Compare commits

..

No commits in common. "imports/c8s/pacemaker-2.1.4-3.el8" and "c8" have entirely different histories.

19 changed files with 13886 additions and 694 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/nagios-agents-metadata-105ab8a.tar.gz
SOURCES/pacemaker-dc6eb43.tar.gz
SOURCES/pacemaker-0f7f88312.tar.gz

View File

@ -1,2 +1,2 @@
ea6c0a27fd0ae8ce02f84a11f08a0d79377041c3 SOURCES/nagios-agents-metadata-105ab8a.tar.gz
1dfac4c5f1958ce5f72bfcbb2a34890ab058c84c SOURCES/pacemaker-dc6eb43.tar.gz
88946a460e3be18852861269f8837aaaf339328c SOURCES/pacemaker-0f7f88312.tar.gz

File diff suppressed because it is too large Load Diff

View File

@ -1,127 +0,0 @@
From 243139b2ec0f6b17877a4e7f651fc3f70f76b11a Mon Sep 17 00:00:00 2001
From: Christine Caulfield <ccaulfie@redhat.com>
Date: Fri, 6 May 2022 15:23:43 +0100
Subject: [PATCH 1/2] fenced: Don't ignore CIB updates if stonith-enabled=false
Fixes: T378
---
daemons/fenced/pacemaker-fenced.c | 23 +++--------------------
1 file changed, 3 insertions(+), 20 deletions(-)
diff --git a/daemons/fenced/pacemaker-fenced.c b/daemons/fenced/pacemaker-fenced.c
index caab7de83..dadd187b6 100644
--- a/daemons/fenced/pacemaker-fenced.c
+++ b/daemons/fenced/pacemaker-fenced.c
@@ -1136,11 +1136,8 @@ static void
update_cib_cache_cb(const char *event, xmlNode * msg)
{
int rc = pcmk_ok;
- xmlNode *stonith_enabled_xml = NULL;
- static gboolean stonith_enabled_saved = TRUE;
long timeout_ms_saved = stonith_watchdog_timeout_ms;
gboolean need_full_refresh = FALSE;
- bool value = false;
if(!have_cib_devices) {
crm_trace("Skipping updates until we get a full dump");
@@ -1191,32 +1188,18 @@ update_cib_cache_cb(const char *event, xmlNode * msg)
return;
}
CRM_ASSERT(local_cib != NULL);
- stonith_enabled_saved = FALSE; /* Trigger a full refresh below */
+ need_full_refresh = TRUE;
}
pcmk__refresh_node_caches_from_cib(local_cib);
update_stonith_watchdog_timeout_ms(local_cib);
- stonith_enabled_xml = get_xpath_object("//nvpair[@name='stonith-enabled']",
- local_cib, LOG_NEVER);
- if (pcmk__xe_get_bool_attr(stonith_enabled_xml, XML_NVPAIR_ATTR_VALUE, &value) == pcmk_rc_ok && !value) {
- crm_trace("Ignoring CIB updates while fencing is disabled");
- stonith_enabled_saved = FALSE;
-
- } else if (stonith_enabled_saved == FALSE) {
- crm_info("Updating fencing device and topology lists "
- "now that fencing is enabled");
- stonith_enabled_saved = TRUE;
- need_full_refresh = TRUE;
-
- } else {
- if (timeout_ms_saved != stonith_watchdog_timeout_ms) {
+ if (timeout_ms_saved != stonith_watchdog_timeout_ms) {
need_full_refresh = TRUE;
- } else {
+ } else {
update_fencing_topology(event, msg);
update_cib_stonith_devices(event, msg);
watchdog_device_update();
- }
}
if (need_full_refresh) {
--
2.31.1
From c600ef49022e7473acbe121fae50a0c1aa2d7c03 Mon Sep 17 00:00:00 2001
From: Christine Caulfield <ccaulfie@redhat.com>
Date: Thu, 9 Jun 2022 11:08:43 +0100
Subject: [PATCH 2/2] Also don't check for stonith-disabled in
update_stonith_watchdog_timeout_ms
---
daemons/fenced/pacemaker-fenced.c | 34 +++++++++++--------------------
1 file changed, 12 insertions(+), 22 deletions(-)
diff --git a/daemons/fenced/pacemaker-fenced.c b/daemons/fenced/pacemaker-fenced.c
index dadd187b6..ec42d5bc2 100644
--- a/daemons/fenced/pacemaker-fenced.c
+++ b/daemons/fenced/pacemaker-fenced.c
@@ -643,31 +643,21 @@ watchdog_device_update(void)
static void
update_stonith_watchdog_timeout_ms(xmlNode *cib)
{
- xmlNode *stonith_enabled_xml = NULL;
- bool stonith_enabled = false;
- int rc = pcmk_rc_ok;
long timeout_ms = 0;
+ xmlNode *stonith_watchdog_xml = NULL;
+ const char *value = NULL;
- stonith_enabled_xml = get_xpath_object("//nvpair[@name='stonith-enabled']",
- cib, LOG_NEVER);
- rc = pcmk__xe_get_bool_attr(stonith_enabled_xml, XML_NVPAIR_ATTR_VALUE, &stonith_enabled);
-
- if (rc != pcmk_rc_ok || stonith_enabled) {
- xmlNode *stonith_watchdog_xml = NULL;
- const char *value = NULL;
-
- stonith_watchdog_xml = get_xpath_object("//nvpair[@name='stonith-watchdog-timeout']",
- cib, LOG_NEVER);
- if (stonith_watchdog_xml) {
- value = crm_element_value(stonith_watchdog_xml, XML_NVPAIR_ATTR_VALUE);
- }
- if (value) {
- timeout_ms = crm_get_msec(value);
- }
+ stonith_watchdog_xml = get_xpath_object("//nvpair[@name='stonith-watchdog-timeout']",
+ cib, LOG_NEVER);
+ if (stonith_watchdog_xml) {
+ value = crm_element_value(stonith_watchdog_xml, XML_NVPAIR_ATTR_VALUE);
+ }
+ if (value) {
+ timeout_ms = crm_get_msec(value);
+ }
- if (timeout_ms < 0) {
- timeout_ms = pcmk__auto_watchdog_timeout();
- }
+ if (timeout_ms < 0) {
+ timeout_ms = pcmk__auto_watchdog_timeout();
}
stonith_watchdog_timeout_ms = timeout_ms;
--
2.31.1

View File

@ -1,425 +0,0 @@
From 80c64be80f2bffdcf5d2432e1e59d633fd68d516 Mon Sep 17 00:00:00 2001
From: Grace Chin <gchin@redhat.com>
Date: Mon, 13 Jun 2022 09:02:32 -0400
Subject: [PATCH 1/4] Add pcmk__is_user_in_group()
---
lib/common/crmcommon_private.h | 3 +++
lib/common/utils.c | 33 +++++++++++++++++++++++++++++++++
2 files changed, 36 insertions(+)
diff --git a/lib/common/crmcommon_private.h b/lib/common/crmcommon_private.h
index 6b7be9c68..c2fcb0adf 100644
--- a/lib/common/crmcommon_private.h
+++ b/lib/common/crmcommon_private.h
@@ -96,6 +96,9 @@ void pcmk__free_acls(GList *acls);
G_GNUC_INTERNAL
void pcmk__unpack_acl(xmlNode *source, xmlNode *target, const char *user);
+G_GNUC_INTERNAL
+bool pcmk__is_user_in_group(const char *user, const char *group);
+
G_GNUC_INTERNAL
void pcmk__apply_acl(xmlNode *xml);
diff --git a/lib/common/utils.c b/lib/common/utils.c
index 2dfbef278..f23583acb 100644
--- a/lib/common/utils.c
+++ b/lib/common/utils.c
@@ -27,6 +27,7 @@
#include <time.h>
#include <libgen.h>
#include <signal.h>
+#include <grp.h>
#include <qb/qbdefs.h>
@@ -53,6 +54,38 @@ gboolean crm_config_error = FALSE;
gboolean crm_config_warning = FALSE;
char *crm_system_name = NULL;
+bool
+pcmk__is_user_in_group(const char *user, const char *group)
+{
+ struct group *grent;
+ char **gr_mem;
+
+ if (user == NULL || group == NULL) {
+ return false;
+ }
+
+ setgrent();
+ while ((grent = getgrent()) != NULL) {
+ if (grent->gr_mem == NULL) {
+ continue;
+ }
+
+ if(strcmp(group, grent->gr_name) != 0) {
+ continue;
+ }
+
+ gr_mem = grent->gr_mem;
+ while (*gr_mem != NULL) {
+ if (!strcmp(user, *gr_mem++)) {
+ endgrent();
+ return true;
+ }
+ }
+ }
+ endgrent();
+ return false;
+}
+
int
crm_user_lookup(const char *name, uid_t * uid, gid_t * gid)
{
--
2.31.1
From 5fbe5c310de00390fb36d866823a7745ba4812e3 Mon Sep 17 00:00:00 2001
From: Grace Chin <gchin@redhat.com>
Date: Mon, 13 Jun 2022 09:04:57 -0400
Subject: [PATCH 2/4] Add unit test for pcmk__is_user_in_group()
---
lib/common/Makefile.am | 2 +-
lib/common/mock.c | 31 +++++--
lib/common/mock_private.h | 11 +++
lib/common/tests/acl/Makefile.am | 11 ++-
.../tests/acl/pcmk__is_user_in_group_test.c | 92 +++++++++++++++++++
5 files changed, 137 insertions(+), 10 deletions(-)
create mode 100644 lib/common/tests/acl/pcmk__is_user_in_group_test.c
diff --git a/lib/common/Makefile.am b/lib/common/Makefile.am
index d7aae53bf..04d56dc3c 100644
--- a/lib/common/Makefile.am
+++ b/lib/common/Makefile.am
@@ -94,7 +94,7 @@ libcrmcommon_la_SOURCES += watchdog.c
libcrmcommon_la_SOURCES += xml.c
libcrmcommon_la_SOURCES += xpath.c
-WRAPPED = calloc getenv getpwnam_r uname
+WRAPPED = calloc getenv getpwnam_r uname setgrent getgrent endgrent
WRAPPED_FLAGS = $(foreach fn,$(WRAPPED),-Wl,--wrap=$(fn))
libcrmcommon_test_la_SOURCES = $(libcrmcommon_la_SOURCES)
diff --git a/lib/common/mock.c b/lib/common/mock.c
index 55812ddbc..fa9431e6d 100644
--- a/lib/common/mock.c
+++ b/lib/common/mock.c
@@ -11,6 +11,7 @@
#include <stdlib.h>
#include <sys/types.h>
#include <sys/utsname.h>
+#include <grp.h>
#include "mock_private.h"
@@ -18,13 +19,13 @@
* libcrmcommon_test.a, not into libcrmcommon.so. It is used to support
* constructing mock versions of library functions for unit testing.
*
- * Each unit test will only ever want to use a mocked version of one or two
- * library functions. However, we need to mark all the mocked functions as
- * wrapped (with -Wl,--wrap= in the LDFLAGS) in libcrmcommon_test.a so that
- * all those unit tests can share the same special test library. The unit
- * test then defines its own wrapped function. Because a unit test won't
- * define every single wrapped function, there will be undefined references
- * at link time.
+ * Each unit test will only ever want to use a mocked version of a few
+ * library functions (i.e. not all of them). However, we need to mark all
+ * the mocked functions as wrapped (with -Wl,--wrap= in the LDFLAGS) in
+ * libcrmcommon_test.a so that all those unit tests can share the same
+ * special test library. The unit test then defines its own wrapped
+ * function. Because a unit test won't define every single wrapped
+ * function, there will be undefined references at link time.
*
* This file takes care of those undefined references. It defines a
* wrapped version of every function that simply calls the real libc
@@ -74,3 +75,19 @@ int __attribute__((weak))
__wrap_uname(struct utsname *buf) {
return __real_uname(buf);
}
+
+void __attribute__((weak))
+__wrap_setgrent(void) {
+ __real_setgrent();
+}
+
+struct group * __attribute__((weak))
+__wrap_getgrent(void) {
+ return __real_getgrent();
+}
+
+void __attribute__((weak))
+__wrap_endgrent(void) {
+ __real_endgrent();
+}
+
diff --git a/lib/common/mock_private.h b/lib/common/mock_private.h
index 3df7c9839..0c1134cc3 100644
--- a/lib/common/mock_private.h
+++ b/lib/common/mock_private.h
@@ -14,6 +14,7 @@
#include <stdlib.h>
#include <sys/types.h>
#include <sys/utsname.h>
+#include <grp.h>
/* This header is for the sole use of libcrmcommon_test. */
@@ -31,4 +32,14 @@ int __wrap_getpwnam_r(const char *name, struct passwd *pwd,
int __real_uname(struct utsname *buf);
int __wrap_uname(struct utsname *buf);
+void __real_setgrent(void);
+void __wrap_setgrent(void);
+
+struct group *__real_getgrent(void);
+struct group *__wrap_getgrent(void);
+
+void __real_endgrent(void);
+void __wrap_endgrent(void);
+
+
#endif // MOCK_PRIVATE__H
diff --git a/lib/common/tests/acl/Makefile.am b/lib/common/tests/acl/Makefile.am
index 679c9cb8e..a73fc354c 100644
--- a/lib/common/tests/acl/Makefile.am
+++ b/lib/common/tests/acl/Makefile.am
@@ -1,19 +1,26 @@
#
-# Copyright 2021 the Pacemaker project contributors
+# Copyright 2021-2022 the Pacemaker project contributors
#
# The version control history for this file may have further details.
#
# This source code is licensed under the GNU General Public License version 2
# or later (GPLv2+) WITHOUT ANY WARRANTY.
#
-AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/include
+AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_srcdir)/lib/common
LDADD = $(top_builddir)/lib/common/libcrmcommon.la -lcmocka
+pcmk__is_user_in_group_test_LDADD = $(top_builddir)/lib/common/libcrmcommon_test.la -lcmocka
+pcmk__is_user_in_group_test_LDFLAGS = \
+ -Wl,--wrap=setgrent \
+ -Wl,--wrap=getgrent \
+ -Wl,--wrap=endgrent
+
include $(top_srcdir)/mk/tap.mk
# Add "_test" to the end of all test program names to simplify .gitignore.
check_PROGRAMS = \
+ pcmk__is_user_in_group_test \
pcmk_acl_required_test \
xml_acl_denied_test \
xml_acl_enabled_test
diff --git a/lib/common/tests/acl/pcmk__is_user_in_group_test.c b/lib/common/tests/acl/pcmk__is_user_in_group_test.c
new file mode 100644
index 000000000..67b8c2c7c
--- /dev/null
+++ b/lib/common/tests/acl/pcmk__is_user_in_group_test.c
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2020-2022 the Pacemaker project contributors
+ *
+ * The version control history for this file may have further details.
+ *
+ * This source code is licensed under the GNU Lesser General Public License
+ * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
+ */
+
+#include <crm_internal.h>
+#include <crm/common/acl.h>
+#include "../../crmcommon_private.h"
+
+#include "mock_private.h"
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+// THe index of the group that is going to be returned next from "get group entry" (getgrent)
+static int group_idx = 0;
+
+// Data used for testing
+static const char* grp0_members[] = {
+ "user0", "user1", NULL
+};
+
+static const char* grp1_members[] = {
+ "user1", NULL
+};
+
+static const char* grp2_members[] = {
+ "user2", "user1", NULL
+};
+
+// an array of "groups" (a struct from grp.h), the members of the groups are initalized here to some testing data.
+// Casting away the consts to make the compiler happy and simplify initialization.
+// We never actually change these variables during the test!
+// string literal = const char* (cannot be changed b/c ? ) vs. char* (its getting casted to this)
+static const int NUM_GROUPS = 3;
+static struct group groups[] = {
+ {(char*)"grp0", (char*)"", 0, (char**)grp0_members},
+ {(char*)"grp1", (char*)"", 1, (char**)grp1_members},
+ {(char*)"grp2", (char*)"", 2, (char**)grp2_members},
+};
+
+// This function resets the group_idx to 0.
+void
+__wrap_setgrent(void) {
+ group_idx = 0;
+}
+
+// This function returns the next group entry in the list of groups, or
+// NULL if there aren't any left.
+// group_idx is a global variable which keeps track of where you are in the list
+struct group *
+__wrap_getgrent(void) {
+ if(group_idx >= NUM_GROUPS) return NULL;
+ return &groups[group_idx++];
+}
+
+void
+__wrap_endgrent(void) {
+}
+
+static void
+is_pcmk__is_user_in_group(void **state)
+{
+ // null user
+ assert_false(pcmk__is_user_in_group(NULL, "grp0"));
+ // null group
+ assert_false(pcmk__is_user_in_group("user0", NULL));
+ // nonexistent group
+ assert_false(pcmk__is_user_in_group("user0", "nonexistent_group"));
+ // user is in group
+ assert_true(pcmk__is_user_in_group("user0", "grp0"));
+ // user is not in group
+ assert_false(pcmk__is_user_in_group("user2", "grp0"));
+}
+
+int
+main(int argc, char **argv)
+{
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test(is_pcmk__is_user_in_group)
+ };
+
+ cmocka_set_message_output(CM_OUTPUT_TAP);
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
--
2.31.1
From 1bb7fda60f5b8547d7457f20543b7e50089cf06b Mon Sep 17 00:00:00 2001
From: Grace Chin <gchin@redhat.com>
Date: Mon, 13 Jun 2022 09:17:36 -0400
Subject: [PATCH 3/4] Add ACL group support
closes T61
---
lib/common/acl.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lib/common/acl.c b/lib/common/acl.c
index f68069bbd..d7f8469b1 100644
--- a/lib/common/acl.c
+++ b/lib/common/acl.c
@@ -320,6 +320,13 @@ pcmk__unpack_acl(xmlNode *source, xmlNode *target, const char *user)
crm_debug("Unpacking ACLs for user '%s'", id);
p->acls = parse_acl_entry(acls, child, p->acls);
}
+ } else if (!strcmp(tag, XML_ACL_TAG_GROUP)) {
+ const char *id = crm_element_value(child, XML_ATTR_ID);
+
+ if (id && pcmk__is_user_in_group(user,id)) {
+ crm_debug("Unpacking ACLs for group '%s'", id);
+ p->acls = parse_acl_entry(acls, child, p->acls);
+ }
}
}
}
--
2.31.1
From f4efd55d9424d34908ba3e2bcffe16c00b2cf660 Mon Sep 17 00:00:00 2001
From: Grace Chin <gchin@redhat.com>
Date: Mon, 13 Jun 2022 09:20:36 -0400
Subject: [PATCH 4/4] Allow acl_target and acl_group elements to take a 'name'
attribute to use a name different from 'id'
closes T60
---
include/crm/msg_xml.h | 1 +
lib/common/acl.c | 21 +++++++++++++++++----
2 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/include/crm/msg_xml.h b/include/crm/msg_xml.h
index b36dcf060..6470520b1 100644
--- a/include/crm/msg_xml.h
+++ b/include/crm/msg_xml.h
@@ -133,6 +133,7 @@ extern "C" {
# define XML_ATTR_VERSION "version"
# define XML_ATTR_DESC "description"
# define XML_ATTR_ID "id"
+# define XML_ATTR_NAME "name"
# define XML_ATTR_IDREF "id-ref"
# define XML_ATTR_ID_LONG "long-id"
# define XML_ATTR_TYPE "type"
diff --git a/lib/common/acl.c b/lib/common/acl.c
index d7f8469b1..b9f7472ee 100644
--- a/lib/common/acl.c
+++ b/lib/common/acl.c
@@ -278,8 +278,13 @@ pcmk__apply_acl(xmlNode *xml)
/*!
* \internal
- * \brief Unpack ACLs for a given user
- *
+ * \brief Unpack ACLs for a given user into the
+ * metadata of the target XML tree
+ *
+ * Taking the description of ACLs from the source XML tree and
+ * marking up the target XML tree with access information for the
+ * given user by tacking it onto the relevant nodes
+ *
* \param[in] source XML with ACL definitions
* \param[in,out] target XML that ACLs will be applied to
* \param[in] user Username whose ACLs need to be unpacked
@@ -314,14 +319,22 @@ pcmk__unpack_acl(xmlNode *source, xmlNode *target, const char *user)
if (!strcmp(tag, XML_ACL_TAG_USER)
|| !strcmp(tag, XML_ACL_TAG_USERv1)) {
- const char *id = crm_element_value(child, XML_ATTR_ID);
+ const char *id = crm_element_value(child, XML_ATTR_NAME);
+
+ if (id == NULL) {
+ id = crm_element_value(child, XML_ATTR_ID);
+ }
if (id && strcmp(id, user) == 0) {
crm_debug("Unpacking ACLs for user '%s'", id);
p->acls = parse_acl_entry(acls, child, p->acls);
}
} else if (!strcmp(tag, XML_ACL_TAG_GROUP)) {
- const char *id = crm_element_value(child, XML_ATTR_ID);
+ const char *id = crm_element_value(child, XML_ATTR_NAME);
+
+ if (id == NULL) {
+ id = crm_element_value(child, XML_ATTR_ID);
+ }
if (id && pcmk__is_user_in_group(user,id)) {
crm_debug("Unpacking ACLs for group '%s'", id);
--
2.31.1

File diff suppressed because it is too large Load Diff

View File

@ -1,88 +0,0 @@
From 9853f4d05a376062d60f2e4c90938e587992237b Mon Sep 17 00:00:00 2001
From: Chris Lumens <clumens@redhat.com>
Date: Mon, 27 Jun 2022 12:06:24 -0400
Subject: [PATCH 1/2] Fix: tools: Don't output "(null)" in crm_attribute's
quiet mode.
If the attribute queried for has no value, simply do not output
anything.
Regression in 2.1.3 introduced by 8c03553bbf
Fixes T502
See: rhbz#2099331
---
tools/crm_attribute.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tools/crm_attribute.c b/tools/crm_attribute.c
index 0bd9dee81..b1463f906 100644
--- a/tools/crm_attribute.c
+++ b/tools/crm_attribute.c
@@ -56,7 +56,9 @@ attribute_text(pcmk__output_t *out, va_list args)
char *host G_GNUC_UNUSED = va_arg(args, char *);
if (out->quiet) {
- pcmk__formatted_printf(out, "%s\n", value);
+ if (value != NULL) {
+ pcmk__formatted_printf(out, "%s\n", value);
+ }
} else {
out->info(out, "%s%s %s%s %s%s value=%s",
scope ? "scope=" : "", scope ? scope : "",
--
2.31.1
From 16d00a9b3ef27afd09f5c046ea1be50fc664ed84 Mon Sep 17 00:00:00 2001
From: Chris Lumens <clumens@redhat.com>
Date: Mon, 27 Jun 2022 12:18:06 -0400
Subject: [PATCH 2/2] Test: cts: Add a test for querying an attribute that does
not exist.
---
cts/cli/regression.tools.exp | 4 ++++
cts/cts-cli.in | 5 +++++
2 files changed, 9 insertions(+)
diff --git a/cts/cli/regression.tools.exp b/cts/cli/regression.tools.exp
index 0d1cfa2ab..464472d42 100644
--- a/cts/cli/regression.tools.exp
+++ b/cts/cli/regression.tools.exp
@@ -24,6 +24,10 @@ A new shadow instance was created. To begin using it paste the following into y
</cib>
=#=#=#= End test: Validate CIB - OK (0) =#=#=#=
* Passed: cibadmin - Validate CIB
+=#=#=#= Begin test: Query the value of an attribute that does not exist =#=#=#=
+crm_attribute: Error performing operation: No such device or address
+=#=#=#= End test: Query the value of an attribute that does not exist - No such object (105) =#=#=#=
+* Passed: crm_attribute - Query the value of an attribute that does not exist
=#=#=#= Begin test: Configure something before erasing =#=#=#=
=#=#=#= Current cib after: Configure something before erasing =#=#=#=
<cib epoch="2" num_updates="0" admin_epoch="0">
diff --git a/cts/cts-cli.in b/cts/cts-cli.in
index 8565c485a..b895d36ec 100755
--- a/cts/cts-cli.in
+++ b/cts/cts-cli.in
@@ -511,6 +511,10 @@ function test_tools() {
cmd="cibadmin -Q"
test_assert $CRM_EX_OK
+ desc="Query the value of an attribute that does not exist"
+ cmd="crm_attribute -n ABCD --query --quiet"
+ test_assert $CRM_EX_NOSUCH 0
+
desc="Configure something before erasing"
cmd="crm_attribute -n cluster-delay -v 60s"
test_assert $CRM_EX_OK
@@ -1980,6 +1984,7 @@ for t in $tests; do
-e 's/ end=\"[0-9][-+: 0-9]*Z*\"/ end=\"\"/' \
-e 's/ start=\"[0-9][-+: 0-9]*Z*\"/ start=\"\"/' \
-e 's/^Error checking rule: Device not configured/Error checking rule: No such device or address/' \
+ -e 's/Error performing operation: Device not configured/Error performing operation: No such device or address/' \
-e 's/\(Injecting attribute last-failure-ping#monitor_10000=\)[0-9]*/\1/' \
-e 's/^lt-//' \
-e 's/ocf::/ocf:/' \
--
2.31.1

View File

@ -0,0 +1,42 @@
From a3bffc7c66bf6f796f977cffd44f223635b008c5 Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Wed, 20 Dec 2023 13:33:47 -0800
Subject: [PATCH] Doc: Pacemaker Explained: Add replace for
PCMK__REMOTE_SCHEMA_DIR
So that the existing use in local-options.rst expands correctly.
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
doc/sphinx/Makefile.am | 1 +
doc/sphinx/conf.py.in | 1 +
3 files changed, 2 insertions(+)
create mode 100644 doc/sphinx/conf.py.in.rej
diff --git a/doc/sphinx/Makefile.am b/doc/sphinx/Makefile.am
index e48e19a..d0309ff 100644
--- a/doc/sphinx/Makefile.am
+++ b/doc/sphinx/Makefile.am
@@ -134,6 +134,7 @@ $(BOOKS:%=%/conf.py): conf.py.in
-e 's#%CRM_SCHEMA_DIRECTORY%#@CRM_SCHEMA_DIRECTORY@#g' \
-e 's#%PACEMAKER_CONFIG_DIR%#@PACEMAKER_CONFIG_DIR@#g' \
-e 's#%PCMK_GNUTLS_PRIORITIES%#@PCMK_GNUTLS_PRIORITIES@#g' \
+ -e 's#%PCMK__REMOTE_SCHEMA_DIR%#@PCMK__REMOTE_SCHEMA_DIR@#g' \
$(<) > "$@"
$(BOOK)/_build: $(STATIC_FILES) $(BOOK)/conf.py $(DEPS_$(BOOK)) $(wildcard $(srcdir)/$(BOOK)/*.rst)
diff --git a/doc/sphinx/conf.py.in b/doc/sphinx/conf.py.in
index 556eb72..511f029 100644
--- a/doc/sphinx/conf.py.in
+++ b/doc/sphinx/conf.py.in
@@ -40,6 +40,7 @@ rst_prolog="""
.. |PCMK_INIT_ENV_FILE| replace:: ``%PACEMAKER_CONFIG_DIR%/pcmk-init.env``
.. |PCMK_LOG_FILE| replace:: %CRM_LOG_DIR%/pacemaker.log
.. |PCMK_GNUTLS_PRIORITIES| replace:: %PCMK_GNUTLS_PRIORITIES%
+.. |PCMK__REMOTE_SCHEMA_DIR| replace:: %PCMK__REMOTE_SCHEMA_DIR%
.. |REMOTE_DISTRO| replace:: AlmaLinux
.. |REMOTE_DISTRO_VER| replace:: 9
"""
--
2.31.1

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,276 @@
From d50bbafc32428e873c0052a9defcf93d2e52667e Mon Sep 17 00:00:00 2001
From: Chris Lumens <clumens@redhat.com>
Date: Wed, 10 Jan 2024 11:35:11 -0500
Subject: [PATCH 1/3] Refactor: libcrmcommon: Split feature set check into its
own function.
---
include/crm/common/cib_internal.h | 4 +++-
lib/cib/cib_utils.c | 12 ++++++------
lib/common/cib.c | 18 +++++++++++++++++-
3 files changed, 26 insertions(+), 8 deletions(-)
diff --git a/include/crm/common/cib_internal.h b/include/crm/common/cib_internal.h
index c41c12e..fa65e58 100644
--- a/include/crm/common/cib_internal.h
+++ b/include/crm/common/cib_internal.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2023 the Pacemaker project contributors
+ * Copyright 2023-2024 the Pacemaker project contributors
*
* The version control history for this file may have further details.
*
@@ -16,6 +16,8 @@ extern "C" {
const char *pcmk__cib_abs_xpath_for(const char *element);
+int pcmk__check_feature_set(const char *cib_version);
+
#ifdef __cplusplus
}
#endif
diff --git a/lib/cib/cib_utils.c b/lib/cib/cib_utils.c
index 0082eef..bf2982c 100644
--- a/lib/cib/cib_utils.c
+++ b/lib/cib/cib_utils.c
@@ -353,7 +353,6 @@ cib_perform_op(const char *op, int call_options, cib__op_fn_t fn, bool is_query,
xmlNode *patchset_cib = NULL;
xmlNode *local_diff = NULL;
- const char *new_version = NULL;
const char *user = crm_element_value(req, F_CIB_USER);
bool with_digest = false;
@@ -470,12 +469,13 @@ cib_perform_op(const char *op, int call_options, cib__op_fn_t fn, bool is_query,
}
if (scratch) {
- new_version = crm_element_value(scratch, XML_ATTR_CRM_VERSION);
+ const char *new_version = crm_element_value(scratch, XML_ATTR_CRM_VERSION);
- if (new_version && compare_version(new_version, CRM_FEATURE_SET) > 0) {
- crm_err("Discarding update with feature set '%s' greater than our own '%s'",
- new_version, CRM_FEATURE_SET);
- rc = -EPROTONOSUPPORT;
+ rc = pcmk__check_feature_set(new_version);
+ if (rc != pcmk_rc_ok) {
+ pcmk__config_err("Discarding update with feature set '%s' greater than our own '%s'",
+ new_version, CRM_FEATURE_SET);
+ rc = pcmk_rc2legacy(rc);
goto done;
}
}
diff --git a/lib/common/cib.c b/lib/common/cib.c
index fee7881..cbebc2e 100644
--- a/lib/common/cib.c
+++ b/lib/common/cib.c
@@ -1,6 +1,6 @@
/*
* Original copyright 2004 International Business Machines
- * Later changes copyright 2008-2023 the Pacemaker project contributors
+ * Later changes copyright 2008-2024 the Pacemaker project contributors
*
* The version control history for this file may have further details.
*
@@ -173,3 +173,19 @@ pcmk_find_cib_element(xmlNode *cib, const char *element_name)
{
return get_xpath_object(pcmk_cib_xpath_for(element_name), cib, LOG_TRACE);
}
+
+/*!
+ * \internal
+ * \brief Check that the feature set in the CIB is supported on this node
+ *
+ * \param[in] new_version XML_ATTR_CRM_VERSION attribute from the CIB
+ */
+int
+pcmk__check_feature_set(const char *cib_version)
+{
+ if (cib_version && compare_version(cib_version, CRM_FEATURE_SET) > 0) {
+ return EPROTONOSUPPORT;
+ }
+
+ return pcmk_rc_ok;
+}
--
2.31.1
From d89fd8336ae47d892201513c99773705d57f15f0 Mon Sep 17 00:00:00 2001
From: Chris Lumens <clumens@redhat.com>
Date: Wed, 10 Jan 2024 13:46:42 -0500
Subject: [PATCH 2/3] Feature: scheduler: Check the CIB feature set in
cluster_status.
This adds the check that was previously only in cib_perform_op to the
scheduler code, ensuring that any daemon or tool that calls the
scheduler will check that the feature set in the CIB is supported.
---
lib/pengine/status.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/lib/pengine/status.c b/lib/pengine/status.c
index e6ec237..1294803 100644
--- a/lib/pengine/status.c
+++ b/lib/pengine/status.c
@@ -14,6 +14,7 @@
#include <crm/crm.h>
#include <crm/msg_xml.h>
#include <crm/common/xml.h>
+#include <crm/common/cib_internal.h>
#include <glib.h>
@@ -70,12 +71,21 @@ pe_free_working_set(pcmk_scheduler_t *scheduler)
gboolean
cluster_status(pcmk_scheduler_t * scheduler)
{
+ const char *new_version = NULL;
xmlNode *section = NULL;
if ((scheduler == NULL) || (scheduler->input == NULL)) {
return FALSE;
}
+ new_version = crm_element_value(scheduler->input, XML_ATTR_CRM_VERSION);
+
+ if (pcmk__check_feature_set(new_version) != pcmk_rc_ok) {
+ pcmk__config_err("Can't process CIB with feature set '%s' greater than our own '%s'",
+ new_version, CRM_FEATURE_SET);
+ return FALSE;
+ }
+
crm_trace("Beginning unpack");
if (scheduler->failed != NULL) {
--
2.31.1
From a3428926d37af506014a6b462d1308d8541c5932 Mon Sep 17 00:00:00 2001
From: Chris Lumens <clumens@redhat.com>
Date: Wed, 10 Jan 2024 14:56:36 -0500
Subject: [PATCH 3/3] Low: libcib: Do not check CIB feature set for files in
cib_perform_op.
This is related to the previous feature for transferring schema files to
older remote nodes. In that case, the newer schema files may also have
a newer feature set than the node supports, so the transferred files are
still not usable.
However, the feature set only matters for the scheduler, not for most
command line tools (obviously, crm_simulate would still care). So in
those cases, we can just disable the feature set check if the CIB was
read in from a file. For the scheduler, the check is still performed as
part of cluster_status.
---
cts/cli/regression.tools.exp | 2 +-
daemons/based/based_callbacks.c | 4 ++--
include/crm/cib/internal.h | 4 ++--
lib/cib/cib_file.c | 2 +-
lib/cib/cib_utils.c | 15 +++++++++------
5 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/cts/cli/regression.tools.exp b/cts/cli/regression.tools.exp
index 417b5cd..c81c420 100644
--- a/cts/cli/regression.tools.exp
+++ b/cts/cli/regression.tools.exp
@@ -7939,7 +7939,7 @@ unpack_config warning: Blind faith: not fencing unseen nodes
=#=#=#= End test: Verbosely verify a file-specified invalid configuration, outputting as xml - Invalid configuration (78) =#=#=#=
* Passed: crm_verify - Verbosely verify a file-specified invalid configuration, outputting as xml
=#=#=#= Begin test: Verbosely verify another file-specified invalid configuration, outputting as xml =#=#=#=
-(cluster_status@status.c:113) warning: Fencing and resource management disabled due to lack of quorum
+(cluster_status@status.c:123) warning: Fencing and resource management disabled due to lack of quorum
<pacemaker-result api-version="X" request="crm_verify_invalid_no_stonith.xml --output-as=xml --verbose">
<status code="78" message="Invalid configuration">
<errors>
diff --git a/daemons/based/based_callbacks.c b/daemons/based/based_callbacks.c
index 5f3dc62..f16e4d9 100644
--- a/daemons/based/based_callbacks.c
+++ b/daemons/based/based_callbacks.c
@@ -1362,7 +1362,7 @@ cib_process_command(xmlNode *request, const cib__operation_t *operation,
input = prepare_input(request, operation->type, &section);
if (!pcmk_is_set(operation->flags, cib__op_attr_modifies)) {
- rc = cib_perform_op(op, call_options, op_function, true, section,
+ rc = cib_perform_op(NULL, op, call_options, op_function, true, section,
request, input, false, &config_changed, &the_cib,
&result_cib, NULL, &output);
@@ -1395,7 +1395,7 @@ cib_process_command(xmlNode *request, const cib__operation_t *operation,
}
// result_cib must not be modified after cib_perform_op() returns
- rc = cib_perform_op(op, call_options, op_function, false, section,
+ rc = cib_perform_op(NULL, op, call_options, op_function, false, section,
request, input, manage_counters, &config_changed,
&the_cib, &result_cib, cib_diff, &output);
diff --git a/include/crm/cib/internal.h b/include/crm/cib/internal.h
index 9d54d52..b6d6871 100644
--- a/include/crm/cib/internal.h
+++ b/include/crm/cib/internal.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2004-2023 the Pacemaker project contributors
+ * Copyright 2004-2024 the Pacemaker project contributors
*
* The version control history for this file may have further details.
*
@@ -206,7 +206,7 @@ int cib__get_notify_patchset(const xmlNode *msg, const xmlNode **patchset);
bool cib__element_in_patchset(const xmlNode *patchset, const char *element);
-int cib_perform_op(const char *op, int call_options, cib__op_fn_t fn,
+int cib_perform_op(cib_t *cib, const char *op, int call_options, cib__op_fn_t fn,
bool is_query, const char *section, xmlNode *req,
xmlNode *input, bool manage_counters, bool *config_changed,
xmlNode **current_cib, xmlNode **result_cib, xmlNode **diff,
diff --git a/lib/cib/cib_file.c b/lib/cib/cib_file.c
index a279823..9dd952c 100644
--- a/lib/cib/cib_file.c
+++ b/lib/cib/cib_file.c
@@ -245,7 +245,7 @@ cib_file_process_request(cib_t *cib, xmlNode *request, xmlNode **output)
data = pcmk_find_cib_element(data, section);
}
- rc = cib_perform_op(op, call_options, op_function, read_only, section,
+ rc = cib_perform_op(cib, op, call_options, op_function, read_only, section,
request, data, true, &changed, &private->cib_xml,
&result_cib, &cib_diff, output);
diff --git a/lib/cib/cib_utils.c b/lib/cib/cib_utils.c
index bf2982c..9c3f9f1 100644
--- a/lib/cib/cib_utils.c
+++ b/lib/cib/cib_utils.c
@@ -339,11 +339,10 @@ should_copy_cib(const char *op, const char *section, int call_options)
}
int
-cib_perform_op(const char *op, int call_options, cib__op_fn_t fn, bool is_query,
- const char *section, xmlNode *req, xmlNode *input,
- bool manage_counters, bool *config_changed,
- xmlNode **current_cib, xmlNode **result_cib, xmlNode **diff,
- xmlNode **output)
+cib_perform_op(cib_t *cib, const char *op, int call_options, cib__op_fn_t fn,
+ bool is_query, const char *section, xmlNode *req, xmlNode *input,
+ bool manage_counters, bool *config_changed, xmlNode **current_cib,
+ xmlNode **result_cib, xmlNode **diff, xmlNode **output)
{
int rc = pcmk_ok;
bool check_schema = true;
@@ -468,7 +467,11 @@ cib_perform_op(const char *op, int call_options, cib__op_fn_t fn, bool is_query,
goto done;
}
- if (scratch) {
+ /* If the CIB is from a file, we don't need to check that the feature set is
+ * supported. All we care about in that case is the schema version, which
+ * is checked elsewhere.
+ */
+ if (scratch && (cib == NULL || cib->variant != cib_file)) {
const char *new_version = crm_element_value(scratch, XML_ATTR_CRM_VERSION);
rc = pcmk__check_feature_set(new_version);
--
2.31.1

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,373 @@
From 4823643bef8801b33688167b159bb531bcdf8911 Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Thu, 4 Jan 2024 17:10:08 -0600
Subject: [PATCH 1/5] Refactor: pacemaker-attrd: drop redundant argument from
update_attr_on_host()
It can check for a force-write via its xml argument, to simplify the caller
---
daemons/attrd/attrd_corosync.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/daemons/attrd/attrd_corosync.c b/daemons/attrd/attrd_corosync.c
index 158d82f..1b56923 100644
--- a/daemons/attrd/attrd_corosync.c
+++ b/daemons/attrd/attrd_corosync.c
@@ -266,7 +266,7 @@ record_peer_nodeid(attribute_value_t *v, const char *host)
static void
update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
const char *attr, const char *value, const char *host,
- bool filter, int is_force_write)
+ bool filter)
{
attribute_value_t *v = NULL;
@@ -309,6 +309,10 @@ update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
}
} else {
+ int is_force_write = 0;
+
+ crm_element_value_int(xml, PCMK__XA_ATTR_FORCE, &is_force_write);
+
if (is_force_write == 1 && a->timeout_ms && a->timer) {
/* Save forced writing and set change flag. */
/* The actual attribute is written by Writer after election. */
@@ -338,15 +342,12 @@ attrd_peer_update_one(const crm_node_t *peer, xmlNode *xml, bool filter)
const char *attr = crm_element_value(xml, PCMK__XA_ATTR_NAME);
const char *value = crm_element_value(xml, PCMK__XA_ATTR_VALUE);
const char *host = crm_element_value(xml, PCMK__XA_ATTR_NODE_NAME);
- int is_force_write = 0;
if (attr == NULL) {
crm_warn("Could not update attribute: peer did not specify name");
return;
}
- crm_element_value_int(xml, PCMK__XA_ATTR_FORCE, &is_force_write);
-
a = attrd_populate_attribute(xml, attr);
if (a == NULL) {
return;
@@ -361,12 +362,12 @@ attrd_peer_update_one(const crm_node_t *peer, xmlNode *xml, bool filter)
g_hash_table_iter_init(&vIter, a->values);
while (g_hash_table_iter_next(&vIter, (gpointer *) & host, NULL)) {
- update_attr_on_host(a, peer, xml, attr, value, host, filter, is_force_write);
+ update_attr_on_host(a, peer, xml, attr, value, host, filter);
}
} else {
// Update attribute value for the given host
- update_attr_on_host(a, peer, xml, attr, value, host, filter, is_force_write);
+ update_attr_on_host(a, peer, xml, attr, value, host, filter);
}
/* If this is a message from some attrd instance broadcasting its protocol
--
2.31.1
From c7a1ab819b25e3225c185c1630a7139a96fb5c71 Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Tue, 9 Jan 2024 16:48:37 -0600
Subject: [PATCH 2/5] Refactor: pacemaker-attrd: drop unused argument from
attrd_peer_sync()
---
daemons/attrd/attrd_corosync.c | 10 ++++++++--
daemons/attrd/attrd_elections.c | 2 +-
daemons/attrd/attrd_messages.c | 2 +-
daemons/attrd/pacemaker-attrd.h | 2 +-
4 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/daemons/attrd/attrd_corosync.c b/daemons/attrd/attrd_corosync.c
index 1b56923..088f00c 100644
--- a/daemons/attrd/attrd_corosync.c
+++ b/daemons/attrd/attrd_corosync.c
@@ -233,7 +233,7 @@ attrd_peer_change_cb(enum crm_status_type kind, crm_node_t *peer, const void *da
*/
if (attrd_election_won()
&& !pcmk_is_set(peer->flags, crm_remote_node)) {
- attrd_peer_sync(peer, NULL);
+ attrd_peer_sync(peer);
}
} else {
// Remove all attribute values associated with lost nodes
@@ -535,8 +535,14 @@ attrd_peer_remove(const char *host, bool uncache, const char *source)
}
}
+/*!
+ * \internal
+ * \brief Send all known attributes and values to a peer
+ *
+ * \param[in] peer Peer to send sync to (if NULL, broadcast to all peers)
+ */
void
-attrd_peer_sync(crm_node_t *peer, xmlNode *xml)
+attrd_peer_sync(crm_node_t *peer)
{
GHashTableIter aIter;
GHashTableIter vIter;
diff --git a/daemons/attrd/attrd_elections.c b/daemons/attrd/attrd_elections.c
index 82fbe8a..9dbf133 100644
--- a/daemons/attrd/attrd_elections.c
+++ b/daemons/attrd/attrd_elections.c
@@ -23,7 +23,7 @@ attrd_election_cb(gpointer user_data)
attrd_declare_winner();
/* Update the peers after an election */
- attrd_peer_sync(NULL, NULL);
+ attrd_peer_sync(NULL);
/* After winning an election, update the CIB with the values of all
* attributes as the winner knows them.
diff --git a/daemons/attrd/attrd_messages.c b/daemons/attrd/attrd_messages.c
index 5525d4b..13ac01f 100644
--- a/daemons/attrd/attrd_messages.c
+++ b/daemons/attrd/attrd_messages.c
@@ -180,7 +180,7 @@ handle_sync_request(pcmk__request_t *request)
crm_node_t *peer = pcmk__get_node(0, request->peer, NULL,
pcmk__node_search_cluster);
- attrd_peer_sync(peer, request->xml);
+ attrd_peer_sync(peer);
pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
return NULL;
} else {
diff --git a/daemons/attrd/pacemaker-attrd.h b/daemons/attrd/pacemaker-attrd.h
index 7384188..bacaad6 100644
--- a/daemons/attrd/pacemaker-attrd.h
+++ b/daemons/attrd/pacemaker-attrd.h
@@ -175,7 +175,7 @@ extern GHashTable *peer_protocol_vers;
int attrd_cluster_connect(void);
void attrd_peer_update(const crm_node_t *peer, xmlNode *xml, const char *host,
bool filter);
-void attrd_peer_sync(crm_node_t *peer, xmlNode *xml);
+void attrd_peer_sync(crm_node_t *peer);
void attrd_peer_remove(const char *host, bool uncache, const char *source);
void attrd_peer_clear_failure(pcmk__request_t *request);
void attrd_peer_sync_response(const crm_node_t *peer, bool peer_won,
--
2.31.1
From abafae0068e10abb135b0496086947728365299a Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Thu, 11 Jan 2024 17:31:17 -0600
Subject: [PATCH 3/5] Refactor: pacemaker-attrd: de-functionize
attrd_lookup_or_create_value()
... to make planned changes easier
---
daemons/attrd/attrd_corosync.c | 62 +++++++++++++---------------------
1 file changed, 24 insertions(+), 38 deletions(-)
diff --git a/daemons/attrd/attrd_corosync.c b/daemons/attrd/attrd_corosync.c
index 088f00c..59e6a26 100644
--- a/daemons/attrd/attrd_corosync.c
+++ b/daemons/attrd/attrd_corosync.c
@@ -168,40 +168,6 @@ broadcast_local_value(const attribute_t *a)
#define state_text(state) pcmk__s((state), "in unknown state")
-/*!
- * \internal
- * \brief Return a node's value from hash table (creating one if needed)
- *
- * \param[in,out] values Hash table of values
- * \param[in] node_name Name of node to look up
- * \param[in] xml XML describing the attribute
- *
- * \return Pointer to new or existing hash table entry
- */
-static attribute_value_t *
-attrd_lookup_or_create_value(GHashTable *values, const char *node_name,
- const xmlNode *xml)
-{
- attribute_value_t *v = g_hash_table_lookup(values, node_name);
- int is_remote = 0;
-
- if (v == NULL) {
- v = calloc(1, sizeof(attribute_value_t));
- CRM_ASSERT(v != NULL);
-
- pcmk__str_update(&v->nodename, node_name);
- g_hash_table_replace(values, v->nodename, v);
- }
-
- crm_element_value_int(xml, PCMK__XA_ATTR_IS_REMOTE, &is_remote);
- if (is_remote) {
- attrd_set_value_flags(v, attrd_value_remote);
- CRM_ASSERT(crm_remote_peer_get(node_name) != NULL);
- }
-
- return(v);
-}
-
static void
attrd_peer_change_cb(enum crm_status_type kind, crm_node_t *peer, const void *data)
{
@@ -268,18 +234,38 @@ update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
const char *attr, const char *value, const char *host,
bool filter)
{
+ int is_remote = 0;
+ bool changed = false;
attribute_value_t *v = NULL;
- v = attrd_lookup_or_create_value(a->values, host, xml);
+ // Create entry for value if not already existing
+ v = g_hash_table_lookup(a->values, host);
+ if (v == NULL) {
+ v = calloc(1, sizeof(attribute_value_t));
+ CRM_ASSERT(v != NULL);
+
+ pcmk__str_update(&v->nodename, host);
+ g_hash_table_replace(a->values, v->nodename, v);
+ }
+
+ // If value is for a Pacemaker Remote node, remember that
+ crm_element_value_int(xml, PCMK__XA_ATTR_IS_REMOTE, &is_remote);
+ if (is_remote) {
+ attrd_set_value_flags(v, attrd_value_remote);
+ CRM_ASSERT(crm_remote_peer_get(host) != NULL);
+ }
+
+ // Check whether the value changed
+ changed = !pcmk__str_eq(v->current, value, pcmk__str_casei);
- if (filter && !pcmk__str_eq(v->current, value, pcmk__str_casei)
- && pcmk__str_eq(host, attrd_cluster->uname, pcmk__str_casei)) {
+ if (changed && filter && pcmk__str_eq(host, attrd_cluster->uname,
+ pcmk__str_casei)) {
crm_notice("%s[%s]: local value '%s' takes priority over '%s' from %s",
attr, host, v->current, value, peer->uname);
v = broadcast_local_value(a);
- } else if (!pcmk__str_eq(v->current, value, pcmk__str_casei)) {
+ } else if (changed) {
crm_notice("Setting %s[%s]%s%s: %s -> %s "
CRM_XS " from %s with %s write delay",
attr, host, a->set_type ? " in " : "",
--
2.31.1
From 72529ec512fb4938bd8dbbd2caf44bbb1a616826 Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Thu, 11 Jan 2024 18:04:33 -0600
Subject: [PATCH 4/5] Refactor: pacemaker-attrd: minor shuffling to make
planned changes easier
---
daemons/attrd/attrd_cib.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/daemons/attrd/attrd_cib.c b/daemons/attrd/attrd_cib.c
index bdc0a10..481fea7 100644
--- a/daemons/attrd/attrd_cib.c
+++ b/daemons/attrd/attrd_cib.c
@@ -51,6 +51,7 @@ attrd_cib_updated_cb(const char *event, xmlNode *msg)
{
const xmlNode *patchset = NULL;
const char *client_name = NULL;
+ bool status_changed = false;
if (attrd_shutting_down(true)) {
return;
@@ -64,20 +65,22 @@ attrd_cib_updated_cb(const char *event, xmlNode *msg)
mainloop_set_trigger(attrd_config_read);
}
- if (!attrd_election_won()) {
- // Don't write attributes if we're not the writer
- return;
- }
+ status_changed = cib__element_in_patchset(patchset, XML_CIB_TAG_STATUS);
client_name = crm_element_value(msg, F_CIB_CLIENTNAME);
if (!cib__client_triggers_refresh(client_name)) {
- // The CIB is still accurate
+ /* This change came from a source that ensured the CIB is consistent
+ * with our attributes table, so we don't need to write anything out.
+ */
return;
}
- if (cib__element_in_patchset(patchset, XML_CIB_TAG_NODES)
- || cib__element_in_patchset(patchset, XML_CIB_TAG_STATUS)) {
-
+ if (!attrd_election_won()) {
+ // Don't write attributes if we're not the writer
+ return;
+ }
+
+ if (status_changed || cib__element_in_patchset(patchset, XML_CIB_TAG_NODES)) {
/* An unsafe client modified the nodes or status section. Write
* transient attributes to ensure they're up-to-date in the CIB.
*/
--
2.31.1
From b83c2567fb450eec5b18882ded16403831d2c3c0 Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Thu, 11 Jan 2024 17:53:55 -0600
Subject: [PATCH 5/5] Log: pacemaker-attrd: make sure we don't try to log NULL
---
daemons/attrd/attrd_corosync.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/daemons/attrd/attrd_corosync.c b/daemons/attrd/attrd_corosync.c
index 59e6a26..b348d52 100644
--- a/daemons/attrd/attrd_corosync.c
+++ b/daemons/attrd/attrd_corosync.c
@@ -229,6 +229,11 @@ record_peer_nodeid(attribute_value_t *v, const char *host)
}
}
+#define readable_value(rv_v) pcmk__s((rv_v)->current, "(unset)")
+
+#define readable_peer(p) \
+ (((p) == NULL)? "all peers" : pcmk__s((p)->uname, "unknown peer"))
+
static void
update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
const char *attr, const char *value, const char *host,
@@ -262,14 +267,14 @@ update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
pcmk__str_casei)) {
crm_notice("%s[%s]: local value '%s' takes priority over '%s' from %s",
- attr, host, v->current, value, peer->uname);
+ attr, host, readable_value(v), value, peer->uname);
v = broadcast_local_value(a);
} else if (changed) {
crm_notice("Setting %s[%s]%s%s: %s -> %s "
CRM_XS " from %s with %s write delay",
attr, host, a->set_type ? " in " : "",
- pcmk__s(a->set_type, ""), pcmk__s(v->current, "(unset)"),
+ pcmk__s(a->set_type, ""), readable_value(v),
pcmk__s(value, "(unset)"), peer->uname,
(a->timeout_ms == 0)? "no" : pcmk__readable_interval(a->timeout_ms));
pcmk__str_update(&v->current, value);
@@ -543,12 +548,14 @@ attrd_peer_sync(crm_node_t *peer)
while (g_hash_table_iter_next(&aIter, NULL, (gpointer *) & a)) {
g_hash_table_iter_init(&vIter, a->values);
while (g_hash_table_iter_next(&vIter, NULL, (gpointer *) & v)) {
- crm_debug("Syncing %s[%s] = %s to %s", a->id, v->nodename, v->current, peer?peer->uname:"everyone");
+ crm_debug("Syncing %s[%s]='%s' to %s",
+ a->id, v->nodename, readable_value(v),
+ readable_peer(peer));
attrd_add_value_xml(sync, a, v, false);
}
}
- crm_debug("Syncing values to %s", peer?peer->uname:"everyone");
+ crm_debug("Syncing values to %s", readable_peer(peer));
attrd_send_message(peer, sync, false);
free_xml(sync);
}
--
2.31.1

View File

@ -0,0 +1,385 @@
From 84d4a0d5f562df91baa0fece45d06ad3732f941c Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Tue, 16 Jan 2024 11:20:53 -0600
Subject: [PATCH 1/5] Low: pacemaker-attrd: properly validate attribute set
type
The sense of the test was accidentally reversed in 26471a52689
---
daemons/attrd/attrd_attributes.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/daemons/attrd/attrd_attributes.c b/daemons/attrd/attrd_attributes.c
index 8f32988..f059059 100644
--- a/daemons/attrd/attrd_attributes.c
+++ b/daemons/attrd/attrd_attributes.c
@@ -40,9 +40,9 @@ attrd_create_attribute(xmlNode *xml)
* attributes are not written.
*/
crm_element_value_int(xml, PCMK__XA_ATTR_IS_PRIVATE, &is_private);
- if ((is_private != 0)
- && !pcmk__str_any_of(set_type, XML_TAG_ATTR_SETS, XML_TAG_UTILIZATION,
- NULL)) {
+ if (!is_private && !pcmk__str_any_of(set_type,
+ XML_TAG_ATTR_SETS,
+ XML_TAG_UTILIZATION, NULL)) {
crm_warn("Ignoring attribute %s with invalid set type %s",
pcmk__s(name, "(unidentified)"), set_type);
return NULL;
--
2.31.1
From d0d0511e71fe983a2d89589c39810b79fb48a8ca Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Tue, 16 Jan 2024 12:13:42 -0600
Subject: [PATCH 2/5] Fix: pacemaker-attrd: sync utilization attributes to
peers correctly
Include the set type with attribute syncs.
Previously, utilization attributes would have the correct set_type on the node
where they were set, but peers would store it as a regular node attribute. If
one of those peers became writer, the attribute would get written to the wrong
set.
---
daemons/attrd/attrd_attributes.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/daemons/attrd/attrd_attributes.c b/daemons/attrd/attrd_attributes.c
index f059059..0ad9630 100644
--- a/daemons/attrd/attrd_attributes.c
+++ b/daemons/attrd/attrd_attributes.c
@@ -139,6 +139,7 @@ attrd_add_value_xml(xmlNode *parent, const attribute_t *a,
xmlNode *xml = create_xml_node(parent, __func__);
crm_xml_add(xml, PCMK__XA_ATTR_NAME, a->id);
+ crm_xml_add(xml, PCMK__XA_ATTR_SET_TYPE, a->set_type);
crm_xml_add(xml, PCMK__XA_ATTR_SET, a->set_id);
crm_xml_add(xml, PCMK__XA_ATTR_UUID, a->uuid);
crm_xml_add(xml, PCMK__XA_ATTR_USER, a->user);
--
2.31.1
From 4479ff8507dd69f5946d31cf83c7e47fe15d3bdb Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Tue, 16 Jan 2024 12:18:40 -0600
Subject: [PATCH 3/5] Refactor: pacemaker-attrd: functionize getting attribute
set ID
... for future reuse
---
daemons/attrd/attrd_attributes.c | 38 ++++++++++++++++++++++++++++++++
daemons/attrd/attrd_cib.c | 9 +-------
daemons/attrd/pacemaker-attrd.h | 3 ++-
3 files changed, 41 insertions(+), 9 deletions(-)
diff --git a/daemons/attrd/attrd_attributes.c b/daemons/attrd/attrd_attributes.c
index 0ad9630..5727ab8 100644
--- a/daemons/attrd/attrd_attributes.c
+++ b/daemons/attrd/attrd_attributes.c
@@ -210,3 +210,41 @@ attrd_populate_attribute(xmlNode *xml, const char *attr)
return a;
}
+
+/*!
+ * \internal
+ * \brief Get the XML ID used to write out an attribute set
+ *
+ * \param[in] attr Attribute to get set ID for
+ * \param[in] node_state_id XML ID of node state that attribute value is for
+ *
+ * \return Newly allocated string with XML ID to use for \p attr set
+ */
+char *
+attrd_set_id(const attribute_t *attr, const char *node_state_id)
+{
+ char *set_id = NULL;
+
+ CRM_ASSERT((attr != NULL) && (node_state_id != NULL));
+
+ if (attr->set_id == NULL) {
+ /* @COMPAT This should really take the set type into account. Currently
+ * we use the same XML ID for transient attributes and utilization
+ * attributes. It doesn't cause problems because the status section is
+ * not limited by the schema in any way, but it's still unfortunate.
+ * For backward compatibility reasons, we can't change this.
+ */
+ set_id = crm_strdup_printf("%s-%s", XML_CIB_TAG_STATUS, node_state_id);
+ } else {
+ /* @COMPAT When the user specifies a set ID for an attribute, it is the
+ * same for every node. That is less than ideal, but again, the schema
+ * doesn't enforce anything for the status section. We couldn't change
+ * it without allowing the set ID to vary per value rather than per
+ * attribute, which would break backward compatibility, pose design
+ * challenges, and potentially cause problems in rolling upgrades.
+ */
+ pcmk__str_update(&set_id, attr->set_id);
+ }
+ crm_xml_sanitize_id(set_id);
+ return set_id;
+}
diff --git a/daemons/attrd/attrd_cib.c b/daemons/attrd/attrd_cib.c
index 481fea7..08d3425 100644
--- a/daemons/attrd/attrd_cib.c
+++ b/daemons/attrd/attrd_cib.c
@@ -423,17 +423,10 @@ add_unset_attr_update(const attribute_t *attr, const char *attr_id,
static int
add_attr_update(const attribute_t *attr, const char *value, const char *node_id)
{
- char *set_id = NULL;
+ char *set_id = attrd_set_id(attr, node_id);
char *attr_id = NULL;
int rc = pcmk_rc_ok;
- if (attr->set_id != NULL) {
- pcmk__str_update(&set_id, attr->set_id);
- } else {
- set_id = crm_strdup_printf("%s-%s", XML_CIB_TAG_STATUS, node_id);
- }
- crm_xml_sanitize_id(set_id);
-
if (attr->uuid != NULL) {
pcmk__str_update(&attr_id, attr->uuid);
} else {
diff --git a/daemons/attrd/pacemaker-attrd.h b/daemons/attrd/pacemaker-attrd.h
index bacaad6..3da7f8d 100644
--- a/daemons/attrd/pacemaker-attrd.h
+++ b/daemons/attrd/pacemaker-attrd.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2013-2023 the Pacemaker project contributors
+ * Copyright 2013-2024 the Pacemaker project contributors
*
* The version control history for this file may have further details.
*
@@ -195,6 +195,7 @@ void attrd_clear_value_seen(void);
void attrd_free_attribute(gpointer data);
void attrd_free_attribute_value(gpointer data);
attribute_t *attrd_populate_attribute(xmlNode *xml, const char *attr);
+char *attrd_set_id(const attribute_t *attr, const char *node_state_id);
enum attrd_write_options {
attrd_write_changed = 0,
--
2.31.1
From eee2169ac348b8ed26ac0b78cb11ddc5cef9384e Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Tue, 16 Jan 2024 12:25:59 -0600
Subject: [PATCH 4/5] Refactor: pacemaker-attrd: functionize getting attribute
nvpair ID
... for future reuse
---
daemons/attrd/attrd_attributes.c | 28 ++++++++++++++++++++++++++++
daemons/attrd/attrd_cib.c | 17 +++++------------
daemons/attrd/pacemaker-attrd.h | 1 +
3 files changed, 34 insertions(+), 12 deletions(-)
diff --git a/daemons/attrd/attrd_attributes.c b/daemons/attrd/attrd_attributes.c
index 5727ab8..23de2e2 100644
--- a/daemons/attrd/attrd_attributes.c
+++ b/daemons/attrd/attrd_attributes.c
@@ -248,3 +248,31 @@ attrd_set_id(const attribute_t *attr, const char *node_state_id)
crm_xml_sanitize_id(set_id);
return set_id;
}
+
+/*!
+ * \internal
+ * \brief Get the XML ID used to write out an attribute value
+ *
+ * \param[in] attr Attribute to get value XML ID for
+ * \param[in] node_state_id UUID of node that attribute value is for
+ *
+ * \return Newly allocated string with XML ID of \p attr value
+ */
+char *
+attrd_nvpair_id(const attribute_t *attr, const char *node_state_id)
+{
+ char *nvpair_id = NULL;
+
+ if (attr->uuid != NULL) {
+ pcmk__str_update(&nvpair_id, attr->uuid);
+
+ } else if (attr->set_id != NULL) {
+ nvpair_id = crm_strdup_printf("%s-%s", attr->set_id, attr->id);
+
+ } else {
+ nvpair_id = crm_strdup_printf(XML_CIB_TAG_STATUS "-%s-%s",
+ node_state_id, attr->id);
+ }
+ crm_xml_sanitize_id(nvpair_id);
+ return nvpair_id;
+}
diff --git a/daemons/attrd/attrd_cib.c b/daemons/attrd/attrd_cib.c
index 08d3425..d42345f 100644
--- a/daemons/attrd/attrd_cib.c
+++ b/daemons/attrd/attrd_cib.c
@@ -424,23 +424,16 @@ static int
add_attr_update(const attribute_t *attr, const char *value, const char *node_id)
{
char *set_id = attrd_set_id(attr, node_id);
- char *attr_id = NULL;
+ char *nvpair_id = attrd_nvpair_id(attr, node_id);
int rc = pcmk_rc_ok;
- if (attr->uuid != NULL) {
- pcmk__str_update(&attr_id, attr->uuid);
+ if (value == NULL) {
+ rc = add_unset_attr_update(attr, nvpair_id, node_id, set_id);
} else {
- attr_id = crm_strdup_printf("%s-%s", set_id, attr->id);
- }
- crm_xml_sanitize_id(attr_id);
-
- if (value != NULL) {
- rc = add_set_attr_update(attr, attr_id, node_id, set_id, value);
- } else {
- rc = add_unset_attr_update(attr, attr_id, node_id, set_id);
+ rc = add_set_attr_update(attr, nvpair_id, node_id, set_id, value);
}
free(set_id);
- free(attr_id);
+ free(nvpair_id);
return rc;
}
diff --git a/daemons/attrd/pacemaker-attrd.h b/daemons/attrd/pacemaker-attrd.h
index 3da7f8d..deec790 100644
--- a/daemons/attrd/pacemaker-attrd.h
+++ b/daemons/attrd/pacemaker-attrd.h
@@ -196,6 +196,7 @@ void attrd_free_attribute(gpointer data);
void attrd_free_attribute_value(gpointer data);
attribute_t *attrd_populate_attribute(xmlNode *xml, const char *attr);
char *attrd_set_id(const attribute_t *attr, const char *node_state_id);
+char *attrd_nvpair_id(const attribute_t *attr, const char *node_state_id);
enum attrd_write_options {
attrd_write_changed = 0,
--
2.31.1
From 2abde6cb87d2e3d31a370c74656f6f7c0818c185 Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Thu, 18 Jan 2024 10:01:56 -0600
Subject: [PATCH 5/5] Log: pacemaker-attrd: improve some messages for debugging
---
daemons/attrd/attrd_attributes.c | 8 +++++---
daemons/attrd/attrd_cib.c | 13 +++++++++----
daemons/attrd/attrd_corosync.c | 10 ++++++----
3 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/daemons/attrd/attrd_attributes.c b/daemons/attrd/attrd_attributes.c
index 23de2e2..68b9585 100644
--- a/daemons/attrd/attrd_attributes.c
+++ b/daemons/attrd/attrd_attributes.c
@@ -60,13 +60,10 @@ attrd_create_attribute(xmlNode *xml)
a->values = pcmk__strikey_table(NULL, attrd_free_attribute_value);
a->user = crm_element_value_copy(xml, PCMK__XA_ATTR_USER);
- crm_trace("Performing all %s operations as user '%s'", a->id, a->user);
if (dampen_s != NULL) {
dampen = crm_get_msec(dampen_s);
}
- crm_trace("Created attribute %s with %s write delay", a->id,
- (a->timeout_ms == 0)? "no" : pcmk__readable_interval(a->timeout_ms));
if(dampen > 0) {
a->timeout_ms = dampen;
@@ -75,6 +72,11 @@ attrd_create_attribute(xmlNode *xml)
crm_warn("Ignoring invalid delay %s for attribute %s", dampen_s, a->id);
}
+ crm_trace("Created attribute %s with %s write delay and %s CIB user",
+ a->id,
+ ((dampen > 0)? pcmk__readable_interval(a->timeout_ms) : "no"),
+ pcmk__s(a->user, "default"));
+
g_hash_table_replace(attributes, a->id, a);
return a;
}
diff --git a/daemons/attrd/attrd_cib.c b/daemons/attrd/attrd_cib.c
index d42345f..cae6846 100644
--- a/daemons/attrd/attrd_cib.c
+++ b/daemons/attrd/attrd_cib.c
@@ -54,6 +54,7 @@ attrd_cib_updated_cb(const char *event, xmlNode *msg)
bool status_changed = false;
if (attrd_shutting_down(true)) {
+ crm_debug("Ignoring CIB change during shutdown");
return;
}
@@ -278,11 +279,13 @@ attrd_cib_callback(xmlNode *msg, int call_id, int rc, xmlNode *output, void *use
g_hash_table_iter_init(&iter, a->values);
while (g_hash_table_iter_next(&iter, (gpointer *) & peer, (gpointer *) & v)) {
- do_crm_log(level, "* %s[%s]=%s",
- a->id, peer, pcmk__s(v->requested, "(null)"));
if (rc == pcmk_ok) {
+ crm_info("* Wrote %s[%s]=%s",
+ a->id, peer, pcmk__s(v->requested, "(unset)"));
pcmk__str_update(&(v->requested), NULL);
} else {
+ do_crm_log(level, "* Could not write %s[%s]=%s",
+ a->id, peer, pcmk__s(v->requested, "(unset)"));
a->changed = true; // Reattempt write below if we are still writer
}
}
@@ -292,6 +295,7 @@ attrd_cib_callback(xmlNode *msg, int call_id, int rc, xmlNode *output, void *use
/* We deferred a write of a new update because this update was in
* progress. Write out the new value without additional delay.
*/
+ crm_debug("Pending update for %s can be written now", a->id);
write_attribute(a, false);
/* We're re-attempting a write because the original failed; delay
@@ -593,8 +597,9 @@ write_attribute(attribute_t *a, bool ignore_delay)
continue;
}
- crm_debug("Updating %s[%s]=%s (node uuid=%s id=%" PRIu32 ")",
- a->id, v->nodename, v->current, uuid, v->nodeid);
+ crm_debug("Writing %s[%s]=%s (node-state-id=%s node-id=%" PRIu32 ")",
+ a->id, v->nodename, pcmk__s(v->current, "(unset)"),
+ uuid, v->nodeid);
cib_updates++;
/* Preservation of the attribute to transmit alert */
diff --git a/daemons/attrd/attrd_corosync.c b/daemons/attrd/attrd_corosync.c
index b348d52..6fb847b 100644
--- a/daemons/attrd/attrd_corosync.c
+++ b/daemons/attrd/attrd_corosync.c
@@ -293,7 +293,8 @@ update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
// Write out new value or start dampening timer
if (a->timeout_ms && a->timer) {
- crm_trace("Delayed write out (%dms) for %s", a->timeout_ms, attr);
+ crm_trace("Delaying write of %s %s for dampening",
+ attr, pcmk__readable_interval(a->timeout_ms));
mainloop_timer_start(a->timer);
} else {
attrd_write_or_elect_attribute(a);
@@ -307,11 +308,12 @@ update_attr_on_host(attribute_t *a, const crm_node_t *peer, const xmlNode *xml,
if (is_force_write == 1 && a->timeout_ms && a->timer) {
/* Save forced writing and set change flag. */
/* The actual attribute is written by Writer after election. */
- crm_trace("Unchanged %s[%s] from %s is %s(Set the forced write flag)",
- attr, host, peer->uname, value);
+ crm_trace("%s[%s] from %s is unchanged (%s), forcing write",
+ attr, host, peer->uname, pcmk__s(value, "unset"));
a->force_write = TRUE;
} else {
- crm_trace("Unchanged %s[%s] from %s is %s", attr, host, peer->uname, value);
+ crm_trace("%s[%s] from %s is unchanged (%s)",
+ attr, host, peer->uname, pcmk__s(value, "unset"));
}
}
--
2.31.1

View File

@ -0,0 +1,53 @@
From 9c13ce6fe95812308443c188ace8f897e6bce942 Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Mon, 29 Jan 2024 11:14:25 -0800
Subject: [PATCH] Fix: tools: crm_attribute emits garbage for --node localhost
or auto
This happens because pcmk__node_attr_target() returns its argument if
its argument is NULL, "auto", or "localhost" and no relevant environment
variables are found. Then crm_attribute frees the return value, makes a
copy of it, and assigns it back to options.dest_uname.
The fix is to check whether the return value is equal to the argument.
Fixes RHEL-23065
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
tools/crm_attribute.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/tools/crm_attribute.c b/tools/crm_attribute.c
index d221ab85d..636d03dbd 100644
--- a/tools/crm_attribute.c
+++ b/tools/crm_attribute.c
@@ -766,8 +766,23 @@ main(int argc, char **argv)
const char *target = pcmk__node_attr_target(options.dest_uname);
if (target != NULL) {
- g_free(options.dest_uname);
- options.dest_uname = g_strdup(target);
+ /* If options.dest_uname is "auto" or "localhost", then
+ * pcmk__node_attr_target() may return it, depending on environment
+ * variables. In that case, attribute lookups will fail for "auto"
+ * (unless there's a node named "auto"). attrd maps "localhost" to
+ * the true local node name for queries.
+ *
+ * @TODO
+ * * Investigate whether "localhost" is mapped to a real node name
+ * for non-query commands. If not, possibly modify it so that it
+ * is.
+ * * Map "auto" to "localhost" (probably).
+ */
+ if (target != (const char *) options.dest_uname) {
+ g_free(options.dest_uname);
+ options.dest_uname = g_strdup(target);
+ }
+
} else if (getenv("CIB_file") != NULL && options.dest_uname == NULL) {
get_node_name_from_local();
}
--
2.41.0

View File

@ -0,0 +1,31 @@
From 8dc0d9b43343919edf4f4011ceecfd6b6765b4a4 Mon Sep 17 00:00:00 2001
From: Ken Gaillot <kgaillot@redhat.com>
Date: Wed, 8 May 2024 11:18:50 -0500
Subject: [PATCH] Low: libcib: avoid memory leak in async calls
Never in a release
---
lib/cib/cib_native.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/lib/cib/cib_native.c b/lib/cib/cib_native.c
index 0e502155bc..b014223112 100644
--- a/lib/cib/cib_native.c
+++ b/lib/cib/cib_native.c
@@ -94,9 +94,10 @@ cib_native_perform_op_delegate(cib_t *cib, const char *op, const char *host,
if (!(call_options & cib_sync_call)) {
crm_trace("Async call, returning %d", cib->call_id);
- CRM_CHECK(cib->call_id != 0, return -ENOMSG);
- free_xml(op_reply);
- return cib->call_id;
+ CRM_CHECK(cib->call_id != 0,
+ rc = -ENOMSG; goto done);
+ rc = cib->call_id;
+ goto done;
}
rc = pcmk_ok;
--
2.41.0

View File

@ -0,0 +1,121 @@
From d7c233090057d4f660fa458a2ff97896b15ea951 Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Thu, 11 Jul 2024 12:43:49 -0700
Subject: [PATCH] Refactor: various: Don't set cluster-layer node ID as XML ID
Currently, we call the pcmk__xe_set_id() function using a stringified
version of the numeric cluster-layer node ID. However, pcmk__xe_set_id()
tries to sanitize its input to a valid XML ID. An XML ID cannot begin
with a digit.
crm_xml_set_id() does not sanitize comprehensively, and in particular,
it does not care whether its argument begins with a digit. So the
current code doesn't cause a problem.
Still, as a best practice, set the PCMK_XA_ID attribute using
crm_xml_add_ll() instead.
Ref T848
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
daemons/controld/controld_messages.c | 6 +++++-
lib/cluster/corosync.c | 2 +-
lib/common/ipc_client.c | 2 +-
lib/common/ipc_controld.c | 9 ++++++---
tools/crm_node.c | 4 ++--
5 files changed, 15 insertions(+), 8 deletions(-)
diff --git a/daemons/controld/controld_messages.c b/daemons/controld/controld_messages.c
index bd5237e..0b0f25b 100644
--- a/daemons/controld/controld_messages.c
+++ b/daemons/controld/controld_messages.c
@@ -893,7 +893,11 @@ handle_node_info_request(const xmlNode *msg)
pcmk_is_set(controld_globals.flags,
controld_has_quorum));
- // Check whether client requested node info by ID and/or name
+ /* Check whether client requested node info by ID and/or name
+ *
+ * @TODO A Corosync-layer node ID is of type uint32_t. We should be able to
+ * handle legitimate node IDs greater than INT_MAX, but currently we do not.
+ */
crm_element_value_int(msg, XML_ATTR_ID, &node_id);
if (node_id < 0) {
node_id = 0;
diff --git a/lib/cluster/corosync.c b/lib/cluster/corosync.c
index 374250f..fc33cce 100644
--- a/lib/cluster/corosync.c
+++ b/lib/cluster/corosync.c
@@ -650,7 +650,7 @@ pcmk__corosync_add_nodes(xmlNode *xml_parent)
if (xml_parent) {
xmlNode *node = create_xml_node(xml_parent, XML_CIB_TAG_NODE);
- crm_xml_set_id(node, "%u", nodeid);
+ crm_xml_add_ll(node, XML_ATTR_ID, (long long) nodeid);
crm_xml_add(node, XML_ATTR_UNAME, name);
}
}
diff --git a/lib/common/ipc_client.c b/lib/common/ipc_client.c
index 5e64e23..7696a69 100644
--- a/lib/common/ipc_client.c
+++ b/lib/common/ipc_client.c
@@ -769,7 +769,7 @@ create_purge_node_request(const pcmk_ipc_api_t *api, const char *node_name,
request = create_request(CRM_OP_RM_NODE_CACHE, NULL, NULL,
pcmk_ipc_name(api, false), client, NULL);
if (nodeid > 0) {
- crm_xml_set_id(request, "%lu", (unsigned long) nodeid);
+ crm_xml_add_ll(request, XML_ATTR_ID, (unsigned long) nodeid);
}
crm_xml_add(request, XML_ATTR_UNAME, node_name);
break;
diff --git a/lib/common/ipc_controld.c b/lib/common/ipc_controld.c
index 8e2016e..e4284f5 100644
--- a/lib/common/ipc_controld.c
+++ b/lib/common/ipc_controld.c
@@ -9,9 +9,12 @@
#include <crm_internal.h>
-#include <stdio.h>
-#include <stdbool.h>
#include <errno.h>
+#include <inttypes.h> // PRIu32
+#include <stdbool.h>
+#include <stdint.h> // uint32_t
+#include <stdio.h>
+
#include <libxml/tree.h>
#include <crm/crm.h>
@@ -412,7 +415,7 @@ pcmk_controld_api_node_info(pcmk_ipc_api_t *api, uint32_t nodeid)
return EINVAL;
}
if (nodeid > 0) {
- crm_xml_set_id(request, "%lu", (unsigned long) nodeid);
+ crm_xml_add_ll(request, XML_ATTR_ID, (unsigned long) nodeid);
}
rc = send_controller_request(api, request, true);
diff --git a/tools/crm_node.c b/tools/crm_node.c
index 1e7ce6c..ad8c459 100644
--- a/tools/crm_node.c
+++ b/tools/crm_node.c
@@ -552,7 +552,7 @@ remove_from_section(cib_t *cib, const char *element, const char *section,
}
crm_xml_add(xml, XML_ATTR_UNAME, node_name);
if (node_id > 0) {
- crm_xml_set_id(xml, "%ld", node_id);
+ crm_xml_add_ll(xml, XML_ATTR_ID, node_id);
}
rc = cib->cmds->remove(cib, section, xml, cib_transaction);
free_xml(xml);
@@ -691,7 +691,7 @@ purge_node_from_fencer(const char *node_name, long node_id)
cmd = create_request(CRM_OP_RM_NODE_CACHE, NULL, NULL, "stonith-ng",
crm_system_name, NULL);
if (node_id > 0) {
- crm_xml_set_id(cmd, "%ld", node_id);
+ crm_xml_add_ll(cmd, XML_ATTR_ID, node_id);
}
crm_xml_add(cmd, XML_ATTR_UNAME, node_name);

View File

@ -0,0 +1,89 @@
From 22e093a5bff608c86d0ea68588078ca747a6d945 Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Thu, 11 Jul 2024 12:29:34 -0700
Subject: [PATCH] Fix: tools: crm_node -i must initialize nodeid before passing
pointer
This is a regression introduced in 2.1.7 via a27f099.
Currently, crm_node -i passes a pointer to the uninitialized uint32_t
nodeid variable, to pcmk__query_node_info(). Since the pointer is
non-NULL, pcmk__query_node_info() dereferences it. Whatever garbage
value resides there gets passed as the ID to query.
The controller parses the node ID from the request as an int. If the
garbage value is greater than INT_MAX, it overflows to a negative int
value, and the controller (in handle_node_info_request()) defaults it to
0. In that case, there's no problem: we search for the local node name
instead of the garbage node ID.
If the garbage value is less than or equal to INT_MAX, we search for it
directly. We won't find a matching node unless one happens to exist with
that garbage node ID. In the case of no match, crm_node -i outputs "Node
is not known to cluster" instead of the local node's cluster-layer ID.
Thanks to Artur Novik for the report:
https://lists.clusterlabs.org/pipermail/users/2024-July/036270.html
Fixes T847
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
lib/pacemaker/pcmk_cluster_queries.c | 22 +++++++++++-----------
tools/crm_node.c | 2 +-
2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/lib/pacemaker/pcmk_cluster_queries.c b/lib/pacemaker/pcmk_cluster_queries.c
index 3229fae3eff..8404584580e 100644
--- a/lib/pacemaker/pcmk_cluster_queries.c
+++ b/lib/pacemaker/pcmk_cluster_queries.c
@@ -586,25 +586,25 @@ pcmk_designated_controller(xmlNodePtr *xml, unsigned int message_timeout_ms)
* the controller
*
* \param[in,out] out Output object
- * \param[in,out] node_id ID of node whose name to get. If \p NULL
- * or 0, get the local node name. If not
- * \p NULL, store the true node ID here on
+ * \param[in,out] node_id ID of node whose info to get. If \p NULL
+ * or 0, get the local node's info. If not
+ * \c NULL, store the true node ID here on
* success.
- * \param[out] node_name If not \p NULL, where to store the node
+ * \param[out] node_name If not \c NULL, where to store the node
* name
- * \param[out] uuid If not \p NULL, where to store the node
+ * \param[out] uuid If not \c NULL, where to store the node
* UUID
- * \param[out] state If not \p NULL, where to store the
+ * \param[out] state If not \c NULL, where to store the
* membership state
- * \param[out] is_remote If not \p NULL, where to store whether the
+ * \param[out] is_remote If not \c NULL, where to store whether the
* node is a Pacemaker Remote node
- * \param[out] have_quorum If not \p NULL, where to store whether the
+ * \param[out] have_quorum If not \c NULL, where to store whether the
* node has quorum
* \param[in] show_output Whether to show the node info
* \param[in] message_timeout_ms How long to wait for a reply from the
- * \p pacemaker-controld API. If 0,
- * \p pcmk_ipc_dispatch_sync will be used.
- * Otherwise, \p pcmk_ipc_dispatch_poll will
+ * \c pacemaker-controld API. If 0,
+ * \c pcmk_ipc_dispatch_sync will be used.
+ * Otherwise, \c pcmk_ipc_dispatch_poll will
* be used.
*
* \return Standard Pacemaker return code
diff --git a/tools/crm_node.c b/tools/crm_node.c
index d4153605a69..8aa8d3d29c7 100644
--- a/tools/crm_node.c
+++ b/tools/crm_node.c
@@ -434,7 +434,7 @@ run_controller_mainloop(void)
static void
print_node_id(void)
{
- uint32_t nodeid;
+ uint32_t nodeid = 0;
int rc = pcmk__query_node_info(out, &nodeid, NULL, NULL, NULL, NULL, NULL,
false, 0);

View File

@ -35,19 +35,15 @@
## Upstream pacemaker version, and its package version (specversion
## can be incremented to build packages reliably considered "newer"
## than previously built packages with the same pcmkversion)
%global pcmkversion 2.1.4
%global specversion 3
%global pcmkversion 2.1.7
%global specversion 5
## Upstream commit (full commit ID, abbreviated commit ID, or tag) to build
%global commit dc6eb4362e67c1497a413434eba097063bf1ef83
%global commit 0f7f88312f7a1ccedee60bf768aba79ee13d41e0
## Since git v2.11, the extent of abbreviation is autoscaled by default
## (used to be constant of 7), so we need to convey it for non-tags, too.
%if (0%{?fedora} >= 26) || (0%{?rhel} >= 9)
%global commit_abbrev 9
%else
%global commit_abbrev 7
%endif
## Nagios source control identifiers
%global nagios_name nagios-agents-metadata
@ -117,9 +113,14 @@
%define archive_version %(c=%{commit}; echo ${c:10})
%define archive_github_url %{commit}#/%{name}-%{archive_version}.tar.gz
%else
%if "%{commit}" == "DIST"
%define archive_version %{pcmkversion}
%define archive_github_url %{archive_version}#/%{name}-%{pcmkversion}.tar.gz
%else
%define archive_version %(c=%{commit}; echo ${c:0:%{commit_abbrev}})
%define archive_github_url %{archive_version}#/%{name}-%{archive_version}.tar.gz
%endif
%endif
### Always use a simple release number
%define pcmk_release %{specversion}
@ -243,12 +244,12 @@
Name: pacemaker
Summary: Scalable High-Availability cluster resource manager
Version: %{pcmkversion}
Release: %{pcmk_release}%{?dist}
Release: %{pcmk_release}.2%{?dist}
%if %{defined _unitdir}
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
%else
# initscript is Revised BSD
License: GPLv2+ and LGPLv2+ and BSD
License: GPL-2.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause
%endif
Url: https://www.clusterlabs.org/
@ -264,17 +265,27 @@ Source0: https://codeload.github.com/%{github_owner}/%{name}/tar.gz/%{arch
Source1: nagios-agents-metadata-%{nagios_hash}.tar.gz
# upstream commits
Patch001: 001-stonith-enabled.patch
Patch002: 002-acl_group.patch
Patch003: 003-regression.patch
# downstream-only commits
#Patch1xx: 1xx-xxxx.patch
Patch001: 001-schema-glib.patch
Patch002: 002-schema-transfer.patch
Patch003: 003-schema-doc.patch
Patch004: 004-attrd-cache-1.patch
Patch005: 005-attrd-cache-2.patch
Patch006: 006-cib-file-feature-set.patch
Patch007: 007-option-metadata.patch
Patch008: 008-attrd-prep.patch
Patch009: 009-attrd-cache-3.patch
Patch010: 010-crm_attribute-free.patch
Patch011: 011-attrd-memory-leak.patch
Patch012: 012-dont-set-as-xml-id.patch
Patch013: 013-crm_node-i-initialize.patch
Requires: resource-agents
Requires: %{pkgname_pcmk_libs}%{?_isa} = %{version}-%{release}
Requires: %{name}-cluster-libs%{?_isa} = %{version}-%{release}
Requires: %{name}-cli = %{version}-%{release}
%if %{with stonithd}
Requires: %{python_name}-%{name} = %{version}-%{release}
%endif
%if !%{defined _unitdir}
Requires: %{pkgname_procps}
Requires: psmisc
@ -291,6 +302,7 @@ ExclusiveArch: aarch64 i686 ppc64le s390x x86_64
Requires: %{python_path}
BuildRequires: %{python_name}-devel
BuildRequires: %{python_name}-setuptools
# Pacemaker requires a minimum libqb functionality
Requires: libqb >= 0.17.0
@ -313,7 +325,7 @@ BuildRequires: sed
# Required for core functionality
BuildRequires: pkgconfig(glib-2.0) >= 2.42
BuildRequires: libxml2-devel
BuildRequires: libxml2-devel >= 2.6.0
BuildRequires: libxslt-devel
BuildRequires: libuuid-devel
BuildRequires: %{pkgname_bzip2_devel}
@ -328,7 +340,7 @@ BuildRequires: pam-devel
BuildRequires: %{pkgname_gettext} >= 0.18
# Required for "make check"
BuildRequires: libcmocka-devel
BuildRequires: libcmocka-devel >= 1.1.0
%if %{systemd_native}
BuildRequires: pkgconfig(systemd)
@ -353,6 +365,9 @@ BuildRequires: inkscape
BuildRequires: %{python_name}-sphinx
%endif
# Booth requires this
Provides: pacemaker-ticket-support = 2.0
Provides: pcmk-cluster-manager = %{version}-%{release}
Provides: pcmk-cluster-manager%{?_isa} = %{version}-%{release}
@ -374,10 +389,11 @@ when related resources fail and can be configured to periodically check
resource health.
Available rpmbuild rebuild options:
--with(out) : cibsecrets doc hardening nls pre_release profiling stonithd
--with(out) : cibsecrets hardening nls pre_release profiling
stonithd
%package cli
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
Summary: Command line tools for controlling Pacemaker clusters
Requires: %{pkgname_pcmk_libs}%{?_isa} = %{version}-%{release}
# For crm_report
@ -397,14 +413,14 @@ to query and control the cluster from machines that may, or may not,
be part of the cluster.
%package -n %{pkgname_pcmk_libs}
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
Summary: Core Pacemaker libraries
Requires(pre): %{pkgname_shadow_utils}
Requires: %{name}-schemas = %{version}-%{release}
# sbd 1.4.0+ supports the libpe_status API for pe_working_set_t
# sbd 1.4.2+ supports startup/shutdown handshake via pacemakerd-api
# and handshake defaults to enabled in this spec
Conflicts: sbd < 1.4.2
# sbd 1.5.0+ supports handshake defaults to enabled in this spec
Conflicts: sbd < 1.5.0
%description -n %{pkgname_pcmk_libs}
Pacemaker is an advanced, scalable High-Availability cluster resource
@ -414,7 +430,7 @@ The %{pkgname_pcmk_libs} package contains shared libraries needed for cluster
nodes and those just running the CLI tools.
%package cluster-libs
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
Summary: Cluster Libraries used by Pacemaker
Requires: %{pkgname_pcmk_libs}%{?_isa} = %{version}-%{release}
@ -425,12 +441,26 @@ manager.
The %{name}-cluster-libs package contains cluster-aware shared
libraries needed for nodes that will form part of the cluster nodes.
%package -n %{python_name}-%{name}
License: LGPL-2.1-or-later
Summary: Python libraries for Pacemaker
Requires: %{python_path}
Requires: %{pkgname_pcmk_libs} = %{version}-%{release}
BuildArch: noarch
%description -n %{python_name}-%{name}
Pacemaker is an advanced, scalable High-Availability cluster resource
manager.
The %{python_name}-%{name} package contains a Python library that can be used
to interface with Pacemaker.
%package remote
%if %{defined _unitdir}
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
%else
# initscript is Revised BSD
License: GPLv2+ and LGPLv2+ and BSD
License: GPL-2.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause
%endif
Summary: Pacemaker remote executor daemon for non-cluster nodes
Requires: %{pkgname_pcmk_libs}%{?_isa} = %{version}-%{release}
@ -453,7 +483,7 @@ which is capable of extending pacemaker functionality to remote
nodes not running the full corosync/cluster stack.
%package -n %{pkgname_pcmk_libs}-devel
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
Summary: Pacemaker development package
Requires: %{pkgname_pcmk_libs}%{?_isa} = %{version}-%{release}
Requires: %{name}-cluster-libs%{?_isa} = %{version}-%{release}
@ -465,7 +495,7 @@ Requires: libqb-devel%{?_isa}
Requires: %{?pkgname_libtool_devel_arch}
%endif
Requires: libuuid-devel%{?_isa}
Requires: libxml2-devel%{?_isa}
Requires: libxml2-devel%{?_isa} >= 2.6.0
Requires: libxslt-devel%{?_isa}
%description -n %{pkgname_pcmk_libs}-devel
@ -476,13 +506,15 @@ The %{pkgname_pcmk_libs}-devel package contains headers and shared libraries
for developing tools for Pacemaker.
%package cts
License: GPLv2+ and LGPLv2+
License: GPL-2.0-or-later AND LGPL-2.1-or-later
Summary: Test framework for cluster-related technologies like Pacemaker
Requires: %{python_path}
Requires: %{pkgname_pcmk_libs} = %{version}-%{release}
Requires: %{name}-cli = %{version}-%{release}
Requires: %{python_name}-%{name} = %{version}-%{release}
Requires: %{pkgname_procps}
Requires: psmisc
Requires: %{python_name}-psutil
BuildArch: noarch
# systemd Python bindings are a separate package in some distros
@ -507,7 +539,7 @@ Pacemaker is an advanced, scalable High-Availability cluster resource
manager.
%package schemas
License: GPLv2+
License: GPL-2.0-or-later
Summary: Schemas and upgrade stylesheets for Pacemaker
BuildArch: noarch
@ -533,7 +565,7 @@ Summary: Pacemaker Nagios Metadata
Requires: pcmk-cluster-manager
BuildArch: noarch
%description nagios-plugins-metadata
%description nagios-plugins-metadata
The metadata files required for Pacemaker to execute the nagios plugin
monitor resources.
@ -556,6 +588,12 @@ export LDFLAGS_HARDENED_EXE="%{?_hardening_ldflags}"
export LDFLAGS_HARDENED_LIB="%{?_hardening_ldflags}"
%endif
# DO NOT REMOVE THE FOLLOWING LINE!
# This is necessary to ensure we use the git commit ID from the
# pacemaker-abcd1234 directory name as the latest commit ID when
# generating crm_config.h.
rm -rf .git
./autogen.sh
%{configure} \
@ -589,6 +627,10 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
make %{_smp_mflags} V=1
pushd python
%py3_build
popd
%check
make %{_smp_mflags} check
{ cts/cts-scheduler --run load-stopped-loop \
@ -607,6 +649,10 @@ make install \
DESTDIR=%{buildroot} V=1 docdir=%{pcmk_docdir} \
%{?_python_bytecompile_extra:%{?py_byte_compile:am__py_compile=true}}
pushd python
%py3_install
popd
%if %{with upstart_job}
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/init
install -m 644 pacemakerd/pacemaker.upstart ${RPM_BUILD_ROOT}%{_sysconfdir}/init/pacemaker.conf
@ -630,10 +676,9 @@ mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/lib/rpm-state/%{name}
# Don't package libtool archives
find %{buildroot} -name '*.la' -type f -print0 | xargs -0 rm -f
# Do not package these either on RHEL
# Do not package these either on CentOS Stream
rm -f %{buildroot}/%{_sbindir}/fence_legacy
rm -f %{buildroot}/%{_mandir}/man8/fence_legacy.*
find %{buildroot} -name '*o2cb*' -type f -print0 | xargs -0 rm -f
# For now, don't package the servicelog-related binaries built only for
# ppc64le when certain dependencies are installed. If they get more exercise by
@ -781,15 +826,20 @@ exit 0
%exclude %{_datadir}/pacemaker/nagios
%{_libexecdir}/pacemaker/*
%{_sbindir}/crm_master
%if %{with stonithd}
%{_sbindir}/fence_legacy
%endif
%{_sbindir}/fence_watchdog
%doc %{_mandir}/man7/pacemaker-controld.*
%doc %{_mandir}/man7/pacemaker-schedulerd.*
%doc %{_mandir}/man7/pacemaker-fenced.*
%doc %{_mandir}/man7/ocf_pacemaker_controld.*
%doc %{_mandir}/man7/ocf_pacemaker_o2cb.*
%doc %{_mandir}/man7/ocf_pacemaker_remote.*
%doc %{_mandir}/man8/crm_master.*
%if %{with stonithd}
%doc %{_mandir}/man8/fence_legacy.*
%endif
%doc %{_mandir}/man8/fence_watchdog.*
%doc %{_mandir}/man8/pacemakerd.*
@ -802,6 +852,7 @@ exit 0
%dir %attr (750, %{uname}, %{gname}) %{_var}/lib/pacemaker/cib
%dir %attr (750, %{uname}, %{gname}) %{_var}/lib/pacemaker/pengine
%{ocf_root}/resource.d/pacemaker/controld
%{ocf_root}/resource.d/pacemaker/o2cb
%{ocf_root}/resource.d/pacemaker/remote
%if %{with upstart_job}
@ -831,6 +882,7 @@ exit 0
%{_sbindir}/crm_diff
%{_sbindir}/crm_error
%{_sbindir}/crm_failcount
%{_sbindir}/crm_master
%{_sbindir}/crm_mon
%{_sbindir}/crm_node
%{_sbindir}/crm_resource
@ -851,23 +903,28 @@ exit 0
%{_datadir}/snmp/mibs/PCMK-MIB.txt
%exclude %{ocf_root}/resource.d/pacemaker/controld
%exclude %{ocf_root}/resource.d/pacemaker/o2cb
%exclude %{ocf_root}/resource.d/pacemaker/remote
%dir %{ocf_root}
%dir %{ocf_root}/resource.d
%{ocf_root}/resource.d/pacemaker
%doc %{_mandir}/man7/*
%doc %{_mandir}/man7/*pacemaker*
%exclude %{_mandir}/man7/pacemaker-controld.*
%exclude %{_mandir}/man7/pacemaker-schedulerd.*
%exclude %{_mandir}/man7/pacemaker-fenced.*
%exclude %{_mandir}/man7/ocf_pacemaker_controld.*
%exclude %{_mandir}/man7/ocf_pacemaker_o2cb.*
%exclude %{_mandir}/man7/ocf_pacemaker_remote.*
%doc %{_mandir}/man8/*
%exclude %{_mandir}/man8/crm_master.*
%exclude %{_mandir}/man8/fence_watchdog.*
%exclude %{_mandir}/man8/pacemakerd.*
%exclude %{_mandir}/man8/pacemaker-remoted.*
%doc %{_mandir}/man8/crm*.8.gz
%doc %{_mandir}/man8/attrd_updater.*
%doc %{_mandir}/man8/cibadmin.*
%if %{with cibsecrets}
%doc %{_mandir}/man8/cibsecret.*
%endif
%doc %{_mandir}/man8/iso8601.*
%doc %{_mandir}/man8/stonith_admin.*
%license licenses/GPLv2
%doc COPYING
@ -898,6 +955,14 @@ exit 0
%doc COPYING
%doc ChangeLog
%files -n %{python_name}-%{name}
%{python3_sitelib}/pacemaker/
%{python3_sitelib}/pacemaker-*.egg-info
%exclude %{python3_sitelib}/pacemaker/_cts/
%license licenses/LGPLv2.1
%doc COPYING
%doc ChangeLog
%files remote
%config(noreplace) %{_sysconfdir}/sysconfig/pacemaker
%if %{defined _unitdir}
@ -922,7 +987,7 @@ exit 0
%license licenses/CC-BY-SA-4.0
%files cts
%{python_site}/cts
%{python3_sitelib}/pacemaker/_cts/
%{_datadir}/pacemaker/tests
%{_libexecdir}/pacemaker/cts-log-watcher
@ -934,8 +999,16 @@ exit 0
%files -n %{pkgname_pcmk_libs}-devel
%{_includedir}/pacemaker
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_libdir}/libcib.so
%{_libdir}/liblrmd.so
%{_libdir}/libcrmservice.so
%{_libdir}/libcrmcommon.so
%{_libdir}/libpe_status.so
%{_libdir}/libpe_rules.so
%{_libdir}/libpacemaker.so
%{_libdir}/libstonithd.so
%{_libdir}/libcrmcluster.so
%{_libdir}/pkgconfig/*pacemaker*.pc
%license licenses/LGPLv2.1
%doc COPYING
%doc ChangeLog
@ -950,11 +1023,162 @@ exit 0
%{_datadir}/pkgconfig/pacemaker-schemas.pc
%files nagios-plugins-metadata
%dir %{_datadir}/pacemaker/nagios
%dir %{_datadir}/pacemaker/nagios/plugins-metadata
%attr(0644,root,root) %{_datadir}/pacemaker/nagios/plugins-metadata/*
%license %{nagios_name}-%{nagios_hash}/COPYING
%changelog
* Wed Jul 24 2024 Chris Lumens <clumens@redhat.com> - 2.1.7-5.2
- Fix an error in node ID handling in `crm_node -i`
- Resolves: RHEL-49928
* Fri Jun 7 2024 Chris Lumens <clumens@redhat.com> - 2.1.7-5.1
- Fix a memory leak in the attribute daemon
- Resolves: RHEL-40145
* Thu Mar 21 2024 Chris Lumens <clumens@redhat.com> - 2.1.7-5
- Fix upgrading to this package on multilib systems
- Resolves: RHEL-29007
* Thu Feb 1 2024 Chris Lumens <clumens@redhat.com> - 2.1.7-4
- Properly validate attribute set type in pacemaker-attrd
- Fix `crm_attribute -t nodes --node localhost`
- Resolves: RHEL-14045
- Resolves: RHEL-17224
- Resolves: RHEL-23065
* Wed Jan 17 2024 Chris Lumens <clumens@redhat.com> - 2.1.7-3
- Rebase on upstream 2.1.7 final release
- Fix documentation for Pacemaker Remote schema transfers
- Do not check CIB feature set version when CIB_file is set
- Consolidate attrd cache handling
- Avoid duplicating option metadata across daemons
- Related: RHEL-7597
- Related: RHEL-14045
* Thu Dec 14 2023 Chris Lumens <clumens@redhat.com> - 2.1.7-2
- Rebase on upstream 2.1.7-rc4 release
- Pacemaker Remote nodes can validate against later schema versions
- Resolves: RHEL-7597
- Related: RHEL-17224
* Mon Nov 27 2023 Chris Lumens <clumens@redhat.com> - 2.1.7-1
- Rebase on upstream 2.1.7-rc2 release
- Resolves: RHEL-7646
- Related: RHEL-17224
* Tue Oct 31 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-9.1
- Revert the rest of the attrd shutdown race condition fix
- Related: RHEL-14052
* Mon Oct 23 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-9
- Avoid an error if the elected attrd is on a node that is shutting down
- Resolves: RHEL-14052
* Tue Aug 29 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-8
- Fix an additional shutdown race between attrd and the controller
- Related: rhbz2228955
* Mon Aug 7 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-7
- Fix attrd race condition when shutting down
- Resolves: rhbz2228955
* Thu Jul 27 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-6
- Wait for a reply from various controller commands
- Resolves: rhbz2225631
- Related: rhbz2189300
* Tue Jul 25 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-5
- Apply dampening when creating attributes with attrd_updater -U
- Resolves: rhbz2224046
- Related: rhbz2189300
* Wed Jul 19 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-4
- Clone instances should not shuffle unnecessarily
- Fix a bug in clone resource description display
- Resolves: rhbz1931023
- Resolves: rhbz1688149
- Related: rhbz2106642
- Related: rhbz2189300
* Mon Jul 10 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-3
- Fix moving groups when there's a constraint for a single group member
- Resolves: rhbz2218232
- Resolves: rhbz2189300
* Wed Jun 21 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-2
- Support start state for Pacemaker Remote nodes
- Resolves: rhbz1502795
* Thu May 25 2023 Chris Lumens <clumens@redhat.com> - 2.1.6-1
- Rebase pacemaker on upstream 2.1.6 final release
- Resolves: rhbz1578820
- Resolves: rhbz1632951
- Resolves: rhbz1876173
- Resolves: rhbz2010084
- Resolves: rhbz2030869
- Resolves: rhbz2078611
- Resolves: rhbz2106642
- Resolves: rhbz2160206
- Resolves: rhbz2168633
* Wed Feb 22 2023 Chris Lumens <clumens@redhat.com> - 2.1.5-8
- Rebuild with new release due to build system problems
- Related: rhbz2168249
- Related: rhbz2168675
* Tue Feb 21 2023 Chris Lumens <clumens@redhat.com> - 2.1.5-7
- Additional fixes for SIGABRT during pacemaker-fenced shutdown
- Backport fix for attrd_updater -QA not displaying all nodes
- Related: rhbz2168249
- Resolves: rhbz2168675
* Wed Feb 8 2023 Chris Lumens <clumens@redhat.com> - 2.1.5-6
- Backport fix for migration history cleanup causing resource recovery
- Backport fix for SIGABRT during pacemaker-fenced shutdown
- Resolves: rhbz2166388
- Resolves: rhbz2168249
* Tue Jan 24 2023 Ken Gaillot <kgaillot@redhat.com> - 2.1.5-5
- Backport fix for remote node shutdown regression
- Resolves: rhbz2163567
* Fri Dec 9 2022 Chris Lumens <clumens@redhat.com> - 2.1.5-4
- Rebase pacemaker on upstream 2.1.5 final release
- Add support for sync points to attribute daemon
- Resolves: rhbz1463033
- Resolves: rhbz1866578
- Resolves: rhbz2122352
* Tue Dec 6 2022 Chris Lumens <clumens@redhat.com> - 2.1.5-3
- Fix errors found by covscan
- Related: rhbz2122352
* Wed Nov 23 2022 Chris Lumens <clumens@redhat.com> - 2.1.5-2
- Rebase on upstream 2.1.5-rc3 release
- Resolves: rhbz1626546
- Related: rhbz2122352
* Tue Nov 22 2022 Chris Lumens <clumens@redhat.com> - 2.1.5-1
- Rebase on upstream 2.1.5-rc2 release
- Resolves: rhbz1822125
- Resolves: rhbz2095662
- Resolves: rhbz2121852
- Resolves: rhbz2122806
- Resolves: rhbz2133497
- Resolves: rhbz2142681
* Wed Aug 10 2022 Ken Gaillot <kgaillot@redhat.com> - 2.1.4-5
- Fix regression in crm_resource -O
- Resolves: rhbz2118337
* Wed Jul 20 2022 Ken Gaillot <kgaillot@redhat.com> - 2.1.4-4
- Ensure all nodes are re-unfenced after device configuration change
- crm_resource --why now checks node health status
- Resolves: rhbz1872483
- Resolves: rhbz2065818
* Wed Jun 29 2022 Ken Gaillot <kgaillot@redhat.com> - 2.1.4-3
- Add support for ACL groups
- Resolves: rhbz1724310
@ -1057,7 +1281,7 @@ exit 0
- Show better error messages in crm_resource with invalid resource types
- Avoid selecting wrong device when dynamic-list fencing is used with host map
- Do not schedule probes of unmanaged resources on pending nodes
- Fix regressions in crm_attribute and crm_master argument handling
- Fix argument handling regressions in crm_attribute and wrappers
- Resolves: rhbz1447918
- Resolves: rhbz1978010
- Resolves: rhbz1982453
@ -1326,7 +1550,7 @@ exit 0
- Resolves: rhbz#1622969
* Mon Aug 13 2018 Ken Gaillot <kgaillot@redhat.com> - 2.0.0-7
- Include upstream master branch commits through 975347d4
- Include upstream main branch commits through 975347d4
- Resolves: rhbz#1543494
- Resolves: rhbz#1602650
- Resolves: rhbz#1608369
@ -1497,7 +1721,7 @@ exit 0
* Thu Aug 20 2015 Andrew Beekhof <abeekhof@redhat.com> - 1.1.13-2
- Update for new upstream tarball: Pacemaker-1.1.13
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/master/ChangeLog for full details
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/main/ChangeLog for full details
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.12-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
@ -1507,7 +1731,7 @@ exit 0
* Tue Oct 28 2014 Andrew Beekhof <abeekhof@redhat.com> - 1.1.12-1
- Update for new upstream tarball: Pacemaker-1.1.12+ (a9c8177)
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/master/ChangeLog for full details
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/main/ChangeLog for full details
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.11-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
@ -1517,11 +1741,11 @@ exit 0
* Tue Feb 18 2014 Andrew Beekhof <abeekhof@redhat.com> - 1.1.11-1
- Update for new upstream tarball: Pacemaker-1.1.11 (9d39a6b)
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/master/ChangeLog for full details
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/main/ChangeLog for full details
* Thu Jun 20 2013 Andrew Beekhof <abeekhof@redhat.com> - 1.1.9-3
- Update to upstream 7d8acec
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/master/ChangeLog for full details
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/main/ChangeLog for full details
+ Feature: Turn off auto-respawning of systemd services when the cluster starts them
+ Fix: crmd: Ensure operations for cleaned up resources don't block recovery
@ -1529,11 +1753,11 @@ exit 0
* Mon Jun 17 2013 Andrew Beekhof <abeekhof@redhat.com> - 1.1.9-2
- Update for new upstream tarball: 781a388
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/master/ChangeLog for full details
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/main/ChangeLog for full details
* Wed May 12 2010 Andrew Beekhof <andrew@beekhof.net> - 1.1.2-1
- Update the tarball from the upstream 1.1.2 release
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/master/ChangeLog for full details
- See included ChangeLog file or https://raw.github.com/ClusterLabs/pacemaker/main/ChangeLog for full details
* Tue Jul 14 2009 Andrew Beekhof <andrew@beekhof.net> - 1.0.4-1
- Initial checkin