus
Node: devsrv1.local.com

Queue manager name: QMRTEST1
Queue manager status: Running
HA current location: This node

Queue manager name: QMRTEST2
Queue manager status: Running
HA current location: This node
Command '/opt/mqm/bin/rdqmstatus' run with sudo.

ash-4.2$ rdqmstatus -m QMRTEST2
Node: devsrv1.local.com
Queue manager status: Running
CPU: 0.01%
Memory: 130MB
Queue manager file system: 51MB used, 0.5GB allocated [11%]
HA role: Primary
HA status: Normal
HA control: Enabled
HA current location: This node
HA preferred location: This node
HA floating IP interface: None
HA floating IP address: None

Node: devsrv2.local.com
HA status: Normal

Node: devsrv3.local.com
HA status: Normal
Command '/opt/mqm/bin/rdqmstatus' run with sudo.
Back to top
View user's profile Send private message
hughson
PostPosted: Sun Feb 10, 2019 1:58 am    Post subject: Reply with quote

Padawan

Joined: 09 May 2013
Posts: 1914
Location: Bay of Plenty, New Zealand

Ganford wrote:

---users details:
Quote:
bash-4.2$ groups
mqm root wheel
bash-4.2$ id
uid=985(mqm) gid=1001(mqm) groups=1001(mqm),0(root),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
bash-4.2$ whoami
mqm
bash-4.2$ groups root
root : root mqm


Your user ID does not appear to be in the 'haclient' group. This is one of the requirements for RDQM.

Cheers,
Morag
_________________
Morag Hughson @MoragHughson
IBM MQ Technical Education Specialist
Get your IBM MQ training here!
MQGem Software
Back to top
View user's profile Send private message Visit poster's website
Ganford
PostPosted: Fri Feb 15, 2019 2:55 pm    Post subject: Reply with quote

Novice

Joined: 09 Aug 2011
Posts: 22

Hi, yes you are totally right, I came on it later, but now I know for sure . Thanks )
Back to top
View user's profile Send private message
hughson
PostPosted: Fri Feb 15, 2019 9:02 pm    Post subject: Reply with quote

Padawan

Joined: 09 May 2013
Posts: 1914
Location: Bay of Plenty, New Zealand

Glad it's all working for you now.
_________________
Morag Hughson @MoragHughson
IBM MQ Technical Education Specialist
Get your IBM MQ training here!
MQGem Software
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » Clustering » Not authorized RDQM
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.