From 5db1eab29d20f55bd0654d32cad176deb42f05ed Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 03 2016 06:21:53 +0000 Subject: import fence-virt-0.3.2-5.el7 --- diff --git a/SOURCES/bz1078197-fix_broken_restrictions_on_the_port_ranges.patch b/SOURCES/bz1078197-fix_broken_restrictions_on_the_port_ranges.patch new file mode 100644 index 0000000..228236e --- /dev/null +++ b/SOURCES/bz1078197-fix_broken_restrictions_on_the_port_ranges.patch @@ -0,0 +1,44 @@ +From 630f390d94254c0b689e9ba386479f2e56f37784 Mon Sep 17 00:00:00 2001 +From: Ryan McCabe +Date: Tue, 3 Mar 2015 13:38:25 -0500 +Subject: [PATCH] fence-virt: Fix broken restrictions on the port ranges + +Fix broken port range check. + +Resolves: rhbz#1078197 + +Signed-off-by: Ryan McCabe +--- + client/options.c | 2 +- + server/config.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/client/options.c b/client/options.c +index 653fae4..a44c15f 100644 +--- a/client/options.c ++++ b/client/options.c +@@ -134,7 +134,7 @@ assign_port(fence_virt_args_t *args, struct arg_info *arg, char *value) + return; + + args->net.port = atoi(value); +- if (args->net.port <= 0 || args->net.port >= 65500) { ++ if (args->net.port <= 0 || args->net.port >= 65536) { + printf("Invalid port: '%s'\n", value); + args->flags |= F_ERR; + } +diff --git a/server/config.c b/server/config.c +index 87d826e..6ba8b6d 100644 +--- a/server/config.c ++++ b/server/config.c +@@ -239,7 +239,7 @@ listener_config_multicast(config_object_t *config) + text_input("Multicast IP Port", val, inp, sizeof(inp)); + + done = atoi(inp); +- if (done <= 0 || done > 65534) { ++ if (done <= 0 || done >= 65536) { + printf("Port value '%s' is out of range\n", val); + continue; + } +-- +2.5.5 + diff --git a/SOURCES/bz1204873-fix_delay_parameter_checking_copy_paste.patch b/SOURCES/bz1204873-fix_delay_parameter_checking_copy_paste.patch new file mode 100644 index 0000000..f660bb0 --- /dev/null +++ b/SOURCES/bz1204873-fix_delay_parameter_checking_copy_paste.patch @@ -0,0 +1,31 @@ +From f49a7d68d5fecf781bae55056f2e7d02bddd47d7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20Pokorn=C3=BD?= +Date: Mon, 23 Mar 2015 17:14:25 +0100 +Subject: [PATCH] client: fix "delay" parameter checking (copy-paste) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Resolves: rhbz#1204873 + +Signed-off-by: Jan Pokorný +--- + client/options.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/client/options.c b/client/options.c +index a44c15f..a20e09f 100644 +--- a/client/options.c ++++ b/client/options.c +@@ -336,7 +336,7 @@ assign_delay(fence_virt_args_t *args, struct arg_info *arg, char *value) + return; + + args->delay = atoi(value); +- if (args->timeout <= 0) { ++ if (args->delay <= 0) { + printf("Invalid delay: '%s'\n", value); + args->flags |= F_ERR; + } +-- +2.5.5 + diff --git a/SOURCES/bz1204877-remove_delay_from_the_status,_monitor_and_list.patch b/SOURCES/bz1204877-remove_delay_from_the_status,_monitor_and_list.patch new file mode 100644 index 0000000..d06d232 --- /dev/null +++ b/SOURCES/bz1204877-remove_delay_from_the_status,_monitor_and_list.patch @@ -0,0 +1,29 @@ +From f1f1a2437c5b0811269b5859a5ef646f44105a88 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Tue, 3 May 2016 15:58:00 +0200 +Subject: [PATCH] Remove delay from the status, monitor and list + functions + +--- + client/main.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/client/main.c b/client/main.c +index 7be4a8e..dd064dc 100644 +--- a/client/main.c ++++ b/client/main.c +@@ -119,7 +119,10 @@ main(int argc, char **argv) + return 0; + } + +- if (args.delay > 0) ++ if (args.delay > 0 && ++ args.op != FENCE_STATUS && ++ args.op != FENCE_DEVSTATUS && ++ args.op != FENCE_HOSTLIST) + sleep(args.delay); + + switch(args.mode) { +-- +2.5.5 + diff --git a/SOURCES/bz1291522-Install_firewalld_unit_file.patch b/SOURCES/bz1291522-Install_firewalld_unit_file.patch new file mode 100644 index 0000000..f92e4d9 --- /dev/null +++ b/SOURCES/bz1291522-Install_firewalld_unit_file.patch @@ -0,0 +1,11 @@ +diff -urN a/fence_virt.xml b/fence_virt.xml +--- a/fence_virt.xml 1969-12-31 19:00:00.000000000 -0500 ++++ b/fence_virt.xml 2016-06-28 13:27:39.351692601 -0400 +@@ -0,0 +1,7 @@ ++ ++ ++ fence_virt ++ fence_virt is an I/O fencing agent that can be used to fence virtual machines. ++ ++ ++ diff --git a/SOURCES/bz1334170-2-fix_use_of_undefined_#define.patch b/SOURCES/bz1334170-2-fix_use_of_undefined_#define.patch new file mode 100644 index 0000000..9d0a363 --- /dev/null +++ b/SOURCES/bz1334170-2-fix_use_of_undefined_#define.patch @@ -0,0 +1,25 @@ +From 87b4eb3d8c9046b66beeae424d0f9d2b4c4d9eee Mon Sep 17 00:00:00 2001 +From: Andrew Beekhof +Date: Mon, 9 May 2016 14:54:10 +1000 +Subject: [PATCH] Fix use of undefined #define + +--- + server/tcp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/server/tcp.c b/server/tcp.c +index 6c93f14..a6186c6 100644 +--- a/server/tcp.c ++++ b/server/tcp.c +@@ -417,7 +417,7 @@ tcp_config(config_object_t *config, tcp_options *args) + return -1; + } + +- args->port = DEFAULT_TCP_PORT; ++ args->port = DEFAULT_MCAST_PORT; + if (sc_get(config, "listeners/tcp/@port", + value, sizeof(value)-1) == 0) { + dbg_printf(1, "Got %s for port\n", value); +-- +2.5.5 + diff --git a/SOURCES/bz1334170-allow_fence_virtd_to_run_as_non_root.patch b/SOURCES/bz1334170-allow_fence_virtd_to_run_as_non_root.patch new file mode 100644 index 0000000..1eced64 --- /dev/null +++ b/SOURCES/bz1334170-allow_fence_virtd_to_run_as_non_root.patch @@ -0,0 +1,168 @@ +diff -ur a/server/daemon_init.c b/server/daemon_init.c +--- a/server/daemon_init.c 2014-06-23 15:56:09.000000000 -0400 ++++ b/server/daemon_init.c 2016-06-27 11:46:20.838477025 -0400 +@@ -29,14 +29,14 @@ + /* + * This should ultimately go in a header file. + */ +-void daemon_init(const char *prog, int nofork); ++void daemon_init(const char *prog, const char *pid_file, int nofork); + void daemon_cleanup(void); +-int check_process_running(const char *prog, pid_t * pid); ++int check_process_running(const char *cmd, const char *pid_file, pid_t * pid); + + /* + * Local prototypes. + */ +-static void update_pidfile(const char *prog); ++static void update_pidfile(const char *filename); + static int setup_sigmask(void); + static char pid_filename[PATH_MAX]; + +@@ -99,12 +99,10 @@ + + + int +-check_process_running(const char *prog, pid_t * pid) ++check_process_running(const char *cmd, const char *filename, pid_t * pid) + { + pid_t oldpid; + FILE *fp; +- char filename[PATH_MAX]; +- char *cmd; + int ret; + struct stat st; + +@@ -114,11 +112,6 @@ + * Now see if there is a pidfile associated with this cmd in /var/run + */ + fp = NULL; +- memset(filename, 0, PATH_MAX); +- +- cmd = basename((char *)prog); +- snprintf(filename, sizeof (filename), "/var/run/%s.pid", cmd); +- + ret = stat(filename, &st); + if ((ret < 0) || (!st.st_size)) + return 0; +@@ -146,15 +139,11 @@ + + + static void +-update_pidfile(const char *prog) ++update_pidfile(const char *filename) + { + FILE *fp = NULL; +- char *cmd; +- +- memset(pid_filename, 0, PATH_MAX); + +- cmd = basename((char *)prog); +- snprintf(pid_filename, sizeof (pid_filename), "/var/run/%s.pid", cmd); ++ strncpy(pid_filename, filename, PATH_MAX); + + fp = fopen(pid_filename, "w"); + if (fp == NULL) { +@@ -197,19 +186,11 @@ + + + void +-daemon_init(const char *prog, int nofork) ++daemon_init(const char *prog, const char *pid_file, int nofork) + { +- uid_t uid; + pid_t pid; + +- uid = getuid(); +- if (uid) { +- syslog(LOG_ERR, +- "daemon_init: Sorry, only root wants to run this.\n"); +- exit(1); +- } +- +- if (check_process_running(prog, &pid) && (pid != getpid())) { ++ if (check_process_running(prog, pid_file, &pid) && (pid != getpid())) { + syslog(LOG_ERR, + "daemon_init: Process \"%s\" already running.\n", + prog); +@@ -226,7 +207,7 @@ + exit(1); + } + +- update_pidfile(prog); ++ update_pidfile(pid_file); + } + + +diff -ur a/server/main.c b/server/main.c +--- a/server/main.c 2014-06-23 15:56:09.000000000 -0400 ++++ b/server/main.c 2016-06-27 11:39:55.345859796 -0400 +@@ -4,6 +4,7 @@ + #include + #include + #include ++#include + + /* Local includes */ + #include +@@ -16,7 +17,7 @@ + + /* configure.c */ + int do_configure(config_object_t *config, const char *filename); +-int daemon_init(const char *prog, int nofork); ++int daemon_init(const char *prog, const char *pid_file, int nofork); + int daemon_cleanup(void); + + +@@ -29,6 +30,8 @@ + printf(" -d Set debugging level to .\n"); + printf(" -c Configuration mode.\n"); + printf(" -l List plugins.\n"); ++ printf(" -w Wait for initialization.\n"); ++ printf(" -p Use to record the active process id.\n"); + } + + +@@ -47,6 +50,7 @@ + char listener_name[80]; + char backend_name[80]; + const char *config_file = DEFAULT_CONFIG_FILE; ++ char *pid_file = NULL; + config_object_t *config = NULL; + map_object_t *map = NULL; + const listener_plugin_t *lp; +@@ -64,7 +68,7 @@ + return -1; + } + +- while ((opt = getopt(argc, argv, "Ff:d:cwlh")) != EOF) { ++ while ((opt = getopt(argc, argv, "Ff:d:cwlhp:")) != EOF) { + switch(opt) { + case 'F': + printf("Background mode disabled\n"); +@@ -74,6 +78,10 @@ + printf("Using %s\n", optarg); + config_file = optarg; + break; ++ case 'p': ++ printf("Using %s\n", optarg); ++ pid_file = optarg; ++ break; + case 'd': + debug_set = atoi(optarg); + break; +@@ -190,7 +198,13 @@ + return 1; + } + +- daemon_init(basename(argv[0]), foreground); ++ if(pid_file == NULL) { ++ pid_file = malloc(PATH_MAX); ++ memset(pid_file, 0, PATH_MAX); ++ snprintf(pid_file, PATH_MAX, "/var/run/%s.pid", basename(argv[0])); ++ } ++ ++ daemon_init(basename(argv[0]), pid_file, foreground); + signal(SIGINT, exit_handler); + signal(SIGTERM, exit_handler); + signal(SIGQUIT, exit_handler); diff --git a/SPECS/fence-virt.spec b/SPECS/fence-virt.spec index 7baedc3..599e9d4 100644 --- a/SPECS/fence-virt.spec +++ b/SPECS/fence-virt.spec @@ -1,6 +1,6 @@ Name: fence-virt Version: 0.3.2 -Release: 2%{?dist} +Release: 5%{?dist} Summary: A pluggable fencing framework for virtual machines Group: System Environment/Base License: GPLv2+ @@ -13,6 +13,12 @@ URL: http://fence-virt.sourceforge.net Source0: http://people.redhat.com/rmccabe/fence-virt/%{name}-%{version}.tar.bz2 Patch0: bz1207422-client_do_not_truncate_vm_domains_in_list_output.patch +Patch1: bz1078197-fix_broken_restrictions_on_the_port_ranges.patch +Patch2: bz1204873-fix_delay_parameter_checking_copy_paste.patch +Patch3: bz1204877-remove_delay_from_the_status,_monitor_and_list.patch +Patch4: bz1334170-allow_fence_virtd_to_run_as_non_root.patch +Patch5: bz1334170-2-fix_use_of_undefined_#define.patch +Patch6: bz1291522-Install_firewalld_unit_file.patch BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) @@ -21,7 +27,7 @@ BuildRequires: automake autoconf libxml2-devel nss-devel nspr-devel BuildRequires: flex bison libuuid-devel BuildRequires: systemd-units -Requires(post): systemd-sysv systemd-units +Requires(post): systemd-sysv systemd-units firewalld-filesystem Requires(preun): systemd-units Requires(postun): systemd-units @@ -61,6 +67,13 @@ Requires: fence-virtd %description -n fence-virtd-serial Provides serial VMChannel listener capability for fence-virtd. +%package -n fence-virtd-tcp +Summary: Tcp listener for fence-virtd +Group: System Environment/Base +Requires: fence-virtd + +%description -n fence-virtd-tcp +Provides TCP listener capability for fence-virtd. %package -n fence-virtd-libvirt Summary: Libvirt backend for fence-virtd @@ -78,10 +91,16 @@ machines on a desktop. %setup -q %patch0 -p1 -b .bz1207422 +%patch1 -p1 -b .bz1078197.1 +%patch2 -p1 -b .bz1204873.1 +%patch3 -p1 -b .bz1204877.1 +%patch4 -p1 -b .bz1334170.1 +%patch5 -p1 -b .bz1334170.2 +%patch6 -p1 -b .bz1291522.1 %build ./autogen.sh -%{configure} --disable-libvirt-qmf-plugin +%{configure} --disable-libvirt-qmf-plugin --enable-tcp-plugin make %{?_smp_mflags} @@ -93,6 +112,10 @@ make install DESTDIR=%{buildroot} mkdir -p %{buildroot}/%{_unitdir}/ install -m 0644 fence_virtd.service %{buildroot}/%{_unitdir}/ +# firewalld service file +mkdir -p %{buildroot}/%{_prefix}/lib/firewalld/services/ +install -m 0644 fence_virt.xml %{buildroot}/%{_prefix}/lib/firewalld/services/ + %clean rm -rf %{buildroot} @@ -143,6 +166,7 @@ fi %defattr(-,root,root,-) %{_sbindir}/fence_virtd %{_unitdir}/fence_virtd.service +%{_prefix}/lib/firewalld/services/fence_virt.xml %config(noreplace) %{_sysconfdir}/fence_virt.conf %dir %{_libdir}/%{name} %{_mandir}/man5/fence_virt.conf.* @@ -156,11 +180,34 @@ fi %defattr(-,root,root,-) %{_libdir}/%{name}/serial.so +%files -n fence-virtd-tcp +%defattr(-,root,root,-) +%{_libdir}/%{name}/tcp.so + %files -n fence-virtd-libvirt %defattr(-,root,root,-) %{_libdir}/%{name}/libvirt.so %changelog +* Tue Jun 28 2016 Ryan McCabe - 0.3.2-5 +- fence-virt: Add firewalld service file. + Resolves: rhbz#1291522 + +* Mon Jun 27 2016 Ryan McCabe - 0.3.2-4 +- fence-virt: Enable the TCP listener plugin + Resolves: rhbz#1334170 +- Allow fence_virtd to run as non-root + Fix use of undefined define + Resolves: rhbz#1334170 + +* Mon Jun 27 2016 Ryan McCabe - 0.3.2-3 +- fence-virt: Fix broken restrictions on the port ranges + Resolves: rhbz#1214301 +- client: Fix "delay" parameter checking + Resolves: rhbz#1204877 +- Remove delay from the status, monitor and list + Resolves: rhbz#1204877 + * Fri Jul 17 2015 Ryan McCabe - 0.3.2-2 - Do not truncate VM domains in the output of the list command. Resolves: rhbz#1207422