cluster: STABLE3 - build: fix typo in configure
by Fabio M. Di Nitto
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=...
Commit: 585af66d237cb3408c469351a3f69c78a6c4ad1c
Parent: 56a9b09cc269d613bafdb11345f97ca95022032a
Author: Fabio M. Di Nitto <fdinitto(a)redhat.com>
AuthorDate: Fri Jan 8 10:23:23 2010 +0100
Committer: Fabio M. Di Nitto <fdinitto(a)redhat.com>
CommitterDate: Fri Jan 8 10:23:23 2010 +0100
build: fix typo in configure
Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>
---
configure | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/configure b/configure
index 86c7b79..cde3be6 100755
--- a/configure
+++ b/configure
@@ -618,7 +618,7 @@ if (!$enable_legacy_code) {
$cflags="${cflags} -DLEGACY_CODE";
}
if (!$enable_pacemaker) {
- $enable_pacemaker=""
+ $enable_pacemaker="";
}
if (!$without_common) {
$without_common="";
14 years, 3 months
cluster: STABLE3 - rgmanager: Fix compiler warning
by Lon Hohberger
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=...
Commit: 56a9b09cc269d613bafdb11345f97ca95022032a
Parent: 6bc4d0979fb55f170a59574b2ef092284b2e0e79
Author: Lon Hohberger <lhh(a)redhat.com>
AuthorDate: Mon Jan 4 11:05:12 2010 -0500
Committer: Lon Hohberger <lhh(a)redhat.com>
CommitterDate: Thu Jan 7 13:51:31 2010 -0500
rgmanager: Fix compiler warning
Signed-off-by: Lon Hohberger <lhh(a)redhat.com>
---
rgmanager/src/clulib/msg_socket.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/rgmanager/src/clulib/msg_socket.c b/rgmanager/src/clulib/msg_socket.c
index b6b603e..a9c36d6 100644
--- a/rgmanager/src/clulib/msg_socket.c
+++ b/rgmanager/src/clulib/msg_socket.c
@@ -311,10 +311,11 @@ sock_msg_close(msgctx_t *ctx)
static int
sock_msg_accept(msgctx_t *listenctx, msgctx_t *acceptctx)
{
- errno = EINVAL;
struct ucred cred;
socklen_t credlen = sizeof(cred);
+ errno = EINVAL;
+
if (!listenctx || !acceptctx)
return -1;
if (listenctx->u.local_info.sockfd < 0)
14 years, 3 months
cluster: STABLE3 - rgmanager: Allow non-root clustat
by Lon Hohberger
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=...
Commit: 6bc4d0979fb55f170a59574b2ef092284b2e0e79
Parent: 287c8cb0c681bf7d6c62112869105a8a7d995a4b
Author: Lon Hohberger <lhh(a)redhat.com>
AuthorDate: Wed Oct 28 16:54:53 2009 -0400
Committer: Lon Hohberger <lhh(a)redhat.com>
CommitterDate: Thu Jan 7 13:51:31 2010 -0500
rgmanager: Allow non-root clustat
This allows non-root users access to the running cluster
and service states.
This requires you to add a user to the 'root' group,
matching cman_tool's requirements.
Resolves: rhbz#531273
Signed-off-by: Lon Hohberger <lhh(a)redhat.com>
---
rgmanager/include/message.h | 1 +
rgmanager/include/resgroup.h | 1 +
rgmanager/src/clulib/msg_socket.c | 16 +++++++++++++++-
rgmanager/src/clulib/rg_strings.c | 2 ++
rgmanager/src/daemons/Makefile | 2 +-
rgmanager/src/daemons/main.c | 36 +++++++++++++++++++++++++++++++++++-
rgmanager/src/utils/clusvcadm.c | 5 -----
7 files changed, 55 insertions(+), 8 deletions(-)
diff --git a/rgmanager/include/message.h b/rgmanager/include/message.h
index fb3ec9a..e9d7797 100644
--- a/rgmanager/include/message.h
+++ b/rgmanager/include/message.h
@@ -90,6 +90,7 @@ typedef struct ALIGNED _msgctx {
} cluster_info;
struct {
int sockfd;
+ struct ucred cred;
int pad;
} local_info;
} u;
diff --git a/rgmanager/include/resgroup.h b/rgmanager/include/resgroup.h
index 5a13fcf..3afbce2 100644
--- a/rgmanager/include/resgroup.h
+++ b/rgmanager/include/resgroup.h
@@ -198,6 +198,7 @@ int rg_unlock(struct dlm_lksb *p);
/* Return codes */
+#define RG_EPERM -18 /* Permission denied */
#define RG_ERELO -17 /* Relocation failure; service running
on original node */
#define RG_EEXCL -16 /* Service not runnable due to
diff --git a/rgmanager/src/clulib/msg_socket.c b/rgmanager/src/clulib/msg_socket.c
index 130cbd7..b6b603e 100644
--- a/rgmanager/src/clulib/msg_socket.c
+++ b/rgmanager/src/clulib/msg_socket.c
@@ -312,6 +312,8 @@ static int
sock_msg_accept(msgctx_t *listenctx, msgctx_t *acceptctx)
{
errno = EINVAL;
+ struct ucred cred;
+ socklen_t credlen = sizeof(cred);
if (!listenctx || !acceptctx)
return -1;
@@ -327,6 +329,18 @@ sock_msg_accept(msgctx_t *listenctx, msgctx_t *acceptctx)
if (acceptctx->u.local_info.sockfd < 0)
return -1;
+ memset(&cred, 0, sizeof(cred));
+ if (getsockopt(acceptctx->u.local_info.sockfd, SOL_SOCKET,
+ SO_PEERCRED, (void *)&cred, &credlen) < 0) {
+ perror("getsockopt");
+ cred.uid = (uid_t)-1;
+ cred.gid = (gid_t)-1;
+ cred.pid = (pid_t)-1;
+ }
+
+ memcpy(&acceptctx->u.local_info.cred, &cred,
+ sizeof(cred));
+
set_cloexec(acceptctx->u.local_info.sockfd);
acceptctx->flags = (SKF_READ | SKF_WRITE);
@@ -354,7 +368,7 @@ sock_msg_listen(int me, const void *portp, msgctx_t **listen_ctx)
set_cloexec(sock);
unlink(RGMGR_SOCK);
- om = umask(077);
+ om = umask(0117);
su.sun_family = PF_LOCAL;
snprintf(su.sun_path, sizeof(su.sun_path), "%s", path);
diff --git a/rgmanager/src/clulib/rg_strings.c b/rgmanager/src/clulib/rg_strings.c
index cc34a9f..24ee479 100644
--- a/rgmanager/src/clulib/rg_strings.c
+++ b/rgmanager/src/clulib/rg_strings.c
@@ -8,7 +8,9 @@ struct string_val {
const struct string_val rg_error_strings[] = {
+ { RG_EPERM, "Permissing denied" },
{ RG_ERELO, "Failed; service running on original owner" },
+ { RG_EEXCL, "Service not runnable: cannot run exclusive" },
{ RG_EDOMAIN, "Service not runnable" },
{ RG_ESCRIPT, "S/Lang Script Error" },
{ RG_EFENCE, "Fencing operation pending; try again later" },
diff --git a/rgmanager/src/daemons/Makefile b/rgmanager/src/daemons/Makefile
index de36971..94e0dbb 100644
--- a/rgmanager/src/daemons/Makefile
+++ b/rgmanager/src/daemons/Makefile
@@ -40,7 +40,7 @@ OBJS2= test-noccs.o \
rg_locks-noccs.o \
event_config-noccs.o
-CFLAGS += -DSHAREDIR=\"${sharedir}\"
+CFLAGS += -DSHAREDIR=\"${sharedir}\" -D_GNU_SOURCE
CFLAGS += -fPIC
CFLAGS += -I${ccsincdir} -I${cmanincdir} -I${dlmincdir} -I${logtincdir}
CFLAGS += `xml2-config --cflags` -I${slangincdir}
diff --git a/rgmanager/src/daemons/main.c b/rgmanager/src/daemons/main.c
index 883266a..885d89d 100644
--- a/rgmanager/src/daemons/main.c
+++ b/rgmanager/src/daemons/main.c
@@ -14,6 +14,7 @@
#include <msgsimple.h>
#include <vf.h>
#include <lock.h>
+#include <sys/socket.h>
#include <message.h>
#include <rg_queue.h>
#include <malloc.h>
@@ -338,11 +339,17 @@ do_lockreq(msgctx_t *ctx, int req)
static int
dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
{
- int ret = 0, sz = -1, nid;
+ int ret = 0, sz = -1, nid, read_only = 1;
char msgbuf[4096];
generic_msg_hdr *msg_hdr = (generic_msg_hdr *)msgbuf;
SmMessageSt *msg_sm = (SmMessageSt *)msgbuf;
+ if (ctx->type == MSG_CLUSTER) {
+ read_only = 0;
+ } else if (ctx->u.local_info.cred.uid == 0) {
+ read_only = 0;
+ }
+
memset(msgbuf, 0, sizeof(msgbuf));
/* Peek-a-boo */
@@ -396,6 +403,10 @@ dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
case RG_LOCK:
case RG_UNLOCK:
+ if (read_only) {
+ msg_send_simple(ctx, RG_FAIL, RG_EPERM, 0);
+ goto out;
+ }
if (rg_quorate())
do_lockreq(ctx, msg_hdr->gh_command);
break;
@@ -408,6 +419,10 @@ dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
break;
case RG_ACTION_REQUEST:
+ if (read_only) {
+ msg_send_simple(ctx, RG_FAIL, RG_EPERM, 0);
+ goto out;
+ }
if (sz < (int)sizeof(msg_sm)) {
logt_print(LOG_ERR,
@@ -476,6 +491,11 @@ dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
return 0;
case RG_EVENT:
+ if (read_only) {
+ msg_send_simple(ctx, RG_FAIL, RG_EPERM, 0);
+ goto out;
+ }
+
/* Service event. Run a dependency check */
if (sz < (int)sizeof(msg_sm)) {
logt_print(LOG_ERR,
@@ -498,6 +518,11 @@ dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
break;
case RG_EXITING:
+ if (read_only) {
+ msg_send_simple(ctx, RG_FAIL, RG_EPERM, 0);
+ goto out;
+ }
+
if (!member_online(msg_hdr->gh_arg1))
break;
@@ -508,6 +533,11 @@ dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
break;
case VF_MESSAGE:
+ if (read_only) {
+ msg_send_simple(ctx, RG_FAIL, RG_EPERM, 0);
+ goto out;
+ }
+
/* Ignore; our VF thread handles these
- except for VF_CURRENT XXX (bad design) */
if (msg_hdr->gh_arg1 == VF_CURRENT)
@@ -515,6 +545,10 @@ dispatch_msg(msgctx_t *ctx, int nodeid, int need_close)
break;
default:
+ if (read_only) {
+ goto out;
+ }
+
logt_print(LOG_DEBUG, "unhandled message request %d\n",
msg_hdr->gh_command);
break;
diff --git a/rgmanager/src/utils/clusvcadm.c b/rgmanager/src/utils/clusvcadm.c
index d543d27..137837a 100644
--- a/rgmanager/src/utils/clusvcadm.c
+++ b/rgmanager/src/utils/clusvcadm.c
@@ -235,11 +235,6 @@ main(int argc, char **argv)
const char *actionstr = NULL;
cluster_member_list_t *membership;
- if (geteuid() != (uid_t) 0) {
- fprintf(stderr, "%s must be run as the root user.\n", argv[0]);
- return 1;
- }
-
while ((opt = getopt(argc, argv, "lSue:M:d:r:n:m:FvR:s:Z:U:qh?")) != EOF) {
switch (opt) {
case 'l':
14 years, 3 months
cluster: STABLE3 - gfs: disable gfs kernel and userland tool build by default
by Fabio M. Di Nitto
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=...
Commit: 287c8cb0c681bf7d6c62112869105a8a7d995a4b
Parent: dcfbe7b0ae44bfc84c1e6ec20f643c8bf8deefb5
Author: Fabio M. Di Nitto <fdinitto(a)redhat.com>
AuthorDate: Wed Jan 6 20:28:34 2010 +0100
Committer: Fabio M. Di Nitto <fdinitto(a)redhat.com>
CommitterDate: Wed Jan 6 20:28:34 2010 +0100
gfs: disable gfs kernel and userland tool build by default
it's still possible to enable them via configure
Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>
---
Makefile | 9 +++++++--
configure | 18 +++++++++---------
make/defines.mk.input | 4 ++--
3 files changed, 18 insertions(+), 13 deletions(-)
diff --git a/Makefile b/Makefile
index b5eb7c8..223c75d 100644
--- a/Makefile
+++ b/Makefile
@@ -7,19 +7,24 @@ REALSUBDIRS = gfs-kernel/src/gfs \
SUBDIRS = $(filter-out \
$(if ${without_common},common) \
- $(if ${without_gfs-kernel/src/gfs},gfs-kernel/src/gfs) \
$(if ${without_config},config) \
$(if ${without_cman},cman) \
$(if ${without_dlm},dlm) \
$(if ${without_fence},fence/libfenced) \
$(if ${without_group},group) \
$(if ${without_fence},fence) \
- $(if ${without_gfs},gfs) \
$(if ${without_gfs2},gfs2) \
$(if ${without_rgmanager},rgmanager) \
$(if ${without_bindings},bindings) \
, $(REALSUBDIRS))
+ifdef enable_gfs
+SUBDIRS += gfs
+endif
+ifdef enable_gfs-kernel/src/gfs
+SUBDIRS += gfs-kernel/src/gfs
+endif
+
all: ${SUBDIRS}
${SUBDIRS}:
diff --git a/configure b/configure
index 1522ccd..86c7b79 100755
--- a/configure
+++ b/configure
@@ -98,7 +98,7 @@ my %options = (
without_group => \$without_group,
without_fence => \$without_fence,
without_fence_agents => \$without_fence_agents,
- without_gfs => \$without_gfs,
+ enable_gfs => \$enable_gfs,
without_gfs2 => \$without_gfs2,
without_rgmanager => \$without_rgmanager,
without_resource_agents => \$without_resource_agents,
@@ -186,7 +186,7 @@ my $err = &GetOptions (\%options,
'without_group',
'without_fence',
'without_fence_agents',
- 'without_gfs',
+ 'enable_gfs',
'without_gfs2',
'without_rgmanager',
'without_resource_agents',
@@ -281,7 +281,7 @@ if ($help || !$err) {
print "--without_group\tDisable group building (Default: enabled)\n";
print "--without_fence\tDisable fence building (Default: enabled)\n";
print "--without_fence_agents\tDisable fence_agents building (Default: enabled)\n";
- print "--without_gfs\tDisable gfs building (Default: enabled)\n";
+ print "--enable_gfs\tEnable gfs building (Default: disabled)\n";
print "--without_gfs2\tDisable gfs2 building (Default: enabled)\n";
print "--without_rgmanager\tDisable rgmanager building (Default: enabled)\n";
print "--without_resource_agents\tDisable resource agents building (Default: enabled)\n";
@@ -643,8 +643,8 @@ if (!$without_fence_agents) {
} else {
$fence_agents="none";
}
-if (!$without_gfs) {
- $without_gfs="";
+if (!$enable_gfs) {
+ $enable_gfs="";
}
if (!$without_gfs2) {
$without_gfs2="";
@@ -659,9 +659,9 @@ if (!$without_bindings) {
$without_bindings="";
}
if (!$without_kernel_modules) {
- $without_gfskernel=$without_gfs;
+ $enable_gfskernel=$enable_gfs;
} else {
- $without_gfskernel=1;
+ $enable_gfskernel="";
}
if (!$disable_kernel_check) {
$disable_kernel_check=0;
@@ -781,8 +781,8 @@ while (<IFILE>) {
$_ =~ s/\@DISABLE_DLM\@/$without_dlm/;
$_ =~ s/\@DISABLE_GROUP\@/$without_group/;
$_ =~ s/\@DISABLE_FENCE\@/$without_fence/;
- $_ =~ s/\@DISABLE_GFS\@/$without_gfs/;
- $_ =~ s/\@DISABLE_GFSKERNEL\@/$without_gfskernel/;
+ $_ =~ s/\@ENABLE_GFS\@/$enable_gfs/;
+ $_ =~ s/\@ENABLE_GFSKERNEL\@/$enable_gfskernel/;
$_ =~ s/\@DISABLE_GFS2\@/$without_gfs2/;
$_ =~ s/\@DISABLE_RGMANAGER\@/$without_rgmanager/;
$_ =~ s/\@DISABLE_RESOURCE_AGENTS\@/$without_resource_agents/;
diff --git a/make/defines.mk.input b/make/defines.mk.input
index d36db8b..2834872 100644
--- a/make/defines.mk.input
+++ b/make/defines.mk.input
@@ -73,14 +73,14 @@ experimental_build ?= @ENABLE_CRACK_OF_THE_DAY@
legacy_code ?= @ENABLE_LEGACY_CODE@
contrib_code ?= @ENABLE_CONTRIB@
enable_pacemaker ?= @ENABLE_PACEMAKER@
-without_gfs-kernel/src/gfs ?= @DISABLE_GFSKERNEL@
+enable_gfs-kernel/src/gfs ?= @ENABLE_GFSKERNEL@
without_common ?= @DISABLE_COMMON@
without_config ?= @DISABLE_CONFIG@
without_cman ?= @DISABLE_CMAN@
without_dlm ?= @DISABLE_DLM@
without_group ?= @DISABLE_GROUP@
without_fence ?= @DISABLE_FENCE@
-without_gfs ?= @DISABLE_GFS@
+enable_gfs ?= @ENABLE_GFS@
without_gfs2 ?= @DISABLE_GFS2@
without_rgmanager ?= @DISABLE_RGMANAGER@
without_resource_agents ?= @DISABLE_RESOURCE_AGENTS@
14 years, 3 months
fence-agents: master - fence lpar: fix quoting
by Fabio M. Di Nitto
Gitweb: http://git.fedorahosted.org/git/fence-agents.git?p=fence-agents.git;a=com...
Commit: 55937766711d33f8941682cc76ac9fae1661c1ca
Parent: 1c1883f8d650a8c1b1fe03ad4a47654031be4c96
Author: Fabio M. Di Nitto <fdinitto(a)redhat.com>
AuthorDate: Wed Jan 6 20:14:21 2010 +0100
Committer: Fabio M. Di Nitto <fdinitto(a)redhat.com>
CommitterDate: Wed Jan 6 20:16:27 2010 +0100
fence lpar: fix quoting
Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>
---
fence/agents/lpar/fence_lpar.py | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/fence/agents/lpar/fence_lpar.py b/fence/agents/lpar/fence_lpar.py
index 444cacf..3c4cc8c 100644
--- a/fence/agents/lpar/fence_lpar.py
+++ b/fence/agents/lpar/fence_lpar.py
@@ -138,8 +138,9 @@ def main():
atexit.register(atexit_handler)
- all_opt["login_timeout"]["default"] = 15
- all_opt["secure"]["default"] = 1
+ all_opt["login_timeout"]["default"] = "15"
+ all_opt["secure"]["default"] = "1"
+
options = check_input(device_opt, process_input(device_opt))
##
14 years, 3 months
cluster: STABLE3 - fence lpar: fix quoting
by Fabio M. Di Nitto
Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=...
Commit: dcfbe7b0ae44bfc84c1e6ec20f643c8bf8deefb5
Parent: e58857309b1491f4b780211eea9523589a1cdf66
Author: Fabio M. Di Nitto <fdinitto(a)redhat.com>
AuthorDate: Wed Jan 6 20:14:21 2010 +0100
Committer: Fabio M. Di Nitto <fdinitto(a)redhat.com>
CommitterDate: Wed Jan 6 20:14:21 2010 +0100
fence lpar: fix quoting
Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>
---
fence/agents/lpar/fence_lpar.py | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fence/agents/lpar/fence_lpar.py b/fence/agents/lpar/fence_lpar.py
index c8bf22f..00ea66c 100644
--- a/fence/agents/lpar/fence_lpar.py
+++ b/fence/agents/lpar/fence_lpar.py
@@ -138,8 +138,8 @@ def main():
atexit.register(atexit_handler)
- all_opt["login_timeout"]["default"] = 15
- all_opt["secure"]["default"] = 1
+ all_opt["login_timeout"]["default"] = "15"
+ all_opt["secure"]["default"] = "1"
options = check_input(device_opt, process_input(device_opt))
14 years, 3 months