From 8e6362cb2129bd56f817d449a195f3da87a545fa Mon Sep 17 00:00:00 2001

From: Ken Gaillot <kgaillot@redhat.com>

Date: Fri, 12 Nov 2021 14:28:56 -0600

Subject: [PATCH 01/13] Refactor: libcrmcommon,fencer: convenience macro for

 initializing results

for future reuse

---

 daemons/fenced/fenced_commands.c      | 14 ++------------

 include/crm/common/results_internal.h | 15 +++++++++++++++

 2 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/daemons/fenced/fenced_commands.c b/daemons/fenced/fenced_commands.c

index 87600573e..9f2f1cc40 100644

--- a/daemons/fenced/fenced_commands.c

+++ b/daemons/fenced/fenced_commands.c

@@ -388,12 +388,7 @@ static void

 report_internal_result(async_command_t *cmd, int exit_status,

                        int execution_status, const char *exit_reason)

 {

-    pcmk__action_result_t result = {

-        // Ensure we don't pass garbage to free()

-        .exit_reason = NULL,

-        .action_stdout = NULL,

-        .action_stderr = NULL

-    };

+    pcmk__action_result_t result = PCMK__UNKNOWN_RESULT;

     pcmk__set_result(&result, exit_status, execution_status, exit_reason);

     cmd->done_cb(0, &result, cmd);

@@ -2616,12 +2611,7 @@ stonith_fence_get_devices_cb(GList * devices, void *user_data)

     }

     if (device == NULL) { // No device found

-        pcmk__action_result_t result = {

-            // Ensure we don't pass garbage to free()

-            .exit_reason = NULL,

-            .action_stdout = NULL,

-            .action_stderr = NULL

-        };

+        pcmk__action_result_t result = PCMK__UNKNOWN_RESULT;

         pcmk__set_result(&result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,

                          "No fence device configured for target");

diff --git a/include/crm/common/results_internal.h b/include/crm/common/results_internal.h

index 804bf2a7a..6befaa0ed 100644

--- a/include/crm/common/results_internal.h

+++ b/include/crm/common/results_internal.h

@@ -30,6 +30,21 @@ typedef struct {

     char *action_stderr;    // Action error output

 } pcmk__action_result_t;

+/*!

+ * \internal

+ * \brief Static initialization for an action result

+ *

+ * \note Importantly, this ensures pcmk__reset_result() won't try to free

+ *       garbage.

+ */

+#define PCMK__UNKNOWN_RESULT {                  \

+        .exit_status = CRM_EX_OK,               \

+        .execution_status = PCMK_EXEC_UNKNOWN,  \

+        .exit_reason = NULL,                    \

+        .action_stdout = NULL,                  \

+        .action_stderr = NULL,                  \

+    }

+

 void pcmk__set_result(pcmk__action_result_t *result, int exit_status,

                       enum pcmk_exec_status exec_status,

                       const char *exit_reason);

-- 

2.27.0

From 0937c92476ac737a5f5146932824bde8bdd7db98 Mon Sep 17 00:00:00 2001

From: Ken Gaillot <kgaillot@redhat.com>

Date: Fri, 12 Nov 2021 16:02:27 -0600

Subject: [PATCH 02/13] Refactor: various: add convenience function for

 checking result success

A successful pcmk__action_result_t has both exit status CRM_EX_OK (a.k.a

PCMK_OCF_OK) and execution status PCMK_EXEC_DONE. Since checking that is

clunky, we sometimes just check exit status, which is less than ideal.

The convenience function makes it easy to check both, and improves readability.

---

 daemons/controld/controld_remote_ra.c |  4 ++--

 daemons/execd/execd_commands.c        | 12 ++++++------

 daemons/fenced/fenced_commands.c      | 14 ++++++--------

 include/crm/common/results_internal.h | 16 ++++++++++++++++

 lib/fencing/st_client.c               |  4 ++--

 lib/fencing/st_rhcs.c                 |  2 +-

 6 files changed, 33 insertions(+), 19 deletions(-)

diff --git a/daemons/controld/controld_remote_ra.c b/daemons/controld/controld_remote_ra.c

index 74cbfd673..55ac162c7 100644

--- a/daemons/controld/controld_remote_ra.c

+++ b/daemons/controld/controld_remote_ra.c

@@ -297,7 +297,7 @@ static void

 check_remote_node_state(remote_ra_cmd_t *cmd)

 {

     /* Only successful actions can change node state */

-    if (cmd->result.exit_status != PCMK_OCF_OK) {

+    if (!pcmk__result_ok(&(cmd->result))) {

         return;

     }

@@ -365,7 +365,7 @@ report_remote_ra_result(remote_ra_cmd_t * cmd)

     lrmd__set_result(&op, cmd->result.exit_status, cmd->result.execution_status,

                      cmd->result.exit_reason);

-    if (cmd->reported_success && (cmd->result.exit_status != PCMK_OCF_OK)) {

+    if (cmd->reported_success && !pcmk__result_ok(&(cmd->result))) {

         op.t_rcchange = (unsigned int) time(NULL);

         /* This edge case will likely never ever occur, but if it does the

          * result is that a failure will not be processed correctly. This is only

diff --git a/daemons/execd/execd_commands.c b/daemons/execd/execd_commands.c

index 667525039..02070bf11 100644

--- a/daemons/execd/execd_commands.c

+++ b/daemons/execd/execd_commands.c

@@ -878,7 +878,7 @@ action_complete(svc_action_t * action)

     }

     if (pcmk__str_eq(rclass, PCMK_RESOURCE_CLASS_SYSTEMD, pcmk__str_casei)) {

-        if ((cmd->result.exit_status == PCMK_OCF_OK)

+        if (pcmk__result_ok(&(cmd->result))

             && pcmk__strcase_any_of(cmd->action, "start", "stop", NULL)) {

             /* systemd returns from start and stop actions after the action

              * begins, not after it completes. We have to jump through a few

@@ -894,7 +894,7 @@ action_complete(svc_action_t * action)

             if (cmd->result.execution_status == PCMK_EXEC_PENDING) {

                 goagain = true;

-            } else if ((cmd->result.exit_status == PCMK_OCF_OK)

+            } else if (pcmk__result_ok(&(cmd->result))

                        && pcmk__str_eq(cmd->real_action, "stop", pcmk__str_casei)) {

                 goagain = true;

@@ -927,12 +927,12 @@ action_complete(svc_action_t * action)

 #if SUPPORT_NAGIOS

     if (rsc && pcmk__str_eq(rsc->class, PCMK_RESOURCE_CLASS_NAGIOS, pcmk__str_casei)) {

         if (action_matches(cmd, "monitor", 0)

-            && (cmd->result.exit_status == PCMK_OCF_OK)) {

+            && pcmk__result_ok(&(cmd->result))) {

             /* Successfully executed --version for the nagios plugin */

             cmd->result.exit_status = PCMK_OCF_NOT_RUNNING;

         } else if (pcmk__str_eq(cmd->action, "start", pcmk__str_casei)

-                   && (cmd->result.exit_status != PCMK_OCF_OK)) {

+                   && !pcmk__result_ok(&(cmd->result))) {

 #ifdef PCMK__TIME_USE_CGT

             goagain = true;

 #endif

@@ -955,7 +955,7 @@ action_complete(svc_action_t * action)

             cmd->start_delay = delay;

             cmd->timeout = timeout_left;

-            if (cmd->result.exit_status == PCMK_OCF_OK) {

+            if (pcmk__result_ok(&(cmd->result))) {

                 crm_debug("%s %s may still be in progress: re-scheduling (elapsed=%dms, remaining=%dms, start_delay=%dms)",

                           cmd->rsc_id, cmd->real_action, time_sum, timeout_left, delay);

@@ -1066,7 +1066,7 @@ stonith_action_complete(lrmd_cmd_t * cmd, int rc)

                                                          cmd->interval_ms, rc);

         // Certain successful actions change the known state of the resource

-        if ((rsc != NULL) && (cmd->result.exit_status == PCMK_OCF_OK)) {

+        if ((rsc != NULL) && pcmk__result_ok(&(cmd->result))) {

             if (pcmk__str_eq(cmd->action, "start", pcmk__str_casei)) {

                 rsc->st_probe_rc = pcmk_ok; // maps to PCMK_OCF_OK

             } else if (pcmk__str_eq(cmd->action, "stop", pcmk__str_casei)) {

diff --git a/daemons/fenced/fenced_commands.c b/daemons/fenced/fenced_commands.c

index 9f2f1cc40..26501a4b3 100644

--- a/daemons/fenced/fenced_commands.c

+++ b/daemons/fenced/fenced_commands.c

@@ -1188,8 +1188,7 @@ dynamic_list_search_cb(int pid, const pcmk__action_result_t *result,

     mainloop_set_trigger(dev->work);

-    if ((result->execution_status == PCMK_EXEC_DONE)

-        && (result->exit_status == CRM_EX_OK)) {

+    if (pcmk__result_ok(result)) {

         crm_info("Refreshing target list for %s", dev->id);

         g_list_free_full(dev->targets, free);

         dev->targets = stonith__parse_targets(result->action_stdout);

@@ -2310,15 +2309,14 @@ log_async_result(async_command_t *cmd, const pcmk__action_result_t *result,

     GString *msg = g_string_sized_new(80); // Reasonable starting size

     // Choose log levels appropriately if we have a result

-    if ((result->execution_status == PCMK_EXEC_DONE)

-        && (result->exit_status == CRM_EX_OK))  { // Success

+    if (pcmk__result_ok(result)) {

         log_level = (cmd->victim == NULL)? LOG_DEBUG : LOG_NOTICE;

         if ((result->action_stdout != NULL)

             && !pcmk__str_eq(cmd->action, "metadata", pcmk__str_casei)) {

             output_log_level = LOG_DEBUG;

         }

         next = NULL;

-    } else { // Failure

+    } else {

         log_level = (cmd->victim == NULL)? LOG_NOTICE : LOG_ERR;

         if ((result->action_stdout != NULL)

             && !pcmk__str_eq(cmd->action, "metadata", pcmk__str_casei)) {

@@ -2482,7 +2480,7 @@ st_child_done(int pid, const pcmk__action_result_t *result, void *user_data)

     /* The device is ready to do something else now */

     device = g_hash_table_lookup(device_list, cmd->device);

     if (device) {

-        if (!device->verified && (result->exit_status == CRM_EX_OK) &&

+        if (!device->verified && pcmk__result_ok(result) &&

             (pcmk__strcase_any_of(cmd->action, "list", "monitor", "status", NULL))) {

             device->verified = TRUE;

@@ -2491,7 +2489,7 @@ st_child_done(int pid, const pcmk__action_result_t *result, void *user_data)

         mainloop_set_trigger(device->work);

     }

-    if (result->exit_status == CRM_EX_OK) {

+    if (pcmk__result_ok(result)) {

         GList *iter;

         /* see if there are any required devices left to execute for this op */

         for (iter = cmd->device_next; iter != NULL; iter = iter->next) {

@@ -2523,7 +2521,7 @@ st_child_done(int pid, const pcmk__action_result_t *result, void *user_data)

     send_async_reply(cmd, result, pid, false);

-    if (result->exit_status != CRM_EX_OK) {

+    if (!pcmk__result_ok(result)) {

         goto done;

     }

diff --git a/include/crm/common/results_internal.h b/include/crm/common/results_internal.h

index 6befaa0ed..0c5833937 100644

--- a/include/crm/common/results_internal.h

+++ b/include/crm/common/results_internal.h

@@ -54,4 +54,20 @@ void pcmk__set_result_output(pcmk__action_result_t *result,

 void pcmk__reset_result(pcmk__action_result_t *result);

+/*!

+ * \internal

+ * \brief Check whether a result is OK

+ *

+ * \param[in] result

+ *

+ * \return true if the result's exit status is CRM_EX_OK and its

+ *         execution status is PCMK_EXEC_DONE, otherwise false

+ */

+static inline bool

+pcmk__result_ok(const pcmk__action_result_t *result)

+{

+    return (result != NULL) && (result->exit_status == CRM_EX_OK)

+            && (result->execution_status == PCMK_EXEC_DONE);

+}

+

 #endif // PCMK__COMMON_RESULTS_INTERNAL__H

diff --git a/lib/fencing/st_client.c b/lib/fencing/st_client.c

index 2fbff7f24..af461d0d4 100644

--- a/lib/fencing/st_client.c

+++ b/lib/fencing/st_client.c

@@ -760,7 +760,7 @@ stonith__result2rc(const pcmk__action_result_t *result)

         default:                        break;

     }

-    if (result->exit_status == CRM_EX_OK) {

+    if (pcmk__result_ok(result)) {

         return pcmk_rc_ok;

     }

@@ -797,7 +797,7 @@ stonith_action_async_done(svc_action_t *svc_action)

     log_action(action, action->pid);

-    if ((action->result.exit_status != CRM_EX_OK)

+    if (!pcmk__result_ok(&(action->result))

         && update_remaining_timeout(action)) {

         int rc = internal_stonith_action_execute(action);

diff --git a/lib/fencing/st_rhcs.c b/lib/fencing/st_rhcs.c

index 6c8cbedc7..865e04bc2 100644

--- a/lib/fencing/st_rhcs.c

+++ b/lib/fencing/st_rhcs.c

@@ -148,7 +148,7 @@ stonith__rhcs_get_metadata(const char *agent, int timeout, xmlNode **metadata)

         return rc;

     }

-    if (result->exit_status != CRM_EX_OK) {

+    if (!pcmk__result_ok(result)) {

         crm_warn("Metadata action for %s returned error code %d",

                  agent, result->exit_status);

         rc = pcmk_rc2legacy(stonith__result2rc(result));

-- 

2.27.0

From 4c39ff00a0c028354a9da7f80986f7e34b05ba08 Mon Sep 17 00:00:00 2001

From: Ken Gaillot <kgaillot@redhat.com>

Date: Fri, 12 Nov 2021 16:07:01 -0600

Subject: [PATCH 03/13] Low: fencing: improve mapping of execution status to

 legacy return code

PCMK_EXEC_PENDING is likely not possible with the current code, but map it to

EINPROGRESS for completeness.

PCMK_EXEC_INVALID is not yet used by the fencer but will be.

---

 lib/fencing/st_client.c | 30 ++++++++++++++++++++++++++----

 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/lib/fencing/st_client.c b/lib/fencing/st_client.c

index af461d0d4..93513e9f3 100644

--- a/lib/fencing/st_client.c

+++ b/lib/fencing/st_client.c

@@ -749,7 +749,12 @@ update_remaining_timeout(stonith_action_t * action)

 int

 stonith__result2rc(const pcmk__action_result_t *result)

 {

+    if (pcmk__result_ok(result)) {

+        return pcmk_rc_ok;

+    }

+

     switch (result->execution_status) {

+        case PCMK_EXEC_PENDING:         return EINPROGRESS;

         case PCMK_EXEC_CANCELLED:       return ECANCELED;

         case PCMK_EXEC_TIMEOUT:         return ETIME;

         case PCMK_EXEC_NOT_INSTALLED:   return ENOENT;

@@ -757,11 +762,28 @@ stonith__result2rc(const pcmk__action_result_t *result)

         case PCMK_EXEC_NOT_CONNECTED:   return ENOTCONN;

         case PCMK_EXEC_NO_FENCE_DEVICE: return ENODEV;

         case PCMK_EXEC_NO_SECRETS:      return EACCES;

-        default:                        break;

-    }

-    if (pcmk__result_ok(result)) {

-        return pcmk_rc_ok;

+        /* For the fencing API, PCMK_EXEC_INVALID is used with fencer API

+         * operations that don't involve executing an agent (for example,

+         * registering devices). This allows us to use the CRM_EX_* codes in the

+         * exit status for finer-grained responses.

+         */

+        case PCMK_EXEC_INVALID:

+            switch (result->exit_status) {

+                case CRM_EX_INSUFFICIENT_PRIV:  return EACCES;

+                case CRM_EX_PROTOCOL:           return EPROTO;

+

+               /* CRM_EX_EXPIRED is used for orphaned fencing operations left

+                * over from a previous instance of the fencer. For API backward

+                * compatibility, this is mapped to the previously used code for

+                * this case, EHOSTUNREACH.

+                */

+                case CRM_EX_EXPIRED:            return EHOSTUNREACH;

+                default:                        break;

+            }

+

+        default:

+            break;

     }

     // Try to provide useful error code based on result's error output

-- 

2.27.0

From 4e638783d1cd7c9398a603fc6df7e9d868262b16 Mon Sep 17 00:00:00 2001

From: Ken Gaillot <kgaillot@redhat.com>

Date: Thu, 18 Nov 2021 11:41:12 -0600

Subject: [PATCH 04/13] Refactor: libstonithd: separate action-related code

 into own source file

Everything related to stonith_action_t has been moved from st_client.c to a new

st_actions.c, since st_client.c was ridiculously large, and the action stuff

isn't all client-related. No code was changed.

Before:

   2804 st_client.c

After:

   545 lib/fencing/st_actions.c

  2278 lib/fencing/st_client.c

---

 lib/fencing/Makefile.am  |   2 +-

 lib/fencing/st_actions.c | 545 +++++++++++++++++++++++++++++++++++++++

 lib/fencing/st_client.c  | 528 +------------------------------------

 3 files changed, 547 insertions(+), 528 deletions(-)

 create mode 100644 lib/fencing/st_actions.c

diff --git a/lib/fencing/Makefile.am b/lib/fencing/Makefile.am

index 205c4873d..dac215c16 100644

--- a/lib/fencing/Makefile.am

+++ b/lib/fencing/Makefile.am

@@ -22,7 +22,7 @@ libstonithd_la_LDFLAGS	+= $(LDFLAGS_HARDENED_LIB)

 libstonithd_la_LIBADD	= $(top_builddir)/lib/common/libcrmcommon.la

 libstonithd_la_LIBADD   += $(top_builddir)/lib/services/libcrmservice.la

-libstonithd_la_SOURCES	= st_client.c st_output.c st_rhcs.c

+libstonithd_la_SOURCES	= st_actions.c st_client.c st_output.c st_rhcs.c

 if BUILD_LHA_SUPPORT

 libstonithd_la_SOURCES	+= st_lha.c

 endif

diff --git a/lib/fencing/st_actions.c b/lib/fencing/st_actions.c

new file mode 100644

index 000000000..64d3afd5d

--- /dev/null

+++ b/lib/fencing/st_actions.c

@@ -0,0 +1,545 @@

+/*

+ * Copyright 2004-2021 the Pacemaker project contributors

+ *

+ * The version control history for this file may have further details.

+ *

+ * This source code is licensed under the GNU Lesser General Public License

+ * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.

+ */

+

+#include <crm_internal.h>

+

+#include <stdlib.h>

+#include <stdio.h>

+#include <string.h>

+#include <libgen.h>

+#include <inttypes.h>

+#include <sys/types.h>

+#include <glib.h>

+

+#include <crm/crm.h>

+#include <crm/stonith-ng.h>

+#include <crm/fencing/internal.h>

+#include <crm/msg_xml.h>

+#include <crm/services_internal.h>

+

+#include "fencing_private.h"

+

+struct stonith_action_s {

+    /*! user defined data */

+    char *agent;

+    char *action;

+    char *victim;

+    GHashTable *args;

+    int timeout;

+    int async;

+    void *userdata;

+    void (*done_cb) (int pid, const pcmk__action_result_t *result,

+                     void *user_data);

+    void (*fork_cb) (int pid, void *user_data);

+

+    svc_action_t *svc_action;

+

+    /*! internal timing information */

+    time_t initial_start_time;

+    int tries;

+    int remaining_timeout;

+    int max_retries;

+

+    int pid;

+    pcmk__action_result_t result;

+};

+

+static int internal_stonith_action_execute(stonith_action_t *action);

+static void log_action(stonith_action_t *action, pid_t pid);

+

+/*!

+ * \internal

+ * \brief Set an action's result based on services library result

+ *

+ * \param[in] action      Fence action to set result for

+ * \param[in] svc_action  Service action to get result from

+ */

+static void

+set_result_from_svc_action(stonith_action_t *action, svc_action_t *svc_action)

+{

+    pcmk__set_result(&(action->result), svc_action->rc, svc_action->status,

+                     services__exit_reason(svc_action));

+    pcmk__set_result_output(&(action->result),

+                            services__grab_stdout(svc_action),

+                            services__grab_stderr(svc_action));

+}

+

+static void

+log_action(stonith_action_t *action, pid_t pid)

+{

+    /* The services library has already logged the output at info or debug

+     * level, so just raise to warning for stderr.

+     */

+    if (action->result.action_stderr != NULL) {

+        /* Logging the whole string confuses syslog when the string is xml */

+        char *prefix = crm_strdup_printf("%s[%d] stderr:", action->agent, pid);

+

+        crm_log_output(LOG_WARNING, prefix, action->result.action_stderr);

+        free(prefix);

+    }

+}

+

+static void

+append_config_arg(gpointer key, gpointer value, gpointer user_data)

+{

+    /* The fencer will filter "action" out when it registers the device,

+     * but ignore it here in case any external API users don't.

+     *

+     * Also filter out parameters handled directly by Pacemaker.

+     */

+    if (!pcmk__str_eq(key, STONITH_ATTR_ACTION_OP, pcmk__str_casei)

+        && !pcmk_stonith_param(key)

+        && (strstr(key, CRM_META) == NULL)

+        && !pcmk__str_eq(key, "crm_feature_set", pcmk__str_casei)) {

+

+        crm_trace("Passing %s=%s with fence action",

+                  (const char *) key, (const char *) (value? value : ""));

+        g_hash_table_insert((GHashTable *) user_data,

+                            strdup(key), strdup(value? value : ""));

+    }

+}

+

+static GHashTable *

+make_args(const char *agent, const char *action, const char *victim,

+          uint32_t victim_nodeid, GHashTable * device_args,

+          GHashTable * port_map, const char *host_arg)

+{

+    GHashTable *arg_list = NULL;

+    const char *value = NULL;

+

+    CRM_CHECK(action != NULL, return NULL);

+

+    arg_list = pcmk__strkey_table(free, free);

+

+    // Add action to arguments (using an alias if requested)

+    if (device_args) {

+        char buffer[512];

+

+        snprintf(buffer, sizeof(buffer), "pcmk_%s_action", action);

+        value = g_hash_table_lookup(device_args, buffer);

+        if (value) {

+            crm_debug("Substituting '%s' for fence action %s targeting %s",

+                      value, action, victim);

+            action = value;

+        }

+    }

+    g_hash_table_insert(arg_list, strdup(STONITH_ATTR_ACTION_OP),

+                        strdup(action));

+

+    /* If this is a fencing operation against another node, add more standard

+     * arguments.

+     */

+    if (victim && device_args) {

+        const char *param = NULL;

+

+        /* Always pass the target's name, per

+         * https://github.com/ClusterLabs/fence-agents/blob/master/doc/FenceAgentAPI.md

+         */

+        g_hash_table_insert(arg_list, strdup("nodename"), strdup(victim));

+

+        // If the target's node ID was specified, pass it, too

+        if (victim_nodeid) {

+            char *nodeid = crm_strdup_printf("%" PRIu32, victim_nodeid);

+

+            // cts-fencing looks for this log message

+            crm_info("Passing '%s' as nodeid with fence action '%s' targeting %s",

+                     nodeid, action, victim);

+            g_hash_table_insert(arg_list, strdup("nodeid"), nodeid);

+        }

+

+        // Check whether target must be specified in some other way

+        param = g_hash_table_lookup(device_args, PCMK_STONITH_HOST_ARGUMENT);

+        if (!pcmk__str_eq(agent, "fence_legacy", pcmk__str_none)

+            && !pcmk__str_eq(param, "none", pcmk__str_casei)) {

+

+            if (param == NULL) {

+                /* Use the caller's default for pcmk_host_argument, or "port" if

+                 * none was given

+                 */

+                param = (host_arg == NULL)? "port" : host_arg;

+            }

+            value = g_hash_table_lookup(device_args, param);

+

+            if (pcmk__str_eq(value, "dynamic",

+                             pcmk__str_casei|pcmk__str_null_matches)) {

+                /* If the host argument was "dynamic" or not explicitly specified,

+                 * add it with the target

+                 */

+                const char *alias = NULL;

+

+                if (port_map) {

+                    alias = g_hash_table_lookup(port_map, victim);

+                }

+                if (alias == NULL) {

+                    alias = victim;

+                }

+                crm_debug("Passing %s='%s' with fence action %s targeting %s",

+                          param, alias, action, victim);

+                g_hash_table_insert(arg_list, strdup(param), strdup(alias));

+            }

+        }

+    }

+

+    if (device_args) {

+        g_hash_table_foreach(device_args, append_config_arg, arg_list);

+    }

+

+    return arg_list;

+}

+

+/*!

+ * \internal

+ * \brief Free all memory used by a stonith action

+ *

+ * \param[in,out] action  Action to free

+ */

+void

+stonith__destroy_action(stonith_action_t *action)

+{

+    if (action) {

+        free(action->agent);

+        if (action->args) {

+            g_hash_table_destroy(action->args);

+        }

+        free(action->action);

+        free(action->victim);

+        if (action->svc_action) {

+            services_action_free(action->svc_action);

+        }

+        pcmk__reset_result(&(action->result));

+        free(action);

+    }

+}

+

+/*!

+ * \internal

+ * \brief Get the result of an executed stonith action

+ *

+ * \param[in] action  Executed action

+ *

+ * \return Pointer to action's result (or NULL if \p action is NULL)

+ */

+pcmk__action_result_t *

+stonith__action_result(stonith_action_t *action)

+{

+    return (action == NULL)? NULL : &(action->result);

+}

+

+#define FAILURE_MAX_RETRIES 2

+stonith_action_t *

+stonith_action_create(const char *agent,

+                      const char *_action,

+                      const char *victim,

+                      uint32_t victim_nodeid,

+                      int timeout, GHashTable * device_args,

+                      GHashTable * port_map, const char *host_arg)

+{

+    stonith_action_t *action;

+

+    action = calloc(1, sizeof(stonith_action_t));

+    action->args = make_args(agent, _action, victim, victim_nodeid,

+                             device_args, port_map, host_arg);

+    crm_debug("Preparing '%s' action for %s using agent %s",

+              _action, (victim? victim : "no target"), agent);

+    action->agent = strdup(agent);

+    action->action = strdup(_action);

+    if (victim) {

+        action->victim = strdup(victim);

+    }

+    action->timeout = action->remaining_timeout = timeout;

+    action->max_retries = FAILURE_MAX_RETRIES;

+

+    pcmk__set_result(&(action->result), PCMK_OCF_UNKNOWN, PCMK_EXEC_UNKNOWN,

+                     "Initialization bug in fencing library");

+

+    if (device_args) {

+        char buffer[512];

+        const char *value = NULL;

+

+        snprintf(buffer, sizeof(buffer), "pcmk_%s_retries", _action);

+        value = g_hash_table_lookup(device_args, buffer);

+

+        if (value) {

+            action->max_retries = atoi(value);

+        }

+    }

+

+    return action;

+}

+

+static gboolean

+update_remaining_timeout(stonith_action_t * action)

+{

+    int diff = time(NULL) - action->initial_start_time;

+

+    if (action->tries >= action->max_retries) {

+        crm_info("Attempted to execute agent %s (%s) the maximum number of times (%d) allowed",

+                 action->agent, action->action, action->max_retries);

+        action->remaining_timeout = 0;

+    } else if ((action->result.execution_status != PCMK_EXEC_TIMEOUT)

+               && (diff < (action->timeout * 0.7))) {

+        /* only set remaining timeout period if there is 30%

+         * or greater of the original timeout period left */

+        action->remaining_timeout = action->timeout - diff;

+    } else {

+        action->remaining_timeout = 0;

+    }

+    return action->remaining_timeout ? TRUE : FALSE;

+}

+

+/*!

+ * \internal

+ * \brief Map a fencing action result to a standard return code

+ *

+ * \param[in] result  Fencing action result to map

+ *

+ * \return Standard Pacemaker return code that best corresponds to \p result

+ */

+int

+stonith__result2rc(const pcmk__action_result_t *result)

+{

+    if (pcmk__result_ok(result)) {

+        return pcmk_rc_ok;

+    }

+

+    switch (result->execution_status) {

+        case PCMK_EXEC_PENDING:         return EINPROGRESS;

+        case PCMK_EXEC_CANCELLED:       return ECANCELED;

+        case PCMK_EXEC_TIMEOUT:         return ETIME;

+        case PCMK_EXEC_NOT_INSTALLED:   return ENOENT;