resource-agents/SOURCES/bz1750352-rabbitmq-cluster-restore-users-single-node-mode.patch

From c0b6356bbf5b9a1fb76b011486dfce258d395ef8 Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <lemenkov@gmail.com>
Date: Fri, 6 Sep 2019 14:22:46 +0200
Subject: [PATCH] Restore users/perms/policies even if starting in a single
 node mode

See https://bugzilla.redhat.com/1744467#c1

Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
---
 heartbeat/rabbitmq-cluster | 109 ++++++++++++++++++++-----------------
 1 file changed, 58 insertions(+), 51 deletions(-)

diff --git a/heartbeat/rabbitmq-cluster b/heartbeat/rabbitmq-cluster
index cf8ca21a6..7837e9e3c 100755
--- a/heartbeat/rabbitmq-cluster
+++ b/heartbeat/rabbitmq-cluster
@@ -114,6 +114,62 @@ rmq_wipe_data()
 	rm -rf $RMQ_DATA_DIR > /dev/null 2>&1 
 }
 
+rmq_restore_users_perms_policies()
+{
+	# Restore users, user permissions, and policies (if any)
+	BaseDataDir=`dirname $RMQ_DATA_DIR`
+	$RMQ_EVAL "
+		%% Run only if Mnesia is ready.
+		lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso
+		begin
+			Restore = fun(Table, PostprocessFun, Filename) ->
+				case file:consult(Filename) of
+					{error, _} ->
+						ok;
+					{ok, [Result]} ->
+						lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result),
+						file:delete(Filename)
+				end
+			end,
+
+			%% Restore users
+
+			Upgrade = fun
+				({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5};
+				({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D}
+			end,
+
+			Downgrade = fun
+				({internal_user, A, B, C}) -> {internal_user, A, B, C};
+				({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C};
+				%% Incompatible scheme, so we will loose user's password ('B' value) during conversion.
+				%% Unfortunately, this case will require manual intervention - user have to run:
+				%%    rabbitmqctl change_password <A> <somenewpassword>
+				({internal_user, A, B, C, _}) -> {internal_user, A, B, C}
+			end,
+
+			%% Check db scheme first
+			[WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]),
+			case WildPattern of
+				%% Version < 3.6.0
+				{internal_user,'_','_','_'} ->
+					Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\");
+				%% Version >= 3.6.0
+				{internal_user,'_','_','_','_'} ->
+					Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\")
+			end,
+
+			NoOp = fun(X) -> X end,
+
+			%% Restore user permissions
+			Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"),
+
+			%% Restore policies
+			Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\")
+		end.
+	"
+}
+
 rmq_local_node()
 {
 
@@ -411,6 +467,7 @@ rmq_try_start() {
 	if [ -z "$join_list" ]; then
 		rmq_start_first
 		rc=$?
+		rmq_restore_users_perms_policies
 		return $rc
 	fi
 
@@ -437,58 +494,8 @@ rmq_try_start() {
 		return $RMQ_TRY_RESTART_ERROR_CODE
 	fi
 
-	# Restore users, user permissions, and policies (if any)
-	BaseDataDir=`dirname $RMQ_DATA_DIR`
-	$RMQ_EVAL "
-		%% Run only if Mnesia is ready.
-		lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso
-		begin
-			Restore = fun(Table, PostprocessFun, Filename) ->
-				case file:consult(Filename) of
-					{error, _} ->
-						ok;
-					{ok, [Result]} ->
-						lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result),
-						file:delete(Filename)
-				end
-			end,
+	rmq_restore_users_perms_policies
 
-			%% Restore users
-
-			Upgrade = fun
-				({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5};
-				({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D}
-			end,
-
-			Downgrade = fun
-				({internal_user, A, B, C}) -> {internal_user, A, B, C};
-				({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C};
-				%% Incompatible scheme, so we will loose user's password ('B' value) during conversion.
-				%% Unfortunately, this case will require manual intervention - user have to run:
-				%%    rabbitmqctl change_password <A> <somenewpassword>
-				({internal_user, A, B, C, _}) -> {internal_user, A, B, C}
-			end,
-
-			%% Check db scheme first
-			[WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]),
-			case WildPattern of
-				%% Version < 3.6.0
-				{internal_user,'_','_','_'} ->
-					Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\");
-				%% Version >= 3.6.0
-				{internal_user,'_','_','_','_'} ->
-					Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\")
-			end,
-
-			NoOp = fun(X) -> X end,
-
-			%% Restore user permissions
-			Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"),
-
-			%% Restore policies
-			Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\")
-		end.
-	"
 	return $OCF_SUCCESS
 }
import resource-agents-4.1.1-94.el8 2021-05-14 04:17:31 +00:00			`From c0b6356bbf5b9a1fb76b011486dfce258d395ef8 Mon Sep 17 00:00:00 2001`
			`From: Peter Lemenkov <lemenkov@gmail.com>`
			`Date: Fri, 6 Sep 2019 14:22:46 +0200`
			`Subject: [PATCH] Restore users/perms/policies even if starting in a single`
			`node mode`

			`See https://bugzilla.redhat.com/1744467#c1`

			`Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>`
			`---`
			`heartbeat/rabbitmq-cluster \| 109 ++++++++++++++++++++-----------------`
			`1 file changed, 58 insertions(+), 51 deletions(-)`

			`diff --git a/heartbeat/rabbitmq-cluster b/heartbeat/rabbitmq-cluster`
			`index cf8ca21a6..7837e9e3c 100755`
			`--- a/heartbeat/rabbitmq-cluster`
			`+++ b/heartbeat/rabbitmq-cluster`
			`@@ -114,6 +114,62 @@ rmq_wipe_data()`
			`rm -rf $RMQ_DATA_DIR > /dev/null 2>&1`
			`}`

			`+rmq_restore_users_perms_policies()`
			`+{`
			`+ # Restore users, user permissions, and policies (if any)`
			+ BaseDataDir=`dirname $RMQ_DATA_DIR`
			`+ $RMQ_EVAL "`
			`+ %% Run only if Mnesia is ready.`
			`+ lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso`
			`+ begin`
			`+ Restore = fun(Table, PostprocessFun, Filename) ->`
			`+ case file:consult(Filename) of`
			`+ {error, _} ->`
			`+ ok;`
			`+ {ok, [Result]} ->`
			`+ lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result),`
			`+ file:delete(Filename)`
			`+ end`
			`+ end,`
			`+`
			`+ %% Restore users`
			`+`
			`+ Upgrade = fun`
			`+ ({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5};`
			`+ ({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D}`
			`+ end,`
			`+`
			`+ Downgrade = fun`
			`+ ({internal_user, A, B, C}) -> {internal_user, A, B, C};`
			`+ ({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C};`
			`+ %% Incompatible scheme, so we will loose user's password ('B' value) during conversion.`
			`+ %% Unfortunately, this case will require manual intervention - user have to run:`
			`+ %% rabbitmqctl change_password <A> <somenewpassword>`
			`+ ({internal_user, A, B, C, _}) -> {internal_user, A, B, C}`
			`+ end,`
			`+`
			`+ %% Check db scheme first`
			`+ [WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]),`
			`+ case WildPattern of`
			`+ %% Version < 3.6.0`
			`+ {internal_user,'_','_','_'} ->`
			`+ Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\");`
			`+ %% Version >= 3.6.0`
			`+ {internal_user,'_','_','_','_'} ->`
			`+ Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\")`
			`+ end,`
			`+`
			`+ NoOp = fun(X) -> X end,`
			`+`
			`+ %% Restore user permissions`
			`+ Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"),`
			`+`
			`+ %% Restore policies`
			`+ Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\")`
			`+ end.`
			`+ "`
			`+}`
			`+`
			`rmq_local_node()`
			`{`

			`@@ -411,6 +467,7 @@ rmq_try_start() {`
			`if [ -z "$join_list" ]; then`
			`rmq_start_first`
			`rc=$?`
			`+ rmq_restore_users_perms_policies`
			`return $rc`
			`fi`

			`@@ -437,58 +494,8 @@ rmq_try_start() {`
			`return $RMQ_TRY_RESTART_ERROR_CODE`
			`fi`

			`- # Restore users, user permissions, and policies (if any)`
			- BaseDataDir=`dirname $RMQ_DATA_DIR`
			`- $RMQ_EVAL "`
			`- %% Run only if Mnesia is ready.`
			`- lists:any(fun({mnesia,_,_}) -> true; ({_,_,_}) -> false end, application:which_applications()) andalso`
			`- begin`
			`- Restore = fun(Table, PostprocessFun, Filename) ->`
			`- case file:consult(Filename) of`
			`- {error, _} ->`
			`- ok;`
			`- {ok, [Result]} ->`
			`- lists:foreach(fun(X) -> mnesia:dirty_write(Table, PostprocessFun(X)) end, Result),`
			`- file:delete(Filename)`
			`- end`
			`- end,`
			`+ rmq_restore_users_perms_policies`

			`- %% Restore users`
			`-`
			`- Upgrade = fun`
			`- ({internal_user, A, B, C}) -> {internal_user, A, B, C, rabbit_password_hashing_md5};`
			`- ({internal_user, A, B, C, D}) -> {internal_user, A, B, C, D}`
			`- end,`
			`-`
			`- Downgrade = fun`
			`- ({internal_user, A, B, C}) -> {internal_user, A, B, C};`
			`- ({internal_user, A, B, C, rabbit_password_hashing_md5}) -> {internal_user, A, B, C};`
			`- %% Incompatible scheme, so we will loose user's password ('B' value) during conversion.`
			`- %% Unfortunately, this case will require manual intervention - user have to run:`
			`- %% rabbitmqctl change_password <A> <somenewpassword>`
			`- ({internal_user, A, B, C, _}) -> {internal_user, A, B, C}`
			`- end,`
			`-`
			`- %% Check db scheme first`
			`- [WildPattern] = ets:select(mnesia_gvar, [ { {{rabbit_user, wild_pattern}, '\\\$1'}, [], ['\\\$1'] } ]),`
			`- case WildPattern of`
			`- %% Version < 3.6.0`
			`- {internal_user,'_','_','_'} ->`
			`- Restore(rabbit_user, Downgrade, \"$BaseDataDir/users.erl\");`
			`- %% Version >= 3.6.0`
			`- {internal_user,'_','_','_','_'} ->`
			`- Restore(rabbit_user, Upgrade, \"$BaseDataDir/users.erl\")`
			`- end,`
			`-`
			`- NoOp = fun(X) -> X end,`
			`-`
			`- %% Restore user permissions`
			`- Restore(rabbit_user_permission, NoOp, \"$BaseDataDir/users_perms.erl\"),`
			`-`
			`- %% Restore policies`
			`- Restore(rabbit_runtime_parameters, NoOp, \"$BaseDataDir/policies.erl\")`
			`- end.`
			`- "`
			`return $OCF_SUCCESS`
			`}`