- pgsqlms: use monitor_user and monitor_password for monitor operations
Resolves: RHEL-150841
This commit is contained in:
Arslan Ahmad
parent
6097cf73a6
commit
62f2645f35
@ -0,0 +1,135 @@
|
||||
From 4890009e6837df6f2cdfcf25d766e146fb8d1cfd Mon Sep 17 00:00:00 2001
|
||||
From: Arslan Ahmad <arslan.ahmad97@googlemail.com>
|
||||
Date: Thu, 14 May 2026 18:37:05 +0530
|
||||
Subject: [PATCH] pgsqlms: Use monitor_user and monitor_password for monitor
|
||||
operations
|
||||
|
||||
Utilize monitor_user for monitoring calls; fallback to .pgpass
|
||||
when no monitor_password is provided.
|
||||
|
||||
Signed-off-by: Arslan Ahmad <arslan.ahmad97@googlemail.com>
|
||||
---
|
||||
script/pgsqlms | 54 +++++++++++++++++++++++++++++++++++++++++++++-----
|
||||
1 file changed, 49 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/script/pgsqlms b/script/pgsqlms
|
||||
index 5ddd67a..0779cc1 100755
|
||||
--- a/heartbeat/pgsqlms
|
||||
+++ b/heartbeat/pgsqlms
|
||||
@@ -46,6 +46,8 @@ my %OCF_NOTIFY_ENV = ocf_notify_env() if $__OCF_ACTION eq 'notify';
|
||||
|
||||
# Default parameters values
|
||||
my $system_user_default = "postgres";
|
||||
+my $monitor_user_default = "";
|
||||
+my $monitor_password_default = "";
|
||||
my $bindir_default = "/usr/bin";
|
||||
my $pgdata_default = "/var/lib/pgsql/data";
|
||||
my $pghost_default = "/tmp";
|
||||
@@ -55,6 +57,8 @@ my $maxlag_default = "0";
|
||||
|
||||
# Set default values if not found in environment
|
||||
my $system_user = $ENV{'OCF_RESKEY_system_user'} || $system_user_default;
|
||||
+my $monitor_user = $ENV{'OCF_RESKEY_monitor_user'} || $monitor_user_default;
|
||||
+my $monitor_password = $ENV{'OCF_RESKEY_monitor_password'} || $monitor_password_default;
|
||||
my $bindir = $ENV{'OCF_RESKEY_bindir'} || $bindir_default;
|
||||
my $pgdata = $ENV{'OCF_RESKEY_pgdata'} || $pgdata_default;
|
||||
my $datadir = $ENV{'OCF_RESKEY_datadir'} || $pgdata;
|
||||
@@ -95,6 +99,7 @@ my $PGVER_12 = 120000;
|
||||
# the result as second one.
|
||||
#
|
||||
sub _query {
|
||||
+ my $user = shift if @_ == 3;
|
||||
my $query = shift;
|
||||
my $res = shift;
|
||||
my $connstr = "dbname=postgres";
|
||||
@@ -107,6 +112,7 @@ sub _query {
|
||||
my $ans;
|
||||
my $pid;
|
||||
my $rc;
|
||||
+ my @psql_args;
|
||||
|
||||
unless ( defined $res and defined $query and $query ne '' ) {
|
||||
ocf_log( 'debug', '_query: wrong parameters!' );
|
||||
@@ -135,9 +141,19 @@ sub _query {
|
||||
$pid = open(my $KID, "-|");
|
||||
|
||||
if ( $pid == 0 ) { # child
|
||||
- exec $PGPSQL, '--set', 'ON_ERROR_STOP=1', '-qXAtf', $tmpfile,
|
||||
- '-R', $RS, '-F', $FS, '--port', $pgport, '--host', $pghost,
|
||||
- $connstr;
|
||||
+ # Build psql arguments
|
||||
+ @psql_args = ('--set', 'ON_ERROR_STOP=1', '-qXAtf', $tmpfile,
|
||||
+ '-R', $RS, '-F', $FS, '--port', $pgport, '--host', $pghost);
|
||||
+
|
||||
+ # Add username and password for non-system user
|
||||
+ if ( $user ) {
|
||||
+ push @psql_args, '-U', $user;
|
||||
+ $ENV{'PGPASSWORD'} = $monitor_password if $monitor_password ne '';
|
||||
+ }
|
||||
+
|
||||
+ push @psql_args, $connstr;
|
||||
+
|
||||
+ exec $PGPSQL, @psql_args;
|
||||
}
|
||||
|
||||
# parent
|
||||
@@ -259,7 +275,7 @@ sub _get_lag_scores {
|
||||
ORDER BY priority DESC
|
||||
};
|
||||
|
||||
- $rc = _query( $query, \@rs );
|
||||
+ $rc = _query( $monitor_user, $query, \@rs );
|
||||
|
||||
if ( $rc != 0 ) {
|
||||
ocf_exit_reason( 'Query to get standby locations failed (%d)', $rc );
|
||||
@@ -898,7 +914,7 @@ sub _confirm_role {
|
||||
my $rc;
|
||||
my @rs;
|
||||
|
||||
- $rc = _query( "SELECT pg_is_in_recovery()", \@rs );
|
||||
+ $rc = _query( $monitor_user, "SELECT pg_is_in_recovery()", \@rs );
|
||||
|
||||
$is_in_recovery = $rs[0][0];
|
||||
|
||||
@@ -1051,6 +1067,18 @@ The system owner of your instance's process
|
||||
|
||||
(optional, string, default "postgres")
|
||||
|
||||
+=item B<monitor_user>
|
||||
+
|
||||
+PostgreSQL user for monitor operations
|
||||
+
|
||||
+(optional, string, default "")
|
||||
+
|
||||
+=item B<monitor_password>
|
||||
+
|
||||
+PostgreSQL password for monitor user
|
||||
+
|
||||
+(optional, string, default "")
|
||||
+
|
||||
=item B<recovery_template>
|
||||
|
||||
B<ONLY> for PostgreSQL 11 and bellow.
|
||||
@@ -1118,6 +1146,22 @@ sub ocf_meta_data {
|
||||
<content type="string" default="$system_user_default" />
|
||||
</parameter>
|
||||
|
||||
+ <parameter name="monitor_user" unique="0" required="0">
|
||||
+ <longdesc lang="en">
|
||||
+ PostgreSQL user that pgsql RA will use for monitor operations
|
||||
+ </longdesc>
|
||||
+ <shortdesc lang="en">PostgreSQL monitor User</shortdesc>
|
||||
+ <content type="string" default="$monitor_user_default" />
|
||||
+ </parameter>
|
||||
+
|
||||
+ <parameter name="monitor_password" unique="0" required="0">
|
||||
+ <longdesc lang="en">
|
||||
+ PostgreSQL password for monitor user
|
||||
+ </longdesc>
|
||||
+ <shortdesc lang="en">PostgreSQL monitor Password</shortdesc>
|
||||
+ <content type="string" default="$monitor_password_default" />
|
||||
+ </parameter>
|
||||
+
|
||||
<parameter name="bindir" unique="0" required="0">
|
||||
<longdesc lang="en">
|
||||
Path to the directory storing the PostgreSQL binaries. The agent
|
||||
@ -45,7 +45,7 @@
|
||||
Name: resource-agents
|
||||
Summary: Open Source HA Reusable Cluster Resource Scripts
|
||||
Version: 4.16.0
|
||||
Release: 61%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
|
||||
Release: 62%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}
|
||||
License: GPL-2.0-or-later AND LGPL-2.1-or-later
|
||||
URL: https://github.com/ClusterLabs/resource-agents
|
||||
Source0: %{upstream_prefix}-%{upstream_version}.tar.gz
|
||||
@ -131,6 +131,7 @@ Patch78: RHEL-150849-pgsql-use-monitor_user-for-monitor-calls-and-use-pgpass-whe
|
||||
Patch79: RHEL-176357-podman-etcd-fix-port-2380-binding-race.patch
|
||||
Patch80: RHEL-177543-podman-etcd-fix-machine-deletion-deadlock.patch
|
||||
Patch81: RHEL-177544-podman-etcd-fix-learner-start-deadlock.patch
|
||||
Patch82: RHEL-150841-pgsqlms-use-monitor_user-for-monitor-calls-and-use-pgpass-when-monitor_password-is-not-specified.patch
|
||||
|
||||
# bundled ha-cloud-support libs
|
||||
Patch500: ha-cloud-support-aliyun.patch
|
||||
@ -383,6 +384,7 @@ exit 1
|
||||
%patch -p1 -P 79
|
||||
%patch -p1 -P 80
|
||||
%patch -p1 -P 81
|
||||
%patch -p1 -P 82
|
||||
|
||||
# bundled ha-cloud-support libs
|
||||
%patch -p1 -P 500
|
||||
@ -715,6 +717,12 @@ rm -rf %{buildroot}/usr/share/doc/resource-agents
|
||||
%{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm
|
||||
|
||||
%changelog
|
||||
* Thu May 21 2026 Arslan Ahmad <arahmad@redhat.com> - 4.16.0-62
|
||||
- pgsqlms: use monitor_user for monitor-calls and use .pgpass when
|
||||
monitor_password is not specified
|
||||
|
||||
Resolves: RHEL-150841
|
||||
|
||||
* Wed May 20 2026 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.16.0-61
|
||||
- podman-etcd: fix port 2380 binding race
|
||||
- podman-etcd: fix machine deletion deadlock
|
||||
|
||||
Loading…
Reference in New Issue
Block a user