Patch to document uid/gid and to default to allowing ais user to access

services of corosync.


git-svn-id: http://svn.fedorahosted.org/svn/corosync/trunk@1988 fd59a12c-fef9-0310-b244-a6a79926bd2f

exec/mainconfig.c

@@ -433,19 +433,20 @@ int corosync_main_config_read (
 		strlen ("aisexec"),
 		&object_find_handle);
 
+	main_config->uid = uid_determine("ais");
+	main_config->gid = gid_determine("ais");
+
 	if (objdb->object_find_next (
 		object_find_handle,
 		&object_service_handle) == 0) {
 
 		if (!objdb_get_string (objdb,object_service_handle, "user", &value)) {
 			main_config->uid = uid_determine(value);
-		} else
-			main_config->uid = uid_determine("ais");
+		}
 
 		if (!objdb_get_string (objdb,object_service_handle, "group", &value)) {
 			main_config->gid = gid_determine(value);
-		} else
-			main_config->gid = gid_determine("ais");
+		}
 	}
 
 	objdb->object_find_destroy (object_find_handle);

man/corosync.conf.5

@@ -55,6 +55,9 @@ This top level directive contains configuration options for logging.
 .TP
 event { }
 This top level directive contains configuration options for the event service.
+.TP
+aisexec { }
+This top level directive contains configuration options for user privilegies.
 
 .PP
 .PP
@@ -502,6 +505,20 @@ enter|leave|trace1|trace2|trace3|...
 
 The default is none.
 
+.PP
+Within the
+.B aisexec
+directive, there are two configuration options which are all optional:
+.TP
+user
+.TP
+group
+These specify the user and group, which is able to run and use corosync.
+In any case, this is able to do root:root. But if you don't want run
+corosync as root, you can use this directives.
+
+The default is ais.
+
 .SH "FILES"
 .TP
 /etc/corosync.conf