From c0b6356bbf5b9a1fb76b011486dfce258d395ef8 Mon Sep 17 00:00:00 2001 From: Peter Lemenkov Date: Fri, 6 Sep 2019 14:22:46 +0200 Subject: [PATCH] Restore users/perms/policies even if starting in a single node mode See https://bugzilla.redhat.com/1744467#c1 Signed-off-by: Peter Lemenkov --- heartbeat/rabbitmq-cluster | 109 ++++++++++++++++++++----------------- 1 file changed, 58 insertions(+), 51 deletions(-) diff --git a/heartbeat/rabbitmq-cluster b/heartbeat/rabbitmq-cluster index cf8ca21a6..7837e9e3c 100755 --- a/heartbeat/rabbitmq-cluster +++ b/heartbeat/rabbitmq-cluster @@ -114,6 +114,62 @@ rmq_wipe_data() rm -rf $RMQ_DATA_DIR > /dev/null 2>&1 } +rmq_restore_users_perms_policies() +{ + # Restore users, user permissions, and policies (if any) + BaseDataDir=`dirname $RMQ_DATA_DIR` + $RMQ_EVAL " + %% Run only if Mnesia is ready. + lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso + begin + Restore = fun(Table, PostprocessFun, Filename) -> + case file:consult(Filename) of + {error, _} -> + ok; + {ok, [Result]} -> + lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result), + file:delete(Filename) + end + end, + + %% Restore users + + Upgrade = fun + ({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5}; + ({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D} + end, + + Downgrade = fun + ({internal_user, A, B, C}) -> {internal_user, A, B, C}; + ({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C}; + %% Incompatible scheme, so we will loose user's password ('B' value) during conversion. + %% Unfortunately, this case will require manual intervention - user have to run: + %% rabbitmqctl change_password + ({internal_user, A, B, C, _}) -> {internal_user, A, B, C} + end, + + %% Check db scheme first + [WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]), + case WildPattern of + %% Version < 3.6.0 + {internal_user,'_','_','_'} -> + Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\"); + %% Version >= 3.6.0 + {internal_user,'_','_','_','_'} -> + Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\") + end, + + NoOp = fun(X) -> X end, + + %% Restore user permissions + Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"), + + %% Restore policies + Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\") + end. + " +} + rmq_local_node() { @@ -411,6 +467,7 @@ rmq_try_start() { if [ -z "$join_list" ]; then rmq_start_first rc=$? + rmq_restore_users_perms_policies return $rc fi @@ -437,58 +494,8 @@ rmq_try_start() { return $RMQ_TRY_RESTART_ERROR_CODE fi - # Restore users, user permissions, and policies (if any) - BaseDataDir=`dirname $RMQ_DATA_DIR` - $RMQ_EVAL " - %% Run only if Mnesia is ready. - lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso - begin - Restore = fun(Table, PostprocessFun, Filename) -> - case file:consult(Filename) of - {error, _} -> - ok; - {ok, [Result]} -> - lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result), - file:delete(Filename) - end - end, + rmq_restore_users_perms_policies - %% Restore users - - Upgrade = fun - ({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5}; - ({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D} - end, - - Downgrade = fun - ({internal_user, A, B, C}) -> {internal_user, A, B, C}; - ({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C}; - %% Incompatible scheme, so we will loose user's password ('B' value) during conversion. - %% Unfortunately, this case will require manual intervention - user have to run: - %% rabbitmqctl change_password - ({internal_user, A, B, C, _}) -> {internal_user, A, B, C} - end, - - %% Check db scheme first - [WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]), - case WildPattern of - %% Version < 3.6.0 - {internal_user,'_','_','_'} -> - Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\"); - %% Version >= 3.6.0 - {internal_user,'_','_','_','_'} -> - Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\") - end, - - NoOp = fun(X) -> X end, - - %% Restore user permissions - Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"), - - %% Restore policies - Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\") - end. - " return $OCF_SUCCESS }