diff --git a/.gitignore b/.gitignore index 28f41b4..01e5d42 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/sbd-a74b4d25a3eb93fe1abbe6e3ebfd2b16cf48873f.tar.gz +SOURCES/sbd-7f33d1a409d0a4e2cd69946688c48eaa8f3c5d26.tar.gz diff --git a/.sbd.metadata b/.sbd.metadata index e88dc38..4341adc 100644 --- a/.sbd.metadata +++ b/.sbd.metadata @@ -1 +1 @@ -6a311d12ff4ade68aaf109a0d83e4c01ae4380de SOURCES/sbd-a74b4d25a3eb93fe1abbe6e3ebfd2b16cf48873f.tar.gz +7bf4ad26875cafa743ca96aec9dae1739bd6281b SOURCES/sbd-7f33d1a409d0a4e2cd69946688c48eaa8f3c5d26.tar.gz diff --git a/SOURCES/0001-Fix-sbd-cluster-finalize-cmap-connection-if-disconne.patch b/SOURCES/0001-Fix-sbd-cluster-finalize-cmap-connection-if-disconne.patch new file mode 100644 index 0000000..a2cc41a --- /dev/null +++ b/SOURCES/0001-Fix-sbd-cluster-finalize-cmap-connection-if-disconne.patch @@ -0,0 +1,79 @@ +From f8f980340256ab5bef5385cd3bc082fdfb7613ed Mon Sep 17 00:00:00 2001 +From: "Gao,Yan" +Date: Thu, 7 Mar 2019 15:01:26 +0100 +Subject: [PATCH] Fix: sbd-cluster: finalize cmap connection if disconnected + from cluster + +Previously if sbd cluster servant anyhow got dis-/reconnected from the +cluster, it'd start hogging CPU keeping polling the main loop source +from the old cmap connection. +--- + src/sbd-cluster.c | 38 ++++++++++++++++++++++++++------------ + 1 file changed, 26 insertions(+), 12 deletions(-) + +diff --git a/src/sbd-cluster.c b/src/sbd-cluster.c +index 51bb456..541212f 100644 +--- a/src/sbd-cluster.c ++++ b/src/sbd-cluster.c +@@ -174,6 +174,25 @@ cmap_dispatch_callback (gpointer user_data) + return TRUE; + } + ++static void ++cmap_destroy(void) ++{ ++ if (cmap_source) { ++ g_source_destroy(cmap_source); ++ cmap_source = NULL; ++ } ++ ++ if (track_handle) { ++ cmap_track_delete(cmap_handle, track_handle); ++ track_handle = 0; ++ } ++ ++ if (cmap_handle) { ++ cmap_finalize(cmap_handle); ++ cmap_handle = 0; ++ } ++} ++ + static gboolean + sbd_get_two_node(void) + { +@@ -217,18 +236,7 @@ sbd_get_two_node(void) + return TRUE; + + out: +- if (cmap_source) { +- g_source_destroy(cmap_source); +- cmap_source = NULL; +- } +- if (track_handle) { +- cmap_track_delete(cmap_handle, track_handle); +- track_handle = 0; +- } +- if (cmap_handle) { +- cmap_finalize(cmap_handle); +- cmap_handle = 0; +- } ++ cmap_destroy(); + + return FALSE; + } +@@ -327,6 +335,12 @@ sbd_membership_destroy(gpointer user_data) + { + cl_log(LOG_WARNING, "Lost connection to %s", name_for_cluster_type(get_cluster_type())); + ++ if (get_cluster_type() != pcmk_cluster_unknown) { ++#if SUPPORT_COROSYNC && CHECK_TWO_NODE ++ cmap_destroy(); ++#endif ++ } ++ + set_servant_health(pcmk_health_unclean, LOG_ERR, "Cluster connection terminated"); + notify_parent(); + +-- +1.8.3.1 + diff --git a/SOURCES/0001-make-pacemaker-dlm-wait-for-sbd-start.patch b/SOURCES/0001-make-pacemaker-dlm-wait-for-sbd-start.patch deleted file mode 100644 index 0793297..0000000 --- a/SOURCES/0001-make-pacemaker-dlm-wait-for-sbd-start.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 5f1ac8f07fd81a2c60db39dd5a28debbadfe3ec5 Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Thu, 14 Dec 2017 17:32:08 +0100 -Subject: [PATCH] Fix: systemd: make pacemaker & dlm wait for sbd-start to - complete - ---- - src/sbd.service.in | 4 +++- - src/sbd_remote.service.in | 2 +- - 2 files changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/sbd.service.in b/src/sbd.service.in -index ef1bd16..401c2d6 100644 ---- a/src/sbd.service.in -+++ b/src/sbd.service.in -@@ -1,6 +1,7 @@ - [Unit] - Description=Shared-storage based fencing daemon - Before=pacemaker.service -+Before=dlm.service - After=systemd-modules-load.service iscsi.service - PartOf=corosync.service - RefuseManualStop=true -@@ -22,4 +23,5 @@ Restart=on-abort - - [Install] - RequiredBy=corosync.service -- -+RequiredBy=pacemaker.service -+RequiredBy=dlm.service -diff --git a/src/sbd_remote.service.in b/src/sbd_remote.service.in -index e05f80e..cefd511 100644 ---- a/src/sbd_remote.service.in -+++ b/src/sbd_remote.service.in -@@ -21,4 +21,4 @@ Restart=on-abort - - [Install] - RequiredBy=pacemaker_remote.service -- -+RequiredBy=dlm.service --- -1.8.3.1 - diff --git a/SOURCES/0002-Fix-sbd-pacemaker-make-handling-of-cib-connection-lo.patch b/SOURCES/0002-Fix-sbd-pacemaker-make-handling-of-cib-connection-lo.patch new file mode 100644 index 0000000..0d70c92 --- /dev/null +++ b/SOURCES/0002-Fix-sbd-pacemaker-make-handling-of-cib-connection-lo.patch @@ -0,0 +1,302 @@ +From a716a8ddd3df615009bcff3bd96dd9ae64cb5f68 Mon Sep 17 00:00:00 2001 +From: Klaus Wenninger +Date: Tue, 19 Mar 2019 21:36:15 +0100 +Subject: [PATCH] Fix: sbd-pacemaker: make handling of cib-connection loss more + robust + +Exit pcmk-servant on graceful pacemaker shutdown and go back +to state before pacemaker was detected initially. +Purge all cib-traces otherwise and try to reconnect within timeout. +--- + src/sbd-inquisitor.c | 24 ++++++++++++++++++++---- + src/sbd-md.c | 30 +++++++++++++++--------------- + src/sbd-pacemaker.c | 38 +++++++++++++++++++++++++++++--------- + src/sbd.h | 11 +++++++---- + 4 files changed, 71 insertions(+), 32 deletions(-) + +diff --git a/src/sbd-inquisitor.c b/src/sbd-inquisitor.c +index 9be6c99..77c6e4f 100644 +--- a/src/sbd-inquisitor.c ++++ b/src/sbd-inquisitor.c +@@ -490,19 +490,19 @@ void inquisitor_child(void) + if (sbd_is_disk(s)) { + if (WIFEXITED(status)) { + switch(WEXITSTATUS(status)) { +- case EXIT_MD_IO_FAIL: ++ case EXIT_MD_SERVANT_IO_FAIL: + DBGLOG(LOG_INFO, "Servant for %s requests to be disowned", + s->devname); + break; +- case EXIT_MD_REQUEST_RESET: ++ case EXIT_MD_SERVANT_REQUEST_RESET: + cl_log(LOG_WARNING, "%s requested a reset", s->devname); + do_reset(); + break; +- case EXIT_MD_REQUEST_SHUTOFF: ++ case EXIT_MD_SERVANT_REQUEST_SHUTOFF: + cl_log(LOG_WARNING, "%s requested a shutoff", s->devname); + do_off(); + break; +- case EXIT_MD_REQUEST_CRASHDUMP: ++ case EXIT_MD_SERVANT_REQUEST_CRASHDUMP: + cl_log(LOG_WARNING, "%s requested a crashdump", s->devname); + do_crashdump(); + break; +@@ -510,6 +510,22 @@ void inquisitor_child(void) + break; + } + } ++ } else if (sbd_is_pcmk(s)) { ++ if (WIFEXITED(status)) { ++ switch(WEXITSTATUS(status)) { ++ case EXIT_PCMK_SERVANT_GRACEFUL_SHUTDOWN: ++ DBGLOG(LOG_INFO, "PCMK-Servant has exited gracefully"); ++ /* revert to state prior to pacemaker-detection */ ++ s->restarts = 0; ++ s->restart_blocked = 0; ++ cluster_appeared = 0; ++ s->outdated = 1; ++ s->t_last.tv_sec = 0; ++ break; ++ default: ++ break; ++ } ++ } + } + cleanup_servant_by_pid(pid); + } +diff --git a/src/sbd-md.c b/src/sbd-md.c +index ba2c34d..c51d381 100644 +--- a/src/sbd-md.c ++++ b/src/sbd-md.c +@@ -1061,19 +1061,19 @@ int servant_md(const char *diskname, int mode, const void* argp) + + st = open_device(diskname, LOG_WARNING); + if (!st) { +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + + s_header = header_get(st); + if (!s_header) { + cl_log(LOG_ERR, "Not a valid header on %s", diskname); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + + if (servant_check_timeout_inconsistent(s_header) < 0) { + cl_log(LOG_ERR, "Timeouts on %s do not match first device", + diskname); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + + if (s_header->minor_version > 0) { +@@ -1086,14 +1086,14 @@ int servant_md(const char *diskname, int mode, const void* argp) + cl_log(LOG_ERR, + "No slot allocated, and automatic allocation failed for disk %s.", + diskname); +- rc = EXIT_MD_IO_FAIL; ++ rc = EXIT_MD_SERVANT_IO_FAIL; + goto out; + } + s_node = sector_alloc(); + if (slot_read(st, mbox, s_node) < 0) { + cl_log(LOG_ERR, "Unable to read node entry on %s", + diskname); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + + cl_log(LOG_NOTICE, "Monitoring slot %d on disk %s", mbox, diskname); +@@ -1109,7 +1109,7 @@ int servant_md(const char *diskname, int mode, const void* argp) + if (mode > 0) { + if (mbox_read(st, mbox, s_mbox) < 0) { + cl_log(LOG_ERR, "mbox read failed during start-up in servant."); +- rc = EXIT_MD_IO_FAIL; ++ rc = EXIT_MD_SERVANT_IO_FAIL; + goto out; + } + if (s_mbox->cmd != SBD_MSG_EXIT && +@@ -1125,7 +1125,7 @@ int servant_md(const char *diskname, int mode, const void* argp) + DBGLOG(LOG_INFO, "First servant start - zeroing inbox"); + memset(s_mbox, 0, sizeof(*s_mbox)); + if (mbox_write(st, mbox, s_mbox) < 0) { +- rc = EXIT_MD_IO_FAIL; ++ rc = EXIT_MD_SERVANT_IO_FAIL; + goto out; + } + } +@@ -1154,28 +1154,28 @@ int servant_md(const char *diskname, int mode, const void* argp) + s_header_retry = header_get(st); + if (!s_header_retry) { + cl_log(LOG_ERR, "No longer found a valid header on %s", diskname); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + if (memcmp(s_header, s_header_retry, sizeof(*s_header)) != 0) { + cl_log(LOG_ERR, "Header on %s changed since start-up!", diskname); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + free(s_header_retry); + + s_node_retry = sector_alloc(); + if (slot_read(st, mbox, s_node_retry) < 0) { + cl_log(LOG_ERR, "slot read failed in servant."); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + if (memcmp(s_node, s_node_retry, sizeof(*s_node)) != 0) { + cl_log(LOG_ERR, "Node entry on %s changed since start-up!", diskname); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + free(s_node_retry); + + if (mbox_read(st, mbox, s_mbox) < 0) { + cl_log(LOG_ERR, "mbox read failed in servant."); +- exit(EXIT_MD_IO_FAIL); ++ exit(EXIT_MD_SERVANT_IO_FAIL); + } + + if (s_mbox->cmd > 0) { +@@ -1190,14 +1190,14 @@ int servant_md(const char *diskname, int mode, const void* argp) + sigqueue(ppid, SIG_TEST, signal_value); + break; + case SBD_MSG_RESET: +- exit(EXIT_MD_REQUEST_RESET); ++ exit(EXIT_MD_SERVANT_REQUEST_RESET); + case SBD_MSG_OFF: +- exit(EXIT_MD_REQUEST_SHUTOFF); ++ exit(EXIT_MD_SERVANT_REQUEST_SHUTOFF); + case SBD_MSG_EXIT: + sigqueue(ppid, SIG_EXITREQ, signal_value); + break; + case SBD_MSG_CRASHDUMP: +- exit(EXIT_MD_REQUEST_CRASHDUMP); ++ exit(EXIT_MD_SERVANT_REQUEST_CRASHDUMP); + default: + /* FIXME: + An "unknown" message might result +diff --git a/src/sbd-pacemaker.c b/src/sbd-pacemaker.c +index aac355a..c69fc55 100644 +--- a/src/sbd-pacemaker.c ++++ b/src/sbd-pacemaker.c +@@ -103,6 +103,9 @@ static pe_working_set_t *data_set = NULL; + + static long last_refresh = 0; + ++static int pcmk_clean_shutdown = 0; ++static int pcmk_shutdown = 0; ++ + static gboolean + mon_timer_reconnect(gpointer data) + { +@@ -128,10 +131,26 @@ mon_cib_connection_destroy(gpointer user_data) + { + if (cib) { + cib->cmds->signoff(cib); ++ /* retrigger as last one might have been skipped */ ++ mon_refresh_state(NULL); ++ if (pcmk_clean_shutdown) { ++ /* assume a graceful pacemaker-shutdown */ ++ clean_up(EXIT_PCMK_SERVANT_GRACEFUL_SHUTDOWN); ++ } ++ /* getting here we aren't sure about the pacemaker-state ++ so try to use the timeout to reconnect and get ++ everything sorted out again ++ */ ++ pcmk_shutdown = 0; + set_servant_health(pcmk_health_transient, LOG_WARNING, "Disconnected from CIB"); + timer_id_reconnect = g_timeout_add(reconnect_msec, mon_timer_reconnect, NULL); + } + cib_connected = 0; ++ /* no sense in looking into outdated cib, trying to apply patch, ... */ ++ if (current_cib) { ++ free_xml(current_cib); ++ current_cib = NULL; ++ } + return; + } + +@@ -171,7 +190,7 @@ static gboolean + mon_timer_notify(gpointer data) + { + static int counter = 0; +- int counter_max = timeout_watchdog / timeout_loop; ++ int counter_max = timeout_watchdog / timeout_loop / 2; + + if (timer_id_notify > 0) { + g_source_remove(timer_id_notify); +@@ -280,11 +299,6 @@ compute_status(pe_working_set_t * data_set) + } else if (node->details->pending) { + set_servant_health(pcmk_health_pending, LOG_WARNING, "Node state: pending"); + +-#if 0 +- } else if (node->details->shutdown) { +- set_servant_health(pcmk_health_shutdown, LOG_WARNING, "Node state: shutting down"); +-#endif +- + } else if (data_set->flags & pe_flag_have_quorum) { + set_servant_health(pcmk_health_online, LOG_INFO, "Node state: online"); + ever_had_quorum = TRUE; +@@ -315,6 +329,12 @@ compute_status(pe_working_set_t * data_set) + } + } + ++ if (node->details->shutdown) { ++ pcmk_shutdown = 1; ++ } ++ if (pcmk_shutdown && !(node->details->running_rsc)) { ++ pcmk_clean_shutdown = 1; ++ } + notify_parent(); + return; + } +@@ -339,7 +359,7 @@ crm_diff_update(const char *event, xmlNode * msg) + static mainloop_timer_t *refresh_timer = NULL; + + if(refresh_timer == NULL) { +- refresh_timer = mainloop_timer_add("refresh", 2000, FALSE, mon_trigger_refresh, NULL); ++ refresh_timer = mainloop_timer_add("refresh", reconnect_msec, FALSE, mon_trigger_refresh, NULL); + refresh_trigger = mainloop_add_trigger(G_PRIORITY_LOW, mon_refresh_state, refresh_timer); + } + +@@ -369,9 +389,9 @@ crm_diff_update(const char *event, xmlNode * msg) + } + + /* Refresh +- * - immediately if the last update was more than 5s ago ++ * - immediately if the last update was more than 1s ago + * - every 10 updates +- * - at most 2s after the last update ++ * - at most 1s after the last update + */ + if (updates > 10 || (now - last_refresh) > (reconnect_msec / 1000)) { + mon_refresh_state(refresh_timer); +diff --git a/src/sbd.h b/src/sbd.h +index 6fe07f9..3b05a11 100644 +--- a/src/sbd.h ++++ b/src/sbd.h +@@ -54,10 +54,13 @@ + /* FIXME: should add dynamic check of SIG_XX >= SIGRTMAX */ + + /* exit status for disk-servant */ +-#define EXIT_MD_IO_FAIL 20 +-#define EXIT_MD_REQUEST_RESET 21 +-#define EXIT_MD_REQUEST_SHUTOFF 22 +-#define EXIT_MD_REQUEST_CRASHDUMP 23 ++#define EXIT_MD_SERVANT_IO_FAIL 20 ++#define EXIT_MD_SERVANT_REQUEST_RESET 21 ++#define EXIT_MD_SERVANT_REQUEST_SHUTOFF 22 ++#define EXIT_MD_SERVANT_REQUEST_CRASHDUMP 23 ++ ++/* exit status for pcmk-servant */ ++#define EXIT_PCMK_SERVANT_GRACEFUL_SHUTDOWN 30 + + #define HOG_CHAR 0xff + #define SECTOR_NAME_MAX 63 +-- +1.8.3.1 + diff --git a/SOURCES/0002-mention-timeout-caveat-with-SBD_DELAY_START.patch b/SOURCES/0002-mention-timeout-caveat-with-SBD_DELAY_START.patch deleted file mode 100644 index 807d70d..0000000 --- a/SOURCES/0002-mention-timeout-caveat-with-SBD_DELAY_START.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f79d09ec8dd744f69d87008e868297b308043b56 Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Thu, 14 Dec 2017 18:21:07 +0100 -Subject: [PATCH] Doc: sbd.sysconfig: mention timeout caveat with - SBD_DELAY_START - ---- - src/sbd.sysconfig | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/sbd.sysconfig b/src/sbd.sysconfig -index cbc1501..75ff980 100644 ---- a/src/sbd.sysconfig -+++ b/src/sbd.sysconfig -@@ -31,6 +31,9 @@ SBD_STARTMODE=always - # other nodes are still waiting in the fence acknowledgement phase. - # This is an occasional issue with virtual machines. - # -+# Consider that you might have to adapt the startup-timeout accordingly -+# if the default isn't sufficient. (TimeoutStartSec for systemd) -+# - # This option may be ignored at a later point, once pacemaker handles - # this case better. - # --- -1.8.3.1 - diff --git a/SOURCES/0003-Doc-sbd.8.pod-add-query-test-watchdog.patch b/SOURCES/0003-Doc-sbd.8.pod-add-query-test-watchdog.patch deleted file mode 100644 index 6695f73..0000000 --- a/SOURCES/0003-Doc-sbd.8.pod-add-query-test-watchdog.patch +++ /dev/null @@ -1,48 +0,0 @@ -From e073271f53583f2d0cf2675ea665ed50712b65dd Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Mon, 8 Jan 2018 12:07:33 +0100 -Subject: [PATCH] Doc: sbd.8.pod: add sections for query-watchdog & - test-watchdog - ---- - man/sbd.8.pod | 24 ++++++++++++++++++++++++ - 1 file changed, 24 insertions(+) - -diff --git a/man/sbd.8.pod b/man/sbd.8.pod -index c1bf67a..ffd01c2 100644 ---- a/man/sbd.8.pod -+++ b/man/sbd.8.pod -@@ -394,6 +394,30 @@ a fencing message by the cluster. - - =back - -+=head2 query-watchdog -+ -+Example usage: -+ -+ sbd query-watchdog -+ -+Check for available watchdog devices and print some info. -+ -+B: This command will arm the watchdog during query, and if your -+watchdog refuses disarming (for example, if its kernel module has the -+'nowayout' parameter set) this will reset your system. -+ -+=head2 test-watchdog -+ -+Example usage: -+ -+ sbd test-watchdog [-w /dev/watchdog3] -+ -+Test specified watchdog device (/dev/watchdog by default). -+ -+B: This command will arm the watchdog and have your system reset -+in case your watchdog is working properly! If issued from an interactive -+session, it will prompt for confirmation. -+ - =head1 Base system configuration - - =head2 Configure a watchdog --- -1.8.3.1 - diff --git a/SOURCES/0003-Fix-sbd-pacemaker-bail-out-of-status-earlier.patch b/SOURCES/0003-Fix-sbd-pacemaker-bail-out-of-status-earlier.patch new file mode 100644 index 0000000..776edea --- /dev/null +++ b/SOURCES/0003-Fix-sbd-pacemaker-bail-out-of-status-earlier.patch @@ -0,0 +1,45 @@ +From 79b778debfee5b4ab2d099b2bfc7385f45597f70 Mon Sep 17 00:00:00 2001 +From: Klaus Wenninger +Date: Tue, 26 Mar 2019 11:17:45 +0100 +Subject: [PATCH] Fix: sbd-pacemaker: bail out of status earlier + +Prevents possible subsequent null-pointer access and avoids +unnecessary search for node. +--- + src/sbd-pacemaker.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/sbd-pacemaker.c b/src/sbd-pacemaker.c +index c69fc55..9a8b95f 100644 +--- a/src/sbd-pacemaker.c ++++ b/src/sbd-pacemaker.c +@@ -276,7 +276,7 @@ compute_status(pe_working_set_t * data_set) + static int updates = 0; + static int ever_had_quorum = FALSE; + +- node_t *node = pe_find_node(data_set->nodes, local_uname); ++ node_t *node = NULL; + + updates++; + +@@ -286,11 +286,15 @@ compute_status(pe_working_set_t * data_set) + return; + } + ++ node = pe_find_node(data_set->nodes, local_uname); + +- if (node == NULL) { ++ if ((node == NULL) || (node->details == NULL)) { + set_servant_health(pcmk_health_unknown, LOG_WARNING, "Node state: %s is UNKNOWN", local_uname); ++ notify_parent(); ++ return; ++ } + +- } else if (node->details->online == FALSE) { ++ if (node->details->online == FALSE) { + set_servant_health(pcmk_health_unknown, LOG_WARNING, "Node state: OFFLINE"); + + } else if (node->details->unclean) { +-- +1.8.3.1 + diff --git a/SOURCES/0012-Fix-sbd-common-don-t-follow-symlinks-outside-dev-for.patch b/SOURCES/0012-Fix-sbd-common-don-t-follow-symlinks-outside-dev-for.patch deleted file mode 100644 index 0de1f14..0000000 --- a/SOURCES/0012-Fix-sbd-common-don-t-follow-symlinks-outside-dev-for.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 5d52fa8c3c903df4be0e4e954fbca9b3b15285c6 Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Fri, 14 Sep 2018 17:51:50 +0200 -Subject: [PATCH] Fix: sbd-common: don't follow symlinks outside /dev for - watchdog - -This makes it easier to define a SELinux-policy that keeps -avc-log clean on /dev traversal triggered by query-watchdog. ---- - src/sbd-common.c | 42 ++++++++++++++++++++++++++++++++++++++---- - 1 file changed, 38 insertions(+), 4 deletions(-) - -diff --git a/src/sbd-common.c b/src/sbd-common.c -index 0ce6478..fcb7a31 100644 ---- a/src/sbd-common.c -+++ b/src/sbd-common.c -@@ -251,7 +251,8 @@ watchdog_close(bool disarm) - #define MAX_WATCHDOGS 64 - #define SYS_CLASS_WATCHDOG "/sys/class/watchdog" - #define SYS_CHAR_DEV_DIR "/sys/dev/char" --#define WATCHDOG_NODEDIR "/dev" -+#define WATCHDOG_NODEDIR "/dev/" -+#define WATCHDOG_NODEDIR_LEN 5 - - struct watchdog_list_item { - dev_t dev; -@@ -273,7 +274,7 @@ watchdog_populate_list(void) - struct dirent *entry; - char entry_name[280]; - DIR *dp; -- char buf[256] = ""; -+ char buf[280] = ""; - - if (watchdog_list != NULL) { - return; -@@ -313,7 +314,38 @@ watchdog_populate_list(void) - struct stat statbuf; - - snprintf(entry_name, sizeof(entry_name), -- WATCHDOG_NODEDIR "/%s", entry->d_name); -+ WATCHDOG_NODEDIR "%s", entry->d_name); -+ if (entry->d_type == DT_LNK) { -+ int len; -+ -+ /* !realpath(entry_name, buf) unfortunately does a stat on -+ * target so we can't really use it to check if links stay -+ * within /dev without triggering e.g. AVC-logs (with -+ * SELinux policy that just allows stat within /dev). -+ * Without canonicalization that doesn't actually touch the -+ * filesystem easily available introduce some limitations -+ * for simplicity: -+ * - just simple path without '..' -+ * - just one level of symlinks (avoid e.g. loop-checking) -+ */ -+ len = readlink(entry_name, buf, sizeof(buf) - 1); -+ if ((len < 1) || -+ (len > sizeof(buf) - WATCHDOG_NODEDIR_LEN - 1)) { -+ continue; -+ } -+ buf[len] = '\0'; -+ if (buf[0] != '/') { -+ memmove(&buf[WATCHDOG_NODEDIR_LEN], buf, len+1); -+ memcpy(buf, WATCHDOG_NODEDIR, WATCHDOG_NODEDIR_LEN); -+ len += WATCHDOG_NODEDIR_LEN; -+ } -+ if (strstr(buf, "/../") || -+ strncmp(WATCHDOG_NODEDIR, buf, WATCHDOG_NODEDIR_LEN) || -+ lstat(buf, &statbuf) || -+ !S_ISCHR(statbuf.st_mode)) { -+ continue; -+ } -+ } - if(!stat(entry_name, &statbuf) && S_ISCHR(statbuf.st_mode)) { - int i; - -@@ -322,6 +354,7 @@ watchdog_populate_list(void) - int wdfd = watchdog_init_fd(entry_name, -1); - struct watchdog_list_item *wdg = - calloc(1, sizeof(struct watchdog_list_item)); -+ int len; - - wdg->dev = watchdogs[i]; - wdg->dev_node = strdup(entry_name); -@@ -343,7 +376,8 @@ watchdog_populate_list(void) - snprintf(entry_name, sizeof(entry_name), - SYS_CHAR_DEV_DIR "/%d:%d/device/driver", - major(watchdogs[i]), minor(watchdogs[i])); -- if (readlink(entry_name, buf, sizeof(buf)) > 0) { -+ if ((len = readlink(entry_name, buf, sizeof(buf) - 1)) > 0) { -+ buf[len] = '\0'; - wdg->dev_driver = strdup(basename(buf)); - } else if ((wdg->dev_ident) && - (strcmp(wdg->dev_ident, --- -1.8.3.1 - diff --git a/SOURCES/0013-Refactor-sbd-common-separate-assignment-and-comparis.patch b/SOURCES/0013-Refactor-sbd-common-separate-assignment-and-comparis.patch deleted file mode 100644 index 2108e37..0000000 --- a/SOURCES/0013-Refactor-sbd-common-separate-assignment-and-comparis.patch +++ /dev/null @@ -1,33 +0,0 @@ -From e13297f45b4c5868800b1d3fc359bfd0723fcc5f Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Mon, 17 Sep 2018 23:13:37 +0200 -Subject: [PATCH] Refactor: sbd-common: separate assignment and comparison - ---- - src/sbd-common.c | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/src/sbd-common.c b/src/sbd-common.c -index fcb7a31..679f946 100644 ---- a/src/sbd-common.c -+++ b/src/sbd-common.c -@@ -376,12 +376,13 @@ watchdog_populate_list(void) - snprintf(entry_name, sizeof(entry_name), - SYS_CHAR_DEV_DIR "/%d:%d/device/driver", - major(watchdogs[i]), minor(watchdogs[i])); -- if ((len = readlink(entry_name, buf, sizeof(buf) - 1)) > 0) { -+ len = readlink(entry_name, buf, sizeof(buf) - 1); -+ if (len > 0) { - buf[len] = '\0'; - wdg->dev_driver = strdup(basename(buf)); - } else if ((wdg->dev_ident) && -- (strcmp(wdg->dev_ident, -- "Software Watchdog") == 0)) { -+ (strcmp(wdg->dev_ident, -+ "Software Watchdog") == 0)) { - wdg->dev_driver = strdup("softdog"); - } - break; --- -1.8.3.1 - diff --git a/SOURCES/0014-Fix-sbd-common-avoid-statting-potential-links.patch b/SOURCES/0014-Fix-sbd-common-avoid-statting-potential-links.patch deleted file mode 100644 index 1e61c36..0000000 --- a/SOURCES/0014-Fix-sbd-common-avoid-statting-potential-links.patch +++ /dev/null @@ -1,214 +0,0 @@ -From 5b4c866f7c0b4ef8061e131a1ee0d1c608d35054 Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Wed, 19 Sep 2018 16:15:27 +0200 -Subject: [PATCH] Fix: sbd-common: avoid statting potential links - -These potential links might be anything and statting - if just -allowed to stat chr-nodes (e.g. SELinux) - them would lead -to avc-logs in the SELinux case. ---- - src/sbd-common.c | 133 +++++++++++++++++++++++++++++++++++++++---------------- - 1 file changed, 96 insertions(+), 37 deletions(-) - -diff --git a/src/sbd-common.c b/src/sbd-common.c -index 679f946..cc84cd0 100644 ---- a/src/sbd-common.c -+++ b/src/sbd-common.c -@@ -262,6 +262,12 @@ struct watchdog_list_item { - struct watchdog_list_item *next; - }; - -+struct link_list_item { -+ char *dev_node; -+ char *link_name; -+ struct link_list_item *next; -+}; -+ - static struct watchdog_list_item *watchdog_list = NULL; - static int watchdog_list_items = 0; - -@@ -275,6 +281,7 @@ watchdog_populate_list(void) - char entry_name[280]; - DIR *dp; - char buf[280] = ""; -+ struct link_list_item *link_list = NULL; - - if (watchdog_list != NULL) { - return; -@@ -288,7 +295,7 @@ watchdog_populate_list(void) - FILE *file; - - snprintf(entry_name, sizeof(entry_name), -- SYS_CLASS_WATCHDOG "/%s/dev", entry->d_name); -+ SYS_CLASS_WATCHDOG "/%s/dev", entry->d_name); - file = fopen(entry_name, "r"); - if (file) { - int major, minor; -@@ -309,43 +316,59 @@ watchdog_populate_list(void) - /* search for watchdog nodes in /dev */ - dp = opendir(WATCHDOG_NODEDIR); - if (dp) { -+ /* first go for links and memorize them */ - while ((entry = readdir(dp))) { -- if ((entry->d_type == DT_CHR) || (entry->d_type == DT_LNK)) { -- struct stat statbuf; -+ if (entry->d_type == DT_LNK) { -+ int len; - - snprintf(entry_name, sizeof(entry_name), -- WATCHDOG_NODEDIR "%s", entry->d_name); -- if (entry->d_type == DT_LNK) { -- int len; -- -- /* !realpath(entry_name, buf) unfortunately does a stat on -- * target so we can't really use it to check if links stay -- * within /dev without triggering e.g. AVC-logs (with -- * SELinux policy that just allows stat within /dev). -- * Without canonicalization that doesn't actually touch the -- * filesystem easily available introduce some limitations -- * for simplicity: -- * - just simple path without '..' -- * - just one level of symlinks (avoid e.g. loop-checking) -- */ -- len = readlink(entry_name, buf, sizeof(buf) - 1); -- if ((len < 1) || -- (len > sizeof(buf) - WATCHDOG_NODEDIR_LEN - 1)) { -- continue; -- } -- buf[len] = '\0'; -- if (buf[0] != '/') { -- memmove(&buf[WATCHDOG_NODEDIR_LEN], buf, len+1); -- memcpy(buf, WATCHDOG_NODEDIR, WATCHDOG_NODEDIR_LEN); -- len += WATCHDOG_NODEDIR_LEN; -- } -- if (strstr(buf, "/../") || -- strncmp(WATCHDOG_NODEDIR, buf, WATCHDOG_NODEDIR_LEN) || -- lstat(buf, &statbuf) || -- !S_ISCHR(statbuf.st_mode)) { -- continue; -- } -+ WATCHDOG_NODEDIR "%s", entry->d_name); -+ -+ /* !realpath(entry_name, buf) unfortunately does a stat on -+ * target so we can't really use it to check if links stay -+ * within /dev without triggering e.g. AVC-logs (with -+ * SELinux policy that just allows stat within /dev). -+ * Without canonicalization that doesn't actually touch the -+ * filesystem easily available introduce some limitations -+ * for simplicity: -+ * - just simple path without '..' -+ * - just one level of symlinks (avoid e.g. loop-checking) -+ */ -+ len = readlink(entry_name, buf, sizeof(buf) - 1); -+ if ((len < 1) || -+ (len > sizeof(buf) - WATCHDOG_NODEDIR_LEN - 1)) { -+ continue; -+ } -+ buf[len] = '\0'; -+ if (buf[0] != '/') { -+ memmove(&buf[WATCHDOG_NODEDIR_LEN], buf, len+1); -+ memcpy(buf, WATCHDOG_NODEDIR, WATCHDOG_NODEDIR_LEN); -+ len += WATCHDOG_NODEDIR_LEN; -+ } -+ if (strstr(buf, "/../") || -+ strncmp(WATCHDOG_NODEDIR, buf, WATCHDOG_NODEDIR_LEN)) { -+ continue; -+ } else { -+ /* just memorize to avoid statting the target - SELinux */ -+ struct link_list_item *lli = -+ calloc(1, sizeof(struct link_list_item)); -+ -+ lli->dev_node = strdup(buf); -+ lli->link_name = strdup(entry_name); -+ lli->next = link_list; -+ link_list = lli; - } -+ } -+ } -+ -+ rewinddir(dp); -+ -+ while ((entry = readdir(dp))) { -+ if (entry->d_type == DT_CHR) { -+ struct stat statbuf; -+ -+ snprintf(entry_name, sizeof(entry_name), -+ WATCHDOG_NODEDIR "%s", entry->d_name); - if(!stat(entry_name, &statbuf) && S_ISCHR(statbuf.st_mode)) { - int i; - -@@ -353,8 +376,9 @@ watchdog_populate_list(void) - if (statbuf.st_rdev == watchdogs[i]) { - int wdfd = watchdog_init_fd(entry_name, -1); - struct watchdog_list_item *wdg = -- calloc(1, sizeof(struct watchdog_list_item)); -+ calloc(1, sizeof(struct watchdog_list_item)); - int len; -+ struct link_list_item *tmp_list = NULL; - - wdg->dev = watchdogs[i]; - wdg->dev_node = strdup(entry_name); -@@ -374,8 +398,8 @@ watchdog_populate_list(void) - } - - snprintf(entry_name, sizeof(entry_name), -- SYS_CHAR_DEV_DIR "/%d:%d/device/driver", -- major(watchdogs[i]), minor(watchdogs[i])); -+ SYS_CHAR_DEV_DIR "/%d:%d/device/driver", -+ major(watchdogs[i]), minor(watchdogs[i])); - len = readlink(entry_name, buf, sizeof(buf) - 1); - if (len > 0) { - buf[len] = '\0'; -@@ -385,14 +409,49 @@ watchdog_populate_list(void) - "Software Watchdog") == 0)) { - wdg->dev_driver = strdup("softdog"); - } -+ -+ /* create dupes if we have memorized links -+ * to this node -+ */ -+ for (tmp_list = link_list; tmp_list; -+ tmp_list = tmp_list->next) { -+ if (!strcmp(tmp_list->dev_node, -+ wdg->dev_node)) { -+ struct watchdog_list_item *dupe_wdg = -+ calloc(1, sizeof(struct watchdog_list_item)); -+ -+ /* as long as we never purge watchdog_list -+ * there is no need to dupe strings -+ */ -+ *dupe_wdg = *wdg; -+ dupe_wdg->dev_node = strdup(tmp_list->link_name); -+ dupe_wdg->next = watchdog_list; -+ watchdog_list = dupe_wdg; -+ watchdog_list_items++; -+ } -+ /* for performance reasons we could remove -+ * the link_list entry -+ */ -+ } - break; - } - } - } - } - } -+ - closedir(dp); - } -+ -+ /* cleanup link list */ -+ while (link_list) { -+ struct link_list_item *tmp_list = link_list; -+ -+ link_list = link_list->next; -+ free(tmp_list->dev_node); -+ free(tmp_list->link_name); -+ free(tmp_list); -+ } - } - - int watchdog_info(void) --- -1.8.3.1 - diff --git a/SOURCES/0015-Feature-make-timeout-action-executed-by-sbd-configur.patch b/SOURCES/0015-Feature-make-timeout-action-executed-by-sbd-configur.patch deleted file mode 100644 index cdffdd4..0000000 --- a/SOURCES/0015-Feature-make-timeout-action-executed-by-sbd-configur.patch +++ /dev/null @@ -1,294 +0,0 @@ -From b64c30af56e7eabd63ce1db25bc5ed9b953485af Mon Sep 17 00:00:00 2001 -From: Klaus Wenninger -Date: Fri, 23 Nov 2018 14:09:22 +0100 -Subject: [PATCH] Feature: make timeout-action executed by sbd configurable - ---- - man/sbd.8.pod | 19 +++++++++++++++++++ - src/sbd-common.c | 22 ++++++++++++++++------ - src/sbd-inquisitor.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++++--- - src/sbd-md.c | 2 +- - src/sbd.h | 3 +++ - src/sbd.sysconfig | 18 ++++++++++++++++++ - 6 files changed, 107 insertions(+), 10 deletions(-) - -diff --git a/man/sbd.8.pod b/man/sbd.8.pod -index ffd01c2..dbb3855 100644 ---- a/man/sbd.8.pod -+++ b/man/sbd.8.pod -@@ -333,6 +333,23 @@ prevent a successful crashdump from ever being written. - - Defaults to 240 seconds. Set to zero to disable. - -+=item B<-r> I -+ -+Actions to be executed when the watchers don't timely report to the sbd -+master process or one of the watchers detects that the master process -+has died. -+ -+Set timeout-action to comma-separated combination of -+noflush|flush plus reboot|crashdump|off. -+If just one of both is given the other stays at the default. -+ -+This doesn't affect actions like off, crashdump, reboot explicitly -+triggered via message slots. -+And it does as well not configure the action a watchdog would -+trigger should it run off (there is no generic interface). -+ -+Defaults to flush,reboot. -+ - =back - - =head2 allocate -@@ -552,6 +569,8 @@ options to pass to the daemon: - - C will fail to start if no C is specified. See the - installed template for more options that can be configured here. -+In general configuration done via parameters takes precedence over -+the configuration from the configuration file. - - =head2 Testing the sbd installation - -diff --git a/src/sbd-common.c b/src/sbd-common.c -index cc84cd0..0e8be65 100644 ---- a/src/sbd-common.c -+++ b/src/sbd-common.c -@@ -98,6 +98,8 @@ usage(void) - " (default is 1, set to 0 to disable)\n" - "-P Check Pacemaker quorum and node health (optional, watch only)\n" - "-Z Enable trace mode. WARNING: UNSAFE FOR PRODUCTION!\n" -+"-r Set timeout-action to comma-separated combination of\n" -+" noflush|flush plus reboot|crashdump|off (default is flush,reboot)\n" - "Commands:\n" - #if SUPPORT_SHARED_DISK - "create initialize N slots on - OVERWRITES DEVICE!\n" -@@ -769,7 +771,7 @@ sysrq_trigger(char t) - - - static void --do_exit(char kind) -+do_exit(char kind, bool do_flush) - { - /* TODO: Turn debug_mode into a bit field? Delay + kdump for example */ - const char *reason = NULL; -@@ -814,7 +816,9 @@ do_exit(char kind) - } - - cl_log(LOG_EMERG, "Rebooting system: %s", reason); -- sync(); -+ if (do_flush) { -+ sync(); -+ } - - if(kind == 'c') { - watchdog_close(true); -@@ -834,19 +838,25 @@ do_exit(char kind) - void - do_crashdump(void) - { -- do_exit('c'); -+ do_exit('c', true); - } - - void - do_reset(void) - { -- do_exit('b'); -+ do_exit('b', true); - } - - void - do_off(void) - { -- do_exit('o'); -+ do_exit('o', true); -+} -+ -+void -+do_timeout_action(void) -+{ -+ do_exit(timeout_sysrq_char, do_flush); - } - - /* -@@ -980,7 +990,7 @@ notify_parent(void) - /* Our parent died unexpectedly. Triggering - * self-fence. */ - cl_log(LOG_WARNING, "Our parent is dead."); -- do_reset(); -+ do_timeout_action(); - } - - switch (servant_health) { -diff --git a/src/sbd-inquisitor.c b/src/sbd-inquisitor.c -index 9b193d4..8e0bc87 100644 ---- a/src/sbd-inquisitor.c -+++ b/src/sbd-inquisitor.c -@@ -31,6 +31,8 @@ int servant_restart_interval = 5; - int servant_restart_count = 1; - int start_mode = 0; - char* pidfile = NULL; -+bool do_flush = true; -+char timeout_sysrq_char = 'b'; - - int parse_device_line(const char *line); - -@@ -655,7 +657,7 @@ void inquisitor_child(void) - /* At level 2 or above, we do nothing, but expect - * things to eventually return to - * normal. */ -- do_reset(); -+ do_timeout_action(); - } else { - cl_log(LOG_ERR, "SBD: DEBUG MODE: Would have fenced due to timeout!"); - } -@@ -668,7 +670,7 @@ void inquisitor_child(void) - - if (debug_mode && watchdog_use) { - /* In debug mode, trigger a reset before the watchdog can panic the machine */ -- do_reset(); -+ do_timeout_action(); - } - } - -@@ -833,6 +835,7 @@ int main(int argc, char **argv, char **envp) - int qb_facility; - const char *value = NULL; - int start_delay = 0; -+ char *timeout_action = NULL; - - if ((cmdname = strrchr(argv[0], '/')) == NULL) { - cmdname = argv[0]; -@@ -928,7 +931,12 @@ int main(int argc, char **argv, char **envp) - } - cl_log(LOG_DEBUG, "Start delay: %d (%s)", (int)start_delay, value?value:"default"); - -- while ((c = getopt(argc, argv, "czC:DPRTWZhvw:d:n:p:1:2:3:4:5:t:I:F:S:s:")) != -1) { -+ value = getenv("SBD_TIMEOUT_ACTION"); -+ if(value) { -+ timeout_action = strdup(value); -+ } -+ -+ while ((c = getopt(argc, argv, "czC:DPRTWZhvw:d:n:p:1:2:3:4:5:t:I:F:S:s:r:")) != -1) { - switch (c) { - case 'D': - break; -@@ -1043,6 +1051,12 @@ int main(int argc, char **argv, char **envp) - cl_log(LOG_INFO, "Servant restart count set to %d", - (int)servant_restart_count); - break; -+ case 'r': -+ if (timeout_action) { -+ free(timeout_action); -+ } -+ timeout_action = strdup(optarg); -+ break; - case 'h': - usage(); - return (0); -@@ -1101,6 +1115,39 @@ int main(int argc, char **argv, char **envp) - goto out; - } - -+ if (timeout_action) { -+ char *p[2]; -+ int i; -+ char c; -+ int nrflags = sscanf(timeout_action, "%m[a-z],%m[a-z]%c", &p[0], &p[1], &c); -+ bool parse_error = (nrflags < 1) || (nrflags > 2); -+ -+ for (i = 0; (i < nrflags) && (i < 2); i++) { -+ if (!strcmp(p[i], "reboot")) { -+ timeout_sysrq_char = 'b'; -+ } else if (!strcmp(p[i], "crashdump")) { -+ timeout_sysrq_char = 'c'; -+ } else if (!strcmp(p[i], "off")) { -+ timeout_sysrq_char = 'o'; -+ } else if (!strcmp(p[i], "flush")) { -+ do_flush = true; -+ } else if (!strcmp(p[i], "noflush")) { -+ do_flush = false; -+ } else { -+ parse_error = true; -+ } -+ free(p[i]); -+ } -+ if (parse_error) { -+ fprintf(stderr, "Failed to parse timeout-action \"%s\".\n", -+ timeout_action); -+ exit_status = -1; -+ goto out; -+ } -+ } -+ cl_log(LOG_NOTICE, "%s flush + writing \'%c\' to sysrq on timeout", -+ do_flush?"Doing":"Skipping", timeout_sysrq_char); -+ - #if SUPPORT_SHARED_DISK - if (strcmp(argv[optind], "create") == 0) { - exit_status = init_devices(servants_leader); -diff --git a/src/sbd-md.c b/src/sbd-md.c -index a736118..579d273 100644 ---- a/src/sbd-md.c -+++ b/src/sbd-md.c -@@ -1149,7 +1149,7 @@ int servant(const char *diskname, int mode, const void* argp) - if (ppid == 1) { - /* Our parent died unexpectedly. Triggering - * self-fence. */ -- do_reset(); -+ do_timeout_action(); - } - - /* These attempts are, by definition, somewhat racy. If -diff --git a/src/sbd.h b/src/sbd.h -index 0f8847a..386c85c 100644 ---- a/src/sbd.h -+++ b/src/sbd.h -@@ -130,6 +130,7 @@ void sysrq_trigger(char t); - void do_crashdump(void); - void do_reset(void); - void do_off(void); -+void do_timeout_action(void); - pid_t make_daemon(void); - void maximize_priority(void); - void sbd_get_uname(void); -@@ -153,6 +154,8 @@ extern int debug_mode; - extern char *watchdogdev; - extern bool watchdogdev_is_default; - extern char* local_uname; -+extern bool do_flush; -+extern char timeout_sysrq_char; - - /* Global, non-tunable variables: */ - extern int sector_size; -diff --git a/src/sbd.sysconfig b/src/sbd.sysconfig -index c6d7c07..8f38426 100644 ---- a/src/sbd.sysconfig -+++ b/src/sbd.sysconfig -@@ -71,6 +71,24 @@ SBD_WATCHDOG_DEV=/dev/watchdog - SBD_WATCHDOG_TIMEOUT=5 - - ## Type: string -+## Default: "flush,reboot" -+# -+# Actions to be executed when the watchers don't timely report to the sbd -+# master process or one of the watchers detects that the master process -+# has died. -+# -+# Set timeout-action to comma-separated combination of -+# noflush|flush plus reboot|crashdump|off. -+# If just one of both is given the other stays at the default. -+# -+# This doesn't affect actions like off, crashdump, reboot explicitly -+# triggered via message slots. -+# And it does as well not configure the action a watchdog would -+# trigger should it run off (there is no generic interface). -+# -+SBD_TIMEOUT_ACTION=flush,reboot -+ -+## Type: string - ## Default: "" - # - # Additional options for starting sbd --- -1.8.3.1 - diff --git a/SPECS/sbd.spec b/SPECS/sbd.spec index 0ee7df0..aef0286 100644 --- a/SPECS/sbd.spec +++ b/SPECS/sbd.spec @@ -15,26 +15,22 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -%global commit a74b4d25a3eb93fe1abbe6e3ebfd2b16cf48873f +%global commit 7f33d1a409d0a4e2cd69946688c48eaa8f3c5d26 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %global github_owner Clusterlabs -%global buildnum 8.2 +%global buildnum 4 Name: sbd Summary: Storage-based death License: GPLv2+ Group: System Environment/Daemons -Version: 1.3.1 -Release: %{buildnum}%{?dist}.1 +Version: 1.4.0 +Release: %{buildnum}%{?dist} Url: https://github.com/%{github_owner}/%{name} Source0: https://github.com/%{github_owner}/%{name}/archive/%{commit}/%{name}-%{commit}.tar.gz -Patch0: 0001-make-pacemaker-dlm-wait-for-sbd-start.patch -Patch1: 0002-mention-timeout-caveat-with-SBD_DELAY_START.patch -Patch2: 0003-Doc-sbd.8.pod-add-query-test-watchdog.patch -Patch11: 0012-Fix-sbd-common-don-t-follow-symlinks-outside-dev-for.patch -Patch12: 0013-Refactor-sbd-common-separate-assignment-and-comparis.patch -Patch13: 0014-Fix-sbd-common-avoid-statting-potential-links.patch -Patch14: 0015-Feature-make-timeout-action-executed-by-sbd-configur.patch +Patch0: 0001-Fix-sbd-cluster-finalize-cmap-connection-if-disconne.patch +Patch1: 0002-Fix-sbd-pacemaker-make-handling-of-cib-connection-lo.patch +Patch2: 0003-Fix-sbd-pacemaker-bail-out-of-status-earlier.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: autoconf BuildRequires: automake @@ -132,10 +128,27 @@ fi %doc COPYING %changelog -* Thu Jan 8 2019 Klaus Wenninger - 1.3.1-8.2.1 -- make timeout-action configurable +* Tue Mar 26 2019 Klaus Wenninger - 1.4.0-4 +- fix possible null-pointer-access just introduced - Resolves: rhbz#1666201 + Resolves: rhbz#1691484 + +* Tue Mar 26 2019 Klaus Wenninger - 1.4.0-3 +- finalize cmap connection if disconnected from cluster +- make handling of cib-connection loss more robust + + Resolves: rhbz#1691484 + +* Thu Feb 7 2019 Klaus Wenninger - 1.4.0-2 +- rebuild against pacemaker 1.20 to make sbd actually use + the new libpengine API + + Resolves: rhbz#1661233 + +* Mon Jan 14 2019 Klaus Wenninger - 1.4.0-1 +- rebase to upstream v1.4.0 + + Resolves: rhbz#1660158 * Wed Sep 19 2018 Klaus Wenninger - 1.3.1-8.2 - avoid statting potential symlink-targets in /dev