diff options
Diffstat (limited to 'geo-replication/src')
| -rw-r--r-- | geo-replication/src/gsyncd.c | 636 | ||||
| -rwxr-xr-x | geo-replication/src/gverify.sh | 70 | ||||
| -rw-r--r-- | geo-replication/src/peer_georep-sshkey.py.in | 6 | ||||
| -rwxr-xr-x | geo-replication/src/peer_gsec_create.in | 4 | ||||
| -rw-r--r-- | geo-replication/src/peer_mountbroker.in | 24 | ||||
| -rw-r--r-- | geo-replication/src/peer_mountbroker.py.in | 42 | ||||
| -rw-r--r-- | geo-replication/src/procdiggy.c | 200 | ||||
| -rw-r--r-- | geo-replication/src/procdiggy.h | 9 | ||||
| -rwxr-xr-x | geo-replication/src/set_geo_rep_pem_keys.sh | 1 |
9 files changed, 515 insertions, 477 deletions
diff --git a/geo-replication/src/gsyncd.c b/geo-replication/src/gsyncd.c index 2c48ca5d540..b5aeec5bf33 100644 --- a/geo-replication/src/gsyncd.c +++ b/geo-replication/src/gsyncd.c @@ -7,8 +7,8 @@ later), or the GNU General Public License, version 2 (GPLv2), in all cases as published by the Free Software Foundation. */ -#include "compat.h" -#include "syscall.h" +#include <glusterfs/compat.h> +#include <glusterfs/syscall.h> #include <stdlib.h> #include <stdio.h> @@ -24,13 +24,13 @@ * We unconditionally pass then while building gsyncd binary. */ #ifdef USE_LIBGLUSTERFS -#include "glusterfs.h" -#include "globals.h" -#include "defaults.h" +#include <glusterfs/glusterfs.h> +#include <glusterfs/globals.h> +#include <glusterfs/defaults.h> #endif -#include "common-utils.h" -#include "run.h" +#include <glusterfs/common-utils.h> +#include <glusterfs/run.h> #include "procdiggy.h" #define _GLUSTERD_CALLED_ "_GLUSTERD_CALLED_" @@ -42,395 +42,361 @@ int restricted = 0; static int -duplexpand (void **buf, size_t tsiz, size_t *len) +duplexpand(void **buf, size_t tsiz, size_t *len) { - size_t osiz = tsiz * *len; - char *p = realloc (*buf, osiz << 1); - if (!p) { - free(*buf); - return -1; - } + size_t osiz = tsiz * *len; + char *p = realloc(*buf, osiz << 1); + if (!p) { + return -1; + } - memset (p + osiz, 0, osiz); - *buf = p; - *len <<= 1; + memset(p + osiz, 0, osiz); + *buf = p; + *len <<= 1; - return 0; + return 0; } static int -str2argv (char *str, char ***argv) +str2argv(char *str, char ***argv) { - char *p = NULL; - char *savetok = NULL; - char *temp = NULL; - char *temp1 = NULL; - int argc = 0; - size_t argv_len = 32; - int ret = 0; - int i = 0; - - assert (str); - temp = str = strdup (str); - if (!str) + char *p = NULL; + char *savetok = NULL; + char *temp = NULL; + char *temp1 = NULL; + int argc = 0; + size_t argv_len = 32; + int ret = 0; + int i = 0; + + assert(str); + temp = str = strdup(str); + if (!str) + goto error; + + *argv = calloc(argv_len, sizeof(**argv)); + if (!*argv) + goto error; + + while ((p = strtok_r(str, " ", &savetok))) { + str = NULL; + + argc++; + if (argc == argv_len) { + ret = duplexpand((void *)argv, sizeof(**argv), &argv_len); + if (ret == -1) goto error; - - *argv = calloc (argv_len, sizeof (**argv)); - if (!*argv) - goto error; - - while ((p = strtok_r (str, " ", &savetok))) { - str = NULL; - - argc++; - if (argc == argv_len) { - ret = duplexpand ((void *)argv, - sizeof (**argv), - &argv_len); - if (ret == -1) - goto error; - } - temp1 = strdup (p); - if (!temp1) - goto error; - (*argv)[argc - 1] = temp1; } - - free(temp); - return argc; - - error: - fprintf (stderr, "out of memory\n"); - free(temp); - for (i = 0; i < argc - 1; i++) - free((*argv)[i]); - free(*argv); - return -1; + temp1 = strdup(p); + if (!temp1) + goto error; + (*argv)[argc - 1] = temp1; + } + + free(temp); + return argc; + +error: + fprintf(stderr, "out of memory\n"); + free(temp); + for (i = 0; i < argc - 1; i++) + free((*argv)[i]); + free(*argv); + return -1; } static int -invoke_gsyncd (int argc, char **argv) +invoke_gsyncd(int argc, char **argv) { - char config_file[PATH_MAX] = {0,}; - size_t gluster_workdir_len = 0; - runner_t runner = {0,}; - int i = 0; - int j = 0; - char *nargv[argc + 4]; - char *python = NULL; - - if (restricted) { - size_t len; - /* in restricted mode we forcibly use the system-wide config */ - runinit (&runner); - runner_add_args (&runner, SBIN_DIR"/gluster", - "--remote-host=localhost", - "--log-file=-", "system::", "getwd", - NULL); - runner_redir (&runner, STDOUT_FILENO, RUN_PIPE); - if (runner_start (&runner) == 0 && - fgets (config_file, PATH_MAX, - runner_chio (&runner, STDOUT_FILENO)) != NULL && - (len = strlen (config_file)) && - config_file[len - 1] == '\n' && - runner_end (&runner) == 0) - gluster_workdir_len = len - 1; - - if (gluster_workdir_len) { - if (gluster_workdir_len + 1 + strlen (GSYNCD_CONF_TEMPLATE) + 1 > - PATH_MAX) - goto error; - config_file[gluster_workdir_len] = '/'; - strcat (config_file, GSYNCD_CONF_TEMPLATE); - } else - goto error; - - if (setenv ("_GSYNCD_RESTRICTED_", "1", 1) == -1) - goto error; - } + int i = 0; + int j = 0; + char *nargv[argc + 4]; + char *python = NULL; - if (chdir ("/") == -1) - goto error; + if (chdir("/") == -1) + goto error; - j = 0; - python = getenv("PYTHON"); - if(!python) - python = PYTHON; - nargv[j++] = python; - nargv[j++] = GSYNCD_PREFIX"/python/syncdaemon/"GSYNCD_PY; - for (i = 1; i < argc; i++) - nargv[j++] = argv[i]; - if (config_file[0]) { - nargv[j++] = "-c"; - nargv[j++] = config_file; - } - nargv[j++] = NULL; + j = 0; + python = getenv("PYTHON"); + if (!python) + python = PYTHON; + nargv[j++] = python; + nargv[j++] = GSYNCD_PREFIX "/python/syncdaemon/" GSYNCD_PY; + for (i = 1; i < argc; i++) + nargv[j++] = argv[i]; - execvp (python, nargv); + nargv[j++] = NULL; - fprintf (stderr, "exec of '%s' failed\n", python); - return 127; + execvp(python, nargv); - error: - fprintf (stderr, "gsyncd initializaion failed\n"); - return 1; -} + fprintf(stderr, "exec of '%s' failed\n", python); + return 127; +error: + fprintf(stderr, "gsyncd initializaion failed\n"); + return 1; +} static int -find_gsyncd (pid_t pid, pid_t ppid, char *name, void *data) +find_gsyncd(pid_t pid, pid_t ppid, char *name, void *data) { - char buf[NAME_MAX * 2] = {0,}; - char path[PATH_MAX] = {0,}; - char *p = NULL; - int zeros = 0; - int ret = 0; - int fd = -1; - pid_t *pida = (pid_t *)data; - - if (ppid != pida[0]) - return 0; - - snprintf (path, sizeof path, PROC"/%d/cmdline", pid); - fd = open (path, O_RDONLY); - if (fd == -1) - return 0; - ret = sys_read (fd, buf, sizeof (buf)); - sys_close (fd); - if (ret == -1) - return 0; - for (zeros = 0, p = buf; zeros < 2 && p < buf + ret; p++) - zeros += !*p; - - ret = 0; - switch (zeros) { + char buf[NAME_MAX * 2] = { + 0, + }; + char path[PATH_MAX] = { + 0, + }; + char *p = NULL; + int zeros = 0; + int ret = 0; + int fd = -1; + pid_t *pida = (pid_t *)data; + + if (ppid != pida[0]) + return 0; + + snprintf(path, sizeof path, PROC "/%d/cmdline", pid); + fd = open(path, O_RDONLY); + if (fd == -1) + return 0; + ret = sys_read(fd, buf, sizeof(buf)); + sys_close(fd); + if (ret == -1) + return 0; + for (zeros = 0, p = buf; zeros < 2 && p < buf + ret; p++) + zeros += !*p; + + ret = 0; + switch (zeros) { case 2: - if ((strcmp (basename (buf), basename (PYTHON)) || - strcmp (basename (buf + strlen (buf) + 1), GSYNCD_PY)) == 0) { - ret = 1; - break; - } - /* fallthrough */ + if ((strcmp(basename(buf), basename(PYTHON)) || + strcmp(basename(buf + strlen(buf) + 1), GSYNCD_PY)) == 0) { + ret = 1; + break; + } + /* fallthrough */ case 1: - if (strcmp (basename (buf), GSYNCD_PY) == 0) - ret = 1; + if (strcmp(basename(buf), GSYNCD_PY) == 0) + ret = 1; + } + + if (ret == 1) { + if (pida[1] != -1) { + fprintf(stderr, GSYNCD_PY " sibling is not unique"); + return -1; } + pida[1] = pid; + } - if (ret == 1) { - if (pida[1] != -1) { - fprintf (stderr, GSYNCD_PY" sibling is not unique"); - return -1; - } - pida[1] = pid; - } - - return 0; + return 0; } static int -invoke_rsync (int argc, char **argv) +invoke_rsync(int argc, char **argv) { - int i = 0; - char path[PATH_MAX] = {0,}; - pid_t pid = -1; - pid_t ppid = -1; - pid_t pida[] = {-1, -1}; - char *name = NULL; - char buf[PATH_MAX + 1] = {0,}; - int ret = 0; - - assert (argv[argc] == NULL); - - if (argc < 2 || strcmp (argv[1], "--server") != 0) - goto error; - - for (i = 2; i < argc && argv[i][0] == '-'; i++); - - if (!(i == argc - 2 && strcmp (argv[i], ".") == 0 && argv[i + 1][0] == '/')) { - fprintf (stderr, "need an rsync invocation without protected args\n"); - goto error; - } - - /* look up sshd we are spawned from */ - for (pid = getpid () ;; pid = ppid) { - ppid = pidinfo (pid, &name); - if (ppid < 0) { - fprintf (stderr, "sshd ancestor not found\n"); - goto error; - } - if (strcmp (name, "sshd") == 0) { - GF_FREE (name); - break; - } - GF_FREE (name); + int i = 0; + char path[PATH_MAX] = { + 0, + }; + pid_t pid = -1; + pid_t ppid = -1; + pid_t pida[] = {-1, -1}; + char *name = NULL; + char buf[PATH_MAX + 1] = { + 0, + }; + int ret = 0; + + assert(argv[argc] == NULL); + + if (argc < 2 || strcmp(argv[1], "--server") != 0) + goto error; + + for (i = 2; i < argc && argv[i][0] == '-'; i++) + ; + + if (!(i == argc - 2 && strcmp(argv[i], ".") == 0 && + argv[i + 1][0] == '/')) { + fprintf(stderr, "need an rsync invocation without protected args\n"); + goto error; + } + + /* look up sshd we are spawned from */ + for (pid = getpid();; pid = ppid) { + ppid = pidinfo(pid, &name); + if (ppid < 0) { + fprintf(stderr, "sshd ancestor not found\n"); + goto error; } - /* look up "ssh-sibling" gsyncd */ - pida[0] = pid; - ret = prociter (find_gsyncd, pida); - if (ret == -1 || pida[1] == -1) { - fprintf (stderr, "gsyncd sibling not found\n"); - goto error; - } - /* check if rsync target matches gsyncd target */ - snprintf (path, sizeof path, PROC"/%d/cwd", pida[1]); - ret = sys_readlink (path, buf, sizeof (buf)); - if (ret == -1 || ret == sizeof (buf)) - goto error; - if (strcmp (argv[argc - 1], "/") == 0 /* root dir cannot be a target */ || - (strcmp (argv[argc - 1], path) /* match against gluster target */ && - strcmp (argv[argc - 1], buf) /* match against file target */) != 0) { - fprintf (stderr, "rsync target does not match "GEOREP" session\n"); - goto error; + if (strcmp(name, "sshd") == 0) { + GF_FREE(name); + break; } - - argv[0] = RSYNC; - - execvp (RSYNC, argv); - - fprintf (stderr, "exec of "RSYNC" failed\n"); - return 127; - - error: - fprintf (stderr, "disallowed "RSYNC" invocation\n"); - return 1; + GF_FREE(name); + } + /* look up "ssh-sibling" gsyncd */ + pida[0] = pid; + ret = prociter(find_gsyncd, pida); + if (ret == -1 || pida[1] == -1) { + fprintf(stderr, "gsyncd sibling not found\n"); + goto error; + } + /* check if rsync target matches gsyncd target */ + snprintf(path, sizeof path, PROC "/%d/cwd", pida[1]); + ret = sys_readlink(path, buf, sizeof(buf)); + if (ret == -1 || ret == sizeof(buf)) + goto error; + if (strcmp(argv[argc - 1], "/") == 0 /* root dir cannot be a target */ || + (strcmp(argv[argc - 1], path) /* match against gluster target */ && + strcmp(argv[argc - 1], buf) /* match against file target */) != 0) { + fprintf(stderr, "rsync target does not match " GEOREP " session\n"); + goto error; + } + + argv[0] = RSYNC; + + execvp(RSYNC, argv); + + fprintf(stderr, "exec of " RSYNC " failed\n"); + return 127; + +error: + fprintf(stderr, "disallowed " RSYNC " invocation\n"); + return 1; } static int -invoke_gluster (int argc, char **argv) +invoke_gluster(int argc, char **argv) { - int i = 0; - int j = 0; - int optsover = 0; - char *ov = NULL; - - for (i = 1; i < argc; i++) { - ov = strtail (argv[i], "--"); - if (ov && !optsover) { - if (*ov == '\0') - optsover = 1; - continue; - } - switch (++j) { - case 1: - if (strcmp (argv[i], "volume") != 0) - goto error; - break; - case 2: - if (strcmp (argv[i], "info") != 0) - goto error; - break; - case 3: - break; - default: - goto error; - } + int i = 0; + int j = 0; + int optsover = 0; + char *ov = NULL; + + for (i = 1; i < argc; i++) { + ov = strtail(argv[i], "--"); + if (ov && !optsover) { + if (*ov == '\0') + optsover = 1; + continue; + } + switch (++j) { + case 1: + if (strcmp(argv[i], "volume") != 0) + goto error; + break; + case 2: + if (strcmp(argv[i], "info") != 0) + goto error; + break; + case 3: + break; + default: + goto error; } + } - argv[0] = "gluster"; - execvp (SBIN_DIR"/gluster", argv); - fprintf (stderr, "exec of gluster failed\n"); - return 127; + argv[0] = "gluster"; + execvp(SBIN_DIR "/gluster", argv); + fprintf(stderr, "exec of gluster failed\n"); + return 127; - error: - fprintf (stderr, "disallowed gluster invocation\n"); - return 1; +error: + fprintf(stderr, "disallowed gluster invocation\n"); + return 1; } struct invocable { - char *name; - int (*invoker) (int argc, char **argv); + char *name; + int (*invoker)(int argc, char **argv); }; -struct invocable invocables[] = { - { "rsync", invoke_rsync }, - { "gsyncd", invoke_gsyncd }, - { "gluster", invoke_gluster }, - { NULL, NULL} -}; +struct invocable invocables[] = {{"rsync", invoke_rsync}, + {"gsyncd", invoke_gsyncd}, + {"gluster", invoke_gluster}, + {NULL, NULL}}; int -main (int argc, char **argv) +main(int argc, char **argv) { - int ret = -1; - char *evas = NULL; - struct invocable *i = NULL; - char *b = NULL; - char *sargv = NULL; - int j = 0; + int ret = -1; + char *evas = NULL; + struct invocable *i = NULL; + char *b = NULL; + char *sargv = NULL; + int j = 0; #ifdef USE_LIBGLUSTERFS - glusterfs_ctx_t *ctx = NULL; + glusterfs_ctx_t *ctx = NULL; - ctx = glusterfs_ctx_new (); - if (!ctx) - return ENOMEM; + ctx = glusterfs_ctx_new(); + if (!ctx) + return ENOMEM; - if (glusterfs_globals_init (ctx)) - return 1; + if (glusterfs_globals_init(ctx)) + return 1; - THIS->ctx = ctx; - ret = default_mem_acct_init (THIS); - if (ret) { - fprintf (stderr, "internal error: mem accounting failed\n"); - return 1; - } + THIS->ctx = ctx; + ret = default_mem_acct_init(THIS); + if (ret) { + fprintf(stderr, "internal error: mem accounting failed\n"); + return 1; + } #endif - evas = getenv (_GLUSTERD_CALLED_); - if (evas && strcmp (evas, "1") == 0) - /* OK, we know glusterd called us, no need to look for further config - *...although this conclusion should not inherit to our children - */ - unsetenv (_GLUSTERD_CALLED_); - else { - /* we regard all gsyncd invocations unsafe - * that do not come from glusterd and - * therefore restrict it - */ - restricted = 1; - - if (!getenv (_GSYNCD_DISPATCHED_)) { - evas = getenv ("SSH_ORIGINAL_COMMAND"); - if (evas) - sargv = evas; - else { - evas = getenv ("SHELL"); - if (evas && strcmp (basename (evas), "gsyncd") == 0 && - argc == 3 && strcmp (argv[1], "-c") == 0) - sargv = argv[2]; - } - } - + evas = getenv(_GLUSTERD_CALLED_); + if (evas && strcmp(evas, "1") == 0) + /* OK, we know glusterd called us, no need to look for further config + *...although this conclusion should not inherit to our children + */ + unsetenv(_GLUSTERD_CALLED_); + else { + /* we regard all gsyncd invocations unsafe + * that do not come from glusterd and + * therefore restrict it + */ + restricted = 1; + + if (!getenv(_GSYNCD_DISPATCHED_)) { + evas = getenv("SSH_ORIGINAL_COMMAND"); + if (evas) + sargv = evas; + else { + evas = getenv("SHELL"); + if (evas && strcmp(basename(evas), "gsyncd") == 0 && + argc == 3 && strcmp(argv[1], "-c") == 0) + sargv = argv[2]; + } } + } - if (!(sargv && restricted)) - return invoke_gsyncd (argc, argv); + if (!(sargv && restricted)) + return invoke_gsyncd(argc, argv); - argc = str2argv (sargv, &argv); + argc = str2argv(sargv, &argv); - if (argc == -1) { - fprintf (stderr, "internal error\n"); - return 1; - } - - if (setenv (_GSYNCD_DISPATCHED_, "1", 1) == -1) { - fprintf (stderr, "internal error\n"); - goto out; - } + if (argc == -1) { + fprintf(stderr, "internal error\n"); + return 1; + } + if (setenv(_GSYNCD_DISPATCHED_, "1", 1) == -1) { + fprintf(stderr, "internal error\n"); + goto out; + } - b = basename (argv[0]); - for (i = invocables; i->name; i++) { - if (strcmp (b, i->name) == 0) - return i->invoker (argc, argv); - } + b = basename(argv[0]); + for (i = invocables; i->name; i++) { + if (strcmp(b, i->name) == 0) + return i->invoker(argc, argv); + } - fprintf (stderr, "invoking %s in restricted SSH session is not allowed\n", - b); + fprintf(stderr, "invoking %s in restricted SSH session is not allowed\n", + b); out: - for (j = 1; j < argc; j++) - free(argv[j]); - free(argv); - return 1; + for (j = 1; j < argc; j++) + free(argv[j]); + free(argv); + return 1; } diff --git a/geo-replication/src/gverify.sh b/geo-replication/src/gverify.sh index 9b1328aa631..f5f70d245e0 100755 --- a/geo-replication/src/gverify.sh +++ b/geo-replication/src/gverify.sh @@ -7,15 +7,24 @@ # Considering buffer_size 100MB BUFFER_SIZE=104857600; SSH_PORT=$5; -slave_log_file=`gluster --print-logdir`/geo-replication-slaves/slave.log +master_log_file=`gluster --print-logdir`/geo-replication/gverify-mastermnt.log +slave_log_file=`gluster --print-logdir`/geo-replication/gverify-slavemnt.log function SSHM() { - ssh -p ${SSH_PORT} -q \ - -oPasswordAuthentication=no \ - -oStrictHostKeyChecking=no \ - -oControlMaster=yes \ - "$@"; + if [[ -z "${GR_SSH_IDENTITY_KEY}" ]]; then + ssh -p ${SSH_PORT} -q \ + -oPasswordAuthentication=no \ + -oStrictHostKeyChecking=no \ + -oControlMaster=yes \ + "$@"; + else + ssh -p ${SSH_PORT} -i ${GR_SSH_IDENTITY_KEY} -q \ + -oPasswordAuthentication=no \ + -oStrictHostKeyChecking=no \ + -oControlMaster=yes \ + "$@"; + fi } function get_inode_num() @@ -85,6 +94,7 @@ echo $cmd_line; function master_stats() { MASTERVOL=$1; + local inet6=$2; local d; local i; local disk_size; @@ -93,7 +103,12 @@ function master_stats() local m_status; d=$(mktemp -d -t ${0##*/}.XXXXXX 2>/dev/null); - glusterfs -s localhost --xlator-option="*dht.lookup-unhashed=off" --volfile-id $MASTERVOL -l $slave_log_file $d; + if [ "$inet6" = "inet6" ]; then + glusterfs -s localhost --xlator-option="*dht.lookup-unhashed=off" --xlator-option="transport.address-family=inet6" --volfile-id $MASTERVOL -l $master_log_file $d; + else + glusterfs -s localhost --xlator-option="*dht.lookup-unhashed=off" --volfile-id $MASTERVOL -l $master_log_file $d; + fi + i=$(get_inode_num $d); if [[ "$i" -ne "1" ]]; then echo 0:0; @@ -115,12 +130,18 @@ function slave_stats() SLAVEUSER=$1; SLAVEHOST=$2; SLAVEVOL=$3; + local inet6=$4; local cmd_line; local ver; local status; d=$(mktemp -d -t ${0##*/}.XXXXXX 2>/dev/null); - glusterfs --xlator-option="*dht.lookup-unhashed=off" --volfile-server $SLAVEHOST --volfile-id $SLAVEVOL -l $slave_log_file $d; + if [ "$inet6" = "inet6" ]; then + glusterfs --xlator-option="*dht.lookup-unhashed=off" --xlator-option="transport.address-family=inet6" --volfile-server $SLAVEHOST --volfile-id $SLAVEVOL -l $slave_log_file $d; + else + glusterfs --xlator-option="*dht.lookup-unhashed=off" --volfile-server $SLAVEHOST --volfile-id $SLAVEVOL -l $slave_log_file $d; + fi + i=$(get_inode_num $d); if [[ "$i" -ne "1" ]]; then echo 0:0; @@ -158,6 +179,10 @@ function main() log_file=$6 > $log_file + inet6=$7 + local cmd_line + local ver + # Use FORCE_BLOCKER flag in the error message to differentiate # between the errors which the force command should bypass @@ -172,15 +197,32 @@ function main() exit 1; fi; - ssh -p ${SSH_PORT} -oNumberOfPasswordPrompts=0 -oStrictHostKeyChecking=no $2@$3 "echo Testing_Passwordless_SSH"; + if [[ -z "${GR_SSH_IDENTITY_KEY}" ]]; then + ssh -p ${SSH_PORT} -oNumberOfPasswordPrompts=0 -oStrictHostKeyChecking=no $2@$3 "echo Testing_Passwordless_SSH"; + else + ssh -p ${SSH_PORT} -i ${GR_SSH_IDENTITY_KEY} -oNumberOfPasswordPrompts=0 -oStrictHostKeyChecking=no $2@$3 "echo Testing_Passwordless_SSH"; + fi + if [ $? -ne 0 ]; then echo "FORCE_BLOCKER|Passwordless ssh login has not been setup with $3 for user $2." > $log_file exit 1; fi; + cmd_line=$(cmd_slave); + if [[ -z "${GR_SSH_IDENTITY_KEY}" ]]; then + ver=$(ssh -p ${SSH_PORT} -oNumberOfPasswordPrompts=0 -oStrictHostKeyChecking=no $2@$3 bash -c "'$cmd_line'") + else + ver=$(ssh -p ${SSH_PORT} -i ${GR_SSH_IDENTITY_KEY} -oNumberOfPasswordPrompts=0 -oStrictHostKeyChecking=no $2@$3 bash -c "'$cmd_line'") + fi + + if [ -z "$ver" ]; then + echo "FORCE_BLOCKER|gluster command not found on $3 for user $2." > $log_file + exit 1; + fi; + ERRORS=0; - master_data=$(master_stats $1); - slave_data=$(slave_stats $2 $3 $4); + master_data=$(master_stats $1 ${inet6}); + slave_data=$(slave_stats $2 $3 $4 ${inet6}); master_disk_size=$(echo $master_data | cut -f1 -d':'); slave_disk_size=$(echo $slave_data | cut -f1 -d':'); master_used_size=$(echo $master_data | cut -f2 -d':'); @@ -190,12 +232,12 @@ function main() slave_no_of_files=$(echo $slave_data | cut -f4 -d':'); if [[ "x$master_disk_size" = "x" || "x$master_version" = "x" || "$master_disk_size" -eq "0" ]]; then - echo "FORCE_BLOCKER|Unable to fetch master volume details. Please check the master cluster and master volume." > $log_file; + echo "FORCE_BLOCKER|Unable to mount and fetch master volume details. Please check the log: $master_log_file" > $log_file; exit 1; fi; if [[ "x$slave_disk_size" = "x" || "x$slave_version" = "x" || "$slave_disk_size" -eq "0" ]]; then - echo "FORCE_BLOCKER|Unable to fetch slave volume details. Please check the slave cluster and slave volume." > $log_file; + echo "FORCE_BLOCKER|Unable to mount and fetch slave volume details. Please check the log: $slave_log_file" > $log_file; exit 1; fi; @@ -223,7 +265,7 @@ function main() fi; if [[ $master_version != $slave_version ]]; then - echo "Gluster version mismatch between master and slave." >> $log_file; + echo "Gluster version mismatch between master and slave. Master version: $master_version Slave version: $slave_version" >> $log_file; ERRORS=$(($ERRORS + 1)); fi; diff --git a/geo-replication/src/peer_georep-sshkey.py.in b/geo-replication/src/peer_georep-sshkey.py.in index 400f29d64f3..58696e9a616 100644 --- a/geo-replication/src/peer_georep-sshkey.py.in +++ b/geo-replication/src/peer_georep-sshkey.py.in @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 # -*- coding: utf-8 -*- # # Copyright (c) 2016 Red Hat, Inc. <http://www.redhat.com> @@ -30,8 +30,8 @@ from prettytable import PrettyTable SECRET_PEM = "@GLUSTERD_WORKDIR@/geo-replication/secret.pem" TAR_SSH_PEM = "@GLUSTERD_WORKDIR@/geo-replication/tar_ssh.pem" -GSYNCD_CMD = 'command="@GLUSTERFS_LIBEXECDIR@/gsyncd" ' -TAR_CMD = 'command="tar ${SSH_ORIGINAL_COMMAND#* }" ' +GSYNCD_CMD = 'command="@GLUSTERFS_LIBEXECDIR@/gsyncd" ' +TAR_CMD = 'command="tar ${SSH_ORIGINAL_COMMAND#* }" ' COMMON_SECRET_FILE = "@GLUSTERD_WORKDIR@/geo-replication/common_secret.pem.pub" diff --git a/geo-replication/src/peer_gsec_create.in b/geo-replication/src/peer_gsec_create.in index 05c1638bdcd..6d4a4847013 100755 --- a/geo-replication/src/peer_gsec_create.in +++ b/geo-replication/src/peer_gsec_create.in @@ -18,7 +18,7 @@ if [ "Xcontainer" = "X$1" ]; then output1=`cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` output2=`cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` else - output1=`echo command=\"${libexecdir}/glusterfs/gsyncd\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` - output2=`echo command=\"tar \$\{SSH_ORIGINAL_COMMAND#* \}\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` + output1=`echo command=\"${libexecdir}/glusterfs/gsyncd\" ""``cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` + output2=`echo command=\"tar \$\{SSH_ORIGINAL_COMMAND#* \}\" ""``cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` fi echo -e "$output1\n$output2" diff --git a/geo-replication/src/peer_mountbroker.in b/geo-replication/src/peer_mountbroker.in index ec514f038e1..8ecf38ded41 100644 --- a/geo-replication/src/peer_mountbroker.in +++ b/geo-replication/src/peer_mountbroker.in @@ -1,10 +1,12 @@ -#!/usr/bin/env python +#!/usr/bin/python3 + +from __future__ import print_function + import os from argparse import ArgumentParser, RawDescriptionHelpFormatter import json import sys - PROG_DESCRIPTION = """ GlusterFS Mountbroker user management """ @@ -14,19 +16,19 @@ args = None def ok(message=""): if (not args and "-j" in sys.argv) or (args and args.json): - print json.dumps({"ok": True, "message": message}) + print(json.dumps({"ok": True, "message": message})) else: if message: - print message + print(message) sys.exit(0) def notok(message=""): if (not args and "-j" in sys.argv) or (args and args.json): - print json.dumps({"ok": False, "message": message}) + print(json.dumps({"ok": False, "message": message})) else: - print "error: %s" % message + print("error: %s" % message) # Always return zero due to limitation while executing # as `gluster system:: execute` @@ -64,7 +66,7 @@ class MountbrokerUserMgmt(object): def _get_write_data(self): op = "volume management\n" op += " type mgmt/glusterd\n" - for k, v in self._options.iteritems(): + for k, v in self._options.items(): op += " option %s %s\n" % (k, v) for line in self.commented_lines: op += " %s\n" % line @@ -87,7 +89,7 @@ class MountbrokerUserMgmt(object): def add_user(self, user, volumes): vols = set() - for k, v in self._options.iteritems(): + for k, v in self._options.items(): if k.startswith("mountbroker-geo-replication.") \ and user == k.split(".")[-1]: vols.update(v.split(",")) @@ -98,7 +100,7 @@ class MountbrokerUserMgmt(object): def remove_volume(self, user, volumes): vols = set() - for k, v in self._options.iteritems(): + for k, v in self._options.items(): if k.startswith("mountbroker-geo-replication.") \ and user == k.split(".")[-1]: vols.update(v.split(",")) @@ -118,7 +120,7 @@ class MountbrokerUserMgmt(object): def info(self): data = {"users": []} - for k, v in self._options.iteritems(): + for k, v in self._options.items(): if k.startswith("mountbroker-geo-replication."): data["users"].append( {"name": k.split(".")[-1], "volumes": v.split(",")} @@ -132,7 +134,7 @@ class MountbrokerUserMgmt(object): def format_info(data): op = "%s %s\n" % ("Option".ljust(50), "Value".ljust(50)) op += ("-" * 101) + "\n" - for key, value in data.iteritems(): + for key, value in data.items(): if key != "users": op += "%s %s\n" % (key.ljust(50), value) diff --git a/geo-replication/src/peer_mountbroker.py.in b/geo-replication/src/peer_mountbroker.py.in index be182c5a7de..40b90ffc560 100644 --- a/geo-replication/src/peer_mountbroker.py.in +++ b/geo-replication/src/peer_mountbroker.py.in @@ -1,4 +1,7 @@ -#!/usr/bin/env python +#!/usr/bin/python3 + +from __future__ import print_function + import os from errno import EEXIST, ENOENT @@ -8,6 +11,7 @@ from gluster.cliutils import (execute, Cmd, node_output_ok, from prettytable import PrettyTable LOG_DIR = "@localstatedir@/log/glusterfs/geo-replication-slaves" +CLI_LOG = "@localstatedir@/log/glusterfs/cli.log" GEOREP_DIR = "@GLUSTERD_WORKDIR@/geo-replication" GLUSTERD_VOLFILE = "@GLUSTERD_VOLFILE@" @@ -43,12 +47,12 @@ class MountbrokerUserMgmt(object): for line in f: line = line.strip() if line.startswith("option "): - key, value = line.split(" ")[1:] + key, value = line.split()[1:] self._options[key] = value if line.startswith("#"): self.commented_lines.append(line) - for k, v in self._options.iteritems(): + for k, v in self._options.items(): if k.startswith("mountbroker-geo-replication."): user = k.split(".")[-1] self.user_volumes[user] = set(v.split(",")) @@ -59,7 +63,7 @@ class MountbrokerUserMgmt(object): def _get_write_data(self): op = "volume management\n" op += " type mgmt/glusterd\n" - for k, v in self._options.iteritems(): + for k, v in self._options.items(): if k.startswith("mountbroker-geo-replication."): # Users will be added seperately continue @@ -142,7 +146,7 @@ class NodeSetup(Cmd): # chgrp -R <grp> /var/log/glusterfs/geo-replication-slaves # chgrp -R <grp> /var/lib/glusterd/geo-replication # chmod -R 770 /var/log/glusterfs/geo-replication-slaves - # chmod -R 770 /var/lib/glusterd/geo-replication + # chmod 770 /var/lib/glusterd/geo-replication # mkdir -p <mnt_root> # chmod 0711 <mnt_root> # If selinux, @@ -192,8 +196,13 @@ class NodeSetup(Cmd): execute(["chgrp", "-R", args.group, GEOREP_DIR]) execute(["chgrp", "-R", args.group, LOG_DIR]) - execute(["chmod", "-R", "770", GEOREP_DIR]) - execute(["chmod", "-R", "770", args.group, LOG_DIR]) + execute(["chgrp", args.group, CLI_LOG]) + execute(["chmod", "770", GEOREP_DIR]) + execute(["find", LOG_DIR, "-type", "d", "-exec", "chmod", "770", "{}", + "+"]) + execute(["find", LOG_DIR, "-type", "f", "-exec", "chmod", "660", "{}", + "+"]) + execute(["chmod", "660", CLI_LOG]) m.set_mount_root_and_group(args.mount_root, args.group) m.save() @@ -213,8 +222,10 @@ class CliSetup(Cmd): name = "setup" def args(self, parser): - parser.add_argument("mount_root") - parser.add_argument("group") + parser.add_argument("mount_root", + help="Path to the mountbroker-root directory.") + parser.add_argument("group", + help="Group to be used for setup.") def run(self, args): out = execute_in_peers("node-setup", [args.mount_root, @@ -270,7 +281,7 @@ class CliStatus(Cmd): for p in out: node_data = p.output - if node_data == "": + if node_data == "" or node_data == "N/A": node_data = {} users_row_data = "" @@ -324,8 +335,10 @@ class CliAdd(Cmd): name = "add" def args(self, parser): - parser.add_argument("volume") - parser.add_argument("user") + parser.add_argument("volume", + help="Volume to be added.") + parser.add_argument("user", + help="User for which volume is to be added.") def run(self, args): out = execute_in_peers("node-add", [args.volume, @@ -365,8 +378,9 @@ class CliRemove(Cmd): name = "remove" def args(self, parser): - parser.add_argument("--volume", default=".") - parser.add_argument("--user", default=".") + parser.add_argument("--volume", default=".", help="Volume to be removed.") + parser.add_argument("--user", default=".", + help="User for which volume has to be removed.") def run(self, args): out = execute_in_peers("node-remove", [args.volume, diff --git a/geo-replication/src/procdiggy.c b/geo-replication/src/procdiggy.c index 35125d20ba8..8068ef79a42 100644 --- a/geo-replication/src/procdiggy.c +++ b/geo-replication/src/procdiggy.c @@ -15,110 +15,122 @@ #include <ctype.h> #include <sys/param.h> /* for PATH_MAX */ -#include "common-utils.h" -#include "syscall.h" +#include <glusterfs/common-utils.h> +#include <glusterfs/syscall.h> #include "procdiggy.h" pid_t -pidinfo (pid_t pid, char **name) +pidinfo(pid_t pid, char **name) { - char buf[NAME_MAX * 2] = {0,}; - FILE *f = NULL; - char path[PATH_MAX] = {0,}; - char *p = NULL; - int ret = 0; - - snprintf (path, sizeof path, PROC"/%d/status", pid); - - f = fopen (path, "r"); - if (!f) - return -1; - - if (name) - *name = NULL; - for (;;) { - size_t len; - memset (buf, 0, sizeof (buf)); - if (fgets (buf, sizeof (buf), f) == NULL || - (len = strlen (buf)) == 0 || - buf[len - 1] != '\n') { - pid = -1; - goto out; - } - buf[len - 1] = '\0'; - - if (name && !*name) { - p = strtail (buf, "Name:"); - if (p) { - while (isspace (*++p)); - *name = gf_strdup (p); - if (!*name) { - pid = -2; - goto out; - } - continue; - } + char buf[NAME_MAX * 2] = { + 0, + }; + FILE *f = NULL; + char path[PATH_MAX] = { + 0, + }; + char *p = NULL; + int ret = 0; + pid_t lpid = -1; + + if (name) + *name = NULL; + + snprintf(path, sizeof path, PROC "/%d/status", pid); + + f = fopen(path, "r"); + if (!f) + return -1; + + for (;;) { + size_t len; + memset(buf, 0, sizeof(buf)); + if (fgets(buf, sizeof(buf), f) == NULL || (len = strlen(buf)) == 0 || + buf[len - 1] != '\n') { + lpid = -1; + goto out; + } + buf[len - 1] = '\0'; + + if (name && !*name) { + p = strtail(buf, "Name:"); + if (p) { + while (isspace(*++p)) + ; + *name = gf_strdup(p); + if (!*name) { + lpid = -2; + goto out; } - - p = strtail (buf, "PPid:"); - if (p) - break; + continue; + } } - while (isspace (*++p)); - ret = gf_string2int (p, &pid); - if (ret == -1) - pid = -1; - - out: - fclose (f); - if (pid == -1 && name && *name) - GF_FREE (name); - if (pid == -2) - fprintf (stderr, "out of memory\n"); - return pid; + p = strtail(buf, "PPid:"); + if (p) + break; + } + + while (isspace(*++p)) + ; + ret = gf_string2int(p, &lpid); + if (ret == -1) + lpid = -1; + +out: + fclose(f); + if (lpid == -1 && name && *name) + GF_FREE(*name); + if (lpid == -2) + fprintf(stderr, "out of memory\n"); + return lpid; } int -prociter (int (*proch) (pid_t pid, pid_t ppid, char *tmpname, void *data), - void *data) +prociter(int (*proch)(pid_t pid, pid_t ppid, char *tmpname, void *data), + void *data) { - char *name = NULL; - DIR *d = NULL; - struct dirent *de = NULL; - struct dirent scratch[2] = {{0,},}; - pid_t pid = -1; - pid_t ppid = -1; - int ret = 0; - - d = sys_opendir (PROC); - if (!d) - return -1; - - for (;;) { - errno = 0; - de = sys_readdir (d, scratch); - if (!de || errno != 0) - break; - - if (gf_string2int (de->d_name, &pid) != -1 && pid >= 0) { - ppid = pidinfo (pid, &name); - switch (ppid) { - case -1: continue; - case -2: ret = -1; break; - } - ret = proch (pid, ppid, name, data); - GF_FREE (name); - if (ret) - break; - } - } - sys_closedir (d); - if (!de && errno) { - fprintf (stderr, "failed to traverse "PROC" (%s)\n", - strerror (errno)); - ret = -1; + char *name = NULL; + DIR *d = NULL; + struct dirent *de = NULL; + struct dirent scratch[2] = { + { + 0, + }, + }; + pid_t pid = -1; + pid_t ppid = -1; + int ret = 0; + + d = sys_opendir(PROC); + if (!d) + return -1; + + for (;;) { + errno = 0; + de = sys_readdir(d, scratch); + if (!de || errno != 0) + break; + + if (gf_string2int(de->d_name, &pid) != -1 && pid >= 0) { + ppid = pidinfo(pid, &name); + switch (ppid) { + case -1: + continue; + case -2: + break; + } + ret = proch(pid, ppid, name, data); + GF_FREE(name); + if (ret) + break; } - - return ret; + } + sys_closedir(d); + if (!de && errno) { + fprintf(stderr, "failed to traverse " PROC " (%s)\n", strerror(errno)); + ret = -1; + } + + return ret; } diff --git a/geo-replication/src/procdiggy.h b/geo-replication/src/procdiggy.h index 56dfc4eb213..e17ccd31c89 100644 --- a/geo-replication/src/procdiggy.h +++ b/geo-replication/src/procdiggy.h @@ -13,8 +13,9 @@ #define PROC "/proc" -pid_t pidinfo (pid_t pid, char **name); - -int prociter (int (*proch) (pid_t pid, pid_t ppid, char *name, void *data), - void *data); +pid_t +pidinfo(pid_t pid, char **name); +int +prociter(int (*proch)(pid_t pid, pid_t ppid, char *name, void *data), + void *data); diff --git a/geo-replication/src/set_geo_rep_pem_keys.sh b/geo-replication/src/set_geo_rep_pem_keys.sh index ae23f4ff0c6..8a43fa39d1f 100755 --- a/geo-replication/src/set_geo_rep_pem_keys.sh +++ b/geo-replication/src/set_geo_rep_pem_keys.sh @@ -47,6 +47,7 @@ function main() cp $home_dir/${COMMON_SECRET_PEM_PUB} ${GLUSTERD_WORKDIR}/geo-replication/ gluster system:: copy file /geo-replication/${COMMON_SECRET_PEM_PUB} gluster system:: execute add_secret_pub $user geo-replication/${master_vol}_${slave_vol}_common_secret.pem.pub + gluster vol set ${slave_vol} features.read-only on else echo "$home_dir/common_secret.pem.pub not present. Please run geo-replication command on master with push-pem option to generate the file" exit 1; |