Executive Summary
Serviceguard Manager
Overview
Purpose of this Document
The
To service a user request, SgmgrPI uses the Serviceguard command line interface (CLI) to manipulate the managed cluster on behalf of the remote user. It is critical that the Serviceguard access control policy is strictly observed and enforced through this
This paper describes the SgmgrPI security model in the context of its integration with SMH and Serviceguard.
Scope of this Document
This white paper focuses on the SgmgrPI security model with respect to its integration with SMH and Serviceguard. It inspects the complete access path as a request travels through SMH, SgmgrPI and Serviceguard. This paper will reference the SMH and Serviceguard security models, but not elaborate in detail. The "Related Documents" section provides a list of references that provide the relevant detailed information not covered here.
Audience
This white paper is intended to be used by an operator, system administrator, or anyone interested in reviewing the security of SgmgrPI.
Terms and Definitions
Term | Definition |
|
|
Node | A host system or server that is configured to be a member of a Serviceguard cluster |
|
|
PAM | Pluggable Authentication Module. It is an architecture that is specified in Open Group RFC 86.0. |
| PAM allows multiple authentication technologies to coexist. The /etc/pam.conf configuration file |
| determines the authentication module to use that is transparent to the applications |
|
|
Package | Application services (individual Linux processes) grouped together and managed as a unit within |
| Serviceguard in the event that a failover is required |
|
|
RBAC | Role Based Access Control. An access control policy used by Serviceguard Manager and |
| Serviceguard to authorize access to its data and operations |
|
|
