table of contents
- Tumbleweed 3.0.1+20251208.f7f28ab3-1.1
- Leap-16.0
- Leap-15.6
| PACEMAKER(8) | System Administration Utilities | PACEMAKER(8) |
NAME¶
Pacemaker - Part of the Pacemaker cluster resource manager
SYNOPSIS¶
cibsecret [OPTION?] <subcommand> [options]
DESCRIPTION¶
cibsecret - manage sensitive information in Pacemaker CIB
OPTIONS¶
Help Options:¶
- -h, --help
- Show help options
- --help-all
- Show all help options
- --help-output
- Show output help
Output Options:¶
- --output-as=FORMAT
- Specify output format as one of: text (default), xml
- --output-to=DEST
- Specify file name for output (or "-" for stdout)
Application Options:¶
- -$, --version
- Display software version and exit
- -V, --verbose
- Increase debug output (may be specified multiple times)
- -C, --no-cib
- Don't read or write the CIB
This command manages sensitive resource parameter values that should not be stored directly in Pacemaker's Cluster Information Base (CIB). Such values are handled by storing a special string directly in the CIB that tells Pacemaker to look in a separate, protected file for the actual value.
The secret files are not encrypted, but protected by file system permissions such that only root can read or modify them.
Since the secret files are stored locally, they must be synchronized across all cluster nodes. This command handles the synchronization using (in order of preference) pssh, pdsh, or ssh, so one of those must be installed. Before synchronizing, this command will ping the cluster nodes to determine which are alive, using fping if it is installed, otherwise the ping command. Installing fping is strongly recommended for better performance.
SUBCOMMANDS¶
check <resource-id> <resource-parameter>
- Verify that the locally stored value of a sensitive resource parameter matches its locally stored MD5 hash.
delete <resource-id> <resource-parameter>
- Remove a sensitive resource parameter value.
get <resource-id> <resource-parameter>
- Display the locally stored value of a sensitive resource parameter.
set <resource-id> <resource-parameter> <value>
- Set the value of a sensitive resource parameter.
stash <resource-id> <resource-parameter>
- Make a non-sensitive resource parameter that is already in the CIB sensitive (move its value to a locally stored and protected file). This may not be used with -C.
sync
- Copy all locally stored secrets to all other nodes.
unstash <resource-id> <resource-parameter>
- Make a sensitive resource parameter that is already in the CIB non-sensitive (move its value from the locally stored file to the CIB). This may not be used with -C.
KNOWN LIMITATIONS¶
This command can only be run from full cluster nodes (not Pacemaker Remote nodes).
Changes are not atomic, so the cluster may use different values while a change is in progress. To avoid problems, it is recommended to put the cluster in maintenance mode when making changes with this command.
Changes in secret values do not trigger an agent reload or restart of the affected resource, since they do not change the CIB. If a response is desired before the next cluster recheck interval, any CIB change (such as setting a node attribute) will trigger it.
If any node is down when changes to secrets are made, or a new node is later added to the cluster, it may have different values when it joins the cluster, before 'cibsecret sync' is run. To avoid this, it is recommended to run the sync command (from another node) before starting Pacemaker on the node.
EXAMPLES¶
# cibsecret set ipmi_node1 passwd SecreT_PASS
# cibsecret get ipmi_node1 passwd
# cibsecret check ipmi_node1 passwd
# cibsecret stash ipmi_node2 passwd
# cibsecret sync
AUTHOR¶
Written by Andrew Beekhof and the Pacemaker project contributors
| January 2026 | Pacemaker 3.0.1+20251208.f7f28ab3-1.1 |