diff --git a/kdump.conf b/kdump.conf index 2d05493..0b8aea2 100644 --- a/kdump.conf +++ b/kdump.conf @@ -102,6 +102,7 @@ #ext4 UUID=03138356-5e61-4ab3-b58e-27507ac41937 #net my.server.com:/export/tmp #net user@my.server.com +#sshkey /root/.ssh/kdump_id_rsa #path /var/crash #core_collector makedumpfile -c #link_delay 60 diff --git a/kdump_dracut_modules/99kdumpbase/kdump.sh b/kdump_dracut_modules/99kdumpbase/kdump.sh index 78127ed..b2087dc 100755 --- a/kdump_dracut_modules/99kdumpbase/kdump.sh +++ b/kdump_dracut_modules/99kdumpbase/kdump.sh @@ -8,6 +8,15 @@ CORE_COLLECTOR="makedumpfile -d 31 -c" DEFAULT_ACTION="dump_rootfs" DATEDIR=`date +%d.%m.%y-%T` DUMP_INSTRUCTION="" +SSH_KEY_LOCATION="/root/.ssh/kdump_id_rsa" + +# we use manual setup nics in udev rules, +# so we need to test network is really ok +wait_for_net_ok() { + local ip=$(getarg ip) + local iface=`echo $ip|cut -d':' -f1` + return $(wait_for_route_ok $iface) +} do_default_action() { @@ -96,8 +105,8 @@ dump_nfs() dump_ssh() { - ssh -q -o BatchMode=yes -o StrictHostKeyChecking=yes $1 mkdir -p $KDUMP_PATH/$DATEDIR || return 1 - scp -q -o BatchMode=yes -o StrictHostKeyChecking=yes /proc/vmcore "$1:$KDUMP_PATH/$DATEDIR" || return 1 + ssh -q -i $1 -o BatchMode=yes -o StrictHostKeyChecking=yes $2 mkdir -p $KDUMP_PATH/$DATEDIR || return 1 + scp -q -i $1 -o BatchMode=yes -o StrictHostKeyChecking=yes /proc/vmcore "$2:$KDUMP_PATH/$DATEDIR" || return 1 return 0 } @@ -105,26 +114,19 @@ read_kdump_conf() { local conf_file="/etc/kdump.conf" if [ -f "$conf_file" ]; then + # first get the necessary variables while read config_opt config_val; do - case "$config_opt" in - ext[234]|xfs|btrfs|minix) - add_dump_code "dump_localfs $config_val || do_default_action" - ;; - raw) - add_dump_code "dump_raw $config_val || do_default_action" - ;; - path) + case "$config_opt" in + path) KDUMP_PATH="$config_val" - ;; - core_collector) - CORE_COLLECTOR="$config_val" ;; - net) - if [[ "$config_val" =~ "@" ]]; then - add_dump_code "dump_ssh $config_val || do_default_action" - else - add_dump_code "dump_nfs $config_val || do_default_action" + core_collector) + CORE_COLLECTOR="$config_val" + ;; + sshkey) + if [ -f "$config_val" ]; then + SSH_KEY_LOCATION=$config_val fi ;; default) @@ -142,8 +144,29 @@ read_kdump_conf() DEFAULT_ACTION="poweroff -f" ;; esac - ;; - esac + ;; + esac + done < $conf_file + + # rescan for add code for dump target + while read config_opt config_val; + do + case "$config_opt" in + ext[234]|xfs|btrfs|minix) + add_dump_code "dump_localfs $config_val || do_default_action" + ;; + raw) + add_dump_code "dump_raw $config_val || do_default_action" + ;; + net) + wait_for_net_ok + if [[ "$config_val" =~ "@" ]]; then + add_dump_code "dump_ssh $SSH_KEY_LOCATION $config_val || do_default_action" + else + add_dump_code "dump_nfs $config_val || do_default_action" + fi + ;; + esac done < $conf_file fi } diff --git a/kdump_dracut_modules/99kdumpbase/module-setup.sh b/kdump_dracut_modules/99kdumpbase/module-setup.sh index 713f968..6eaa040 100755 --- a/kdump_dracut_modules/99kdumpbase/module-setup.sh +++ b/kdump_dracut_modules/99kdumpbase/module-setup.sh @@ -52,11 +52,14 @@ install() { ;; net) if strstr "$config_val" "@"; then - _server=$(echo $config_val | sed -e 's#.*@\(.*\):.*#\1#') + _server=`echo $config_val | sed 's/.*@//' | cut -d':' -f1` else _server=$(echo $config_val | sed -e 's#\(.*\):.*#\1#') fi + _need_dns=`echo $_server|grep "[a-zA-Z]"` + [ -n "$_need_dns" ] && _server=`getent hosts $_server|cut -d' ' -f1` + _netdev=`/sbin/ip route get to $_server 2>&1` [ $? != 0 ] && echo "Bad kdump location: $config_val" && exit 1 #the field in the ip output changes if we go to another subnet @@ -68,7 +71,7 @@ install() { # we are on the same subnet _netdev=`echo $_netdev|awk '{print $3}'|head -n 1` fi - echo " ip=$_netdev:dhcp" > ${initdir}/etc/cmdline.d/40ip.conf + echo " ip=$_netdev:dhcp rd.neednet=1" > ${initdir}/etc/cmdline.d/40ip.conf if is_bridge "$_netdev"; then echo " bridge=$_netdev:$(cd /sys/class/net/$_netdev/brif/; echo *)" > ${initdir}/etc/cmdline.d/41bridge.conf elif is_bond "$_netdev"; then @@ -84,8 +87,8 @@ install() { inst "/bin/date" "/bin/date" inst "/bin/sync" "/bin/sync" + inst "/bin/cut" "/bin/cut" inst "/sbin/makedumpfile" "/sbin/makedumpfile" inst "/tmp/$$-kdump.conf" "/etc/kdump.conf" - inst_hook pre-pivot 93 "$moddir/kdump.sh" + inst_hook pre-pivot 0000 "$moddir/kdump.sh" } - diff --git a/kdumpctl b/kdumpctl index e37fd8d..842afa3 100755 --- a/kdumpctl +++ b/kdumpctl @@ -10,6 +10,9 @@ KDUMP_COMMANDLINE="" KEXEC_ARGS="" KDUMP_CONFIG_FILE="/etc/kdump.conf" MKDUMPRD="/sbin/mkdumprd -d -f" +SAVE_PATH=/var/crash +SSH_KEY_LOCATION="/root/.ssh/kdump_id_rsa" +DUMP_TARGET="" LOGGER="/usr/bin/logger -p info -t kdump" @@ -171,8 +174,56 @@ function load_kdump() fi } +function check_ssh_config() +{ + while read config_opt config_val; do + case "$config_opt" in + sshkey) + if [ -f "$config_val" ]; then + # canonicalize the path + SSH_KEY_LOCATION=$(/usr/bin/readlink -m $config_val) + else + echo "WARNING: '$config_val' doesn't exist, using default value '$SSH_KEY_LOCATION'" + fi + ;; + path) + SAVE_PATH=$config_val + ;; + net) + DUMP_TARGET=$config_val + ;; + *) + ;; + esac + done < $KDUMP_CONFIG_FILE + + #make sure they've configured kdump.conf for ssh dumps + local SSH_TARGET=`echo -n $DUMP_TARGET | sed -n '/.*@/p'` + if [ -z "$SSH_TARGET" ]; then + return 1 + fi + return 0 +} + +function check_ssh_target() +{ + ssh -q -i $SSH_KEY_LOCATION -o BatchMode=yes $DUMP_TARGET mkdir -p $SAVE_PATH + if [ $? -ne 0 ]; then + echo "Could not create $DUMP_TARGET:$SAVE_PATH, you probably need to run \"service kdump propagate\"" + exit $? + fi + return 0 +} + function propagate_ssh_key() { + check_ssh_config + if [ $? -ne 0 ]; then + echo "No ssh config specified in $KDUMP_CONFIG_FILE. Can't propagate" + $LOGGER "$errmsg, no ssh config specified in $KDUMP_CONFIG_FILE" + exit 1 + fi + #Check if selinux is on... must flip to permissive mode #for the moment to create key, then flip back... se_enforce=`/usr/sbin/sestatus | grep -c "^Current mode.*enforcing"` @@ -180,33 +231,15 @@ function propagate_ssh_key() /usr/sbin/setenforce 0 2>&1 > /dev/null fi - #Use dedicated key for kdump - if [ ! -d /root/.ssh ]; then - mkdir /root/.ssh - chmod 700 /root/.ssh - fi - if [ ! -e /root/.ssh/config ]; then - echo "IdentityFile ~/.ssh/kdump_id_rsa" >> /root/.ssh/config - elif [ `grep -c kdump_id_rsa /root/.ssh/config` -eq 0 ]; then - echo "IdentityFile ~/.ssh/kdump_id_rsa" >> /root/.ssh/config - fi - local KEYFILE=/root/.ssh/kdump_id_rsa.pub + local KEYFILE=$SSH_KEY_LOCATION local errmsg="Failed to propagate ssh key" - #make sure they've configured kdump.conf for ssh dumps - local SSH_TARGET=`awk '/^\ *net.*@.*$/ {print $0}' $KDUMP_CONFIG_FILE` - if [ -z "$SSH_TARGET" ]; then - echo "No ssh config specified in $KDUMP_CONFIG_FILE. Can't propagate" - $LOGGER "$errmsg, no ssh config specified in $KDUMP_CONFIG_FILE" - exit 1 - fi - #Check to see if we already created key, if not, create it. if [ -f $KEYFILE ]; then echo "Using existing keys..." else echo -n "Generating new ssh keys... " - /usr/bin/ssh-keygen -t rsa -f /root/.ssh/kdump_id_rsa -N "" 2>&1 > /dev/null + /usr/bin/ssh-keygen -t rsa -f $KEYFILE -N "" 2>&1 > /dev/null echo "done." fi @@ -216,11 +249,11 @@ function propagate_ssh_key() fi #now find the target ssh user and server to contact. - SSH_USER=`echo $SSH_TARGET | cut -d\ -f2 | cut -d@ -f1` - SSH_SERVER=`echo $SSH_TARGET | sed -e's/\(.*@\)\(.*$\)/\2/'` + SSH_USER=`echo $DUMP_TARGET | cut -d\ -f2 | cut -d@ -f1` + SSH_SERVER=`echo $DUMP_TARGET | sed -e's/\(.*@\)\(.*$\)/\2/'` #now send the found key to the found server - ssh-copy-id -i $KEYFILE $SSH_USER@$SSH_SERVER &>/dev/null + ssh-copy-id -i $KEYFILE $SSH_USER@$SSH_SERVER RET=$? if [ $RET == 0 ]; then echo $KEYFILE has been added to ~$SSH_USER/.ssh/authorized_keys on $SSH_SERVER @@ -262,6 +295,9 @@ function start() return 0 fi fi + + check_ssh_config && check_ssh_target + check_config if [ $? != 0 ]; then echo -n "Starting kdump:"; echo diff --git a/kexec-tools.spec b/kexec-tools.spec index 49a7b1d..fd07eb1 100644 --- a/kexec-tools.spec +++ b/kexec-tools.spec @@ -1,6 +1,6 @@ Name: kexec-tools Version: 2.0.3 -Release: 39%{?dist} +Release: 43%{?dist} License: GPLv2 Group: Applications/System Summary: The kexec/kdump userspace component. @@ -32,7 +32,7 @@ Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units Requires(pre): coreutils sed zlib -Requires: busybox >= 1.2.0, dracut +Requires: busybox >= 1.2.0, dracut, dracut-network BuildRequires: dash BuildRequires: zlib-devel zlib zlib-static elfutils-devel-static glib2-devel bzip2-devel BuildRequires: pkgconfig intltool gettext @@ -285,10 +285,23 @@ done %changelog -* Tue Feb 14 2012 Orion Poplawski - 2.0.2-39 -- Fixup sysytemd service file (bug 741272) -- Drop chkconfig (bug 786938) - +* Wed Apr 11 2012 Cong Wang - 2.0.3-43 +- variable name fix from Dave Young. + +* Fri Mar 30 2012 Cong Wang - 2.0.3-42 +- get ip addr with getent +- spec: depends on dracut-network +- Handle net option for nfs in kdump.conf correctly + +* Mon Feb 27 2012 Cong Wang - 2.0.3-41 +- Bump this version. + +* Wed Feb 22 2012 Cong Wang - 2.0.2-40 +- Fixup sysytemd service file. + +* Wed Feb 22 2012 Dave Young - 2.0.2-39 +- Add ssh dump support, resolve bug 789253. + * Fri Jan 27 2012 Cong Wang - 2.0.2-38 - Pull the latest makedumpfile release, 1.4.2. diff --git a/mkdumprd b/mkdumprd index d7b71fd..384d0f9 100644 --- a/mkdumprd +++ b/mkdumprd @@ -9,6 +9,7 @@ export IN_KDUMP=1 conf_file="/etc/kdump.conf" +SSH_KEY_LOCATION="/root/.ssh/kdump_id_rsa" extra_modules="" dracut_args=("-m" "kdumpbase" "--add" "dash" "--add" "fstab-sys" "--add" "kernel-modules" "-c" "/dev/null" "-I" "/sbin/makedumpfile") @@ -28,6 +29,10 @@ add_dracut_mount() { add_dracut_arg "--mount" "$1" } +add_dracut_sshkey() { + add_dracut_arg "--sshkey" "$1" +} + while [ $# -gt 0 ]; do case $1 in -d) @@ -94,6 +99,13 @@ add_mount() { add_dracut_mount "$(to_mount "$(get_rootdev)")" if [ -n "$conf_file" ]; then + # firstly get right SSH_KEY_LOCATION + keyfile=$(awk '/sshkey/ {print $2}' $conf_file) + if [ -f "$keyfile" ]; then + # canonicalize the path + SSH_KEY_LOCATION=$(/usr/bin/readlink -m $keyfile) + fi + while read config_opt config_val; do case "$config_opt" in @@ -115,6 +127,7 @@ if [ -n "$conf_file" ]; then if strstr "$config_val" "@"; then add_dracut_module "ssh-client" + add_dracut_sshkey "$SSH_KEY_LOCATION" else add_dracut_module "nfs" add_mount "$config_val" diff --git a/sources b/sources index 73a18e7..d8552fb 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ 3e802d638dce0080b910f15908c04a24 kexec-tools-po.tar.gz b3ced2097ce3981abba38ceedc84f939 kexec-tools-2.0.3.tar.bz2 -2132832b58a209c05192d5783031c79d dracut-files.tbz2 a98917a8dab5e590549bff9fe7b3a5c2 makedumpfile-1.4.2.tar.gz +46e5e863576723462b2d2b1b79e92423 dracut-files.tbz2