diff --git a/.gitignore b/.gitignore
index a31cf26..5175038 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
SOURCES/ClusterLabs-resource-agents-e711383f.tar.gz
+SOURCES/SAPHanaSR-2067519.tar.gz
SOURCES/SAPHanaSR-ScaleOut-a77e8c6.tar.gz
-SOURCES/SAPHanaSR-d1dde99.tar.gz
SOURCES/aliyun-cli-2.1.10.tar.gz
SOURCES/aliyun-python-sdk-core-2.8.5.tar.gz
SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz
diff --git a/.resource-agents.metadata b/.resource-agents.metadata
index ba66161..943736b 100644
--- a/.resource-agents.metadata
+++ b/.resource-agents.metadata
@@ -1,6 +1,6 @@
0358e1cb7fe86b2105bd2646cbe86f3c0273844a SOURCES/ClusterLabs-resource-agents-e711383f.tar.gz
+92409ca65e8f4e63d5c308368861fa67ced470f1 SOURCES/SAPHanaSR-2067519.tar.gz
e5624e3028720d0d55ab3d598655a1938042e26c SOURCES/SAPHanaSR-ScaleOut-a77e8c6.tar.gz
-442679403d1287835841d70c5bef208a330c2c11 SOURCES/SAPHanaSR-d1dde99.tar.gz
306e131d8908ca794276bfe3a0b55ccc3bbd482f SOURCES/aliyun-cli-2.1.10.tar.gz
b68122ef53a0857d020529ff85d14f0e905c327f SOURCES/aliyun-python-sdk-core-2.8.5.tar.gz
c2a98b9a1562d223a76514f05028488ca000c395 SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz
diff --git a/SOURCES/bz1528365-IPaddr2-1-sanitize-IPv6-IPs.patch b/SOURCES/bz1528365-IPaddr2-1-sanitize-IPv6-IPs.patch
new file mode 100644
index 0000000..74d3628
--- /dev/null
+++ b/SOURCES/bz1528365-IPaddr2-1-sanitize-IPv6-IPs.patch
@@ -0,0 +1,47 @@
+From 8ecfa95fff384ed047fd804016abdbbdcdd96d27 Mon Sep 17 00:00:00 2001
+From: Keisuke MORI <kskmori@intellilink.co.jp>
+Date: Wed, 11 Sep 2019 15:33:37 +0900
+Subject: [PATCH] Low: IPaddr2: fix to work properly with unsanitized IPv6
+ addresses
+
+`ip route get` shows the sanitized address at $1 or $2 depending on
+the address is already assigned to the node or not.
+```
+[root@centos73-1 ~]# /sbin/ip route get 2001:db8:101::0001
+2001:db8:101::1 dev eth1 proto ra src 2001:db8:101:0:XXXX:XXXX:XXXX:XXXX metric 100
+[root@centos73-1 ~]# /sbin/ip addr add 2001:db8:101::0001/64 dev eth1
+[root@centos73-1 ~]# /sbin/ip route get 2001:db8:101::0001
+local 2001:db8:101::1 dev lo table local proto none src 2001:db8:101::1 metric 0
+```
+
+It can not be sanitized if the address is unreachable and on the recent distributions
+(probably depending on the iproute package version)
+```
+[root@centos73-1 ~]# /sbin/ip route get 2001:db8:201::0001
+unreachable 2001:db8:201::1 dev lo table unspec proto kernel src 2001:db8:101:0:XXXX:XXXX:XXXX:XXXX metric 429496
+```
+```
+[root@rhel80-1 ~]# /sbin/ip route get 200:db8:201::0001
+RTNETLINK answers: Network is unreachable
+```
+---
+ heartbeat/IPaddr2 | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/heartbeat/IPaddr2 b/heartbeat/IPaddr2
+index 041ace3a2..4f28ddab6 100755
+--- a/heartbeat/IPaddr2
++++ b/heartbeat/IPaddr2
+@@ -477,6 +477,12 @@ ip_init() {
+ fi
+ else
+ FAMILY=inet6
++ # address sanitization defined in RFC5952
++ SANITIZED_IP=$($IP2UTIL route get $OCF_RESKEY_ip | awk '$1~/:/ {print $1} $2~/:/ {print $2}')
++ if [ -n "$SANITIZED_IP" ]; then
++ OCF_RESKEY_ip="$SANITIZED_IP"
++ fi
++
+ if ocf_is_true $OCF_RESKEY_lvs_support ;then
+ ocf_exit_reason "The IPv6 does not support lvs_support"
+ exit $OCF_ERR_CONFIGURED
diff --git a/SOURCES/bz1528365-IPaddr2-2-return-empty-when-sanitation-fails.patch b/SOURCES/bz1528365-IPaddr2-2-return-empty-when-sanitation-fails.patch
new file mode 100644
index 0000000..32f5e06
--- /dev/null
+++ b/SOURCES/bz1528365-IPaddr2-2-return-empty-when-sanitation-fails.patch
@@ -0,0 +1,22 @@
+From 7eff4e17641cc1463e61d772af16d17264477523 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Thu, 12 Sep 2019 12:51:54 +0200
+Subject: [PATCH] IPaddr2: IPv6 return empty string when sanitation fails
+
+---
+ heartbeat/IPaddr2 | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/heartbeat/IPaddr2 b/heartbeat/IPaddr2
+index 4f28ddab6..1d39ae514 100755
+--- a/heartbeat/IPaddr2
++++ b/heartbeat/IPaddr2
+@@ -478,7 +478,7 @@ ip_init() {
+ else
+ FAMILY=inet6
+ # address sanitization defined in RFC5952
+- SANITIZED_IP=$($IP2UTIL route get $OCF_RESKEY_ip | awk '$1~/:/ {print $1} $2~/:/ {print $2}')
++ SANITIZED_IP=$($IP2UTIL route get $OCF_RESKEY_ip 2> /dev/null | awk '$1~/:/ {print $1} $2~/:/ {print $2}')
+ if [ -n "$SANITIZED_IP" ]; then
+ OCF_RESKEY_ip="$SANITIZED_IP"
+ fi
diff --git a/SOURCES/bz1582685-IPsrcaddr-1-add-destination-and-table-parameters.patch b/SOURCES/bz1582685-IPsrcaddr-1-add-destination-and-table-parameters.patch
new file mode 100644
index 0000000..cb4fde4
--- /dev/null
+++ b/SOURCES/bz1582685-IPsrcaddr-1-add-destination-and-table-parameters.patch
@@ -0,0 +1,202 @@
+--- ClusterLabs-resource-agents-e711383f/heartbeat/IPsrcaddr 2019-08-15 16:02:10.055827624 +0200
++++ /home/oalbrigt/src/resource-agents/heartbeat/IPsrcaddr 2019-08-15 15:45:50.690757838 +0200
+@@ -1,6 +1,6 @@
+ #!/bin/sh
+ #
+-# Description: IPsrcaddr - Preferred source address modification
++# Description: IPsrcaddr - Preferred source(/dest) address modification
+ #
+ # Author: John Sutton <john@scl.co.uk>
+ # Support: users@clusterlabs.org
+@@ -11,7 +11,7 @@
+ #
+ # This script manages the preferred source address associated with
+ # packets which originate on the localhost and are routed through the
+-# default route. By default, i.e. without the use of this script or
++# matching route. By default, i.e. without the use of this script or
+ # similar, these packets will carry the IP of the primary i.e. the
+ # non-aliased interface. This can be a nuisance if you need to ensure
+ # that such packets carry the same IP irrespective of which host in
+@@ -27,7 +27,7 @@
+ #
+ # NOTES:
+ #
+-# 1) There must be one and not more than 1 default route! Mainly because
++# 1) There must be one and not more than 1 matching route! Mainly because
+ # I can't see why you should have more than one. And if there is more
+ # than one, we would have to box clever to find out which one is to be
+ # modified, or we would have to pass its identity as an argument.
+@@ -54,16 +54,25 @@
+ . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs
+
+ # Defaults
++OCF_RESKEY_ipaddress_default=""
++OCF_RESKEY_cidr_netmask_default=""
++OCF_RESKEY_destination_default="0.0.0.0/0"
+ OCF_RESKEY_proto_default=""
++OCF_RESKEY_table_default=""
+
++: ${OCF_RESKEY_ipaddress=${OCF_RESKEY_ipaddress_default}}
++: ${OCF_RESKEY_cidr_netmask=${OCF_RESKEY_cidr_netmask_default}}
++: ${OCF_RESKEY_destination=${OCF_RESKEY_destination_default}}
+ : ${OCF_RESKEY_proto=${OCF_RESKEY_proto_default}}
++: ${OCF_RESKEY_table=${OCF_RESKEY_table_default}}
+ #######################################################################
+
+ [ -z "$OCF_RESKEY_proto" ] && PROTO="" || PROTO="proto $OCF_RESKEY_proto"
++[ -z "$OCF_RESKEY_table" ] && TABLE="" || TABLE="table $OCF_RESKEY_table"
+
+ USAGE="usage: $0 {start|stop|status|monitor|validate-all|meta-data}";
+
+- CMDSHOW="$IP2UTIL route show to exact 0.0.0.0/0"
++ CMDSHOW="$IP2UTIL route show $TABLE to exact $OCF_RESKEY_destination"
+ CMDCHANGE="$IP2UTIL route change to "
+
+ SYSTYPE="`uname -s`"
+@@ -91,7 +100,7 @@
+ The IP address.
+ </longdesc>
+ <shortdesc lang="en">IP address</shortdesc>
+-<content type="string" default="" />
++<content type="string" default="${OCF_RESKEY_ipaddress_default}" />
+ </parameter>
+
+ <parameter name="cidr_netmask">
+@@ -100,7 +109,15 @@
+ dotted quad notation 255.255.255.0).
+ </longdesc>
+ <shortdesc lang="en">Netmask</shortdesc>
+-<content type="string" default=""/>
++<content type="string" default="${OCF_RESKEY_cidr_netmask_default}"/>
++</parameter>
++
++<parameter name="destination">
++<longdesc lang="en">
++The destination IP/subnet for the route (default: $OCF_RESKEY_destination_default)
++</longdesc>
++<shortdesc lang="en">Destination IP/subnet</shortdesc>
++<content type="string" default="${OCF_RESKEY_destination_default}" />
+ </parameter>
+
+ <parameter name="proto">
+@@ -108,7 +125,17 @@
+ Proto to match when finding network. E.g. "kernel".
+ </longdesc>
+ <shortdesc lang="en">Proto</shortdesc>
+-<content type="string" default="" />
++<content type="string" default="${OCF_RESKEY_proto_default}" />
++</parameter>
++
++<parameter name="table">
++<longdesc lang="en">
++Table to modify. E.g. "local".
++
++The table has to have a route matching the "destination" parameter.
++</longdesc>
++<shortdesc lang="en">Table</shortdesc>
++<content type="string" default="${OCF_RESKEY_table_default}" />
+ </parameter>
+ </parameters>
+
+@@ -151,21 +178,22 @@
+ export OCF_RESKEY_ip=$OCF_RESKEY_ipaddress
+
+ srca_read() {
+- # Capture the default route - doublequotes prevent word splitting...
+- DEFROUTE="`$CMDSHOW`" || errorexit "command '$CMDSHOW' failed"
+-
+- # ... so we can make sure there is only 1 default route
+- [ 1 -eq `echo "$DEFROUTE" | wc -l` ] || \
+- errorexit "more than 1 default route exists"
++ # Capture matching route - doublequotes prevent word splitting...
++ ROUTE="`$CMDSHOW`" || errorexit "command '$CMDSHOW' failed"
+
+- # But there might still be no default route
+- [ -z "$DEFROUTE" ] && errorexit "no default route exists"
++ # ... so we can make sure there is only 1 matching route
++ [ 1 -eq `echo "$ROUTE" | wc -l` ] || \
++ errorexit "more than 1 matching route exists"
++
++ # But there might still be no matching route
++ [ "$OCF_RESKEY_destination" = "0.0.0.0/0" ] && [ -z "$ROUTE" ] && \
++ ! ocf_is_probe && errorexit "no matching route exists"
+
+ # Sed out the source ip address if it exists
+- SRCIP=`echo $DEFROUTE | sed -n "s/$MATCHROUTE/\3/p"`
++ SRCIP=`echo $ROUTE | sed -n "s/$MATCHROUTE/\3/p"`
+
+ # and what remains after stripping out the source ip address clause
+- ROUTE_WO_SRC=`echo $DEFROUTE | sed "s/$MATCHROUTE/\1\5/"`
++ ROUTE_WO_SRC=`echo $ROUTE | sed "s/$MATCHROUTE/\1\5/"`
+
+ [ -z "$SRCIP" ] && return 1
+ [ $SRCIP = $1 ] && return 0
+@@ -185,11 +213,13 @@
+ rc=$OCF_SUCCESS
+ ocf_log info "The ip route has been already set.($NETWORK, $INTERFACE, $ROUTE_WO_SRC)"
+ else
+- $IP2UTIL route replace $NETWORK dev $INTERFACE src $1 || \
+- errorexit "command 'ip route replace $NETWORK dev $INTERFACE src $1' failed"
++ $IP2UTIL route replace $TABLE $NETWORK dev $INTERFACE src $1 || \
++ errorexit "command 'ip route replace $TABLE $NETWORK dev $INTERFACE src $1' failed"
+
+- $CMDCHANGE $ROUTE_WO_SRC src $1 || \
+- errorexit "command '$CMDCHANGE $ROUTE_WO_SRC src $1' failed"
++ if [ "$OCF_RESKEY_destination" = "0.0.0.0/0" ] ;then
++ $CMDCHANGE $ROUTE_WO_SRC src $1 || \
++ errorexit "command '$CMDCHANGE $ROUTE_WO_SRC src $1' failed"
++ fi
+ rc=$?
+ fi
+
+@@ -201,7 +231,7 @@
+ # If one exists but it's not the same as the one specified, that's
+ # an error. Maybe that's the wrong behaviour because if this fails
+ # then when IPaddr releases the associated interface (if there is one)
+-# your default route will also get dropped ;-(
++# your matching route will also get dropped ;-(
+ # The exit code should conform to LSB exit codes.
+ #
+
+@@ -217,11 +247,13 @@
+
+ [ $rc = 2 ] && errorexit "The address you specified to stop does not match the preferred source address"
+
+- $IP2UTIL route replace $NETWORK dev $INTERFACE || \
+- errorexit "command 'ip route replace $NETWORK dev $INTERFACE' failed"
++ $IP2UTIL route replace $TABLE $NETWORK dev $INTERFACE || \
++ errorexit "command 'ip route replace $TABLE $NETWORK dev $INTERFACE' failed"
+
+- $CMDCHANGE $ROUTE_WO_SRC || \
+- errorexit "command '$CMDCHANGE $ROUTE_WO_SRC' failed"
++ if [ "$OCF_RESKEY_destination" = "0.0.0.0/0" ] ;then
++ $CMDCHANGE $ROUTE_WO_SRC || \
++ errorexit "command '$CMDCHANGE $ROUTE_WO_SRC' failed"
++ fi
+
+ return $?
+ }
+@@ -406,6 +438,10 @@
+ return $OCF_ERR_CONFIGURED
+ fi
+
++ if ! echo "$OCF_RESKEY_destination" | grep -q "/"; then
++ return $OCF_ERR_CONFIGURED
++ fi
++
+
+ if ! [ "x$SYSTYPE" = "xLinux" ]; then
+ # checks after this point are only relevant for linux.
+@@ -486,7 +522,11 @@
+ }
+
+ INTERFACE=`echo $findif_out | awk '{print $1}'`
+-NETWORK=`$IP2UTIL route list dev $INTERFACE scope link $PROTO match $ipaddress|grep -m 1 -o '^[^ ]*'`
++if [ "$OCF_RESKEY_destination" = "0.0.0.0/0" ] ;then
++ NETWORK=`$IP2UTIL route list dev $INTERFACE scope link $PROTO match $ipaddress|grep -m 1 -o '^[^ ]*'`
++else
++ NETWORK="$OCF_RESKEY_destination"
++fi
+
+ case $1 in
+ start) srca_start $ipaddress
diff --git a/SOURCES/bz1582685-IPsrcaddr-2-local-rule-destination-fixes.patch b/SOURCES/bz1582685-IPsrcaddr-2-local-rule-destination-fixes.patch
new file mode 100644
index 0000000..cca64cb
--- /dev/null
+++ b/SOURCES/bz1582685-IPsrcaddr-2-local-rule-destination-fixes.patch
@@ -0,0 +1,42 @@
+From 0e73d3f474d08779b64ed99fb3f80c1e806ff1b7 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Thu, 28 Nov 2019 16:11:51 +0100
+Subject: [PATCH] IPsrcaddr: fixes to replace local rule if using local table,
+ and set src back to primary for device on stop
+
+---
+ heartbeat/IPsrcaddr | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/heartbeat/IPsrcaddr b/heartbeat/IPsrcaddr
+index d80b72165..f9085f082 100755
+--- a/heartbeat/IPsrcaddr
++++ b/heartbeat/IPsrcaddr
+@@ -75,6 +75,10 @@ USAGE="usage: $0 {start|stop|status|monitor|validate-all|meta-data}";
+ CMDSHOW="$IP2UTIL route show $TABLE to exact $OCF_RESKEY_destination"
+ CMDCHANGE="$IP2UTIL route change to "
+
++if [ "$OCF_RESKEY_table" = "local" ]; then
++ TABLE="$TABLE local"
++fi
++
+ SYSTYPE="`uname -s`"
+
+ usage() {
+@@ -247,8 +251,14 @@ srca_stop() {
+
+ [ $rc = 2 ] && errorexit "The address you specified to stop does not match the preferred source address"
+
+- $IP2UTIL route replace $TABLE $NETWORK dev $INTERFACE || \
+- errorexit "command 'ip route replace $TABLE $NETWORK dev $INTERFACE' failed"
++ OPTS=""
++ if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ] ;then
++ PRIMARY_IP="$($IP2UTIL -4 -o addr show dev eth0 primary | awk '{split($4,a,"/");print a[1]}')"
++ OPTS="proto kernel scope host src $PRIMARY_IP"
++ fi
++
++ $IP2UTIL route replace $TABLE $NETWORK dev $INTERFACE $OPTS || \
++ errorexit "command 'ip route replace $TABLE $NETWORK dev $INTERFACE $OPTS' failed"
+
+ if [ "$OCF_RESKEY_destination" = "0.0.0.0/0" ] ;then
+ $CMDCHANGE $ROUTE_WO_SRC || \
diff --git a/SOURCES/bz1582685-IPsrcaddr-3-fix-probe-issues.patch b/SOURCES/bz1582685-IPsrcaddr-3-fix-probe-issues.patch
new file mode 100644
index 0000000..b9f8e7e
--- /dev/null
+++ b/SOURCES/bz1582685-IPsrcaddr-3-fix-probe-issues.patch
@@ -0,0 +1,45 @@
+From 7afc581f6cd8fc37c3e14ece12fb16d31f1886f9 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Fri, 10 Jan 2020 14:35:56 +0100
+Subject: [PATCH] IPsrcaddr: fixes to avoid failing during probe
+
+---
+ heartbeat/IPsrcaddr | 11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/heartbeat/IPsrcaddr b/heartbeat/IPsrcaddr
+index f9085f082..0ef8b391f 100755
+--- a/heartbeat/IPsrcaddr
++++ b/heartbeat/IPsrcaddr
+@@ -75,6 +75,10 @@ USAGE="usage: $0 {start|stop|status|monitor|validate-all|meta-data}";
+ CMDSHOW="$IP2UTIL route show $TABLE to exact $OCF_RESKEY_destination"
+ CMDCHANGE="$IP2UTIL route change to "
+
++if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ]; then
++ CMDSHOW="$CMDSHOW src $OCF_RESKEY_ipaddress"
++fi
++
+ if [ "$OCF_RESKEY_table" = "local" ]; then
+ TABLE="$TABLE local"
+ fi
+@@ -183,7 +187,7 @@ export OCF_RESKEY_ip=$OCF_RESKEY_ipaddress
+
+ srca_read() {
+ # Capture matching route - doublequotes prevent word splitting...
+- ROUTE="`$CMDSHOW`" || errorexit "command '$CMDSHOW' failed"
++ ROUTE="`$CMDSHOW 2> /dev/null`" || errorexit "command '$CMDSHOW' failed"
+
+ # ... so we can make sure there is only 1 matching route
+ [ 1 -eq `echo "$ROUTE" | wc -l` ] || \
+@@ -199,6 +203,11 @@ srca_read() {
+ # and what remains after stripping out the source ip address clause
+ ROUTE_WO_SRC=`echo $ROUTE | sed "s/$MATCHROUTE/\1\5/"`
+
++ # using "src <ip>" only returns output if there's a match
++ if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ]; then
++ [ -z "$ROUTE" ] && return 1 || return 0
++ fi
++
+ [ -z "$SRCIP" ] && return 1
+ [ $SRCIP = $1 ] && return 0
+ return 2
diff --git a/SOURCES/bz1582685-IPsrcaddr-4-fix-hardcoded-device.patch b/SOURCES/bz1582685-IPsrcaddr-4-fix-hardcoded-device.patch
new file mode 100644
index 0000000..e0e1d04
--- /dev/null
+++ b/SOURCES/bz1582685-IPsrcaddr-4-fix-hardcoded-device.patch
@@ -0,0 +1,23 @@
+From 5f0d15ad70098510a3782d6fd18d6eacfb51b0cf Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Thu, 16 Jan 2020 14:59:26 +0100
+Subject: [PATCH] IPsrcaddr: remove hardcoded device when using destination
+ parameter
+
+---
+ heartbeat/IPsrcaddr | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/heartbeat/IPsrcaddr b/heartbeat/IPsrcaddr
+index 0ef8b391f..7cdc3a9fe 100755
+--- a/heartbeat/IPsrcaddr
++++ b/heartbeat/IPsrcaddr
+@@ -262,7 +262,7 @@ srca_stop() {
+
+ OPTS=""
+ if [ "$OCF_RESKEY_destination" != "0.0.0.0/0" ] ;then
+- PRIMARY_IP="$($IP2UTIL -4 -o addr show dev eth0 primary | awk '{split($4,a,"/");print a[1]}')"
++ PRIMARY_IP="$($IP2UTIL -4 -o addr show dev $INTERFACE primary | awk '{split($4,a,"/");print a[1]}')"
+ OPTS="proto kernel scope host src $PRIMARY_IP"
+ fi
+
diff --git a/SOURCES/bz1598969-1-iSCSITarget-create-iqn-when-it-doesnt-exist.patch b/SOURCES/bz1598969-1-iSCSITarget-create-iqn-when-it-doesnt-exist.patch
new file mode 100644
index 0000000..d50b231
--- /dev/null
+++ b/SOURCES/bz1598969-1-iSCSITarget-create-iqn-when-it-doesnt-exist.patch
@@ -0,0 +1,31 @@
+From 9273b83edf6ee72a59511f307e168813ca3d31fd Mon Sep 17 00:00:00 2001
+From: colttt <shadow_7@gmx.net>
+Date: Fri, 12 Oct 2018 15:29:48 +0200
+Subject: [PATCH] possible fix for #1026
+
+add an if-condition and remove an useless 'targetcli create'
+---
+ heartbeat/iSCSITarget.in | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/heartbeat/iSCSITarget.in b/heartbeat/iSCSITarget.in
+index e49a79016..9128fdc55 100644
+--- a/heartbeat/iSCSITarget.in
++++ b/heartbeat/iSCSITarget.in
+@@ -340,13 +340,13 @@ iSCSITarget_start() {
+ ocf_take_lock $TARGETLOCKFILE
+ ocf_release_lock_on_exit $TARGETLOCKFILE
+ ocf_run targetcli /iscsi set global auto_add_default_portal=false || exit $OCF_ERR_GENERIC
+- ocf_run targetcli /iscsi create ${OCF_RESKEY_iqn} || exit $OCF_ERR_GENERIC
++ if ! [ -d /sys/kernel/config/target/iscsi/${OCF_RESKEY_iqn} ] ; then
++ ocf_run targetcli /iscsi create ${OCF_RESKEY_iqn} || exit $OCF_ERR_GENERIC
++ fi
+ for portal in ${OCF_RESKEY_portals}; do
+ if [ $portal != ${OCF_RESKEY_portals_default} ] ; then
+ IFS=':' read -a sep_portal <<< "$portal"
+ ocf_run targetcli /iscsi/${OCF_RESKEY_iqn}/tpg1/portals create "${sep_portal[0]}" "${sep_portal[1]}" || exit $OCF_ERR_GENERIC
+- else
+- ocf_run targetcli /iscsi create ${OCF_RESKEY_iqn} || exit $OCF_ERR_GENERIC
+ fi
+ done
+ # in lio, we can set target parameters by manipulating
diff --git a/SOURCES/bz1598969-2-iSCSILogicalUnit-create-acls-fix.patch b/SOURCES/bz1598969-2-iSCSILogicalUnit-create-acls-fix.patch
new file mode 100644
index 0000000..a349e46
--- /dev/null
+++ b/SOURCES/bz1598969-2-iSCSILogicalUnit-create-acls-fix.patch
@@ -0,0 +1,24 @@
+From 0d53e80957a00016418080967892337b1b13f99d Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Tue, 30 Jul 2019 11:23:07 +0200
+Subject: [PATCH] iSCSILogicalUnit: only create acls if it doesnt exist
+
+---
+ heartbeat/iSCSILogicalUnit.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/heartbeat/iSCSILogicalUnit.in b/heartbeat/iSCSILogicalUnit.in
+index 0fe85b593..02045d754 100644
+--- a/heartbeat/iSCSILogicalUnit.in
++++ b/heartbeat/iSCSILogicalUnit.in
+@@ -420,8 +420,8 @@ iSCSILogicalUnit_start() {
+
+ if [ -n "${OCF_RESKEY_allowed_initiators}" ]; then
+ for initiator in ${OCF_RESKEY_allowed_initiators}; do
+- ocf_run targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/acls create ${initiator} add_mapped_luns=False || exit $OCF_ERR_GENERIC
+- ocf_run targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/acls/${initiator} create ${OCF_RESKEY_lun} ${OCF_RESKEY_lun} || exit $OCF_ERR_GENERIC
++ [ -d "/sys/kernel/config/target/iscsi/${OCF_RESKEY_target_iqn}/tpgt_1/acls" ] || ocf_run targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/acls create ${initiator} add_mapped_luns=False || exit $OCF_ERR_GENERIC
++ [ -d "/sys/kernel/config/target/iscsi/${OCF_RESKEY_target_iqn}/tpgt_1/acls/${initiator}" ] || ocf_run targetcli /iscsi/${OCF_RESKEY_target_iqn}/tpg1/acls/${initiator} create ${OCF_RESKEY_lun} ${OCF_RESKEY_lun} || exit $OCF_ERR_GENERIC
+ done
+ fi
+
diff --git a/SOURCES/bz1598969-iSCSILogicalUnit-create-iqn-when-it-doesnt-exist.patch b/SOURCES/bz1598969-iSCSILogicalUnit-create-iqn-when-it-doesnt-exist.patch
deleted file mode 100644
index d50b231..0000000
--- a/SOURCES/bz1598969-iSCSILogicalUnit-create-iqn-when-it-doesnt-exist.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 9273b83edf6ee72a59511f307e168813ca3d31fd Mon Sep 17 00:00:00 2001
-From: colttt <shadow_7@gmx.net>
-Date: Fri, 12 Oct 2018 15:29:48 +0200
-Subject: [PATCH] possible fix for #1026
-
-add an if-condition and remove an useless 'targetcli create'
----
- heartbeat/iSCSITarget.in | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/heartbeat/iSCSITarget.in b/heartbeat/iSCSITarget.in
-index e49a79016..9128fdc55 100644
---- a/heartbeat/iSCSITarget.in
-+++ b/heartbeat/iSCSITarget.in
-@@ -340,13 +340,13 @@ iSCSITarget_start() {
- ocf_take_lock $TARGETLOCKFILE
- ocf_release_lock_on_exit $TARGETLOCKFILE
- ocf_run targetcli /iscsi set global auto_add_default_portal=false || exit $OCF_ERR_GENERIC
-- ocf_run targetcli /iscsi create ${OCF_RESKEY_iqn} || exit $OCF_ERR_GENERIC
-+ if ! [ -d /sys/kernel/config/target/iscsi/${OCF_RESKEY_iqn} ] ; then
-+ ocf_run targetcli /iscsi create ${OCF_RESKEY_iqn} || exit $OCF_ERR_GENERIC
-+ fi
- for portal in ${OCF_RESKEY_portals}; do
- if [ $portal != ${OCF_RESKEY_portals_default} ] ; then
- IFS=':' read -a sep_portal <<< "$portal"
- ocf_run targetcli /iscsi/${OCF_RESKEY_iqn}/tpg1/portals create "${sep_portal[0]}" "${sep_portal[1]}" || exit $OCF_ERR_GENERIC
-- else
-- ocf_run targetcli /iscsi create ${OCF_RESKEY_iqn} || exit $OCF_ERR_GENERIC
- fi
- done
- # in lio, we can set target parameters by manipulating
diff --git a/SOURCES/bz1642067-SAPHanaTopology-make-multi-instance-aware.patch b/SOURCES/bz1642067-SAPHanaTopology-make-multi-instance-aware.patch
new file mode 100644
index 0000000..c4fbd7c
--- /dev/null
+++ b/SOURCES/bz1642067-SAPHanaTopology-make-multi-instance-aware.patch
@@ -0,0 +1,49 @@
+From d43d8af650ee9ed175ebd4fdfc15ac2767734a8d Mon Sep 17 00:00:00 2001
+From: Fabian Herschel <fabian.herschel@suse.com>
+Date: Wed, 25 Jul 2018 12:30:32 +0200
+Subject: [PATCH] ra/SAPHanaTopology: bsc#1016691 "SAPHanaSR: Status file of
+ SAPHanaTopology is not multi instance aware (MCOS)"
+
+---
+ SAPHana/ra/SAPHanaTopology | 20 +++++++++++---------
+ 1 file changed, 11 insertions(+), 9 deletions(-)
+
+diff --git a/SAPHanaSR-2067519/SAPHana/ra/SAPHanaTopology b/SAPHanaSR-2067519/SAPHana/ra/SAPHanaTopology
+index 1e2f301..20d2593 100755
+--- a/SAPHanaSR-2067519/SAPHana/ra/SAPHanaTopology
++++ b/SAPHanaSR-2067519/SAPHana/ra/SAPHanaTopology
+@@ -28,7 +28,7 @@
+ #######################################################################
+ #
+ # Initialization:
+-SAPHanaVersion="0.152.21"
++SAPHanaVersion="0.152.22"
+ timeB=$(date '+%s')
+
+ : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
+@@ -736,15 +736,17 @@ function sht_start() {
+ # sht_stop: Stop the SAP HANA Topology Resource
+ #
+ function sht_stop() {
+- super_ocf_log info "FLOW $FUNCNAME ($*)"
+- local output=""
+- local rc=0
+-
+- rm $HA_RSCTMP/SAPHana/SAPTopologyON.${SID}
+- rc=$OCF_SUCCESS
++ super_ocf_log info "FLOW $FUNCNAME ($*)"
++ local output=""
++ local rc=0
++ if [ -f $HA_RSCTMP/SAPHana/SAPTopologyON ]; then
++ rm $HA_RSCTMP/SAPHana/SAPTopologyON
++ fi
++ rm $HA_RSCTMP/SAPHana/SAPTopologyON.${SID}
++ rc=$OCF_SUCCESS
+
+- super_ocf_log info "FLOW $FUNCNAME rc=$rc"
+- return $rc
++ super_ocf_log info "FLOW $FUNCNAME rc=$rc"
++ return $rc
+ }
+
+
diff --git a/SOURCES/bz1695041-LVM-activate-return-NOT_RUNNING-rejoin-cluster.patch b/SOURCES/bz1695041-LVM-activate-return-NOT_RUNNING-rejoin-cluster.patch
new file mode 100644
index 0000000..05e00fb
--- /dev/null
+++ b/SOURCES/bz1695041-LVM-activate-return-NOT_RUNNING-rejoin-cluster.patch
@@ -0,0 +1,82 @@
+From 4ee9a7026d7ed15b0b5cd26f06a21d04fc05d14e Mon Sep 17 00:00:00 2001
+From: Roger Zhou <zzhou@suse.com>
+Date: Mon, 1 Apr 2019 22:57:26 +0800
+Subject: [PATCH 1/2] LVM-activate: return OCF_NOT_RUNNING on initial probe
+
+In the use case of lvm on top of cluster md/raid. When the fenced node
+rejoins to the cluster, Pacemaker will run the monitor action for the
+probe operation. At that time, LVM PV and VG won't exist before cluster
+md/raid get assembled, and the probe should return $OCF_NOT_RUNNING
+instead of $OCF_ERR_CONFIGURED.
+
+Signed-off-by: Roger Zhou <zzhou@suse.com>
+---
+ heartbeat/LVM-activate | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/heartbeat/LVM-activate b/heartbeat/LVM-activate
+index 3c462c75c..91ac05c34 100755
+--- a/heartbeat/LVM-activate
++++ b/heartbeat/LVM-activate
+@@ -329,6 +329,7 @@ lvmlockd_check()
+ # Good: lvmlockd is running, and clvmd is not running
+ if ! pgrep lvmlockd >/dev/null 2>&1 ; then
+ if ocf_is_probe; then
++ ocf_log info "initial probe: lvmlockd is not running yet."
+ exit $OCF_NOT_RUNNING
+ fi
+
+@@ -481,6 +482,11 @@ lvm_validate() {
+ exit $OCF_SUCCESS
+ fi
+
++ if ocf_is_probe; then
++ ocf_log info "initial probe: VG [${VG}] is not found on any block device yet."
++ exit $OCF_NOT_RUNNING
++ fi
++
+ ocf_exit_reason "Volume group[${VG}] doesn't exist, or not visible on this node!"
+ exit $OCF_ERR_CONFIGURED
+ fi
+
+From df2f58c400b1f6f239f9e1c1fdf6ce0875639b43 Mon Sep 17 00:00:00 2001
+From: Roger Zhou <zzhou@suse.com>
+Date: Mon, 1 Apr 2019 23:02:54 +0800
+Subject: [PATCH 2/2] LVM-activate: align dmsetup report command to standard
+
+Namely to change 'vgname/lvname' to 'vg_name/lv_name'. The dmsetup
+report command follows lvm2 selection criteria field name standard.
+- dmsetup v1.02.86 (lvm2 v2_02_107) - 23rd June 2014
+ "Add dmsetup -S/--select to define selection criteria"
+- dmsetup info -c -S help
+
+Signed-off-by: Roger Zhou <zzhou@suse.com>
+---
+ heartbeat/LVM-activate | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/heartbeat/LVM-activate b/heartbeat/LVM-activate
+index 91ac05c34..730d9a09d 100755
+--- a/heartbeat/LVM-activate
++++ b/heartbeat/LVM-activate
+@@ -707,7 +707,7 @@ tagging_deactivate() {
+ # method:
+ #
+ # lv_count=$(vgs --foreign -o lv_count --noheadings ${VG} 2>/dev/null | tr -d '[:blank:]')
+-# dm_count=$(dmsetup --noheadings info -c -S "vgname=${VG}" 2>/dev/null | grep -c "${VG}-")
++# dm_count=$(dmsetup --noheadings info -c -S "vg_name=${VG}" 2>/dev/null | grep -c "${VG}-")
+ # test $lv_count -eq $dm_count
+ #
+ # It works, but we cannot afford to use LVM command in lvm_status. LVM command is expensive
+@@ -730,9 +730,9 @@ lvm_status() {
+ if [ -n "${LV}" ]; then
+ # dmsetup ls? It cannot accept device name. It's
+ # too heavy to list all DM devices.
+- dm_count=$(dmsetup info --noheadings --noflush -c -S "vgname=${VG} && lvname=${LV}" | grep -c -v '^No devices found')
++ dm_count=$(dmsetup info --noheadings --noflush -c -S "vg_name=${VG} && lv_name=${LV}" | grep -c -v '^No devices found')
+ else
+- dm_count=$(dmsetup info --noheadings --noflush -c -S "vgname=${VG}" | grep -c -v '^No devices found')
++ dm_count=$(dmsetup info --noheadings --noflush -c -S "vg_name=${VG}" | grep -c -v '^No devices found')
+ fi
+
+ if [ $dm_count -eq 0 ]; then
diff --git a/SOURCES/bz1716418-dhcpd-keep-selinux-context.patch b/SOURCES/bz1716418-dhcpd-keep-selinux-context.patch
new file mode 100644
index 0000000..82a46c1
--- /dev/null
+++ b/SOURCES/bz1716418-dhcpd-keep-selinux-context.patch
@@ -0,0 +1,28 @@
+From c8c073ed81884128b0b3955fb0b0bd23661044a2 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Wed, 12 Jun 2019 12:45:08 +0200
+Subject: [PATCH] dhcpd: keep SELinux context
+
+---
+ heartbeat/dhcpd | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/heartbeat/dhcpd b/heartbeat/dhcpd
+index 8b2d8b695..46027b39b 100755
+--- a/heartbeat/dhcpd
++++ b/heartbeat/dhcpd
+@@ -337,12 +337,12 @@ dhcpd_initialize_chroot() {
+ done | sort -u`
+ for i in $cplibs ; do
+ if [ -s "$i" ]; then
+- cp -pL "$i" "${OCF_RESKEY_chrooted_path}/$libdir/" ||
++ cp -aL "$i" "${OCF_RESKEY_chrooted_path}/$libdir/" ||
+ { ocf_exit_reason "could not copy $i to chroot jail"; return $OCF_ERR_GENERIC; }
+ fi
+ done
+
+- return $OCF_SUCCESS
++ return $OCF_SUCCESS
+ }
+
+ # Initialize a non-chroot environment
diff --git a/SOURCES/bz1719443-CTDB-1-fixes.patch b/SOURCES/bz1719443-CTDB-1-fixes.patch
new file mode 100644
index 0000000..813bf81
--- /dev/null
+++ b/SOURCES/bz1719443-CTDB-1-fixes.patch
@@ -0,0 +1,131 @@
+From 8c61f2019d11781b737251b5cf839437b25fc53f Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Wed, 25 Jul 2018 23:15:10 +0200
+Subject: [PATCH 1/3] CTDB: fix incorrect db corruption reports (bsc#1101668)
+
+If a database was disconnected during an active transaction, then
+tdbdump may fail with e.g.:
+> /usr/bin/tdbdump /var/lib/ctdb/persistent/secrets.tdb.1
+Failed to open /var/lib/ctdb/persistent/secrets.tdb.1
+tdb(/var/lib/ctdb/persistent/secrets.tdb.1): FATAL:
+tdb_transaction_recover: attempt to recover read only database
+
+This does *not* indicate corruption, only that tdbdump, which opens the
+database readonly, isn't able to perform recovery.
+
+Using tdbtool check, instead of tdbdump, passes:
+> tdbtool /var/lib/ctdb/persistent/secrets.tdb.1 check
+tdb_transaction_recover: recovered 2146304 byte database
+Database integrity is OK and has 2 records.
+
+Drop the tdbdump checks, and instead rely on the core ctdb event script,
+which performs the same checks with tdbtool.
+
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+---
+ heartbeat/CTDB.in | 18 ++++--------------
+ 1 file changed, 4 insertions(+), 14 deletions(-)
+
+diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
+index 1456ea32b..28e58cea0 100755
+--- a/heartbeat/CTDB.in
++++ b/heartbeat/CTDB.in
+@@ -392,6 +392,8 @@ enable_event_scripts() {
+ local event_dir
+ event_dir=$OCF_RESKEY_ctdb_config_dir/events.d
+
++ chmod u+x "$event_dir/00.ctdb" # core database health check
++
+ if [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ]; then
+ chmod u+x "$event_dir/10.interface"
+ else
+@@ -563,17 +565,6 @@ ctdb_start() {
+ rv=$?
+ [ $rv -ne 0 ] && return $rv
+
+- # Die if databases are corrupted
+- persistent_db_dir="${OCF_RESKEY_ctdb_dbdir}/persistent"
+- mkdir -p $persistent_db_dir 2>/dev/null
+- for pdbase in $persistent_db_dir/*.tdb.[0-9]; do
+- [ -f "$pdbase" ] || break
+- /usr/bin/tdbdump "$pdbase" >/dev/null 2>/dev/null || {
+- ocf_exit_reason "Persistent database $pdbase is corrupted! CTDB will not start."
+- return $OCF_ERR_GENERIC
+- }
+- done
+-
+ # Add necessary configuration to smb.conf
+ init_smb_conf
+ if [ $? -ne 0 ]; then
+@@ -737,9 +728,8 @@ ctdb_monitor() {
+
+
+ ctdb_validate() {
+- # Required binaries (full path to tdbdump is intentional, as that's
+- # what's used in ctdb_start, which was lifted from the init script)
+- for binary in pkill /usr/bin/tdbdump; do
++ # Required binaries
++ for binary in pkill; do
+ check_binary $binary
+ done
+
+
+From 1ff4ce7cbe58b5309f00ac1bbe124c562b6dcaf6 Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Fri, 27 Jul 2018 16:02:26 +0200
+Subject: [PATCH 2/3] CTDB: explicitly use bash shell
+
+Upcoming recovery lock substring processing is bash specific.
+
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+---
+ configure.ac | 1 +
+ heartbeat/CTDB.in | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
+index 7d87a4ef7..f9b5c564f 100755
+--- a/heartbeat/CTDB.in
++++ b/heartbeat/CTDB.in
+@@ -134,8 +134,8 @@ For more information see http://linux-ha.org/wiki/CTDB_(resource_agent)
+
+ <parameter name="ctdb_recovery_lock" unique="1" required="1">
+ <longdesc lang="en">
+-The location of a shared lock file, common across all nodes.
+-This must be on shared storage, e.g.: /shared-fs/samba/ctdb.lock
++The location of a shared lock file or helper binary, common across all nodes.
++See CTDB documentation for details.
+ </longdesc>
+ <shortdesc lang="en">CTDB shared lock file</shortdesc>
+ <content type="string" default="" />
+@@ -757,13 +757,24 @@ ctdb_validate() {
+ return $OCF_ERR_CONFIGURED
+ fi
+
+- lock_dir=$(dirname "$OCF_RESKEY_ctdb_recovery_lock")
+- touch "$lock_dir/$$" 2>/dev/null
+- if [ $? != 0 ]; then
+- ocf_exit_reason "Directory for lock file '$OCF_RESKEY_ctdb_recovery_lock' does not exist, or is not writable."
+- return $OCF_ERR_ARGS
++ if [ "${OCF_RESKEY_ctdb_recovery_lock:0:1}" == '!' ]; then
++ # '!' prefix means recovery lock is handled via a helper binary
++ binary="${OCF_RESKEY_ctdb_recovery_lock:1}"
++ binary="${binary%% *}" # trim any parameters
++ if [ -z "$binary" ]; then
++ ocf_exit_reason "ctdb_recovery_lock invalid helper"
++ return $OCF_ERR_CONFIGURED
++ fi
++ check_binary "${binary}"
++ else
++ lock_dir=$(dirname "$OCF_RESKEY_ctdb_recovery_lock")
++ touch "$lock_dir/$$" 2>/dev/null
++ if [ $? != 0 ]; then
++ ocf_exit_reason "Directory for lock file '$OCF_RESKEY_ctdb_recovery_lock' does not exist, or is not writable."
++ return $OCF_ERR_ARGS
++ fi
++ rm "$lock_dir/$$"
+ fi
+- rm "$lock_dir/$$"
+
+ return $OCF_SUCCESS
+ }
diff --git a/SOURCES/bz1719443-CTDB-2-add-v4.9-support.patch b/SOURCES/bz1719443-CTDB-2-add-v4.9-support.patch
new file mode 100644
index 0000000..a3332ef
--- /dev/null
+++ b/SOURCES/bz1719443-CTDB-2-add-v4.9-support.patch
@@ -0,0 +1,452 @@
+From 30b9f55325d2acfba27aa6859c7360e10b7201d7 Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Wed, 5 Jun 2019 00:41:13 +0200
+Subject: [PATCH 1/3] CTDB: support Samba 4.9+
+
+With Samba 4.9+, all ctdbd parameters have moved to config files.
+Generate a new /etc/ctdb/ctdb.conf file during ctdb startup, based on RA
+configuration.
+
+Event scripts in Samba 4.9+ are also no longer enabled/disabled based on
+file mode. Use the "ctdb event script enable/disable" helpers, which now
+work without a running ctdbd.
+
+Fixes: https://github.com/ClusterLabs/resource-agents/issues/1196
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+Signed-off-by: Noel Power <noel.power@suse.com>
+Signed-off-by: Amitay Isaacs <amitay@samba.org>
+---
+ heartbeat/CTDB.in | 214 ++++++++++++++++++++++++++++++++++++----------
+ 1 file changed, 167 insertions(+), 47 deletions(-)
+
+diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
+index 4dd646896..79a2f97e7 100755
+--- a/heartbeat/CTDB.in
++++ b/heartbeat/CTDB.in
+@@ -143,6 +143,10 @@ OCF_RESKEY_smb_fileid_algorithm_default=""
+
+ #######################################################################
+
++ctdb_version() {
++ $OCF_RESKEY_ctdb_binary version | awk '{print $NF}' | sed "s/[-\.]\?[[:alpha:]].*//"
++}
++
+ meta_data() {
+ cat <<END
+ <?xml version="1.0"?>
+@@ -256,7 +260,7 @@ host any public ip addresses.
+ <longdesc lang="en">
+ The directory containing various CTDB configuration files.
+ The "nodes" and "notify.sh" scripts are expected to be
+-in this directory, as is the "events.d" subdirectory.
++in this directory.
+ </longdesc>
+ <shortdesc lang="en">CTDB config file directory</shortdesc>
+ <content type="string" default="/etc/ctdb" />
+@@ -282,8 +286,10 @@ Full path to the CTDB cluster daemon binary.
+ <longdesc lang="en">
+ Full path to the domain socket that ctdbd will create, used for
+ local clients to attach and communicate with the ctdb daemon.
++With CTDB 4.9.0 and later the socket path is hardcoded at build
++time, so this parameter is ignored.
+ </longdesc>
+-<shortdesc lang="en">CTDB socket location</shortdesc>
++<shortdesc lang="en">CTDB socket location (ignored with CTDB 4.9+)</shortdesc>
+ <content type="string" default="${OCF_RESKEY_ctdb_socket}" />
+ </parameter>
+
+@@ -421,16 +427,28 @@ invoke_ctdb() {
+ timeout=$((OCF_RESKEY_CRM_meta_timeout/1000))
+ timelimit=$((OCF_RESKEY_CRM_meta_timeout/1000))
+ fi
+- $OCF_RESKEY_ctdb_binary --socket="$OCF_RESKEY_ctdb_socket" \
+- -t $timeout -T $timelimit \
+- "$@"
++
++ local vers=$(ctdb_version)
++ ocf_version_cmp "$vers" "4.9.0"
++
++ # if version < 4.9.0 specify '--socket' otherwise it's
++ # a compiled option
++ if [ "$?" -eq "0" ]; then
++ $OCF_RESKEY_ctdb_binary --socket="$OCF_RESKEY_ctdb_socket" \
++ -t $timeout -T $timelimit \
++ "$@"
++ else
++ $OCF_RESKEY_ctdb_binary \
++ -t $timeout -T $timelimit \
++ "$@"
++ fi
+ }
+
+ # Enable any event scripts that are explicitly required.
+ # Any others will ultimately be invoked or not based on how they ship
+ # with CTDB, but will generally have no effect, beacuase the relevant
+ # CTDB_MANAGES_* options won't be set in /etc/sysconfig/ctdb.
+-enable_event_scripts() {
++enable_event_scripts_chmod() {
+ local event_dir
+ event_dir=$OCF_RESKEY_ctdb_config_dir/events.d
+
+@@ -454,6 +472,36 @@ enable_event_scripts() {
+ fi
+ }
+
++enable_event_scripts_symlink() {
++ # event scripts are symlinked once enabled, with the link source in...
++ mkdir -p "$OCF_RESKEY_ctdb_config_dir/events/legacy" 2>/dev/null
++
++ invoke_ctdb event script enable legacy 00.ctdb
++
++ if [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ]; then
++ invoke_ctdb event script enable legacy 10.interface
++ else
++ invoke_ctdb event script disable legacy 10.interface
++ fi
++ if [ -f "${OCF_RESKEY_ctdb_config_dir}/static-routes" ]; then
++ invoke_ctdb event script enable legacy 11.routing
++ else
++ invoke_ctdb event script disable legacy 11.routing
++ fi
++
++ if ocf_is_true "$OCF_RESKEY_ctdb_manages_winbind"; then
++ invoke_ctdb event script enable legacy 49.winbind
++ else
++ invoke_ctdb event script disable legacy 49.winbind
++ fi
++
++ if ocf_is_true "$OCF_RESKEY_ctdb_manages_samba"; then
++ invoke_ctdb event script enable legacy 50.samba
++ else
++ invoke_ctdb event script disable legacy 50.samba
++ fi
++}
++
+ # This function has no effect (currently no way to set CTDB_SET_*)
+ # but remains here in case we need it in future.
+ set_ctdb_variables() {
+@@ -556,6 +604,46 @@ append_ctdb_sysconfig() {
+ [ -n "$2" ] && echo "$1=$2" >> "$CTDB_SYSCONFIG"
+ }
+
++generate_ctdb_config() {
++ local ctdb_config="$OCF_RESKEY_ctdb_config_dir/ctdb.conf"
++
++ # Backup existing config if we're not already using an auto-generated one
++ grep -qa '# CTDB-RA: Auto-generated' $ctdb_config || cp -p $ctdb_config ${ctdb_config}.ctdb-ra-orig
++ if [ $? -ne 0 ]; then
++ ocf_log warn "Unable to backup $ctdb_config to ${ctdb_config}.ctdb-ra-orig"
++ fi
++
++ local log_option="file:$OCF_RESKEY_ctdb_logfile"
++ if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
++ log_option="syslog"
++ fi
++
++ local start_as_disabled="false"
++ ocf_is_true "$OCF_RESKEY_ctdb_start_as_disabled" && start_as_disabled="true"
++
++ local dbdir_volatile="$OCF_RESKEY_ctdb_dbdir/volatile"
++ [ -d "$dbdir_volatile" ] || mkdir -p "$dbdir_volatile" 2>/dev/null
++ local dbdir_persistent="$OCF_RESKEY_ctdb_dbdir/persistent"
++ [ -d "$dbdir_persistent" ] || mkdir -p "$dbdir_persistent" 2>/dev/null
++ local dbdir_state="$OCF_RESKEY_ctdb_dbdir/state"
++ [ -d "$dbdir_state" ] || mkdir -p "$dbdir_state" 2>/dev/null
++
++cat >$ctdb_config <<EOF
++# CTDB-RA: Auto-generated
++[logging]
++ location = $log_option
++ log level = $OCF_RESKEY_ctdb_debuglevel
++[cluster]
++ recovery lock = $OCF_RESKEY_ctdb_recovery_lock
++[database]
++ volatile database directory = $dbdir_volatile
++ persistent database directory = $dbdir_persistent
++ state database directory = $dbdir_state
++[legacy]
++ start as disabled = $start_as_disabled
++EOF
++}
++
+ # Generate a new, minimal CTDB config file that's just enough
+ # to get CTDB running as configured by the RA parameters.
+ generate_ctdb_sysconfig() {
+@@ -589,6 +677,58 @@ EOF
+ }
+
+
++invoke_ctdbd() {
++ local vers="$1"
++
++ ocf_version_cmp "$vers" "4.9.0"
++ if [ "$?" -ne "0" ]; then
++ # With 4.9+, all ctdbd binary parameters are provided as
++ # config settings
++ $OCF_RESKEY_ctdbd_binary
++ return
++ fi
++
++ # Use logfile by default, or syslog if asked for
++ local log_option
++ # --logging supported from v4.3.0 and --logfile / --syslog support
++ # has been removed from newer versions
++ ocf_version_cmp "$vers" "4.2.14"
++ if [ "$?" -eq "2" ]; then
++ log_option="--logging=file:$OCF_RESKEY_ctdb_logfile"
++ if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
++ log_option="--logging=syslog"
++ fi
++ else
++ log_option="--logfile=$OCF_RESKEY_ctdb_logfile"
++ if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
++ log_option="--syslog"
++ fi
++ fi
++
++ # public addresses file (should not be present, but need to set for correctness if it is)
++ local pub_addr_option
++ pub_addr_option=""
++ [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ] && \
++ pub_addr_option="--public-addresses=${OCF_RESKEY_ctdb_config_dir}/public_addresses"
++ # start as disabled
++ local start_as_disabled
++ start_as_disabled="--start-as-disabled"
++ ocf_is_true "$OCF_RESKEY_ctdb_start_as_disabled" || start_as_disabled=""
++
++ $OCF_RESKEY_ctdbd_binary \
++ --reclock="$OCF_RESKEY_ctdb_recovery_lock" \
++ --nlist="$OCF_RESKEY_ctdb_config_dir/nodes" \
++ --socket="$OCF_RESKEY_ctdb_socket" \
++ --dbdir="$OCF_RESKEY_ctdb_dbdir" \
++ --dbdir-persistent="$OCF_RESKEY_ctdb_dbdir/persistent" \
++ --event-script-dir="$OCF_RESKEY_ctdb_config_dir/events.d" \
++ --notification-script="$OCF_RESKEY_ctdb_config_dir/notify.sh" \
++ --transport=tcp \
++ $start_as_disabled $log_option $pub_addr_option \
++ -d "$OCF_RESKEY_ctdb_debuglevel"
++}
++
++
+ ctdb_usage() {
+ cat <<END
+ usage: $0 {start|stop|monitor|validate-all|meta-data}
+@@ -614,27 +754,26 @@ ctdb_start() {
+ return $OCF_ERR_GENERIC
+ fi
+
+- # Generate new CTDB sysconfig
+- generate_ctdb_sysconfig
+- enable_event_scripts
++ local version=$(ctdb_version)
+
+- # Use logfile by default, or syslog if asked for
+- local log_option
+- # --logging supported from v4.3.0 and --logfile / --syslog support
+- # has been removed from newer versions
+- version=$(ctdb version | awk '{print $NF}')
+- ocf_version_cmp "$version" "4.2.14"
+- if [ "$?" -eq "2" ]; then
+- log_option="--logging=file:$OCF_RESKEY_ctdb_logfile"
+- if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
+- log_option="--logging=syslog"
+- fi
++ ocf_version_cmp "$version" "4.9.0"
++ if [ "$?" -eq "0" ]; then
++ # prior to 4.9, ctdbd parameters are in sysconfig or passed as
++ # binary arguments
++ generate_ctdb_sysconfig
++
++ # prior to 4.9, event script enablement without a running
++ # ctdbd is done by chmoding the scripts directly
++ enable_event_scripts_chmod
+ else
+- log_option="--logfile=$OCF_RESKEY_ctdb_logfile"
+- if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
+- log_option="--syslog"
+- fi
++ # 4.9+ moves all ctdbd parameters to ctdb.conf
++ generate_ctdb_config
++
++ # 4.9+ event scripts can be enabled with ctdb directly, which
++ # performs a symlink
++ enable_event_scripts_symlink
+ fi
++
+ if [ ! -d "$(dirname $OCF_RESKEY_ctdb_logfile)" ]; then
+ # ensure the logfile's directory exists, otherwise ctdb will fail to start
+ mkdir -p $(dirname $OCF_RESKEY_ctdb_logfile)
+@@ -643,33 +782,14 @@ ctdb_start() {
+ # ensure ctdb's rundir exists, otherwise it will fail to start
+ mkdir -p $OCF_RESKEY_ctdb_rundir 2>/dev/null
+
+- # public addresses file (should not be present, but need to set for correctness if it is)
+- local pub_addr_option
+- pub_addr_option=""
+- [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ] && \
+- pub_addr_option="--public-addresses=${OCF_RESKEY_ctdb_config_dir}/public_addresses"
+- # start as disabled
+- local start_as_disabled
+- start_as_disabled="--start-as-disabled"
+- ocf_is_true "$OCF_RESKEY_ctdb_start_as_disabled" || start_as_disabled=""
+-
+ # set nofile ulimit for ctdbd process
+ if [ -n "$OCF_RESKEY_ctdb_max_open_files" ]; then
+ ulimit -n "$OCF_RESKEY_ctdb_max_open_files"
+ fi
+
+ # Start her up
+- "$OCF_RESKEY_ctdbd_binary" \
+- --reclock="$OCF_RESKEY_ctdb_recovery_lock" \
+- --nlist="$OCF_RESKEY_ctdb_config_dir/nodes" \
+- --socket="$OCF_RESKEY_ctdb_socket" \
+- --dbdir="$OCF_RESKEY_ctdb_dbdir" \
+- --dbdir-persistent="$OCF_RESKEY_ctdb_dbdir/persistent" \
+- --event-script-dir="$OCF_RESKEY_ctdb_config_dir/events.d" \
+- --notification-script="$OCF_RESKEY_ctdb_config_dir/notify.sh" \
+- --transport=tcp \
+- $start_as_disabled $log_option $pub_addr_option \
+- -d "$OCF_RESKEY_ctdb_debuglevel"
++ invoke_ctdbd "$version"
++
+ if [ $? -ne 0 ]; then
+ # cleanup smb.conf
+ cleanup_smb_conf
+@@ -688,7 +808,7 @@ ctdb_start() {
+ if [ $? -ne 0 ]; then
+ # CTDB will be running, kill it before returning
+ ctdb_stop
+- ocf_exit_reason "Can't invoke $OCF_RESKEY_ctdb_binary --socket=$OCF_RESKEY_ctdb_socket status"
++ ocf_exit_reason "Can't invoke $OCF_RESKEY_ctdb_binary status"
+ return $OCF_ERR_GENERIC
+ fi
+ if ! echo "$status" | grep -qs 'UNHEALTHY (THIS'; then
+@@ -725,7 +845,7 @@ ctdb_stop() {
+ [ $count -gt 10 ] && {
+ ocf_log info "killing ctdbd "
+ pkill -9 -f "$OCF_RESKEY_ctdbd_binary"
+- pkill -9 -f "${OCF_RESKEY_ctdb_config_dir}/events.d/"
++ pkill -9 -f "${OCF_RESKEY_ctdb_config_dir}/events"
+ }
+ done
+
+
+From b4753b7cb46045bb9e7ed5e3a0a20f6104264b12 Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Wed, 10 Jul 2019 17:11:50 +0200
+Subject: [PATCH 2/3] CTDB: generate script.options file for 4.9+
+
+Event scripts in CTDB 4.9+ ignore sysconfig configuration and instead
+parse parameters in ctdb_config_dir/script.options .
+
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+---
+ heartbeat/CTDB.in | 35 ++++++++++++++++++++++++++++++-----
+ 1 file changed, 30 insertions(+), 5 deletions(-)
+
+diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
+index 79a2f97e7..0906f3da9 100755
+--- a/heartbeat/CTDB.in
++++ b/heartbeat/CTDB.in
+@@ -242,6 +242,7 @@ If the amount of free memory drops below this value the node will
+ become unhealthy and ctdb and all managed services will be shutdown.
+ Once this occurs, the administrator needs to find the reason for the
+ OOM situation, rectify it and restart ctdb with "service ctdb start".
++With CTDB 4.4.0 and later this parameter is ignored.
+ </longdesc>
+ <shortdesc lang="en">Minimum amount of free memory (MB)</shortdesc>
+ <content type="integer" default="${OCF_RESKEY_ctdb_monitor_free_memory_default}" />
+@@ -600,8 +601,10 @@ cleanup_smb_conf() {
+ mv "$OCF_RESKEY_smb_conf.$$" "$OCF_RESKEY_smb_conf"
+ }
+
+-append_ctdb_sysconfig() {
+- [ -n "$2" ] && echo "$1=$2" >> "$CTDB_SYSCONFIG"
++append_conf() {
++ local file_path="$1"
++ shift
++ [ -n "$2" ] && echo "$1=$2" >> "$file_path"
+ }
+
+ generate_ctdb_config() {
+@@ -644,6 +647,25 @@ cat >$ctdb_config <<EOF
+ EOF
+ }
+
++generate_event_script_options() {
++ local script_options="$OCF_RESKEY_ctdb_config_dir/script.options"
++
++ # Backup existing config if we're not already using an auto-generated one
++ grep -qa '# CTDB-RA: Auto-generated' $script_options || cp -p $script_options ${script_options}.ctdb-ra-orig
++ if [ $? -ne 0 ]; then
++ ocf_log warn "Unable to backup $script_options to ${script_options}.ctdb-ra-orig"
++ fi
++
++cat >$script_options <<EOF
++# CTDB-RA: Auto-generated
++CTDB_SAMBA_SKIP_SHARE_CHECK=$(ocf_is_true "$OCF_RESKEY_ctdb_samba_skip_share_check" && echo 'yes' || echo 'no')
++EOF
++
++ append_conf "$script_options" CTDB_SERVICE_SMB $OCF_RESKEY_ctdb_service_smb
++ append_conf "$script_options" CTDB_SERVICE_NMB $OCF_RESKEY_ctdb_service_nmb
++ append_conf "$script_options" CTDB_SERVICE_WINBIND $OCF_RESKEY_ctdb_service_winbind
++}
++
+ # Generate a new, minimal CTDB config file that's just enough
+ # to get CTDB running as configured by the RA parameters.
+ generate_ctdb_sysconfig() {
+@@ -671,9 +693,9 @@ CTDB_SAMBA_SKIP_SHARE_CHECK=$(ocf_is_true "$OCF_RESKEY_ctdb_samba_skip_share_che
+ CTDB_MANAGES_SAMBA=$(ocf_is_true "$OCF_RESKEY_ctdb_manages_samba" && echo 'yes' || echo 'no')
+ CTDB_MANAGES_WINBIND=$(ocf_is_true "$OCF_RESKEY_ctdb_manages_winbind" && echo 'yes' || echo 'no')
+ EOF
+- append_ctdb_sysconfig CTDB_SERVICE_SMB $OCF_RESKEY_ctdb_service_smb
+- append_ctdb_sysconfig CTDB_SERVICE_NMB $OCF_RESKEY_ctdb_service_nmb
+- append_ctdb_sysconfig CTDB_SERVICE_WINBIND $OCF_RESKEY_ctdb_service_winbind
++ append_conf "$CTDB_SYSCONFIG" CTDB_SERVICE_SMB $OCF_RESKEY_ctdb_service_smb
++ append_conf "$CTDB_SYSCONFIG" CTDB_SERVICE_NMB $OCF_RESKEY_ctdb_service_nmb
++ append_conf "$CTDB_SYSCONFIG" CTDB_SERVICE_WINBIND $OCF_RESKEY_ctdb_service_winbind
+ }
+
+
+@@ -769,6 +791,9 @@ ctdb_start() {
+ # 4.9+ moves all ctdbd parameters to ctdb.conf
+ generate_ctdb_config
+
++ # 4.9+ event script options are in script.options
++ generate_event_script_options
++
+ # 4.9+ event scripts can be enabled with ctdb directly, which
+ # performs a symlink
+ enable_event_scripts_symlink
+
+From 0a8610711f90c4cc7a2b380a4795f463532d9520 Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Wed, 10 Jul 2019 17:54:01 +0200
+Subject: [PATCH 3/3] CTDB: drop sysconfig presence check during validate
+
+There are two reasons to avoid this check:
+- for ctdb versions prior to 4.9.0, the sysconfig file is generated by
+ the resource agent start hook *after* ctdb_validate() is called.
+- post 4.9.0 versions don't use the sysconfig file.
+
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+---
+ heartbeat/CTDB.in | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
+index 0906f3da9..15d78902e 100755
+--- a/heartbeat/CTDB.in
++++ b/heartbeat/CTDB.in
+@@ -925,11 +925,6 @@ ctdb_validate() {
+ check_binary $binary
+ done
+
+- if [ -z "$CTDB_SYSCONFIG" ]; then
+- ocf_exit_reason "Can't find CTDB config file (expecting /etc/sysconfig/ctdb, /etc/default/ctdb or similar)"
+- return $OCF_ERR_INSTALLED
+- fi
+-
+ if ocf_is_true "$OCF_RESKEY_ctdb_manages_samba" && [ ! -f "$OCF_RESKEY_smb_conf" ]; then
+ ocf_exit_reason "Samba config file '$OCF_RESKEY_smb_conf' does not exist."
+ return $OCF_ERR_INSTALLED
diff --git a/SOURCES/bz1726736-Route-1-dont-fence-when-parameters-not-set.patch b/SOURCES/bz1726736-Route-1-dont-fence-when-parameters-not-set.patch
new file mode 100644
index 0000000..6c39248
--- /dev/null
+++ b/SOURCES/bz1726736-Route-1-dont-fence-when-parameters-not-set.patch
@@ -0,0 +1,35 @@
+From 1286636b768bb635e9a6b1f1fbf6267c9c3f4b03 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Mon, 19 Aug 2019 13:31:06 +0200
+Subject: [PATCH] Route: dont fence node when parameters arent set
+
+---
+ heartbeat/Route | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/heartbeat/Route b/heartbeat/Route
+index b4011e37d..9f92eff3a 100755
+--- a/heartbeat/Route
++++ b/heartbeat/Route
+@@ -249,18 +249,18 @@ route_validate() {
+ if [ "${OCF_RESKEY_CRM_meta_clone}" ]; then
+ if [ "${OCF_RESKEY_CRM_meta_clone_node_max}" != 1 ]; then
+ ocf_exit_reason "Misconfigured clone parameters. Must set meta attribute \"clone_node_max\" to 1, got ${OCF_RESKEY_CRM_meta_clone_node_max}."
+- return $OCF_ERR_ARGS
++ return $OCF_ERR_CONFIGURED
+ fi
+ fi
+ # Did we get a destination?
+ if [ -z "${OCF_RESKEY_destination}" ]; then
+ ocf_exit_reason "Missing required parameter \"destination\"."
+- return $OCF_ERR_ARGS
++ return $OCF_ERR_CONFIGURED
+ fi
+ # Did we get either a device or a gateway address?
+ if [ -z "${OCF_RESKEY_device}" -a -z "${OCF_RESKEY_gateway}" ]; then
+ ocf_exit_reason "Must specify either \"device\", or \"gateway\", or both."
+- return $OCF_ERR_ARGS
++ return $OCF_ERR_CONFIGURED
+ fi
+ # If a device has been configured, is it available on this system?
+ if [ -n "${OCF_RESKEY_device}" ]; then
diff --git a/SOURCES/bz1726736-Route-2-validate-start-validate-all.patch b/SOURCES/bz1726736-Route-2-validate-start-validate-all.patch
new file mode 100644
index 0000000..e2d012e
--- /dev/null
+++ b/SOURCES/bz1726736-Route-2-validate-start-validate-all.patch
@@ -0,0 +1,40 @@
+From 444bdc44fc47c65f848efc0c39c1e8e6620ce10d Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Fri, 11 Oct 2019 12:12:52 +0200
+Subject: [PATCH] Route: only validate for start and validate-all actions
+
+---
+ heartbeat/Route | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/heartbeat/Route b/heartbeat/Route
+index 9f92eff3a..8898e1afd 100755
+--- a/heartbeat/Route
++++ b/heartbeat/Route
+@@ -187,6 +187,8 @@ END
+ }
+
+ route_start() {
++ route_validate || exit $?
++
+ route_status
+ status=$?
+ if [ $status -eq $OCF_SUCCESS ]; then
+@@ -313,8 +315,6 @@ for binary in ip grep; do
+ check_binary $binary
+ done
+
+-route_validate || exit $?
+-
+ case $OCF_RESKEY_family in
+ ip4) addr_family="-4" ;;
+ ip6) addr_family="-6" ;;
+@@ -334,7 +334,7 @@ status|monitor) route_status;;
+ reload) ocf_log info "Reloading..."
+ route_start
+ ;;
+-validate-all) ;;
++validate-all) route_validate;;
+ *) route_usage
+ exit $OCF_ERR_UNIMPLEMENTED
+ ;;
diff --git a/SOURCES/bz1731426-dhcpd-keep-selinux-context.patch b/SOURCES/bz1731426-dhcpd-keep-selinux-context.patch
deleted file mode 100644
index 82a46c1..0000000
--- a/SOURCES/bz1731426-dhcpd-keep-selinux-context.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From c8c073ed81884128b0b3955fb0b0bd23661044a2 Mon Sep 17 00:00:00 2001
-From: Oyvind Albrigtsen <oalbrigt@redhat.com>
-Date: Wed, 12 Jun 2019 12:45:08 +0200
-Subject: [PATCH] dhcpd: keep SELinux context
-
----
- heartbeat/dhcpd | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/heartbeat/dhcpd b/heartbeat/dhcpd
-index 8b2d8b695..46027b39b 100755
---- a/heartbeat/dhcpd
-+++ b/heartbeat/dhcpd
-@@ -337,12 +337,12 @@ dhcpd_initialize_chroot() {
- done | sort -u`
- for i in $cplibs ; do
- if [ -s "$i" ]; then
-- cp -pL "$i" "${OCF_RESKEY_chrooted_path}/$libdir/" ||
-+ cp -aL "$i" "${OCF_RESKEY_chrooted_path}/$libdir/" ||
- { ocf_exit_reason "could not copy $i to chroot jail"; return $OCF_ERR_GENERIC; }
- fi
- done
-
-- return $OCF_SUCCESS
-+ return $OCF_SUCCESS
- }
-
- # Initialize a non-chroot environment
diff --git a/SOURCES/bz1731427-CTDB-1-fixes.patch b/SOURCES/bz1731427-CTDB-1-fixes.patch
deleted file mode 100644
index 813bf81..0000000
--- a/SOURCES/bz1731427-CTDB-1-fixes.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-From 8c61f2019d11781b737251b5cf839437b25fc53f Mon Sep 17 00:00:00 2001
-From: David Disseldorp <ddiss@suse.de>
-Date: Wed, 25 Jul 2018 23:15:10 +0200
-Subject: [PATCH 1/3] CTDB: fix incorrect db corruption reports (bsc#1101668)
-
-If a database was disconnected during an active transaction, then
-tdbdump may fail with e.g.:
-> /usr/bin/tdbdump /var/lib/ctdb/persistent/secrets.tdb.1
-Failed to open /var/lib/ctdb/persistent/secrets.tdb.1
-tdb(/var/lib/ctdb/persistent/secrets.tdb.1): FATAL:
-tdb_transaction_recover: attempt to recover read only database
-
-This does *not* indicate corruption, only that tdbdump, which opens the
-database readonly, isn't able to perform recovery.
-
-Using tdbtool check, instead of tdbdump, passes:
-> tdbtool /var/lib/ctdb/persistent/secrets.tdb.1 check
-tdb_transaction_recover: recovered 2146304 byte database
-Database integrity is OK and has 2 records.
-
-Drop the tdbdump checks, and instead rely on the core ctdb event script,
-which performs the same checks with tdbtool.
-
-Signed-off-by: David Disseldorp <ddiss@suse.de>
----
- heartbeat/CTDB.in | 18 ++++--------------
- 1 file changed, 4 insertions(+), 14 deletions(-)
-
-diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
-index 1456ea32b..28e58cea0 100755
---- a/heartbeat/CTDB.in
-+++ b/heartbeat/CTDB.in
-@@ -392,6 +392,8 @@ enable_event_scripts() {
- local event_dir
- event_dir=$OCF_RESKEY_ctdb_config_dir/events.d
-
-+ chmod u+x "$event_dir/00.ctdb" # core database health check
-+
- if [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ]; then
- chmod u+x "$event_dir/10.interface"
- else
-@@ -563,17 +565,6 @@ ctdb_start() {
- rv=$?
- [ $rv -ne 0 ] && return $rv
-
-- # Die if databases are corrupted
-- persistent_db_dir="${OCF_RESKEY_ctdb_dbdir}/persistent"
-- mkdir -p $persistent_db_dir 2>/dev/null
-- for pdbase in $persistent_db_dir/*.tdb.[0-9]; do
-- [ -f "$pdbase" ] || break
-- /usr/bin/tdbdump "$pdbase" >/dev/null 2>/dev/null || {
-- ocf_exit_reason "Persistent database $pdbase is corrupted! CTDB will not start."
-- return $OCF_ERR_GENERIC
-- }
-- done
--
- # Add necessary configuration to smb.conf
- init_smb_conf
- if [ $? -ne 0 ]; then
-@@ -737,9 +728,8 @@ ctdb_monitor() {
-
-
- ctdb_validate() {
-- # Required binaries (full path to tdbdump is intentional, as that's
-- # what's used in ctdb_start, which was lifted from the init script)
-- for binary in pkill /usr/bin/tdbdump; do
-+ # Required binaries
-+ for binary in pkill; do
- check_binary $binary
- done
-
-
-From 1ff4ce7cbe58b5309f00ac1bbe124c562b6dcaf6 Mon Sep 17 00:00:00 2001
-From: David Disseldorp <ddiss@suse.de>
-Date: Fri, 27 Jul 2018 16:02:26 +0200
-Subject: [PATCH 2/3] CTDB: explicitly use bash shell
-
-Upcoming recovery lock substring processing is bash specific.
-
-Signed-off-by: David Disseldorp <ddiss@suse.de>
----
- configure.ac | 1 +
- heartbeat/CTDB.in | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
-index 7d87a4ef7..f9b5c564f 100755
---- a/heartbeat/CTDB.in
-+++ b/heartbeat/CTDB.in
-@@ -134,8 +134,8 @@ For more information see http://linux-ha.org/wiki/CTDB_(resource_agent)
-
- <parameter name="ctdb_recovery_lock" unique="1" required="1">
- <longdesc lang="en">
--The location of a shared lock file, common across all nodes.
--This must be on shared storage, e.g.: /shared-fs/samba/ctdb.lock
-+The location of a shared lock file or helper binary, common across all nodes.
-+See CTDB documentation for details.
- </longdesc>
- <shortdesc lang="en">CTDB shared lock file</shortdesc>
- <content type="string" default="" />
-@@ -757,13 +757,24 @@ ctdb_validate() {
- return $OCF_ERR_CONFIGURED
- fi
-
-- lock_dir=$(dirname "$OCF_RESKEY_ctdb_recovery_lock")
-- touch "$lock_dir/$$" 2>/dev/null
-- if [ $? != 0 ]; then
-- ocf_exit_reason "Directory for lock file '$OCF_RESKEY_ctdb_recovery_lock' does not exist, or is not writable."
-- return $OCF_ERR_ARGS
-+ if [ "${OCF_RESKEY_ctdb_recovery_lock:0:1}" == '!' ]; then
-+ # '!' prefix means recovery lock is handled via a helper binary
-+ binary="${OCF_RESKEY_ctdb_recovery_lock:1}"
-+ binary="${binary%% *}" # trim any parameters
-+ if [ -z "$binary" ]; then
-+ ocf_exit_reason "ctdb_recovery_lock invalid helper"
-+ return $OCF_ERR_CONFIGURED
-+ fi
-+ check_binary "${binary}"
-+ else
-+ lock_dir=$(dirname "$OCF_RESKEY_ctdb_recovery_lock")
-+ touch "$lock_dir/$$" 2>/dev/null
-+ if [ $? != 0 ]; then
-+ ocf_exit_reason "Directory for lock file '$OCF_RESKEY_ctdb_recovery_lock' does not exist, or is not writable."
-+ return $OCF_ERR_ARGS
-+ fi
-+ rm "$lock_dir/$$"
- fi
-- rm "$lock_dir/$$"
-
- return $OCF_SUCCESS
- }
diff --git a/SOURCES/bz1731427-CTDB-2-add-v4.9-support.patch b/SOURCES/bz1731427-CTDB-2-add-v4.9-support.patch
deleted file mode 100644
index a3332ef..0000000
--- a/SOURCES/bz1731427-CTDB-2-add-v4.9-support.patch
+++ /dev/null
@@ -1,452 +0,0 @@
-From 30b9f55325d2acfba27aa6859c7360e10b7201d7 Mon Sep 17 00:00:00 2001
-From: David Disseldorp <ddiss@suse.de>
-Date: Wed, 5 Jun 2019 00:41:13 +0200
-Subject: [PATCH 1/3] CTDB: support Samba 4.9+
-
-With Samba 4.9+, all ctdbd parameters have moved to config files.
-Generate a new /etc/ctdb/ctdb.conf file during ctdb startup, based on RA
-configuration.
-
-Event scripts in Samba 4.9+ are also no longer enabled/disabled based on
-file mode. Use the "ctdb event script enable/disable" helpers, which now
-work without a running ctdbd.
-
-Fixes: https://github.com/ClusterLabs/resource-agents/issues/1196
-Signed-off-by: David Disseldorp <ddiss@suse.de>
-Signed-off-by: Noel Power <noel.power@suse.com>
-Signed-off-by: Amitay Isaacs <amitay@samba.org>
----
- heartbeat/CTDB.in | 214 ++++++++++++++++++++++++++++++++++++----------
- 1 file changed, 167 insertions(+), 47 deletions(-)
-
-diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
-index 4dd646896..79a2f97e7 100755
---- a/heartbeat/CTDB.in
-+++ b/heartbeat/CTDB.in
-@@ -143,6 +143,10 @@ OCF_RESKEY_smb_fileid_algorithm_default=""
-
- #######################################################################
-
-+ctdb_version() {
-+ $OCF_RESKEY_ctdb_binary version | awk '{print $NF}' | sed "s/[-\.]\?[[:alpha:]].*//"
-+}
-+
- meta_data() {
- cat <<END
- <?xml version="1.0"?>
-@@ -256,7 +260,7 @@ host any public ip addresses.
- <longdesc lang="en">
- The directory containing various CTDB configuration files.
- The "nodes" and "notify.sh" scripts are expected to be
--in this directory, as is the "events.d" subdirectory.
-+in this directory.
- </longdesc>
- <shortdesc lang="en">CTDB config file directory</shortdesc>
- <content type="string" default="/etc/ctdb" />
-@@ -282,8 +286,10 @@ Full path to the CTDB cluster daemon binary.
- <longdesc lang="en">
- Full path to the domain socket that ctdbd will create, used for
- local clients to attach and communicate with the ctdb daemon.
-+With CTDB 4.9.0 and later the socket path is hardcoded at build
-+time, so this parameter is ignored.
- </longdesc>
--<shortdesc lang="en">CTDB socket location</shortdesc>
-+<shortdesc lang="en">CTDB socket location (ignored with CTDB 4.9+)</shortdesc>
- <content type="string" default="${OCF_RESKEY_ctdb_socket}" />
- </parameter>
-
-@@ -421,16 +427,28 @@ invoke_ctdb() {
- timeout=$((OCF_RESKEY_CRM_meta_timeout/1000))
- timelimit=$((OCF_RESKEY_CRM_meta_timeout/1000))
- fi
-- $OCF_RESKEY_ctdb_binary --socket="$OCF_RESKEY_ctdb_socket" \
-- -t $timeout -T $timelimit \
-- "$@"
-+
-+ local vers=$(ctdb_version)
-+ ocf_version_cmp "$vers" "4.9.0"
-+
-+ # if version < 4.9.0 specify '--socket' otherwise it's
-+ # a compiled option
-+ if [ "$?" -eq "0" ]; then
-+ $OCF_RESKEY_ctdb_binary --socket="$OCF_RESKEY_ctdb_socket" \
-+ -t $timeout -T $timelimit \
-+ "$@"
-+ else
-+ $OCF_RESKEY_ctdb_binary \
-+ -t $timeout -T $timelimit \
-+ "$@"
-+ fi
- }
-
- # Enable any event scripts that are explicitly required.
- # Any others will ultimately be invoked or not based on how they ship
- # with CTDB, but will generally have no effect, beacuase the relevant
- # CTDB_MANAGES_* options won't be set in /etc/sysconfig/ctdb.
--enable_event_scripts() {
-+enable_event_scripts_chmod() {
- local event_dir
- event_dir=$OCF_RESKEY_ctdb_config_dir/events.d
-
-@@ -454,6 +472,36 @@ enable_event_scripts() {
- fi
- }
-
-+enable_event_scripts_symlink() {
-+ # event scripts are symlinked once enabled, with the link source in...
-+ mkdir -p "$OCF_RESKEY_ctdb_config_dir/events/legacy" 2>/dev/null
-+
-+ invoke_ctdb event script enable legacy 00.ctdb
-+
-+ if [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ]; then
-+ invoke_ctdb event script enable legacy 10.interface
-+ else
-+ invoke_ctdb event script disable legacy 10.interface
-+ fi
-+ if [ -f "${OCF_RESKEY_ctdb_config_dir}/static-routes" ]; then
-+ invoke_ctdb event script enable legacy 11.routing
-+ else
-+ invoke_ctdb event script disable legacy 11.routing
-+ fi
-+
-+ if ocf_is_true "$OCF_RESKEY_ctdb_manages_winbind"; then
-+ invoke_ctdb event script enable legacy 49.winbind
-+ else
-+ invoke_ctdb event script disable legacy 49.winbind
-+ fi
-+
-+ if ocf_is_true "$OCF_RESKEY_ctdb_manages_samba"; then
-+ invoke_ctdb event script enable legacy 50.samba
-+ else
-+ invoke_ctdb event script disable legacy 50.samba
-+ fi
-+}
-+
- # This function has no effect (currently no way to set CTDB_SET_*)
- # but remains here in case we need it in future.
- set_ctdb_variables() {
-@@ -556,6 +604,46 @@ append_ctdb_sysconfig() {
- [ -n "$2" ] && echo "$1=$2" >> "$CTDB_SYSCONFIG"
- }
-
-+generate_ctdb_config() {
-+ local ctdb_config="$OCF_RESKEY_ctdb_config_dir/ctdb.conf"
-+
-+ # Backup existing config if we're not already using an auto-generated one
-+ grep -qa '# CTDB-RA: Auto-generated' $ctdb_config || cp -p $ctdb_config ${ctdb_config}.ctdb-ra-orig
-+ if [ $? -ne 0 ]; then
-+ ocf_log warn "Unable to backup $ctdb_config to ${ctdb_config}.ctdb-ra-orig"
-+ fi
-+
-+ local log_option="file:$OCF_RESKEY_ctdb_logfile"
-+ if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
-+ log_option="syslog"
-+ fi
-+
-+ local start_as_disabled="false"
-+ ocf_is_true "$OCF_RESKEY_ctdb_start_as_disabled" && start_as_disabled="true"
-+
-+ local dbdir_volatile="$OCF_RESKEY_ctdb_dbdir/volatile"
-+ [ -d "$dbdir_volatile" ] || mkdir -p "$dbdir_volatile" 2>/dev/null
-+ local dbdir_persistent="$OCF_RESKEY_ctdb_dbdir/persistent"
-+ [ -d "$dbdir_persistent" ] || mkdir -p "$dbdir_persistent" 2>/dev/null
-+ local dbdir_state="$OCF_RESKEY_ctdb_dbdir/state"
-+ [ -d "$dbdir_state" ] || mkdir -p "$dbdir_state" 2>/dev/null
-+
-+cat >$ctdb_config <<EOF
-+# CTDB-RA: Auto-generated
-+[logging]
-+ location = $log_option
-+ log level = $OCF_RESKEY_ctdb_debuglevel
-+[cluster]
-+ recovery lock = $OCF_RESKEY_ctdb_recovery_lock
-+[database]
-+ volatile database directory = $dbdir_volatile
-+ persistent database directory = $dbdir_persistent
-+ state database directory = $dbdir_state
-+[legacy]
-+ start as disabled = $start_as_disabled
-+EOF
-+}
-+
- # Generate a new, minimal CTDB config file that's just enough
- # to get CTDB running as configured by the RA parameters.
- generate_ctdb_sysconfig() {
-@@ -589,6 +677,58 @@ EOF
- }
-
-
-+invoke_ctdbd() {
-+ local vers="$1"
-+
-+ ocf_version_cmp "$vers" "4.9.0"
-+ if [ "$?" -ne "0" ]; then
-+ # With 4.9+, all ctdbd binary parameters are provided as
-+ # config settings
-+ $OCF_RESKEY_ctdbd_binary
-+ return
-+ fi
-+
-+ # Use logfile by default, or syslog if asked for
-+ local log_option
-+ # --logging supported from v4.3.0 and --logfile / --syslog support
-+ # has been removed from newer versions
-+ ocf_version_cmp "$vers" "4.2.14"
-+ if [ "$?" -eq "2" ]; then
-+ log_option="--logging=file:$OCF_RESKEY_ctdb_logfile"
-+ if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
-+ log_option="--logging=syslog"
-+ fi
-+ else
-+ log_option="--logfile=$OCF_RESKEY_ctdb_logfile"
-+ if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
-+ log_option="--syslog"
-+ fi
-+ fi
-+
-+ # public addresses file (should not be present, but need to set for correctness if it is)
-+ local pub_addr_option
-+ pub_addr_option=""
-+ [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ] && \
-+ pub_addr_option="--public-addresses=${OCF_RESKEY_ctdb_config_dir}/public_addresses"
-+ # start as disabled
-+ local start_as_disabled
-+ start_as_disabled="--start-as-disabled"
-+ ocf_is_true "$OCF_RESKEY_ctdb_start_as_disabled" || start_as_disabled=""
-+
-+ $OCF_RESKEY_ctdbd_binary \
-+ --reclock="$OCF_RESKEY_ctdb_recovery_lock" \
-+ --nlist="$OCF_RESKEY_ctdb_config_dir/nodes" \
-+ --socket="$OCF_RESKEY_ctdb_socket" \
-+ --dbdir="$OCF_RESKEY_ctdb_dbdir" \
-+ --dbdir-persistent="$OCF_RESKEY_ctdb_dbdir/persistent" \
-+ --event-script-dir="$OCF_RESKEY_ctdb_config_dir/events.d" \
-+ --notification-script="$OCF_RESKEY_ctdb_config_dir/notify.sh" \
-+ --transport=tcp \
-+ $start_as_disabled $log_option $pub_addr_option \
-+ -d "$OCF_RESKEY_ctdb_debuglevel"
-+}
-+
-+
- ctdb_usage() {
- cat <<END
- usage: $0 {start|stop|monitor|validate-all|meta-data}
-@@ -614,27 +754,26 @@ ctdb_start() {
- return $OCF_ERR_GENERIC
- fi
-
-- # Generate new CTDB sysconfig
-- generate_ctdb_sysconfig
-- enable_event_scripts
-+ local version=$(ctdb_version)
-
-- # Use logfile by default, or syslog if asked for
-- local log_option
-- # --logging supported from v4.3.0 and --logfile / --syslog support
-- # has been removed from newer versions
-- version=$(ctdb version | awk '{print $NF}')
-- ocf_version_cmp "$version" "4.2.14"
-- if [ "$?" -eq "2" ]; then
-- log_option="--logging=file:$OCF_RESKEY_ctdb_logfile"
-- if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
-- log_option="--logging=syslog"
-- fi
-+ ocf_version_cmp "$version" "4.9.0"
-+ if [ "$?" -eq "0" ]; then
-+ # prior to 4.9, ctdbd parameters are in sysconfig or passed as
-+ # binary arguments
-+ generate_ctdb_sysconfig
-+
-+ # prior to 4.9, event script enablement without a running
-+ # ctdbd is done by chmoding the scripts directly
-+ enable_event_scripts_chmod
- else
-- log_option="--logfile=$OCF_RESKEY_ctdb_logfile"
-- if [ "$OCF_RESKEY_ctdb_logfile" = "syslog" ]; then
-- log_option="--syslog"
-- fi
-+ # 4.9+ moves all ctdbd parameters to ctdb.conf
-+ generate_ctdb_config
-+
-+ # 4.9+ event scripts can be enabled with ctdb directly, which
-+ # performs a symlink
-+ enable_event_scripts_symlink
- fi
-+
- if [ ! -d "$(dirname $OCF_RESKEY_ctdb_logfile)" ]; then
- # ensure the logfile's directory exists, otherwise ctdb will fail to start
- mkdir -p $(dirname $OCF_RESKEY_ctdb_logfile)
-@@ -643,33 +782,14 @@ ctdb_start() {
- # ensure ctdb's rundir exists, otherwise it will fail to start
- mkdir -p $OCF_RESKEY_ctdb_rundir 2>/dev/null
-
-- # public addresses file (should not be present, but need to set for correctness if it is)
-- local pub_addr_option
-- pub_addr_option=""
-- [ -f "${OCF_RESKEY_ctdb_config_dir}/public_addresses" ] && \
-- pub_addr_option="--public-addresses=${OCF_RESKEY_ctdb_config_dir}/public_addresses"
-- # start as disabled
-- local start_as_disabled
-- start_as_disabled="--start-as-disabled"
-- ocf_is_true "$OCF_RESKEY_ctdb_start_as_disabled" || start_as_disabled=""
--
- # set nofile ulimit for ctdbd process
- if [ -n "$OCF_RESKEY_ctdb_max_open_files" ]; then
- ulimit -n "$OCF_RESKEY_ctdb_max_open_files"
- fi
-
- # Start her up
-- "$OCF_RESKEY_ctdbd_binary" \
-- --reclock="$OCF_RESKEY_ctdb_recovery_lock" \
-- --nlist="$OCF_RESKEY_ctdb_config_dir/nodes" \
-- --socket="$OCF_RESKEY_ctdb_socket" \
-- --dbdir="$OCF_RESKEY_ctdb_dbdir" \
-- --dbdir-persistent="$OCF_RESKEY_ctdb_dbdir/persistent" \
-- --event-script-dir="$OCF_RESKEY_ctdb_config_dir/events.d" \
-- --notification-script="$OCF_RESKEY_ctdb_config_dir/notify.sh" \
-- --transport=tcp \
-- $start_as_disabled $log_option $pub_addr_option \
-- -d "$OCF_RESKEY_ctdb_debuglevel"
-+ invoke_ctdbd "$version"
-+
- if [ $? -ne 0 ]; then
- # cleanup smb.conf
- cleanup_smb_conf
-@@ -688,7 +808,7 @@ ctdb_start() {
- if [ $? -ne 0 ]; then
- # CTDB will be running, kill it before returning
- ctdb_stop
-- ocf_exit_reason "Can't invoke $OCF_RESKEY_ctdb_binary --socket=$OCF_RESKEY_ctdb_socket status"
-+ ocf_exit_reason "Can't invoke $OCF_RESKEY_ctdb_binary status"
- return $OCF_ERR_GENERIC
- fi
- if ! echo "$status" | grep -qs 'UNHEALTHY (THIS'; then
-@@ -725,7 +845,7 @@ ctdb_stop() {
- [ $count -gt 10 ] && {
- ocf_log info "killing ctdbd "
- pkill -9 -f "$OCF_RESKEY_ctdbd_binary"
-- pkill -9 -f "${OCF_RESKEY_ctdb_config_dir}/events.d/"
-+ pkill -9 -f "${OCF_RESKEY_ctdb_config_dir}/events"
- }
- done
-
-
-From b4753b7cb46045bb9e7ed5e3a0a20f6104264b12 Mon Sep 17 00:00:00 2001
-From: David Disseldorp <ddiss@suse.de>
-Date: Wed, 10 Jul 2019 17:11:50 +0200
-Subject: [PATCH 2/3] CTDB: generate script.options file for 4.9+
-
-Event scripts in CTDB 4.9+ ignore sysconfig configuration and instead
-parse parameters in ctdb_config_dir/script.options .
-
-Signed-off-by: David Disseldorp <ddiss@suse.de>
----
- heartbeat/CTDB.in | 35 ++++++++++++++++++++++++++++++-----
- 1 file changed, 30 insertions(+), 5 deletions(-)
-
-diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
-index 79a2f97e7..0906f3da9 100755
---- a/heartbeat/CTDB.in
-+++ b/heartbeat/CTDB.in
-@@ -242,6 +242,7 @@ If the amount of free memory drops below this value the node will
- become unhealthy and ctdb and all managed services will be shutdown.
- Once this occurs, the administrator needs to find the reason for the
- OOM situation, rectify it and restart ctdb with "service ctdb start".
-+With CTDB 4.4.0 and later this parameter is ignored.
- </longdesc>
- <shortdesc lang="en">Minimum amount of free memory (MB)</shortdesc>
- <content type="integer" default="${OCF_RESKEY_ctdb_monitor_free_memory_default}" />
-@@ -600,8 +601,10 @@ cleanup_smb_conf() {
- mv "$OCF_RESKEY_smb_conf.$$" "$OCF_RESKEY_smb_conf"
- }
-
--append_ctdb_sysconfig() {
-- [ -n "$2" ] && echo "$1=$2" >> "$CTDB_SYSCONFIG"
-+append_conf() {
-+ local file_path="$1"
-+ shift
-+ [ -n "$2" ] && echo "$1=$2" >> "$file_path"
- }
-
- generate_ctdb_config() {
-@@ -644,6 +647,25 @@ cat >$ctdb_config <<EOF
- EOF
- }
-
-+generate_event_script_options() {
-+ local script_options="$OCF_RESKEY_ctdb_config_dir/script.options"
-+
-+ # Backup existing config if we're not already using an auto-generated one
-+ grep -qa '# CTDB-RA: Auto-generated' $script_options || cp -p $script_options ${script_options}.ctdb-ra-orig
-+ if [ $? -ne 0 ]; then
-+ ocf_log warn "Unable to backup $script_options to ${script_options}.ctdb-ra-orig"
-+ fi
-+
-+cat >$script_options <<EOF
-+# CTDB-RA: Auto-generated
-+CTDB_SAMBA_SKIP_SHARE_CHECK=$(ocf_is_true "$OCF_RESKEY_ctdb_samba_skip_share_check" && echo 'yes' || echo 'no')
-+EOF
-+
-+ append_conf "$script_options" CTDB_SERVICE_SMB $OCF_RESKEY_ctdb_service_smb
-+ append_conf "$script_options" CTDB_SERVICE_NMB $OCF_RESKEY_ctdb_service_nmb
-+ append_conf "$script_options" CTDB_SERVICE_WINBIND $OCF_RESKEY_ctdb_service_winbind
-+}
-+
- # Generate a new, minimal CTDB config file that's just enough
- # to get CTDB running as configured by the RA parameters.
- generate_ctdb_sysconfig() {
-@@ -671,9 +693,9 @@ CTDB_SAMBA_SKIP_SHARE_CHECK=$(ocf_is_true "$OCF_RESKEY_ctdb_samba_skip_share_che
- CTDB_MANAGES_SAMBA=$(ocf_is_true "$OCF_RESKEY_ctdb_manages_samba" && echo 'yes' || echo 'no')
- CTDB_MANAGES_WINBIND=$(ocf_is_true "$OCF_RESKEY_ctdb_manages_winbind" && echo 'yes' || echo 'no')
- EOF
-- append_ctdb_sysconfig CTDB_SERVICE_SMB $OCF_RESKEY_ctdb_service_smb
-- append_ctdb_sysconfig CTDB_SERVICE_NMB $OCF_RESKEY_ctdb_service_nmb
-- append_ctdb_sysconfig CTDB_SERVICE_WINBIND $OCF_RESKEY_ctdb_service_winbind
-+ append_conf "$CTDB_SYSCONFIG" CTDB_SERVICE_SMB $OCF_RESKEY_ctdb_service_smb
-+ append_conf "$CTDB_SYSCONFIG" CTDB_SERVICE_NMB $OCF_RESKEY_ctdb_service_nmb
-+ append_conf "$CTDB_SYSCONFIG" CTDB_SERVICE_WINBIND $OCF_RESKEY_ctdb_service_winbind
- }
-
-
-@@ -769,6 +791,9 @@ ctdb_start() {
- # 4.9+ moves all ctdbd parameters to ctdb.conf
- generate_ctdb_config
-
-+ # 4.9+ event script options are in script.options
-+ generate_event_script_options
-+
- # 4.9+ event scripts can be enabled with ctdb directly, which
- # performs a symlink
- enable_event_scripts_symlink
-
-From 0a8610711f90c4cc7a2b380a4795f463532d9520 Mon Sep 17 00:00:00 2001
-From: David Disseldorp <ddiss@suse.de>
-Date: Wed, 10 Jul 2019 17:54:01 +0200
-Subject: [PATCH 3/3] CTDB: drop sysconfig presence check during validate
-
-There are two reasons to avoid this check:
-- for ctdb versions prior to 4.9.0, the sysconfig file is generated by
- the resource agent start hook *after* ctdb_validate() is called.
-- post 4.9.0 versions don't use the sysconfig file.
-
-Signed-off-by: David Disseldorp <ddiss@suse.de>
----
- heartbeat/CTDB.in | 5 -----
- 1 file changed, 5 deletions(-)
-
-diff --git a/heartbeat/CTDB.in b/heartbeat/CTDB.in
-index 0906f3da9..15d78902e 100755
---- a/heartbeat/CTDB.in
-+++ b/heartbeat/CTDB.in
-@@ -925,11 +925,6 @@ ctdb_validate() {
- check_binary $binary
- done
-
-- if [ -z "$CTDB_SYSCONFIG" ]; then
-- ocf_exit_reason "Can't find CTDB config file (expecting /etc/sysconfig/ctdb, /etc/default/ctdb or similar)"
-- return $OCF_ERR_INSTALLED
-- fi
--
- if ocf_is_true "$OCF_RESKEY_ctdb_manages_samba" && [ ! -f "$OCF_RESKEY_smb_conf" ]; then
- ocf_exit_reason "Samba config file '$OCF_RESKEY_smb_conf' does not exist."
- return $OCF_ERR_INSTALLED
diff --git a/SOURCES/bz1732873-LVM-activate-fix-monitor-hang.patch b/SOURCES/bz1732873-LVM-activate-fix-monitor-hang.patch
new file mode 100644
index 0000000..fe1bcd8
--- /dev/null
+++ b/SOURCES/bz1732873-LVM-activate-fix-monitor-hang.patch
@@ -0,0 +1,22 @@
+From ef37f8a2461b5763f4510d51e08d27d8b1f76937 Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Tue, 23 Jul 2019 15:47:17 +0200
+Subject: [PATCH] LVM-activate: fix monitor might hang due to lvm_validate
+ which was added by accident
+
+---
+ heartbeat/LVM-activate | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/heartbeat/LVM-activate b/heartbeat/LVM-activate
+index 9c7c721bf..3df40c894 100755
+--- a/heartbeat/LVM-activate
++++ b/heartbeat/LVM-activate
+@@ -852,7 +852,6 @@ stop)
+ lvm_stop
+ ;;
+ monitor)
+- lvm_validate
+ lvm_status
+ ;;
+ validate-all)
diff --git a/SOURCES/bz1740069-NovaEvacuate-evacuate_delay.patch b/SOURCES/bz1740069-NovaEvacuate-evacuate_delay.patch
new file mode 100644
index 0000000..9b429d7
--- /dev/null
+++ b/SOURCES/bz1740069-NovaEvacuate-evacuate_delay.patch
@@ -0,0 +1,50 @@
+From 8b9c49fd965f73709d5a6e2c21987ba26af4856b Mon Sep 17 00:00:00 2001
+From: Luca Miccini <lmiccini@redhat.com>
+Date: Wed, 25 Sep 2019 17:12:39 +0200
+Subject: [PATCH] Add a configurable delay to Nova Evacuate calls
+
+In case /var/lib/nova/instances resides on NFS we have seen migrations
+failing with 'Failed to get "write" lock - Is another process using the
+image' errors.
+
+This has been tracked down to grace/lease timeouts not having expired
+before attempting the migration/evacuate, so in this cases it might be
+desirable to delay the nova evacuate call to give the storage time to
+release the locks.
+
+Change-Id: Ie2fe784202d754eda38092479b1ab3ff4d02136a
+Resolves: rhbz#1740069
+---
+
+diff --git a/heartbeat/NovaEvacuate b/heartbeat/NovaEvacuate
+index 810f30a..596f520 100644
+--- a/heartbeat/NovaEvacuate
++++ b/heartbeat/NovaEvacuate
+@@ -125,6 +125,15 @@
+ <content type="boolean" default="0" />
+ </parameter>
+
++<parameter name="evacuate_delay" unique="0" required="0">
++<longdesc lang="en">
++Allows delaying the nova evacuate API call, e.g. to give a storage array time to clean
++up eventual locks/leases.
++</longdesc>
++<shortdesc lang="en">Nova evacuate delay</shortdesc>
++<content type="integer" default="0" />
++</parameter>
++
+ </parameters>
+
+ <actions>
+@@ -216,6 +225,11 @@
+ fence_agent="fence_evacuate"
+ fi
+
++ if [ ${OCF_RESKEY_evacuate_delay} != 0 ]; then
++ ocf_log info "Delaying nova evacuate by $OCF_RESKEY_evacuate_delay seconds"
++ sleep ${OCF_RESKEY_evacuate_delay}
++ fi
++
+ ocf_log notice "Initiating evacuation of $node with $fence_agent"
+ $fence_agent ${fence_options} -o status -n ${node}
+ if [ $? = 1 ]; then
diff --git a/SOURCES/bz1744467-rabbitmq-cluster-restore-users-single-node-mode.patch b/SOURCES/bz1744467-rabbitmq-cluster-restore-users-single-node-mode.patch
new file mode 100644
index 0000000..1399a58
--- /dev/null
+++ b/SOURCES/bz1744467-rabbitmq-cluster-restore-users-single-node-mode.patch
@@ -0,0 +1,148 @@
+From c0b6356bbf5b9a1fb76b011486dfce258d395ef8 Mon Sep 17 00:00:00 2001
+From: Peter Lemenkov <lemenkov@gmail.com>
+Date: Fri, 6 Sep 2019 14:22:46 +0200
+Subject: [PATCH] Restore users/perms/policies even if starting in a single
+ node mode
+
+See https://bugzilla.redhat.com/1744467#c1
+
+Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
+---
+ heartbeat/rabbitmq-cluster | 109 ++++++++++++++++++++-----------------
+ 1 file changed, 58 insertions(+), 51 deletions(-)
+
+diff --git a/heartbeat/rabbitmq-cluster b/heartbeat/rabbitmq-cluster
+index cf8ca21a6..7837e9e3c 100755
+--- a/heartbeat/rabbitmq-cluster
++++ b/heartbeat/rabbitmq-cluster
+@@ -114,6 +114,62 @@ rmq_wipe_data()
+ rm -rf $RMQ_DATA_DIR > /dev/null 2>&1
+ }
+
++rmq_restore_users_perms_policies()
++{
++ # Restore users, user permissions, and policies (if any)
++ BaseDataDir=`dirname $RMQ_DATA_DIR`
++ $RMQ_EVAL "
++ %% Run only if Mnesia is ready.
++ lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso
++ begin
++ Restore = fun(Table, PostprocessFun, Filename) ->
++ case file:consult(Filename) of
++ {error, _} ->
++ ok;
++ {ok, [Result]} ->
++ lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result),
++ file:delete(Filename)
++ end
++ end,
++
++ %% Restore users
++
++ Upgrade = fun
++ ({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5};
++ ({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D}
++ end,
++
++ Downgrade = fun
++ ({internal_user, A, B, C}) -> {internal_user, A, B, C};
++ ({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C};
++ %% Incompatible scheme, so we will loose user's password ('B' value) during conversion.
++ %% Unfortunately, this case will require manual intervention - user have to run:
++ %% rabbitmqctl change_password <A> <somenewpassword>
++ ({internal_user, A, B, C, _}) -> {internal_user, A, B, C}
++ end,
++
++ %% Check db scheme first
++ [WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]),
++ case WildPattern of
++ %% Version < 3.6.0
++ {internal_user,'_','_','_'} ->
++ Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\");
++ %% Version >= 3.6.0
++ {internal_user,'_','_','_','_'} ->
++ Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\")
++ end,
++
++ NoOp = fun(X) -> X end,
++
++ %% Restore user permissions
++ Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"),
++
++ %% Restore policies
++ Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\")
++ end.
++ "
++}
++
+ rmq_local_node()
+ {
+
+@@ -411,6 +467,7 @@ rmq_try_start() {
+ if [ -z "$join_list" ]; then
+ rmq_start_first
+ rc=$?
++ rmq_restore_users_perms_policies
+ return $rc
+ fi
+
+@@ -437,58 +494,8 @@ rmq_try_start() {
+ return $RMQ_TRY_RESTART_ERROR_CODE
+ fi
+
+- # Restore users, user permissions, and policies (if any)
+- BaseDataDir=`dirname $RMQ_DATA_DIR`
+- $RMQ_EVAL "
+- %% Run only if Mnesia is ready.
+- lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso
+- begin
+- Restore = fun(Table, PostprocessFun, Filename) ->
+- case file:consult(Filename) of
+- {error, _} ->
+- ok;
+- {ok, [Result]} ->
+- lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result),
+- file:delete(Filename)
+- end
+- end,
++ rmq_restore_users_perms_policies
+
+- %% Restore users
+-
+- Upgrade = fun
+- ({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5};
+- ({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D}
+- end,
+-
+- Downgrade = fun
+- ({internal_user, A, B, C}) -> {internal_user, A, B, C};
+- ({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C};
+- %% Incompatible scheme, so we will loose user's password ('B' value) during conversion.
+- %% Unfortunately, this case will require manual intervention - user have to run:
+- %% rabbitmqctl change_password <A> <somenewpassword>
+- ({internal_user, A, B, C, _}) -> {internal_user, A, B, C}
+- end,
+-
+- %% Check db scheme first
+- [WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]),
+- case WildPattern of
+- %% Version < 3.6.0
+- {internal_user,'_','_','_'} ->
+- Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\");
+- %% Version >= 3.6.0
+- {internal_user,'_','_','_','_'} ->
+- Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\")
+- end,
+-
+- NoOp = fun(X) -> X end,
+-
+- %% Restore user permissions
+- Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"),
+-
+- %% Restore policies
+- Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\")
+- end.
+- "
+ return $OCF_SUCCESS
+ }
+
diff --git a/SOURCES/bz1746266-docker-1-fail-gracefully-when-not-running.patch b/SOURCES/bz1746266-docker-1-fail-gracefully-when-not-running.patch
new file mode 100644
index 0000000..1cc2bbb
--- /dev/null
+++ b/SOURCES/bz1746266-docker-1-fail-gracefully-when-not-running.patch
@@ -0,0 +1,82 @@
+From 5941b98140b09e39b4dc2ee155817b287ef32859 Mon Sep 17 00:00:00 2001
+From: zaenk <peter.pribula@hotmail.com>
+Date: Thu, 16 May 2019 15:01:43 +0200
+Subject: [PATCH 1/2] Fails docker RA gracefully when command not found Fails
+ gracefully when daemon not running
+
+---
+ heartbeat/docker | 25 +++++++++++++++++++++++++
+ 1 file changed, 25 insertions(+)
+
+diff --git a/heartbeat/docker b/heartbeat/docker
+index c206344ad..1942b8f2f 100755
+--- a/heartbeat/docker
++++ b/heartbeat/docker
+@@ -33,6 +33,11 @@
+ : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
+ . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs
+
++# Parameter defaults
++
++OCF_RESKEY_daemon_pidfile_default="/var/run/docker.pid"
++: ${OCF_RESKEY_daemon_pidfile=${OCF_RESKEY_daemon_pidfile_default}}
++
+ #######################################################################
+
+ meta_data()
+@@ -176,6 +181,16 @@ container to be considered healthy.
+ <content type="boolean"/>
+ </parameter>
+
++<parameters>
++<parameter name="daemon_pidfile" required="0" unique="0">
++<longdesc lang="en">
++The RA will report not running status on hosts where the docker daemon
++is not running.
++</longdesc>
++<shortdesc lang="en">Name of the docker daemon pid file</shortdesc>
++<content type="string" default="${OCF_RESKEY_daemon_pidfile_default}"/>
++</parameter>
++
+ </parameters>
+
+ <actions>
+@@ -277,6 +292,16 @@ docker_simple_status()
+ {
+ local val
+
++ if [ ! -x "$(command -v docker)" ]; then
++ ocf_log err "docker is not installed on this host"
++ return $OCF_ERR_INSTALLED
++ fi
++
++ if [ ! -e "$OCF_RESKEY_daemon_pidfile" ]; then
++ ocf_log err "docker daemon is not running, pid file $OCF_RESKEY_daemon_pidfile not exists"
++ return $OCF_NOT_RUNNING
++ fi
++
+ container_exists
+ if [ $? -ne 0 ]; then
+ return $OCF_NOT_RUNNING
+
+From dca670318452a4666984b2087ea562987d7c5b4f Mon Sep 17 00:00:00 2001
+From: zaenk <peter.pribula@hotmail.com>
+Date: Thu, 16 May 2019 15:46:28 +0200
+Subject: [PATCH 2/2] Fixes parameter meta-data
+
+---
+ heartbeat/docker | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/heartbeat/docker b/heartbeat/docker
+index 1942b8f2f..250714613 100755
+--- a/heartbeat/docker
++++ b/heartbeat/docker
+@@ -181,7 +181,6 @@ container to be considered healthy.
+ <content type="boolean"/>
+ </parameter>
+
+-<parameters>
+ <parameter name="daemon_pidfile" required="0" unique="0">
+ <longdesc lang="en">
+ The RA will report not running status on hosts where the docker daemon
diff --git a/SOURCES/bz1746266-docker-2-improve-daemon-check.patch b/SOURCES/bz1746266-docker-2-improve-daemon-check.patch
new file mode 100644
index 0000000..fca2b95
--- /dev/null
+++ b/SOURCES/bz1746266-docker-2-improve-daemon-check.patch
@@ -0,0 +1,99 @@
+From b7ae1bfbe7d393a9e9d993da3da35cc4d1bc9eb4 Mon Sep 17 00:00:00 2001
+From: Michele Baldessari <michele@acksyn.org>
+Date: Wed, 28 Aug 2019 10:46:36 +0200
+Subject: [PATCH] Make the check for the docker daemon being up more robust
+
+This amends 5941b98140b09e39b4dc2ee155817b287ef32859 (Fails docker RA
+gracefully when command not found). That commit checked for a pidfile
+which tends to be less robust in the presence of stale pidfiles and
+also adds a configuration option for the pidfile location which is
+more churn than needed to simply check for a service availability.
+
+Let's simply call 'docker version'. When that commands returns 1 the docker
+daemon is not running and also return OCF_ERR_GENERIC instead of
+OCF_NOT_RUNNING. This is a key point because if the docker daemon
+is stopped and not running it can very well be that the containers
+are still up (e.g. when you use live-restore in docker). In this
+situation we want an explicit fence event to be triggered due to
+the failure of stopping.
+
+Not doing so would mean that the stop operation returned ok and
+for example we'd be starting an A/P resource on a second node all
+the while it was still running on the node there the docker daemon
+was stopped.
+
+We also explicitely catch OCF_ERR_GENERIC in the docker_stop function
+to make our intent clearer.
+
+Tested this in an Openstack deployment and observed the following:
+A) All the usual pcmk operations still correctly work
+B) A 'systemctl stop docker' will eventually trigger a fence operation
+ on the node.
+
+Co-Authored-By: Luca Miccini <lmiccini@redhat.com>
+Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
+Signed-off-by: Michele Baldessari <michele@acksyn.org>
+---
+ heartbeat/docker | 25 ++++++++++---------------
+ 1 file changed, 10 insertions(+), 15 deletions(-)
+
+diff --git a/heartbeat/docker b/heartbeat/docker
+index 60e163bda..7c587b962 100755
+--- a/heartbeat/docker
++++ b/heartbeat/docker
+@@ -35,9 +35,6 @@
+
+ # Parameter defaults
+
+-OCF_RESKEY_daemon_pidfile_default="/var/run/docker.pid"
+-: ${OCF_RESKEY_daemon_pidfile=${OCF_RESKEY_daemon_pidfile_default}}
+-
+ #######################################################################
+
+ meta_data()
+@@ -184,15 +182,6 @@ container to be considered healthy.
+ <content type="boolean"/>
+ </parameter>
+
+-<parameter name="daemon_pidfile" required="0" unique="0">
+-<longdesc lang="en">
+-The RA will report not running status on hosts where the docker daemon
+-is not running.
+-</longdesc>
+-<shortdesc lang="en">Name of the docker daemon pid file</shortdesc>
+-<content type="string" default="${OCF_RESKEY_daemon_pidfile_default}"/>
+-</parameter>
+-
+ </parameters>
+
+ <actions>
+@@ -299,9 +288,13 @@ docker_simple_status()
+ return $OCF_ERR_INSTALLED
+ fi
+
+- if [ ! -e "$OCF_RESKEY_daemon_pidfile" ]; then
+- ocf_log err "docker daemon is not running, pid file $OCF_RESKEY_daemon_pidfile not exists"
+- return $OCF_NOT_RUNNING
++
++ # let's first check if the daemon is up and running.
++ VERSION_OUT=$(docker version)
++ version_ret=$?
++ if [ $version_ret -eq 1 ]; then
++ ocf_exit_reason "Docker service is in error state while checking for ${CONTAINER}, based on image, ${OCF_RESKEY_image}: ${VERSION_OUT}"
++ return $OCF_ERR_GENERIC
+ fi
+
+ container_exists
+@@ -457,9 +450,11 @@ docker_stop()
+ {
+ local timeout=60
+ docker_simple_status
+- if [ $? -eq $OCF_NOT_RUNNING ]; then
++ if [ $? -eq $OCF_NOT_RUNNING ]; then
+ remove_container
+ return $OCF_SUCCESS
++ elif [ $? -eq $OCF_ERR_GENERIC ]; then
++ return $OCF_ERR_GENERIC
+ fi
+
+ if [ -n "$OCF_RESKEY_CRM_meta_timeout" ]; then
diff --git a/SOURCES/bz1746266-docker-3-fix-stop-return-code.patch b/SOURCES/bz1746266-docker-3-fix-stop-return-code.patch
new file mode 100644
index 0000000..7029c6f
--- /dev/null
+++ b/SOURCES/bz1746266-docker-3-fix-stop-return-code.patch
@@ -0,0 +1,41 @@
+From 3d52ec553fc3de82e1d1dcbef949882947915c49 Mon Sep 17 00:00:00 2001
+From: Michele Baldessari <michele@acksyn.org>
+Date: Thu, 29 Aug 2019 08:10:57 +0200
+Subject: [PATCH] Fixup docker_stop condition on error
+
+In docker_stop() let's store the return code of docker_simple_status
+otherwise the second branch of the elif risks reflecting the return
+code of the previous operaiton and not of docker_simple_status()
+
+Retested this with a bunch of stop/start commands on a rabbitmq bundle
+and observed no issues.
+
+This fixes a stop() regression introduced in
+b7ae1bfbe7d393a9e9d993da3da35cc4d1bc9eb4 ("Make the check for the docker
+daemon being up more robust")
+
+Thanks to Kota Akatsuka for spotting it.
+
+Signed-off-by: Michele Baldessari <michele@acksyn.org>
+---
+ heartbeat/docker | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/heartbeat/docker b/heartbeat/docker
+index 7c587b962..41ac42129 100755
+--- a/heartbeat/docker
++++ b/heartbeat/docker
+@@ -450,10 +450,11 @@ docker_stop()
+ {
+ local timeout=60
+ docker_simple_status
+- if [ $? -eq $OCF_NOT_RUNNING ]; then
++ ret=$?
++ if [ $ret -eq $OCF_NOT_RUNNING ]; then
+ remove_container
+ return $OCF_SUCCESS
+- elif [ $? -eq $OCF_ERR_GENERIC ]; then
++ elif [ $ret -eq $OCF_ERR_GENERIC ]; then
+ return $OCF_ERR_GENERIC
+ fi
+
diff --git a/SOURCES/bz1750704-docker-1-fail-gracefully-when-not-running.patch b/SOURCES/bz1750704-docker-1-fail-gracefully-when-not-running.patch
deleted file mode 100644
index 1cc2bbb..0000000
--- a/SOURCES/bz1750704-docker-1-fail-gracefully-when-not-running.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From 5941b98140b09e39b4dc2ee155817b287ef32859 Mon Sep 17 00:00:00 2001
-From: zaenk <peter.pribula@hotmail.com>
-Date: Thu, 16 May 2019 15:01:43 +0200
-Subject: [PATCH 1/2] Fails docker RA gracefully when command not found Fails
- gracefully when daemon not running
-
----
- heartbeat/docker | 25 +++++++++++++++++++++++++
- 1 file changed, 25 insertions(+)
-
-diff --git a/heartbeat/docker b/heartbeat/docker
-index c206344ad..1942b8f2f 100755
---- a/heartbeat/docker
-+++ b/heartbeat/docker
-@@ -33,6 +33,11 @@
- : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
- . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs
-
-+# Parameter defaults
-+
-+OCF_RESKEY_daemon_pidfile_default="/var/run/docker.pid"
-+: ${OCF_RESKEY_daemon_pidfile=${OCF_RESKEY_daemon_pidfile_default}}
-+
- #######################################################################
-
- meta_data()
-@@ -176,6 +181,16 @@ container to be considered healthy.
- <content type="boolean"/>
- </parameter>
-
-+<parameters>
-+<parameter name="daemon_pidfile" required="0" unique="0">
-+<longdesc lang="en">
-+The RA will report not running status on hosts where the docker daemon
-+is not running.
-+</longdesc>
-+<shortdesc lang="en">Name of the docker daemon pid file</shortdesc>
-+<content type="string" default="${OCF_RESKEY_daemon_pidfile_default}"/>
-+</parameter>
-+
- </parameters>
-
- <actions>
-@@ -277,6 +292,16 @@ docker_simple_status()
- {
- local val
-
-+ if [ ! -x "$(command -v docker)" ]; then
-+ ocf_log err "docker is not installed on this host"
-+ return $OCF_ERR_INSTALLED
-+ fi
-+
-+ if [ ! -e "$OCF_RESKEY_daemon_pidfile" ]; then
-+ ocf_log err "docker daemon is not running, pid file $OCF_RESKEY_daemon_pidfile not exists"
-+ return $OCF_NOT_RUNNING
-+ fi
-+
- container_exists
- if [ $? -ne 0 ]; then
- return $OCF_NOT_RUNNING
-
-From dca670318452a4666984b2087ea562987d7c5b4f Mon Sep 17 00:00:00 2001
-From: zaenk <peter.pribula@hotmail.com>
-Date: Thu, 16 May 2019 15:46:28 +0200
-Subject: [PATCH 2/2] Fixes parameter meta-data
-
----
- heartbeat/docker | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/heartbeat/docker b/heartbeat/docker
-index 1942b8f2f..250714613 100755
---- a/heartbeat/docker
-+++ b/heartbeat/docker
-@@ -181,7 +181,6 @@ container to be considered healthy.
- <content type="boolean"/>
- </parameter>
-
--<parameters>
- <parameter name="daemon_pidfile" required="0" unique="0">
- <longdesc lang="en">
- The RA will report not running status on hosts where the docker daemon
diff --git a/SOURCES/bz1750704-docker-2-improve-daemon-check.patch b/SOURCES/bz1750704-docker-2-improve-daemon-check.patch
deleted file mode 100644
index fca2b95..0000000
--- a/SOURCES/bz1750704-docker-2-improve-daemon-check.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From b7ae1bfbe7d393a9e9d993da3da35cc4d1bc9eb4 Mon Sep 17 00:00:00 2001
-From: Michele Baldessari <michele@acksyn.org>
-Date: Wed, 28 Aug 2019 10:46:36 +0200
-Subject: [PATCH] Make the check for the docker daemon being up more robust
-
-This amends 5941b98140b09e39b4dc2ee155817b287ef32859 (Fails docker RA
-gracefully when command not found). That commit checked for a pidfile
-which tends to be less robust in the presence of stale pidfiles and
-also adds a configuration option for the pidfile location which is
-more churn than needed to simply check for a service availability.
-
-Let's simply call 'docker version'. When that commands returns 1 the docker
-daemon is not running and also return OCF_ERR_GENERIC instead of
-OCF_NOT_RUNNING. This is a key point because if the docker daemon
-is stopped and not running it can very well be that the containers
-are still up (e.g. when you use live-restore in docker). In this
-situation we want an explicit fence event to be triggered due to
-the failure of stopping.
-
-Not doing so would mean that the stop operation returned ok and
-for example we'd be starting an A/P resource on a second node all
-the while it was still running on the node there the docker daemon
-was stopped.
-
-We also explicitely catch OCF_ERR_GENERIC in the docker_stop function
-to make our intent clearer.
-
-Tested this in an Openstack deployment and observed the following:
-A) All the usual pcmk operations still correctly work
-B) A 'systemctl stop docker' will eventually trigger a fence operation
- on the node.
-
-Co-Authored-By: Luca Miccini <lmiccini@redhat.com>
-Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
-Signed-off-by: Michele Baldessari <michele@acksyn.org>
----
- heartbeat/docker | 25 ++++++++++---------------
- 1 file changed, 10 insertions(+), 15 deletions(-)
-
-diff --git a/heartbeat/docker b/heartbeat/docker
-index 60e163bda..7c587b962 100755
---- a/heartbeat/docker
-+++ b/heartbeat/docker
-@@ -35,9 +35,6 @@
-
- # Parameter defaults
-
--OCF_RESKEY_daemon_pidfile_default="/var/run/docker.pid"
--: ${OCF_RESKEY_daemon_pidfile=${OCF_RESKEY_daemon_pidfile_default}}
--
- #######################################################################
-
- meta_data()
-@@ -184,15 +182,6 @@ container to be considered healthy.
- <content type="boolean"/>
- </parameter>
-
--<parameter name="daemon_pidfile" required="0" unique="0">
--<longdesc lang="en">
--The RA will report not running status on hosts where the docker daemon
--is not running.
--</longdesc>
--<shortdesc lang="en">Name of the docker daemon pid file</shortdesc>
--<content type="string" default="${OCF_RESKEY_daemon_pidfile_default}"/>
--</parameter>
--
- </parameters>
-
- <actions>
-@@ -299,9 +288,13 @@ docker_simple_status()
- return $OCF_ERR_INSTALLED
- fi
-
-- if [ ! -e "$OCF_RESKEY_daemon_pidfile" ]; then
-- ocf_log err "docker daemon is not running, pid file $OCF_RESKEY_daemon_pidfile not exists"
-- return $OCF_NOT_RUNNING
-+
-+ # let's first check if the daemon is up and running.
-+ VERSION_OUT=$(docker version)
-+ version_ret=$?
-+ if [ $version_ret -eq 1 ]; then
-+ ocf_exit_reason "Docker service is in error state while checking for ${CONTAINER}, based on image, ${OCF_RESKEY_image}: ${VERSION_OUT}"
-+ return $OCF_ERR_GENERIC
- fi
-
- container_exists
-@@ -457,9 +450,11 @@ docker_stop()
- {
- local timeout=60
- docker_simple_status
-- if [ $? -eq $OCF_NOT_RUNNING ]; then
-+ if [ $? -eq $OCF_NOT_RUNNING ]; then
- remove_container
- return $OCF_SUCCESS
-+ elif [ $? -eq $OCF_ERR_GENERIC ]; then
-+ return $OCF_ERR_GENERIC
- fi
-
- if [ -n "$OCF_RESKEY_CRM_meta_timeout" ]; then
diff --git a/SOURCES/bz1750704-docker-3-fix-stop-return-code.patch b/SOURCES/bz1750704-docker-3-fix-stop-return-code.patch
deleted file mode 100644
index 7029c6f..0000000
--- a/SOURCES/bz1750704-docker-3-fix-stop-return-code.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 3d52ec553fc3de82e1d1dcbef949882947915c49 Mon Sep 17 00:00:00 2001
-From: Michele Baldessari <michele@acksyn.org>
-Date: Thu, 29 Aug 2019 08:10:57 +0200
-Subject: [PATCH] Fixup docker_stop condition on error
-
-In docker_stop() let's store the return code of docker_simple_status
-otherwise the second branch of the elif risks reflecting the return
-code of the previous operaiton and not of docker_simple_status()
-
-Retested this with a bunch of stop/start commands on a rabbitmq bundle
-and observed no issues.
-
-This fixes a stop() regression introduced in
-b7ae1bfbe7d393a9e9d993da3da35cc4d1bc9eb4 ("Make the check for the docker
-daemon being up more robust")
-
-Thanks to Kota Akatsuka for spotting it.
-
-Signed-off-by: Michele Baldessari <michele@acksyn.org>
----
- heartbeat/docker | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/heartbeat/docker b/heartbeat/docker
-index 7c587b962..41ac42129 100755
---- a/heartbeat/docker
-+++ b/heartbeat/docker
-@@ -450,10 +450,11 @@ docker_stop()
- {
- local timeout=60
- docker_simple_status
-- if [ $? -eq $OCF_NOT_RUNNING ]; then
-+ ret=$?
-+ if [ $ret -eq $OCF_NOT_RUNNING ]; then
- remove_container
- return $OCF_SUCCESS
-- elif [ $? -eq $OCF_ERR_GENERIC ]; then
-+ elif [ $ret -eq $OCF_ERR_GENERIC ]; then
- return $OCF_ERR_GENERIC
- fi
-
diff --git a/SOURCES/bz1756262-NovaEvacuate-evacuate_delay.patch b/SOURCES/bz1756262-NovaEvacuate-evacuate_delay.patch
deleted file mode 100644
index 9b429d7..0000000
--- a/SOURCES/bz1756262-NovaEvacuate-evacuate_delay.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 8b9c49fd965f73709d5a6e2c21987ba26af4856b Mon Sep 17 00:00:00 2001
-From: Luca Miccini <lmiccini@redhat.com>
-Date: Wed, 25 Sep 2019 17:12:39 +0200
-Subject: [PATCH] Add a configurable delay to Nova Evacuate calls
-
-In case /var/lib/nova/instances resides on NFS we have seen migrations
-failing with 'Failed to get "write" lock - Is another process using the
-image' errors.
-
-This has been tracked down to grace/lease timeouts not having expired
-before attempting the migration/evacuate, so in this cases it might be
-desirable to delay the nova evacuate call to give the storage time to
-release the locks.
-
-Change-Id: Ie2fe784202d754eda38092479b1ab3ff4d02136a
-Resolves: rhbz#1740069
----
-
-diff --git a/heartbeat/NovaEvacuate b/heartbeat/NovaEvacuate
-index 810f30a..596f520 100644
---- a/heartbeat/NovaEvacuate
-+++ b/heartbeat/NovaEvacuate
-@@ -125,6 +125,15 @@
- <content type="boolean" default="0" />
- </parameter>
-
-+<parameter name="evacuate_delay" unique="0" required="0">
-+<longdesc lang="en">
-+Allows delaying the nova evacuate API call, e.g. to give a storage array time to clean
-+up eventual locks/leases.
-+</longdesc>
-+<shortdesc lang="en">Nova evacuate delay</shortdesc>
-+<content type="integer" default="0" />
-+</parameter>
-+
- </parameters>
-
- <actions>
-@@ -216,6 +225,11 @@
- fence_agent="fence_evacuate"
- fi
-
-+ if [ ${OCF_RESKEY_evacuate_delay} != 0 ]; then
-+ ocf_log info "Delaying nova evacuate by $OCF_RESKEY_evacuate_delay seconds"
-+ sleep ${OCF_RESKEY_evacuate_delay}
-+ fi
-+
- ocf_log notice "Initiating evacuation of $node with $fence_agent"
- $fence_agent ${fence_options} -o status -n ${node}
- if [ $? = 1 ]; then
diff --git a/SOURCES/bz1757753-nfsserver-1-systemd-perf-improvements.patch b/SOURCES/bz1757753-nfsserver-1-systemd-perf-improvements.patch
new file mode 100644
index 0000000..e577a2e
--- /dev/null
+++ b/SOURCES/bz1757753-nfsserver-1-systemd-perf-improvements.patch
@@ -0,0 +1,77 @@
+From 530c48138f7dedaf99ae1ca98865d2f8b7432475 Mon Sep 17 00:00:00 2001
+From: Eberhard Kuemmerle <E.Kuemmerle@fz-juelich.de>
+Date: Thu, 12 Sep 2019 21:10:43 +0200
+Subject: [PATCH] nfsserver: performance improvements for systemd enabled
+ systems
+
+> I found two critical actions in the script:
+> - systemctl status nfs-server (which also calls journalctl)
+> - systemctl list-unit-files
+
+source:
+https://lists.clusterlabs.org/pipermail/developers/2019-September/002214.html
+---
+ heartbeat/nfsserver | 37 +++++++++++++++++++------------------
+ 1 file changed, 19 insertions(+), 18 deletions(-)
+
+diff --git a/heartbeat/nfsserver b/heartbeat/nfsserver
+index bf59da98e..8527a90f3 100755
+--- a/heartbeat/nfsserver
++++ b/heartbeat/nfsserver
+@@ -233,24 +233,25 @@ set_exec_mode()
+ return 0
+ fi
+
+- ##
+- # Attempt systemd (with nfs-lock.service).
+- ##
+ if which systemctl > /dev/null 2>&1; then
+- if systemctl list-unit-files | grep nfs-server > /dev/null && systemctl list-unit-files | grep nfs-lock > /dev/null; then
+- EXEC_MODE=2
+- # when using systemd, the nfs-lock service file handles nfsv3 locking daemons for us.
+- return 0
+- fi
+- fi
++ if systemctl list-unit-files 'nfs-*' | grep nfs-server > /dev/null; then
++
++ ##
++ # Attempt systemd (with nfs-lock.service).
++ ##
++ if systemctl list-unit-files 'nfs-*' | grep nfs-lock > /dev/null; then
++ EXEC_MODE=2
++ # when using systemd, the nfs-lock service file handles nfsv3 locking daemons for us.
++ return 0
++ fi
+
+- ##
+- # Attempt systemd (with rpc-statd.service).
+- ##
+- if which systemctl > /dev/null 2>&1; then
+- if systemctl list-unit-files | grep nfs-server > /dev/null && systemctl list-unit-files | grep rpc-statd > /dev/null; then
+- EXEC_MODE=3
+- return 0
++ ##
++ # Attempt systemd (with rpc-statd.service).
++ ##
++ if systemctl list-unit-files 'rpc-*' | grep rpc-statd > /dev/null; then
++ EXEC_MODE=3
++ return 0
++ fi
+ fi
+ fi
+
+@@ -272,12 +273,12 @@ nfs_exec()
+ 2) if ! echo $svc | grep -q "\."; then
+ svc="${svc}.service"
+ fi
+- systemctl $cmd $svc
++ systemctl -n0 $cmd $svc
+ ;;
+ 3) if ! echo $svc | grep -q "\."; then
+ svc="${svc}.service"
+ fi
+- systemctl $cmd $svc
++ systemctl -n0 $cmd $svc
+ ;;
+ esac
+ }
diff --git a/SOURCES/bz1757753-nfsserver-2-systemd-use-no-legend.patch b/SOURCES/bz1757753-nfsserver-2-systemd-use-no-legend.patch
new file mode 100644
index 0000000..bbdc807
--- /dev/null
+++ b/SOURCES/bz1757753-nfsserver-2-systemd-use-no-legend.patch
@@ -0,0 +1,38 @@
+From ca9d2f9c2d23a9dc783e0d52419790d0d441232c Mon Sep 17 00:00:00 2001
+From: Oyvind Albrigtsen <oalbrigt@redhat.com>
+Date: Tue, 24 Sep 2019 09:12:47 +0200
+Subject: [PATCH] nfsserver: use "--no-legend" for systemctl "list-unit-files"
+ calls
+
+---
+ heartbeat/nfsserver | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/heartbeat/nfsserver b/heartbeat/nfsserver
+index 8527a90f3..acef0147a 100755
+--- a/heartbeat/nfsserver
++++ b/heartbeat/nfsserver
+@@ -234,12 +234,12 @@ set_exec_mode()
+ fi
+
+ if which systemctl > /dev/null 2>&1; then
+- if systemctl list-unit-files 'nfs-*' | grep nfs-server > /dev/null; then
++ if systemctl --no-legend list-unit-files 'nfs-*' | grep nfs-server > /dev/null; then
+
+ ##
+ # Attempt systemd (with nfs-lock.service).
+ ##
+- if systemctl list-unit-files 'nfs-*' | grep nfs-lock > /dev/null; then
++ if systemctl --no-legend list-unit-files 'nfs-*' | grep nfs-lock > /dev/null; then
+ EXEC_MODE=2
+ # when using systemd, the nfs-lock service file handles nfsv3 locking daemons for us.
+ return 0
+@@ -248,7 +248,7 @@ set_exec_mode()
+ ##
+ # Attempt systemd (with rpc-statd.service).
+ ##
+- if systemctl list-unit-files 'rpc-*' | grep rpc-statd > /dev/null; then
++ if systemctl --no-legend list-unit-files 'rpc-*' | grep rpc-statd > /dev/null; then
+ EXEC_MODE=3
+ return 0
+ fi
diff --git a/SOURCES/bz1803024-oralsnr-allow-using-same-tns_admin.patch b/SOURCES/bz1803024-oralsnr-allow-using-same-tns_admin.patch
deleted file mode 100644
index 5963259..0000000
--- a/SOURCES/bz1803024-oralsnr-allow-using-same-tns_admin.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From 2e288c233dc3b67d1845d5fdb8f857e0d7377820 Mon Sep 17 00:00:00 2001
-From: Oyvind Albrigtsen <oalbrigt@redhat.com>
-Date: Wed, 12 Feb 2020 10:32:17 +0100
-Subject: [PATCH] oralsnr: allow using the tns_admin directory for different
- listeners
-
----
- heartbeat/oralsnr | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/heartbeat/oralsnr b/heartbeat/oralsnr
-index 08fb8ae11..1ecf8fca8 100755
---- a/heartbeat/oralsnr
-+++ b/heartbeat/oralsnr
-@@ -116,7 +116,7 @@ Defaults to LISTENER.
- <content type="string" default="${OCF_RESKEY_listener_default}" />
- </parameter>
-
--<parameter name="tns_admin" required="0" unique="1">
-+<parameter name="tns_admin" required="0" unique="0">
- <longdesc lang="en">
- Full path to the directory that contains the Oracle
- listener tnsnames.ora configuration file. The shell
diff --git a/SOURCES/bz1803798-rabbitmq-cluster-delete-nodename-when-stop-fails.patch b/SOURCES/bz1803798-rabbitmq-cluster-delete-nodename-when-stop-fails.patch
deleted file mode 100644
index fc95598..0000000
--- a/SOURCES/bz1803798-rabbitmq-cluster-delete-nodename-when-stop-fails.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 47d75f8de9dc912da035805f141c674885ce432f Mon Sep 17 00:00:00 2001
-From: John Eckersberg <jeckersb@redhat.com>
-Date: Thu, 16 Jan 2020 10:20:59 -0500
-Subject: [PATCH] rabbitmq-cluster: ensure we delete nodename if stop action
- fails
-
-If the stop action fails, we want to remove the nodename from the crm
-attribute. Currently it is possible for the stop action to fail but
-the rabbitmq server does actually stop. This leaves the attribute
-still present. This means if the entire rabbitmq cluster is stopped,
-it is not possible to start the cluster again because the first node
-to start will think there is at least one other node running. Then
-the node tries to join an existing cluster instead of rebootstrapping
-the cluster from a single node.
----
- heartbeat/rabbitmq-cluster | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/heartbeat/rabbitmq-cluster b/heartbeat/rabbitmq-cluster
-index 7837e9e3c..a9ebd37ad 100755
---- a/heartbeat/rabbitmq-cluster
-+++ b/heartbeat/rabbitmq-cluster
-@@ -552,6 +552,7 @@ rmq_stop() {
-
- if [ $rc -ne 0 ]; then
- ocf_log err "rabbitmq-server stop command failed: $RMQ_CTL stop, $rc"
-+ rmq_delete_nodename
- return $rc
- fi
-
-@@ -565,6 +566,7 @@ rmq_stop() {
- break
- elif [ "$rc" -ne $OCF_SUCCESS ]; then
- ocf_log info "rabbitmq-server stop failed: $rc"
-+ rmq_delete_nodename
- exit $OCF_ERR_GENERIC
- fi
- sleep 1
diff --git a/SOURCES/bz1803800-exportfs-allow-same-fsid.patch b/SOURCES/bz1803800-exportfs-allow-same-fsid.patch
deleted file mode 100644
index 93d47af..0000000
--- a/SOURCES/bz1803800-exportfs-allow-same-fsid.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From 9cea030ba6d5c759971873b80d6d97b545ecac39 Mon Sep 17 00:00:00 2001
-From: Oyvind Albrigtsen <oalbrigt@redhat.com>
-Date: Thu, 7 Nov 2019 13:03:30 +0100
-Subject: [PATCH] exportfs: allow multiple exports of same directory
-
----
- heartbeat/exportfs | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/heartbeat/exportfs b/heartbeat/exportfs
-index d79aced88..1cabdee70 100755
---- a/heartbeat/exportfs
-+++ b/heartbeat/exportfs
-@@ -82,7 +82,7 @@ The directory or directories to export.
- <content type="string" />
- </parameter>
-
--<parameter name="fsid" unique="1" required="1">
-+<parameter name="fsid" unique="0" required="1">
- <longdesc lang="en">
- The fsid option to pass to exportfs. This can be a unique positive
- integer, a UUID (assuredly sans comma characters), or the special string
diff --git a/SPECS/resource-agents.spec b/SPECS/resource-agents.spec
index 605e114..ebc32ef 100644
--- a/SPECS/resource-agents.spec
+++ b/SPECS/resource-agents.spec
@@ -45,7 +45,7 @@
%global sap_script_package_hash f3644f5
%global saphana_prefix SAPHanaSR
-%global saphana_version d1dde99
+%global saphana_hash 2067519
%global saphana_scaleout_prefix SAPHanaSR-ScaleOut
%global saphana_scaleout_hash a77e8c6
@@ -95,7 +95,7 @@
Name: resource-agents
Summary: Open Source HA Reusable Cluster Resource Scripts
Version: 4.1.1
-Release: 30%{?dist}.7
+Release: 46%{?dist}
License: GPLv2+ and LGPLv2+ and ASL 2.0
URL: https://github.com/ClusterLabs/resource-agents
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
@@ -106,7 +106,7 @@ Group: Productivity/Clustering/HA
Source0: %{upstream_prefix}-%{upstream_version}.tar.gz
Source1: %{sap_script_prefix}-%{sap_script_hash}.tar.gz
Source2: %{sap_script_package_prefix}-%{sap_script_package_hash}.tar.gz
-Source3: %{saphana_prefix}-%{saphana_version}.tar.gz
+Source3: %{saphana_prefix}-%{saphana_hash}.tar.gz
Source4: %{saphana_scaleout_prefix}-%{saphana_scaleout_hash}.tar.gz
Source5: %{googlecloudsdk}-%{googlecloudsdk_version}-linux-x86_64.tar.gz
Source6: %{pyroute2}-%{pyroute2_version}.tar.gz
@@ -167,22 +167,34 @@ Patch46: bz1667413-2-LVM-activate-only-count-volumes.patch
Patch47: bz1651790-1-CTDB-explicitly-use-bash-shell.patch
Patch48: bz1651790-2-CTDB-add-ctdb_max_open_files-parameter.patch
Patch49: bz1504055-IPsrcaddr-fix-regression-without-NetworkManager.patch
-Patch50: bz1598969-iSCSILogicalUnit-create-iqn-when-it-doesnt-exist.patch
+Patch50: bz1598969-1-iSCSITarget-create-iqn-when-it-doesnt-exist.patch
Patch51: bz1693658-aws-vpc-move-ip-avoid-possible-race-condition.patch
Patch52: bz1697558-aws-vpc-move-ip-1-multi-route-table-support.patch
Patch53: bz1697558-aws-vpc-move-ip-2-fix-route-update-multi-NICs.patch
Patch54: bz1549579-2-ocf_is_true-add-True-to-regexp.patch
Patch55: bz1363902-SAPHanaSR-monitor-fix-tolower-error.patch
-Patch56: bz1731426-dhcpd-keep-selinux-context.patch
-Patch57: bz1731427-CTDB-1-fixes.patch
-Patch58: bz1731427-CTDB-2-add-v4.9-support.patch
-Patch59: bz1750704-docker-1-fail-gracefully-when-not-running.patch
-Patch60: bz1750704-docker-2-improve-daemon-check.patch
-Patch61: bz1750704-docker-3-fix-stop-return-code.patch
-Patch62: bz1756262-NovaEvacuate-evacuate_delay.patch
-Patch63: bz1803800-exportfs-allow-same-fsid.patch
-Patch64: bz1803798-rabbitmq-cluster-delete-nodename-when-stop-fails.patch
-Patch65: bz1803024-oralsnr-allow-using-same-tns_admin.patch
+Patch56: bz1716418-dhcpd-keep-selinux-context.patch
+Patch57: bz1719443-CTDB-1-fixes.patch
+Patch58: bz1719443-CTDB-2-add-v4.9-support.patch
+Patch59: bz1732873-LVM-activate-fix-monitor-hang.patch
+Patch60: bz1598969-2-iSCSILogicalUnit-create-acls-fix.patch
+Patch61: bz1642067-SAPHanaTopology-make-multi-instance-aware.patch
+Patch62: bz1582685-IPsrcaddr-1-add-destination-and-table-parameters.patch
+Patch63: bz1726736-Route-1-dont-fence-when-parameters-not-set.patch
+Patch64: bz1746266-docker-1-fail-gracefully-when-not-running.patch
+Patch65: bz1746266-docker-2-improve-daemon-check.patch
+Patch66: bz1746266-docker-3-fix-stop-return-code.patch
+Patch67: bz1744467-rabbitmq-cluster-restore-users-single-node-mode.patch
+Patch68: bz1528365-IPaddr2-1-sanitize-IPv6-IPs.patch
+Patch69: bz1528365-IPaddr2-2-return-empty-when-sanitation-fails.patch
+Patch70: bz1740069-NovaEvacuate-evacuate_delay.patch
+Patch71: bz1757753-nfsserver-1-systemd-perf-improvements.patch
+Patch72: bz1757753-nfsserver-2-systemd-use-no-legend.patch
+Patch73: bz1695041-LVM-activate-return-NOT_RUNNING-rejoin-cluster.patch
+Patch74: bz1726736-Route-2-validate-start-validate-all.patch
+Patch75: bz1582685-IPsrcaddr-2-local-rule-destination-fixes.patch
+Patch76: bz1582685-IPsrcaddr-3-fix-probe-issues.patch
+Patch77: bz1582685-IPsrcaddr-4-fix-hardcoded-device.patch
# bundle patches
Patch1000: bz1568588-7-gcp-bundled.patch
@@ -377,7 +389,7 @@ SAP instances to be managed in a cluster environment.
License: GPLv2+
Summary: SAP HANA Scale-Out cluster resource agents
Version: 0.163.2
-Release: 7%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.7
+Release: 22%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
Group: System Environment/Base
%else
@@ -397,7 +409,7 @@ environment.
License: GPLv2+
Summary: SAP cluster connector script
Version: 3.0.1
-Release: 7%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.7
+Release: 22%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
%if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
Group: System Environment/Base
%else
@@ -417,10 +429,10 @@ instances to be managed in a cluster environment.
exit 1
%endif
%setup -q -n %{upstream_prefix}-%{upstream_version}
-%setup -T -D -a 1 -n %{upstream_prefix}-%{upstream_version}
-%setup -T -D -a 2 -n %{upstream_prefix}-%{upstream_version}
-%setup -T -D -a 3 -n %{upstream_prefix}-%{upstream_version}
-%setup -T -D -a 4 -n %{upstream_prefix}-%{upstream_version}
+%setup -q -T -D -a 1 -n %{upstream_prefix}-%{upstream_version}
+%setup -q -T -D -a 2 -n %{upstream_prefix}-%{upstream_version}
+%setup -q -T -D -a 3 -n %{upstream_prefix}-%{upstream_version}
+%setup -q -T -D -a 4 -n %{upstream_prefix}-%{upstream_version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
@@ -486,19 +498,28 @@ exit 1
%patch62 -p1
%patch63 -p1
%patch64 -p1
-%patch65 -p1 -F1
+%patch65 -p1
+%patch66 -p1
+%patch67 -p1
+%patch68 -p1
+%patch69 -p1
+%patch70 -p1
+%patch71 -p1
+%patch72 -p1
+%patch73 -p1
+%patch74 -p1
+%patch75 -p1
+%patch76 -p1
+%patch77 -p1
# add SAPHana agents to Makefile.am
-mv %{saphana_prefix}-%{saphana_version}/ra/SAPHana* heartbeat
+mv %{saphana_prefix}-%{saphana_hash}/SAPHana/ra/SAPHana* heartbeat
mv %{saphana_scaleout_prefix}-%{saphana_scaleout_hash}/SAPHana/ra/SAPHanaController heartbeat
mv %{saphana_scaleout_prefix}-%{saphana_scaleout_hash}/SAPHana/ra/SAPHanaTopology heartbeat/SAPHanaTopologyScaleOut
sed -i -e 's/\(<resource-agent name="SAPHanaTopology\)/\1ScaleOut/' heartbeat/SAPHanaTopologyScaleOut
sed -i -e '/ SAPInstance \\/a\ SAPHana \\\n SAPHanaTopology \\\n SAPHanaController \\\n SAPHanaTopologyScaleOut \\' heartbeat/Makefile.am
sed -i -e '/ ocf_heartbeat_SAPInstance.7 \\/a\ ocf_heartbeat_SAPHana.7 \\\n ocf_heartbeat_SAPHanaTopology.7 \\\n ocf_heartbeat_SAPHanaController.7 \\\n ocf_heartbeat_SAPHanaTopologyScaleOut.7 \\' doc/man/Makefile.am
-# change provider company
-sed -i -e 's/\("provider_company": \)"SUSE"/\1"Red Hat"/g' %{saphana_prefix}-%{saphana_version}/srHook/SAPHanaSR.py
-
# bundles
mkdir -p %{bundled_lib_dir}
@@ -738,9 +759,6 @@ cp -rv %{sap_script_package_prefix}-%{sap_script_package_hash}/redhat/{run_check
gzip %{sap_script_package_prefix}-%{sap_script_package_hash}/redhat/man/*.8
cp %{sap_script_package_prefix}-%{sap_script_package_hash}/redhat/man/*.8.gz %{buildroot}/%{_mandir}/man8
-mkdir %{buildroot}/%{_datadir}/SAPHanaSR
-cp -r %{saphana_prefix}-%{saphana_version}/srHook %{buildroot}/%{_datadir}/SAPHanaSR
-
install -m 0755 %{saphana_scaleout_prefix}-%{saphana_scaleout_hash}/SAPHana/bin/{SAPHanaSR-monitor,SAPHanaSR-showAttr} %{buildroot}/%{_sbindir}
mkdir %{buildroot}/%{_usr}/lib/SAPHanaSR-ScaleOut
install -m 0444 %{saphana_scaleout_prefix}-%{saphana_scaleout_hash}/SAPHana/test/SAPHanaSRTools.pm %{buildroot}/%{_usr}/lib/SAPHanaSR-ScaleOut/SAPHanaSRTools.pm
@@ -882,7 +900,6 @@ rm -rf %{buildroot}
%exclude /usr/lib/ocf/lib/heartbeat/sap*
%exclude %{_mandir}/man7/*SAP*
%exclude %{_mandir}/man8/*SAP*
-%exclude %{_datadir}/SAPHanaSR
%exclude %{_usr}/lib/SAPHanaSR-ScaleOut
%exclude %{_datadir}/SAPHanaSR-ScaleOut
%exclude %{_mandir}/man8/sap_cluster_connector*
@@ -1099,8 +1116,6 @@ ccs_update_schema > /dev/null 2>&1 ||:
/usr/lib/ocf/resource.d/heartbeat/SAPHanaTopology
%{_mandir}/man7/*SAPHana.*
%{_mandir}/man7/*SAPHanaTopology.*
-%{_datadir}/SAPHanaSR
-%exclude %{_datadir}/SAPHanaSR/srHook/SAPHanaSR.py?
%endif
%ifarch x86_64 ppc64le
@@ -1127,42 +1142,65 @@ ccs_update_schema > /dev/null 2>&1 ||:
%endif
%changelog
-* Tue Feb 18 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30.7
-- Rebase resource-agents-sap-hana to SAPHanaSR 0.154.0 upstream release.
+* Thu Jan 16 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-46
+- IPsrcaddr: add destination and table parameters
+
+ Resolves: rhbz#1582685
+
+* Fri Oct 11 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-43
+- Route: dont fence when parameters not set
- Resolves: rhbz#1803915
+ Resolves: rhbz#1726736
-* Mon Feb 17 2020 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30.5
-- exportfs: allow multiple exports with same fsid
-- rabbitmq-cluster: delete nodename when stop fails
-- oralsnr: allow using same tns_admin directory for listeners
+* Wed Oct 2 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-42
+- LVM-activate: return NOT_RUNNING when node rejoins cluster
+ Resolves: rhbz#1695041
- Resolves: rhbz#1803800
- Resolves: rhbz#1803798
- Resolves: rhbz#1803024
+* Wed Oct 2 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-41
+- nfsserver: systemd performance improvements
-* Fri Sep 27 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30.4
+ Resolves: rhbz#1757753
+
+* Thu Sep 26 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-40
- NovaEvacuate: add "evacuate_delay" parameter
- Resolves: rhbz#1756262
+ Resolves: rhbz#1740069
+
+* Thu Sep 12 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-38
+- IPaddr2: sanitize compressed IPv6 IPs
+
+ Resolves: rhbz#1528365
-* Tue Sep 10 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30.3
+* Mon Sep 9 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-37
+- rabbitmq-cluster: also restore users in single node mode
+
+ Resolves: rhbz#1744467
+
+* Mon Sep 9 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-36
- docker: improve daemon check to fence when docker is stopped manually
- Resolves: rhbz#1750704
+ Resolves: rhbz#1746266
-* Fri Aug 23 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30.2
+* Tue Aug 6 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-33
- SAPHanaTopology: make multi instance aware (MCOS)
- Resolves: rhbz#1744923
+ Resolves: rhbz#1642067
+
+* Wed Jul 31 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-32
+- iSCSITarget/iSCSILogicalUnit: only create iqn/acls when it doesnt
+ exist
-* Mon Jul 22 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30.1
+ Resolves: rhbz#1598969
+
+* Thu Jul 25 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-31
- dhcpd: keep SELinux context in chroot
- CTDB: add support for v4.9+
+- LVM-activate: fix monitor to avoid hang caused by validate-all call
- Resolves: rhbz#1731426
- Resolves: rhbz#1731427
+ Resolves: rhbz#1716418
+ Resolves: rhbz#1719443
+ Resolves: rhbz#1732873
* Thu Jun 27 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-30
- resource-agents-sap-hana-scaleout: new subpackage
@@ -1198,10 +1236,8 @@ ccs_update_schema > /dev/null 2>&1 ||:
* Tue Mar 26 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-20
- IPsrcaddr: add proto and table parameters
-- iSCSILogicalUnit: only create iqn when it doesnt exist
Resolves: rhbz#1504055
- Resolves: rhbz#1598969
* Thu Feb 28 2019 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.1.1-19
- CTDB: add ctdb_max_open_files parameter