From 67899e6f1c16f89439b2d6448828cf720430b18c Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Thu, 15 Oct 2020 13:38:38 -0700 Subject: [PATCH] RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/watchdog#86347a9b61b87a398333d219c564254c0ab7bbe6 --- .gitignore | 6 + ...param.h-for-EXEC_PAGESIZE-definition.patch | 28 ++ ...ake-watchdog-refresh-settimeout-work.patch | 153 +++++++++ 0003-Ignore-build-products-in-GIT.patch | 66 ++++ ...mpile-with-musl-when-nfs-is-disabled.patch | 32 ++ 0004-watchdog-5.13-rhseldoc.patch | 136 ++++++++ 0005-Rename-READ_ENUM-to-READ_YESNO.patch | 64 ++++ ...ake-IT87-fix-up-automatic-by-default.patch | 183 +++++++++++ 0007-Synced-Debian-files-with-5.15-2.patch | 116 +++++++ 0008-Fix-automated-CentOS-7-build.patch | 58 ++++ ...atchdog-configuration-file-corruptio.patch | 101 ++++++ ...or-another-RPC-library-for-XDR-heade.patch | 57 ++++ README.Fedora | 34 ++ README.watchdog.ipmi | 107 +++++++ sources | 1 + watchdog-ping.service | 11 + watchdog.init | 91 ++++++ watchdog.service | 11 + watchdog.spec | 299 ++++++++++++++++++ 19 files changed, 1554 insertions(+) create mode 100644 0001-Include-linux-param.h-for-EXEC_PAGESIZE-definition.patch create mode 100644 0002-Generalize-and-make-watchdog-refresh-settimeout-work.patch create mode 100644 0003-Ignore-build-products-in-GIT.patch create mode 100644 0004-Compile-with-musl-when-nfs-is-disabled.patch create mode 100644 0004-watchdog-5.13-rhseldoc.patch create mode 100644 0005-Rename-READ_ENUM-to-READ_YESNO.patch create mode 100644 0006-Make-IT87-fix-up-automatic-by-default.patch create mode 100644 0007-Synced-Debian-files-with-5.15-2.patch create mode 100644 0008-Fix-automated-CentOS-7-build.patch create mode 100644 0009-Bugfix-against-watchdog-configuration-file-corruptio.patch create mode 100644 0010-Choose-libtirpc-or-another-RPC-library-for-XDR-heade.patch create mode 100644 README.Fedora create mode 100644 README.watchdog.ipmi create mode 100644 sources create mode 100644 watchdog-ping.service create mode 100644 watchdog.init create mode 100644 watchdog.service create mode 100644 watchdog.spec diff --git a/.gitignore b/.gitignore index e69de29..4f74e65 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1,6 @@ +*~ + +/.build-* + +/clog +/watchdog-*.tar.gz diff --git a/0001-Include-linux-param.h-for-EXEC_PAGESIZE-definition.patch b/0001-Include-linux-param.h-for-EXEC_PAGESIZE-definition.patch new file mode 100644 index 0000000..35eadf1 --- /dev/null +++ b/0001-Include-linux-param.h-for-EXEC_PAGESIZE-definition.patch @@ -0,0 +1,28 @@ +From c5cb4e1a0339844ae3f55ff1dc4a716c28012f05 Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Tue, 28 Jun 2016 18:08:48 +0100 +Subject: [PATCH 01/10] Include linux/param.h for EXEC_PAGESIZE definition + +Musl does not include linux/param.h whereas glibc does, so it fails +to build on musl. Patch supplied by Khem Raj +--- + src/watchdog.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/watchdog.c b/src/watchdog.c +index acf6450..486384a 100644 +--- a/src/watchdog.c ++++ b/src/watchdog.c +@@ -26,6 +26,9 @@ + #include /* For EXEC_PAGESIZE */ + #include + #include ++#ifdef __linux__ ++#include ++#endif + #include + + #include +-- +2.20.1 + diff --git a/0002-Generalize-and-make-watchdog-refresh-settimeout-work.patch b/0002-Generalize-and-make-watchdog-refresh-settimeout-work.patch new file mode 100644 index 0000000..f31af9a --- /dev/null +++ b/0002-Generalize-and-make-watchdog-refresh-settimeout-work.patch @@ -0,0 +1,153 @@ +From 00cf0b0afc7cac797713276435322aeacd6020cb Mon Sep 17 00:00:00 2001 +From: "Maciej S. Szmigiero" +Date: Fri, 16 Dec 2016 23:18:00 +0100 +Subject: [PATCH 02/10] Generalize and make watchdog refresh "settimeout" + workaround configurable + +Commit 0d156df287656 introduced a workaround for a bug in the kernel +it87_wdt driver, where on some boards the watchdog timer wasn't refreshed +correctly. The workaround was to set its timeout again every refresh. + +However, this workaround was introduced unconditionally for every user of +the it87_wdt driver. +Currently, this kernel bug is supposed to be fixed ( by kernel commit +0bcd0b6a47431 ) so let's revert to old behavior by default so we by +coincidence don't mask future bugs and also comply with the kernel watchdog +API. + +Let's also print an informational message for an user how to re-enable the +workaround in case this driver bug wasn't fixed completely or the user +has an older kernel version without the fix. + +This change also makes this workaround available generically in case +a similar problem occurs in future in some other driver. +--- + include/extern.h | 1 + + src/configfile.c | 3 +++ + src/keep_alive.c | 20 +++++++++++--------- + watchdog.conf | 3 +++ + watchdog.conf.5 | 6 ++++++ + 5 files changed, 24 insertions(+), 9 deletions(-) + +diff --git a/include/extern.h b/include/extern.h +index f00e4cf..cbf97fd 100644 +--- a/include/extern.h ++++ b/include/extern.h +@@ -91,6 +91,7 @@ extern char *logdir; + extern char *heartbeat; + extern int hbstamps; + ++extern int refresh_use_settimeout; + extern int realtime; + + extern struct list *tr_bin_list; +diff --git a/src/configfile.c b/src/configfile.c +index a0996e2..10bbc69 100644 +--- a/src/configfile.c ++++ b/src/configfile.c +@@ -28,6 +28,7 @@ static void add_test_binaries(const char *path); + #define ADMIN "admin" + #define CHANGE "change" + #define DEVICE "watchdog-device" ++#define DEVICE_USE_SETTIMEOUT "watchdog-refresh-use-settimeout" + #define DEVICE_TIMEOUT "watchdog-timeout" + #define FILENAME "file" + #define INTERFACE "interface" +@@ -95,6 +96,7 @@ char *logdir = "/var/log/watchdog"; + char *heartbeat = NULL; + int hbstamps = 300; + ++int refresh_use_settimeout = FALSE; + int realtime = FALSE; + + /* Self-repairing binaries list */ +@@ -206,6 +208,7 @@ void read_config(char *configfile) + } else if (READ_INT(LOGTICK, &logtick) == 0) { + ticker = logtick; + } else if (READ_STRING(DEVICE, &devname) == 0) { ++ } else if (READ_ENUM(DEVICE_USE_SETTIMEOUT, &refresh_use_settimeout) == 0) { + } else if (READ_INT(DEVICE_TIMEOUT, &dev_timeout) == 0) { + } else if (READ_LIST(TEMP, &temp_list) == 0) { + } else if (READ_INT(MAXTEMP, &maxtemp) == 0) { +diff --git a/src/keep_alive.c b/src/keep_alive.c +index 2f77665..a57b0b5 100644 +--- a/src/keep_alive.c ++++ b/src/keep_alive.c +@@ -29,7 +29,6 @@ + + static int watchdog_fd = -1; + static int timeout_used = TIMER_MARGIN; +-static int Refresh_using_ioctl = FALSE; + + /* + * Open the watchdog timer (if name non-NULL) and set the time-out value (if non-zero). +@@ -68,16 +67,19 @@ int open_watchdog(char *name, int timeout) + /* The IT8728 on Gigabyte motherboard (and similar) would trip due to the normal + * refresh in the device driver failing to reset the timer for no obvious reason + * (though the normal operation used the Consumer IR sender to refresh via an +- * interrupt - also a non-obvious method!) so this work-around simply sets the +- * time-out every refresh operation. ++ * interrupt - also a non-obvious method!) so let's warn users of these ++ * watchdogs and direct them to a workaround option. + * +- * See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/932381 ++ * See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/932381 and ++ * https://bugzilla.kernel.org/show_bug.cgi?id=42801 + * + */ +- Refresh_using_ioctl = FALSE; +- if (strcmp("IT87 WDT", (char *)ident.identity) == 0) { +- Refresh_using_ioctl = TRUE; +- log_message(LOG_INFO, "Running IT87 module fix-up"); ++ if (!refresh_use_settimeout && strcmp("IT87 WDT", (char *)ident.identity) == 0) { ++ log_message(LOG_INFO, ++ "IT87 watchdog detected, if watchdog trips by itself when the first timeout interval elapses " ++ "try updating to the latest kernel"); ++ log_message(LOG_INFO, "if this does not help please report a kernel bug (not this package bug!) " ++ "and try using watchdog-refresh-use-settimeout=yes config option as a workaround"); + } + + return rv; +@@ -163,7 +165,7 @@ int keep_alive(void) + if (watchdog_fd == -1) + return (ENOERR); + +- if (Refresh_using_ioctl) { ++ if (refresh_use_settimeout) { + int timeout = timeout_used; + if (ioctl(watchdog_fd, WDIOC_SETTIMEOUT, &timeout) < 0) { + err = errno; +diff --git a/watchdog.conf b/watchdog.conf +index 3ccdb97..dcd59ce 100644 +--- a/watchdog.conf ++++ b/watchdog.conf +@@ -29,6 +29,9 @@ + #repair-maximum = 1 + + #watchdog-device = /dev/watchdog ++# If your watchdog trips by itself when the first timeout interval elapses try ++# uncommenting the line below ++#watchdog-refresh-use-settimeout = yes + + # Defaults compiled into the binary + #temperature-sensor = +diff --git a/watchdog.conf.5 b/watchdog.conf.5 +index 5af519d..4e5155a 100644 +--- a/watchdog.conf.5 ++++ b/watchdog.conf.5 +@@ -64,6 +64,12 @@ Set the watchdog device name, typically /dev/watchdog. Default is to disable + keep alive support. This should be tested by running the daemon from the + command line before configuring it to start automatically on booting. + .TP ++watchdog-refresh-use-settimeout = ++Refresh watchdog timer by setting its timeout instead of using a normal watchdog ++refresh operation. ++Might help if your watchdog trips by itself when the first timeout interval ++elapses. ++.TP + watchdog-timeout = + Set the watchdog device timeout during startup. If not set, a default is used + that should be set to the kernel timer margin at compile time. +-- +2.20.1 + diff --git a/0003-Ignore-build-products-in-GIT.patch b/0003-Ignore-build-products-in-GIT.patch new file mode 100644 index 0000000..39af455 --- /dev/null +++ b/0003-Ignore-build-products-in-GIT.patch @@ -0,0 +1,66 @@ +From de06f50eee35e3ea0daaf77d21e8888f8d8753ad Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Wed, 21 Dec 2016 22:00:51 +0000 +Subject: [PATCH 03/10] Ignore build products in GIT + +- Added a .gitignore file to list those files we do not track in GIT + +- Based on pull request by Maciej S. Szmigiero: + + Currently, after doing checkout and build 'git status' on the + source tree returns a lot of untracked files. Their presence + makes it harder to spot actual tree changes, so let's make + the noise disappear from 'git status' by adding proper .gitignore + files. +--- + .gitignore | 38 ++++++++++++++++++++++++++++++++++++++ + 1 file changed, 38 insertions(+) + create mode 100644 .gitignore + +diff --git a/.gitignore b/.gitignore +new file mode 100644 +index 0000000..db2baeb +--- /dev/null ++++ b/.gitignore +@@ -0,0 +1,38 @@ ++# Ignore hidden/backup/compilation files ++ ++.* ++*.o ++*~ ++ ++# However don't ignore this file ++ ++!/.gitignore ++ ++# Ignore the build programs ++ ++src/watchdog ++src/wd_identify ++src/wd_keepalive ++ ++# Ignore remaining files create/modified by the steps: ++# autoreconf -i ++# ./configure ++# make ++ ++Makefile ++Makefile.in ++aclocal.m4 ++autom4te.cache/ ++compile ++config.log ++config.status ++configure ++depcomp ++include/config.h ++include/config.h.in ++include/stamp-h1 ++install-sh ++missing ++src/Makefile ++src/Makefile.in ++ +-- +2.20.1 + diff --git a/0004-Compile-with-musl-when-nfs-is-disabled.patch b/0004-Compile-with-musl-when-nfs-is-disabled.patch new file mode 100644 index 0000000..9162c3f --- /dev/null +++ b/0004-Compile-with-musl-when-nfs-is-disabled.patch @@ -0,0 +1,32 @@ +From f52c40680f0aad44b9ae16648803453ec00cbb2c Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Fri, 30 Dec 2016 15:55:45 +0000 +Subject: [PATCH 04/10] Compile with musl when nfs is disabled + +musl does by default not ship with rpc headers. The watchdog should +not require rpc headers when nfs support is disabled. + +Patch by Felix Janda +--- + include/sundries.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/include/sundries.h b/include/sundries.h +index 4379982..98c489a 100644 +--- a/include/sundries.h ++++ b/include/sundries.h +@@ -9,9 +9,11 @@ + #include + #include + #include ++#if HAVE_NFS + #if !defined(bool_t) && !defined(__GLIBC__) + #include + #endif ++#endif + + extern int mount_mount_quiet; + extern int mount_verbose; +-- +2.20.1 + diff --git a/0004-watchdog-5.13-rhseldoc.patch b/0004-watchdog-5.13-rhseldoc.patch new file mode 100644 index 0000000..3ccaf23 --- /dev/null +++ b/0004-watchdog-5.13-rhseldoc.patch @@ -0,0 +1,136 @@ +diff -ur watchdog-5.15.old/watchdog.8 watchdog-5.15/watchdog.8 +--- watchdog-5.15.old/watchdog.8 2016-02-26 12:05:00.000000000 +0000 ++++ watchdog-5.15/watchdog.8 2018-02-13 08:54:00.860681339 +0000 +@@ -215,6 +215,7 @@ + .BR watchdog . + So you can for instance restart the server from your + .IR repair-binary . ++See the Systemd section below for additinal information. + .PP + .B watchdog + will try periodically to fork itself to see whether the process +@@ -241,6 +242,8 @@ + considered unreachable causing a soft reboot or action from the + repair binary. + .PP ++To start the watchdog when network is available see the Systemd section below. ++.PP + .B watchdog + can run an external command for user-defined tests. A return code not equal 0 + means an error occurred and watchdog should react. If the external command is +@@ -350,6 +353,9 @@ + 246 + Free for personal watchdog-specific use (was \-10 as an unsigned 8\-bit + number). ++.PP ++With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ ++for your test-binary configuration. + .TP + 245 + Reserved for an unknown result, for example a slow background test that is +@@ -377,6 +383,9 @@ + controls the number of successive repair attempts that report 0 (i.e. success) but + fail to clear the tested fault. If this is exceeded then a reboot takes place. If set + to zero then a reboot can always be blocked by the repair program reporting success. ++.PP ++With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ ++for your repair-binary configuration. + .SH "TEST DIRECTORY" + Executables placed in the test directory are discovered by watchdog on + startup and are automatically executed. They are bounded time-wise by +@@ -415,6 +424,27 @@ + repair-maximum + also controls the number of successive repair attempts that report success + (return 0) but fail to clear the fault. ++.SH SYSTEMD ++To start watchdog after the network is available: ++.PP ++.br ++systemctl disable watchdog ++.br ++systemctl enable NetworkManager-wait-online ++.br ++systemctl enable watchdog-ping ++.PP ++ ++When using custom service pid check with custom service ++systemd unit file please be aware the "Requires=" ++does dependent service deactivation. ++Using "Before=watchdog.service" or "Before=watchdog-ping.service" ++in the custom service unit file may be the desired operation instead. ++See systemd.unit documentation for more details. ++ ++.SH SELINUX ++The directories /etc/watchdog.d/ and /usr/libexec/watchdog/scripts/ are ++recognized locations for custom executables. + .SH BUGS + None known so far. + .SH AUTHORS +@@ -433,4 +463,4 @@ + The pid file of the running + .BR watchdog . + .SH "SEE ALSO" +-.BR watchdog.conf (5) ++.BR watchdog.conf (5), systemd.unit (5) +diff -ur watchdog-5.15.old/watchdog.conf watchdog-5.15/watchdog.conf +--- watchdog-5.15.old/watchdog.conf 2016-02-26 12:05:00.000000000 +0000 ++++ watchdog-5.15/watchdog.conf 2018-02-13 08:52:18.899721271 +0000 +@@ -16,6 +16,8 @@ + #min-memory = 1 + #allocatable-memory = 1 + ++# With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ ++# or /etc/watchdog.d/ for your test-binary and repair-binary configuration. + #repair-binary = /usr/sbin/repair + #repair-timeout = 60 + #test-binary = +@@ -45,5 +47,12 @@ + realtime = yes + priority = 1 + ++# When using custom service pid check with custom service ++# systemd unit file please be aware the "Requires=" ++# does dependent service deactivation. ++# Using "Before=watchdog.service" or "Before=watchdog-ping.service" ++# in the custom service unit file may be the desired operation instead. ++# See man 5 systemd.unit for more details. ++# + # Check if rsyslogd is still running by enabling the following line + #pidfile = /var/run/rsyslogd.pid +diff -ur watchdog-5.15.old/watchdog.conf.5 watchdog-5.15/watchdog.conf.5 +--- watchdog-5.15.old/watchdog.conf.5 2016-02-26 12:05:00.000000000 +0000 ++++ watchdog-5.15/watchdog.conf.5 2018-02-13 08:52:18.898721271 +0000 +@@ -105,6 +105,7 @@ + pidfile = + Set pidfile name for server test mode. + This option can be given as often as you like to check several servers. ++See the Systemd section in watchdog (8) for more information. + .TP + ping = + Set IPv4 address for ping mode. +@@ -119,6 +120,8 @@ + .TP + test-binary = + Execute the given binary to do some user defined tests. ++With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ ++for your test-binary configuration. + .TP + test-timeout = + User defined tests may only run for seconds. Set to 0 for unlimited. +@@ -126,6 +129,8 @@ + repair-binary = + Execute the given binary in case of a problem instead of shutting down the + system. ++With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/ ++for your repair-binary configuration. + .TP + repair-timeout = + repair command may only run for seconds. Set to 0 for 'unlimited', but +@@ -156,6 +161,7 @@ + .TP + test-directory = + Set the directory to run user test/repair scripts. Default is '/etc/watchdog.d' ++The /etc/watchdog.d/ is recognized by SELinux policy. + See the Test Directory section in watchdog(8) for more information. + .TP + log-dir = diff --git a/0005-Rename-READ_ENUM-to-READ_YESNO.patch b/0005-Rename-READ_ENUM-to-READ_YESNO.patch new file mode 100644 index 0000000..8dc24e2 --- /dev/null +++ b/0005-Rename-READ_ENUM-to-READ_YESNO.patch @@ -0,0 +1,64 @@ +From 2878f90d6f50e7243038f4b1221654f18b2bd475 Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Fri, 30 Dec 2016 16:01:15 +0000 +Subject: [PATCH 05/10] Rename READ_ENUM to READ_YESNO + +- Previously we only has a single enumerated choice - the Boolean + yes/no option in the config file. + +- In preparation for having yes/no/auto we should make this more + obvious. +--- + src/configfile.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/configfile.c b/src/configfile.c +index 10bbc69..809e39a 100644 +--- a/src/configfile.c ++++ b/src/configfile.c +@@ -128,7 +128,7 @@ READ_LIST_END() + + #define READ_INT(name, iv) read_int_func( arg, val, name, 0, 0, iv) + #define READ_STRING(name, str) read_string_func( arg, val, name, Read_allow_blank, str) +-#define READ_ENUM(name, iv) read_enumerated_func(arg, val, name, Yes_No_list, iv) ++#define READ_YESNO(name, iv) read_enumerated_func(arg, val, name, Yes_No_list, iv) + #define READ_LIST(name, list) read_list_func( arg, val, name, 0, list) + + /* +@@ -195,7 +195,7 @@ void read_config(char *configfile) + } else if (READ_INT(PINGCOUNT, &pingcount) == 0) { + } else if (READ_LIST(PING, &target_list) == 0) { + } else if (READ_LIST(INTERFACE, &iface_list) == 0) { +- } else if (READ_ENUM(REALTIME, &realtime) == 0) { ++ } else if (READ_YESNO(REALTIME, &realtime) == 0) { + } else if (READ_INT(PRIORITY, &schedprio) == 0) { + } else if (READ_STRING(REPAIRBIN, &repair_bin) == 0) { + } else if (READ_INT(REPAIRTIMEOUT, &repair_timeout) == 0) { +@@ -208,7 +208,7 @@ void read_config(char *configfile) + } else if (READ_INT(LOGTICK, &logtick) == 0) { + ticker = logtick; + } else if (READ_STRING(DEVICE, &devname) == 0) { +- } else if (READ_ENUM(DEVICE_USE_SETTIMEOUT, &refresh_use_settimeout) == 0) { ++ } else if (READ_YESNO(DEVICE_USE_SETTIMEOUT, &refresh_use_settimeout) == 0) { + } else if (READ_INT(DEVICE_TIMEOUT, &dev_timeout) == 0) { + } else if (READ_LIST(TEMP, &temp_list) == 0) { + } else if (READ_INT(MAXTEMP, &maxtemp) == 0) { +@@ -219,12 +219,12 @@ void read_config(char *configfile) + } else if (READ_INT(ALLOCMEM, &minalloc) == 0) { + } else if (READ_STRING(LOGDIR, &logdir) == 0) { + } else if (READ_STRING(TESTDIR, &test_dir) == 0) { +- } else if (READ_ENUM(SOFTBOOT, &softboot) == 0) { +- } else if (READ_ENUM(TEMPPOWEROFF, &temp_poweroff) == 0) { ++ } else if (READ_YESNO(SOFTBOOT, &softboot) == 0) { ++ } else if (READ_YESNO(TEMPPOWEROFF, &temp_poweroff) == 0) { + } else if (READ_INT(SIGTERM_DELAY, &sigterm_delay) == 0) { + } else if (READ_INT(RETRYTIMEOUT, &retry_timeout) == 0) { + } else if (READ_INT(REPAIRMAX, &repair_max) == 0) { +- } else if (READ_ENUM(VERBOSE, &verbose) == 0) { ++ } else if (READ_YESNO(VERBOSE, &verbose) == 0) { + } else { + log_message(LOG_WARNING, "Ignoring invalid option at line %d of config file: %s=%s", linecount, arg, val); + } +-- +2.20.1 + diff --git a/0006-Make-IT87-fix-up-automatic-by-default.patch b/0006-Make-IT87-fix-up-automatic-by-default.patch new file mode 100644 index 0000000..6821c02 --- /dev/null +++ b/0006-Make-IT87-fix-up-automatic-by-default.patch @@ -0,0 +1,183 @@ +From 25fa3156526d2e4e1a9bc84a160bf7850107bf27 Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Fri, 30 Dec 2016 16:39:16 +0000 +Subject: [PATCH 06/10] Make IT87 fix-up automatic by default + +- Update 00cf0b0 from Maciej S. Szmigiero proposed making the IT87 + style of fix something that is set only by the configuration file, + however, for many users with the buggy IT87 driver this will cause + problems. + +- This change make the choice a 3 state one: + + NO = never use ioctl-based refresh (old way, and in keeping + with the kernel API guidelines for watchdog use). + + YES = always use the ioctl-based refresh (i.e set timer every + time, instead of writing to /dev/watchdog). Might be + useful if another driver module is found to share same + sort of bug as the IT87 module. + + AUTO = check for IT87 and use ioctl-based method if found. This + is the same basec behaviour as before update 00cf0b0 but + the choice for yes/no now supported. +--- + include/extern.h | 4 ++++ + src/configfile.c | 12 ++++++++++-- + src/keep_alive.c | 43 ++++++++++++++++++++++++++++++++----------- + watchdog.conf.5 | 8 ++++---- + 4 files changed, 50 insertions(+), 17 deletions(-) + +diff --git a/include/extern.h b/include/extern.h +index cbf97fd..6d4ba5e 100644 +--- a/include/extern.h ++++ b/include/extern.h +@@ -59,6 +59,10 @@ struct list { + #define FALSE 0 + #endif + ++#define ENUM_NO 0 ++#define ENUM_YES 1 ++#define ENUM_AUTO 2 ++ + #define TS_SIZE 12 + + /* === External variables === */ +diff --git a/src/configfile.c b/src/configfile.c +index 809e39a..29e3464 100644 +--- a/src/configfile.c ++++ b/src/configfile.c +@@ -96,7 +96,7 @@ char *logdir = "/var/log/watchdog"; + char *heartbeat = NULL; + int hbstamps = 300; + +-int refresh_use_settimeout = FALSE; ++int refresh_use_settimeout = ENUM_AUTO; + int realtime = FALSE; + + /* Self-repairing binaries list */ +@@ -120,6 +120,13 @@ READ_LIST_ADD("yes", 1) + READ_LIST_END() + }; + ++static const read_list_t YN_Auto_list[] = { ++READ_LIST_ADD("no", ENUM_NO) ++READ_LIST_ADD("yes", ENUM_YES) ++READ_LIST_ADD("auto", ENUM_AUTO) ++READ_LIST_END() ++}; ++ + /* Use the macros below to simplify the parsing function. For now we don't use the + * integer range checking (0=0 so not checked), and assume all strings can be blank and + * enumerated choices are Yes/No, but in future we could add such settings to the #define'd +@@ -129,6 +136,7 @@ READ_LIST_END() + #define READ_INT(name, iv) read_int_func( arg, val, name, 0, 0, iv) + #define READ_STRING(name, str) read_string_func( arg, val, name, Read_allow_blank, str) + #define READ_YESNO(name, iv) read_enumerated_func(arg, val, name, Yes_No_list, iv) ++#define READ_YN_AUTO(name, iv) read_enumerated_func(arg, val, name, YN_Auto_list, iv) + #define READ_LIST(name, list) read_list_func( arg, val, name, 0, list) + + /* +@@ -208,7 +216,7 @@ void read_config(char *configfile) + } else if (READ_INT(LOGTICK, &logtick) == 0) { + ticker = logtick; + } else if (READ_STRING(DEVICE, &devname) == 0) { +- } else if (READ_YESNO(DEVICE_USE_SETTIMEOUT, &refresh_use_settimeout) == 0) { ++ } else if (READ_YN_AUTO(DEVICE_USE_SETTIMEOUT, &refresh_use_settimeout) == 0) { + } else if (READ_INT(DEVICE_TIMEOUT, &dev_timeout) == 0) { + } else if (READ_LIST(TEMP, &temp_list) == 0) { + } else if (READ_INT(MAXTEMP, &maxtemp) == 0) { +diff --git a/src/keep_alive.c b/src/keep_alive.c +index a57b0b5..6e721d9 100644 +--- a/src/keep_alive.c ++++ b/src/keep_alive.c +@@ -29,6 +29,7 @@ + + static int watchdog_fd = -1; + static int timeout_used = TIMER_MARGIN; ++static int Refresh_using_ioctl = FALSE; + + /* + * Open the watchdog timer (if name non-NULL) and set the time-out value (if non-zero). +@@ -67,19 +68,39 @@ int open_watchdog(char *name, int timeout) + /* The IT8728 on Gigabyte motherboard (and similar) would trip due to the normal + * refresh in the device driver failing to reset the timer for no obvious reason + * (though the normal operation used the Consumer IR sender to refresh via an +- * interrupt - also a non-obvious method!) so let's warn users of these +- * watchdogs and direct them to a workaround option. ++ * interrupt - also a non-obvious method!) so this work-around simply sets the ++ * time-out every refresh operation. + * +- * See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/932381 and +- * https://bugzilla.kernel.org/show_bug.cgi?id=42801 ++ * See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/932381 ++ * Also https://bugzilla.kernel.org/show_bug.cgi?id=42801 + * + */ +- if (!refresh_use_settimeout && strcmp("IT87 WDT", (char *)ident.identity) == 0) { +- log_message(LOG_INFO, +- "IT87 watchdog detected, if watchdog trips by itself when the first timeout interval elapses " +- "try updating to the latest kernel"); +- log_message(LOG_INFO, "if this does not help please report a kernel bug (not this package bug!) " +- "and try using watchdog-refresh-use-settimeout=yes config option as a workaround"); ++ ++ Refresh_using_ioctl = FALSE; ++ ++ switch (refresh_use_settimeout) { ++ case ENUM_NO: ++ /* Set to "no" so never use ioctl mode. */ ++ break; ++ ++ case ENUM_YES: ++ /* Set to "yes" so always use ioctl mode. */ ++ Refresh_using_ioctl = TRUE; ++ log_message(LOG_INFO, "Running ioctl-based refresh"); ++ break; ++ ++ case ENUM_AUTO: ++ /* Set to "auto" to decide based on driver identity. */ ++ Refresh_using_ioctl = FALSE; ++ if (strcmp("IT87 WDT", (char *)ident.identity) == 0) { ++ Refresh_using_ioctl = TRUE; ++ log_message(LOG_INFO, "Running IT87 module fix-up"); ++ } ++ break; ++ ++ default: ++ log_message(LOG_ERR, "Unknown ioctl selection mode (%d)", refresh_use_settimeout); ++ break; + } + + return rv; +@@ -165,7 +186,7 @@ int keep_alive(void) + if (watchdog_fd == -1) + return (ENOERR); + +- if (refresh_use_settimeout) { ++ if (Refresh_using_ioctl) { + int timeout = timeout_used; + if (ioctl(watchdog_fd, WDIOC_SETTIMEOUT, &timeout) < 0) { + err = errno; +diff --git a/watchdog.conf.5 b/watchdog.conf.5 +index 4e5155a..709c36e 100644 +--- a/watchdog.conf.5 ++++ b/watchdog.conf.5 +@@ -64,11 +64,11 @@ Set the watchdog device name, typically /dev/watchdog. Default is to disable + keep alive support. This should be tested by running the daemon from the + command line before configuring it to start automatically on booting. + .TP +-watchdog-refresh-use-settimeout = ++watchdog-refresh-use-settimeout = + Refresh watchdog timer by setting its timeout instead of using a normal watchdog +-refresh operation. +-Might help if your watchdog trips by itself when the first timeout interval +-elapses. ++refresh operation. Might help if your watchdog trips by itself when the first ++timeout interval elapses. Default is 'auto' for IT87 fix-up but this can be ++disabled with 'no' or forced for other modules with 'yes'. + .TP + watchdog-timeout = + Set the watchdog device timeout during startup. If not set, a default is used +-- +2.20.1 + diff --git a/0007-Synced-Debian-files-with-5.15-2.patch b/0007-Synced-Debian-files-with-5.15-2.patch new file mode 100644 index 0000000..032f626 --- /dev/null +++ b/0007-Synced-Debian-files-with-5.15-2.patch @@ -0,0 +1,116 @@ +From 62face90fe89ea1dc88b6b093f4921e47461f48d Mon Sep 17 00:00:00 2001 +From: Michael Meskes +Date: Fri, 20 Jan 2017 14:02:17 +0100 +Subject: [PATCH 07/10] Synced Debian files with 5.15-2 + +--- + debian/changelog | 9 +++++++++ + debian/control | 2 +- + debian/po/nl.po | 3 --- + debian/po/ru.po | 8 ++------ + debian/rules | 9 +++++---- + 5 files changed, 17 insertions(+), 14 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index fd436d8..1559626 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -1,3 +1,12 @@ ++watchdog (5.15-2) unstable; urgency=medium ++ ++ * Fix FTCBFS: Let dh_auto_configure pass --host to ./configure ++ (Closes: #851231) Thanks to Helmut Grohne ++ * Bumped Standards-Version to 3.9.8, no changes needed. ++ * Enabled bindnow linker flag. ++ ++ -- Michael Meskes Fri, 20 Jan 2017 13:31:26 +0100 ++ + watchdog (5.15-1) unstable; urgency=medium + + * New upstream version. +diff --git a/debian/control b/debian/control +index a9f8a68..625f820 100644 +--- a/debian/control ++++ b/debian/control +@@ -3,7 +3,7 @@ Section: admin + Priority: extra + Maintainer: Michael Meskes + Build-Depends: debhelper (>= 9), po-debconf (>= 0.5.0), dh-systemd (>= 1.5) +-Standards-Version: 3.9.6 ++Standards-Version: 3.9.8 + Homepage: http://watchdog.sourceforge.net + + Package: watchdog +diff --git a/debian/po/nl.po b/debian/po/nl.po +index 9f9d657..73d1d28 100644 +--- a/debian/po/nl.po ++++ b/debian/po/nl.po +@@ -45,9 +45,6 @@ msgstr "Na het stoppen van watchdog wd_keepalive starten?" + #. Type: boolean + #. Description + #: ../templates:3001 +-#| msgid "" +-#| "Please specify whether watchdog should be started as part of the boot " +-#| "process. This can be changed later by editing /etc/default/watchdog." + msgid "" + "Please specify whether stopping watchdog should start wd_keepalive to keep " + "on triggering the watchdog device. This can be changed later by editing /etc/" +diff --git a/debian/po/ru.po b/debian/po/ru.po +index 6b2208c..211e4d8 100644 +--- a/debian/po/ru.po ++++ b/debian/po/ru.po +@@ -44,17 +44,14 @@ msgstr "Запускать wd_keepalive после остановки watchdog?" + #. Type: boolean + #. Description + #: ../templates:3001 +-#| msgid "" +-#| "Please specify whether watchdog should be started as part of the boot " +-#| "process. This can be changed later by editing /etc/default/watchdog." + msgid "" + "Please specify whether stopping watchdog should start wd_keepalive to keep " + "on triggering the watchdog device. This can be changed later by editing /etc/" + "default/watchdog." + msgstr "" + "Укажите, нужно ли при остановке watchdog запускать wd_keepalive, чтобы " +-"оставить рабочим устройство watchdog. Это можно " +-"изменить позже отредактировав файл /etc/default/watchdog." ++"оставить рабочим устройство watchdog. Это можно изменить позже " ++"отредактировав файл /etc/default/watchdog." + + #. Type: boolean + #. Description +@@ -91,4 +88,3 @@ msgstr "" + "Укажите модули, которые нужно загрузить перед запуском watchdog. Модуль " + "'softdog' обычно подходит для всех случаев. Введите 'none', если не хотите, " + "чтобы сценарий загружал модуль." +- +diff --git a/debian/rules b/debian/rules +index 2ca0797..0ece076 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -1,9 +1,10 @@ + #!/usr/bin/make -f + + SHELL = /bin/bash +-CFLAGS = $(shell dpkg-buildflags --get CFLAGS) +-CPPFLAGS = $(shell dpkg-buildflags --get CPPFLAGS) +-LDFLAGS = $(shell dpkg-buildflags --get LDFLAGS) ++export DEB_BUILD_MAINT_OPTIONS=hardening=+all ++CFLAGS = `dpkg-buildflags --get CFLAGS` ++CPPFLAGS = `dpkg-buildflags --get CPPFLAGS` ++LDFLAGS = `dpkg-buildflags --get LDFLAGS` + + build: build-arch build-indep + build-arch: build-stamp +@@ -14,7 +15,7 @@ build-stamp: Makefile + touch build + + Makefile: +- CFLAGS="${CFLAGS}" CPPFLAGS="${CPPFLAGS}" LDFLAGS="${LDFLAGS}" ./configure --prefix=/usr \ ++ CFLAGS="${CFLAGS}" CPPFLAGS="${CPPFLAGS}" LDFLAGS="${LDFLAGS}" dh_auto_configure -- \ + --with-configfile=/etc/watchdog.conf + + clean: Makefile +-- +2.20.1 + diff --git a/0008-Fix-automated-CentOS-7-build.patch b/0008-Fix-automated-CentOS-7-build.patch new file mode 100644 index 0000000..ed74a84 --- /dev/null +++ b/0008-Fix-automated-CentOS-7-build.patch @@ -0,0 +1,58 @@ +From d7f483a0bc6214258098894daabc2ce590ca41fc Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Mon, 31 Jul 2017 16:18:53 +0100 +Subject: [PATCH 08/10] Fix automated CentOS 7 build + +- Apply changes from Marcus Furlong to fix automated CentOS 7 build + +- Update URLs to https and fix download address from sourceforge +--- + redhat/watchdog.spec | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/redhat/watchdog.spec b/redhat/watchdog.spec +index a13730a..85a0164 100644 +--- a/redhat/watchdog.spec ++++ b/redhat/watchdog.spec +@@ -5,8 +5,8 @@ Release: 2%{?dist} + License: GPL+ + Group: System Environment/Daemons + +-URL: http://sourceforge.net/projects/watchdog/ +-Source0: http://dl.sf.net/watchdog/watchdog-%{version}.tar.gz ++URL: https://sourceforge.net/projects/watchdog/ ++Source0: https://downloads.sourceforge.net/project/watchdog/watchdog/%{version}/watchdog-%{version}.tar.gz + Source1: watchdog.init + Source2: README.watchdog.ipmi + Source3: README.Fedora +@@ -61,8 +61,6 @@ make %{?_smp_mflags} + rm -Rf ${RPM_BUILD_ROOT} + install -d -m0755 ${RPM_BUILD_ROOT}%{_sysconfdir} + make DESTDIR=${RPM_BUILD_ROOT} install +-install -Dp -m0644 %{name}.sysconfig ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/watchdog +-install -Dp -m0755 %{SOURCE1} ${RPM_BUILD_ROOT}%{_initrddir}/watchdog + + %clean + rm -Rf ${RPM_BUILD_ROOT} +@@ -91,7 +89,6 @@ fi + %defattr(-, root, root, -) + %doc AUTHORS ChangeLog COPYING examples/ IAFA-PACKAGE NEWS README TODO README.watchdog.ipmi README.Fedora + %config(noreplace) %{_sysconfdir}/watchdog.conf +-%config(noreplace) %{_sysconfdir}/sysconfig/watchdog + %{_sysconfdir}/rc.d/init.d/watchdog + %{_sbindir}/watchdog + %{_sbindir}/wd_keepalive +@@ -101,6 +98,10 @@ fi + + + %changelog ++* Tue Dec 13 2016 Paul Crawford - 5.15 ++- Apply changes from Marcus Furlong to fix automated CentOS 7 build ++- Update URLs to https and fix download address from sourceforge ++ + * Thu Mar 5 2009 Richard W.M. Jones - 5.5-2 + - Use '-' in defattr line instead of explicit file mode. + +-- +2.20.1 + diff --git a/0009-Bugfix-against-watchdog-configuration-file-corruptio.patch b/0009-Bugfix-against-watchdog-configuration-file-corruptio.patch new file mode 100644 index 0000000..49b46e2 --- /dev/null +++ b/0009-Bugfix-against-watchdog-configuration-file-corruptio.patch @@ -0,0 +1,101 @@ +From 7310afccc11070fd4207a41881401d619dd113b1 Mon Sep 17 00:00:00 2001 +From: Paul Crawford +Date: Mon, 31 Jul 2017 16:36:10 +0100 +Subject: [PATCH 09/10] Bugfix against watchdog configuration file corruption + +- Apply the bugfix/patch against watchdog configuration file + corruption during runtime by Greg Vishnepolsky greg@armis.com + +- Modify from Greg's patch to include the permission mode and to + declare the new fd variables immediately after the opening brace. + +- Greg provided the follow description: + +The following patch fixes a bug where writes/prints (out of a test +binary) that are intended for stdout/stderr may instead be written +to other files (like the watchdog configuration files). + +The bug lies in the call to "freopen" on "stdout" when the actual +FD (1) for stdout had been previously closed by the daemon. Instead +this FD could have been re-used (for instance, for opening watchdog +configuration files). Thus any prints out of the daemon/test binaries +will be erroneously written into it. +--- + src/test_binary.c | 13 +++++++++++-- + src/watchdog.c | 13 +++++++++++-- + 2 files changed, 22 insertions(+), 4 deletions(-) + +diff --git a/src/test_binary.c b/src/test_binary.c +index 2211f9e..a58c107 100644 +--- a/src/test_binary.c ++++ b/src/test_binary.c +@@ -3,6 +3,7 @@ + #endif + + #include ++#include + #include + #include + #include +@@ -258,16 +259,24 @@ int check_bin(char *tbinary, int timeout, int version) + + child_pid = fork(); + if (!child_pid) { ++ int test_stdout_fd, test_stderr_fd; + + /* Don't want the stdout and stderr of our test program + * to cause trouble, so make them go to their respective files */ + strcpy(filename_buf, logdir); + strcat(filename_buf, "/test-bin.stdout"); +- if (!freopen(filename_buf, "a+", stdout)) ++ test_stdout_fd = open(filename_buf, O_WRONLY|O_CREAT|O_APPEND, S_IWUSR|S_IRUSR|S_IRGRP); ++ if (test_stdout_fd == -1) + exit(errno); ++ if (dup2(test_stdout_fd, fileno(stdout)) == -1) ++ exit(errno); ++ + strcpy(filename_buf, logdir); + strcat(filename_buf, "/test-bin.stderr"); +- if (!freopen(filename_buf, "a+", stderr)) ++ test_stderr_fd = open(filename_buf, O_WRONLY|O_CREAT|O_APPEND, S_IWUSR|S_IRUSR|S_IRGRP); ++ if (test_stderr_fd == -1) ++ exit(errno); ++ if (dup2(test_stderr_fd, fileno(stderr)) == -1) + exit(errno); + + /* now start binary */ +diff --git a/src/watchdog.c b/src/watchdog.c +index 486384a..a69dba4 100644 +--- a/src/watchdog.c ++++ b/src/watchdog.c +@@ -84,16 +84,25 @@ static int repair(char *rbinary, int result, char *name, int version) + + child_pid = fork(); + if (!child_pid) { ++ int repair_stdout_fd, repair_stderr_fd; ++ + /* Don't want the stdin and stdout of our repair program + * to cause trouble. + * So make stdout and stderr go to their respective files */ + strcpy(filename_buf, logdir); + strcat(filename_buf, "/repair-bin.stdout"); +- if (!freopen(filename_buf, "a+", stdout)) ++ repair_stdout_fd = open(filename_buf, O_WRONLY|O_CREAT|O_APPEND, S_IWUSR|S_IRUSR|S_IRGRP); ++ if (repair_stdout_fd == -1) + exit(errno); ++ if (dup2(repair_stdout_fd, fileno(stdout)) == -1) ++ exit(errno); ++ + strcpy(filename_buf, logdir); + strcat(filename_buf, "/repair-bin.stderr"); +- if (!freopen(filename_buf, "a+", stderr)) ++ repair_stderr_fd = open(filename_buf, O_WRONLY|O_CREAT|O_APPEND, S_IWUSR|S_IRUSR|S_IRGRP); ++ if (repair_stderr_fd == -1) ++ exit(errno); ++ if (dup2(repair_stderr_fd, fileno(stderr)) == -1) + exit(errno); + + /* now start binary */ +-- +2.20.1 + diff --git a/0010-Choose-libtirpc-or-another-RPC-library-for-XDR-heade.patch b/0010-Choose-libtirpc-or-another-RPC-library-for-XDR-heade.patch new file mode 100644 index 0000000..8a3a8b8 --- /dev/null +++ b/0010-Choose-libtirpc-or-another-RPC-library-for-XDR-heade.patch @@ -0,0 +1,57 @@ +From 93f5334052cf14ae1149aa0f0b3178137eec01dd Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 6 Feb 2019 13:25:47 +0000 +Subject: [PATCH 10/10] Choose libtirpc or another RPC library for XDR headers + and library. + +Signed-off-by: Richard W.M. Jones +--- + configure.ac | 20 ++++++++++++++++++++ + src/Makefile.am | 2 ++ + 2 files changed, 22 insertions(+) + +diff --git a/configure.ac b/configure.ac +index f100829..4220411 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -156,4 +156,24 @@ AC_ARG_WITH(randomseed, + AC_MSG_RESULT("/var/run/random-seed") + ]) + ++# Check for an RPC library, starting with libtirpc. ++PKG_CHECK_MODULES([RPC], [libtirpc], [], [ ++ # If we don't have libtirpc, then we must have and ++ # some library to link to in libdir. ++ RPC_CFLAGS="" ++ AC_CHECK_HEADER([rpc/rpc.h],[],[ ++ AC_MSG_ERROR([XDR header files are required]) ++ ], ++ [#include ]) ++ ++ old_LIBS="$LIBS" ++ LIBS="" ++ AC_SEARCH_LIBS([xdrmem_create],[rpc xdr nsl]) ++ RPC_LIBS="$LIBS" ++ LIBS="$old_LIBS" ++ ++ AC_SUBST([RPC_CFLAGS]) ++ AC_SUBST([RPC_LIBS]) ++]) ++ + AC_OUTPUT([Makefile src/Makefile]) +diff --git a/src/Makefile.am b/src/Makefile.am +index 4ecfd97..7f63be5 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -6,6 +6,8 @@ watchdog_SOURCES = file_stat.c file_table.c fstab.c iface.c ifdown.c keep_alive. + temp.c test_binary.c umount.c version.c watchdog.c \ + logmessage.c xmalloc.c heartbeat.c lock_mem.c daemon-pid.c configfile.c \ + errorcodes.c read-conf.c sigterm.c ++watchdog_CFLAGS = $(RPC_CFLAGS) ++watchdog_LDADD = $(RPC_LIBS) + + wd_keepalive_SOURCES = wd_keepalive.c logmessage.c lock_mem.c daemon-pid.c xmalloc.c \ + configfile.c keep_alive.c read-conf.c sigterm.c +-- +2.20.1 + diff --git a/README.Fedora b/README.Fedora new file mode 100644 index 0000000..e51e053 --- /dev/null +++ b/README.Fedora @@ -0,0 +1,34 @@ +This is the watchdog package for Fedora. It implements a userspace +daemon which periodically pings (usually hardware) to tell the +hardware that the machine is alive. If the hardware times out without +receiving a ping, it assumes userspace is dead and reboots the +machine. + +There are several major classes of watchdog available: + + - watchdog hardware implementing the Linux /dev/watchdog API + + * drivers in /lib/modules/$(uname -r)/kernel/drivers/watchdog/ + * http://lxr.linux.no/linux/Documentation/watchdog/watchdog-api.txt + + - softdog + + * software watchdog (just runs inside the kernel) + * implements the Linux /dev/watchdog API + * won't help you if the kernel fails (obvious, right?) + + - IPMI + + * a heavyweight standard for all things server-management + * separate Linux driver + * ipmitool to control it + * see README.watchdog.ipmi for how to use this daemon together + with IPMI + +You can also use watchdogs inside recent QEMU/KVM virtual machines. +When running qemu, specify "-watchdog i6300esb" on the qemu command +line (or use libvirt). Inside the guest, the i6300esb watchdog driver +should automatically load and provide you with a Linux /dev/watchdog- +compatible API. + + - Richard W.M. Jones (rjones@redhat.com) 2009-02-26 diff --git a/README.watchdog.ipmi b/README.watchdog.ipmi new file mode 100644 index 0000000..4a83238 --- /dev/null +++ b/README.watchdog.ipmi @@ -0,0 +1,107 @@ + +Instructions for how to set up the watchdog daemon to work with IPMI's hardware watchdog +---------------------------------------------------------------------------------------- + +First, verify that the ipmitool utility is present on the system to allow +the watchdog timer to be turned off via the command line (which ipmitool). +This will allow the hardware watchdog timer to be turned off gracefully +should it ever become necessary. If ipmitool is not present, install +it or download the latest version from http://ipmitool.sourceforge.net and +build and install it on your system. + +Next, prior to starting up the watchdog daemon, the BMC BIOS should be set +to enable the IPMI/BMC hardware watchdog timer, the OpenIPMI watchdog driver +module should be inserted with the desired configuration/startup settings, +and the watchdog daemon's configuration file should be modified to use /dev/watchdog: + + 1. To setup the IPMI/BMC BIOS to enable the hardware watchdog + timer, see BMC documentation. The main settings in the BMC BIOS + requiring modification to turn on the IPMI watchdog timer are: + + - Set the BMC POST Watchdog to "ENABLED". + - Set the BMC POST Watchdog Timeout to "5 Minutes". + + 2. To insert the OpenIPMI watchdog driver module with the + desired configuration settings, two steps are necessary: + + i.) Configure the OpenIPMI watchdog driver by editing the + /etc/sysconfig/ipmi configuration file: + + - Set "IPMI_WATCHDOG=yes". + - Set desired options via the IPMI_WATCHDOG_OPTIONS + config entry. + + EXAMPLE: 'IPMI_WATCHDOG_OPTIONS="timeout=60 start_now=1 \ + preop=preop_give_data action=power_cycle pretimeout=1" ' + + Execute "modinfo ipmi_watchdog" for more detailed information + on the available ipmi watchdog timer options. + + - Execute "service ipmi start" (the watchdog driver starts + automatically along with the other ipmi drivers). + + IMPORTANT: If "start_now=1" has been set as one of the + configuration options, be sure to start up the watchdog + daemon before the BMC timer expires! + + ii.) Set the OpenIPMI daemon and watchdog to start during bootup: + + - chkconfig ipmi on + - chkconfig watchdog on + + + 3. Configure the watchdog daemon by editing the + /etc/watchdog.conf configuration file: + + - Uncomment the "watchdog-device = /dev/watchdog" line. + - Ensure that "realtime = yes" and "priority = 1" are set and not + commented-out. + - Uncomment the "interval" line, and set the interval to be less + than what you set the timeout option to be in the /etc/sysconfig/ipmi + file (ex "timeout=60" so you might set interval to 50). + + So in the example described herein, the BMC BIOS setting is in + minutes (5), and the "interval" and ipmi_watchdog "timeout" settings + are both in seconds (50 and 60 respectively). Therefore, the BMC + hardware watchdog timer is set to expire and trigger a system power + cycle unless reset by the watchdog daemon within 5 minutes, and the + watchdog daemon will reset the timer every 60 seconds. + + + 4. Start the Watchdog daemon: + + - execute "service watchdog start" + + +IMPORTANT: To gracefully stop/kill the watchdog daemon, be sure +to use "service watchdog stop" (which executes "kill -s SIGTERM ") +and do *not* use "kill -9 ". Using "kill -9 " will cause the +daemon to be shut off without stopping the BMC's watchdog timer, thus +a system reboot will be triggered when the BMC's watchdog timer expires. + +Alternately, or in case the watchdog daemon is killed "ungracefully", +you can stop the BMC timer by executing the following ipmitool utility +command before the watchdog timer expires: + + # ipmitool -v raw 0x06 0x24 0x04 0x01 0x00 0x10 0x00 0x0a + +---------------------------------------------------------------------- + +To test the watchdog after system configuration and setup: + +. Use kill -9 on the watchdog daemon so it doesn't shut down the watchdog daemon + gracefully. Verify that the system gets reset after the BMC timer expires. + +. Use "service watchdog stop" and verify that the watchdog daemon shuts off + the BMC watchdog timer gracefully (the system doesn't get reset). + +. Set the timer on the watchdog daemon to be greater than the time set in + the BMC BIOS for system reset and verify that the system is reset. + +. Set the timer on the daemon to be less than the time set in the + BMC timer and verify that the BMC watchdog is poked regularly and the + system is not reset. + +. Test some of the other actions the BMC can take when the watchdog timer + goes off (see modinfo ipmi_watchdog for some other settings to try). + diff --git a/sources b/sources new file mode 100644 index 0000000..78f5706 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (watchdog-5.15.tar.gz) = a675cfadf3296d583b9163193297038fb19459daf7c6681289392d613e775e75b7afd42a3e01b136a955f25b2f45818033b56e10de9050075d7dc015535a6e75 diff --git a/watchdog-ping.service b/watchdog-ping.service new file mode 100644 index 0000000..1ae93b1 --- /dev/null +++ b/watchdog-ping.service @@ -0,0 +1,11 @@ +[Unit] +Description=watchdog daemon for use with ping test / network dependency +After=network.target +Conflicts=watchdog.service + +[Service] +Type=forking +ExecStart=/usr/sbin/watchdog + +[Install] +WantedBy=multi-user.target diff --git a/watchdog.init b/watchdog.init new file mode 100644 index 0000000..3c5cf6a --- /dev/null +++ b/watchdog.init @@ -0,0 +1,91 @@ +#! /bin/sh +# +# watchdog - a watchdog daemon +# +# chkconfig: - 27 46 +# description: A watchdog daemon +# +# rc file author: Marc Merlin +# Henning P. Schmiedehausen +# Richard W.M. Jones + +# Source function library. +. /etc/rc.d/init.d/functions + +[ -x /usr/sbin/watchdog -a -e /etc/watchdog.conf ] || exit 0 + +VERBOSE="no" +if [ -f /etc/sysconfig/watchdog ]; then + . /etc/sysconfig/watchdog +fi + +RETVAL=0 +prog=watchdog +pidfile=/var/run/watchdog.pid +lockfile=/var/lock/subsys/watchdog + +start() { + + echo -n $"Starting $prog: " + if [ -n "$(pidofproc $prog)" ]; then + echo -n $"$prog: already running" + echo_failure + echo + return 1 + fi + if [ "$VERBOSE" = "yes" ]; then + daemon /usr/sbin/${prog} -v + else + daemon /usr/sbin/${prog} + fi + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch $lockfile + [ $RETVAL -eq 0 ] && echo_success + [ $RETVAL -ne 0 ] && echo_failure + return $RETVAL +} + +stop() { + echo -n "Stopping $prog: " + # We are forcing it to _only_ use -TERM as killproc could use + # -KILL which would result in BMC timer not being set properly + # and reboot the box. + killproc $prog -TERM + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && rm -f $lockfile $pidfile + return $RETVAL +} + +restart() { + stop + sleep 6 + start +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + reload|restart) + restart + ;; + condrestart) + if [ -f $lockfile ]; then + restart + fi + ;; + status) + status $prog + RETVAL=$? + ;; + *) + echo $"Usage: $0 {start|stop|restart|status|condrestart}" + exit 1 +esac + +exit $RETVAL diff --git a/watchdog.service b/watchdog.service new file mode 100644 index 0000000..e5847b9 --- /dev/null +++ b/watchdog.service @@ -0,0 +1,11 @@ +[Unit] +Description=watchdog daemon +# man systemd.special +# auto added After=basic.target + +[Service] +Type=forking +ExecStart=/usr/sbin/watchdog + +[Install] +WantedBy=multi-user.target diff --git a/watchdog.spec b/watchdog.spec new file mode 100644 index 0000000..0e27d87 --- /dev/null +++ b/watchdog.spec @@ -0,0 +1,299 @@ +Summary: Software and/or Hardware watchdog daemon +Name: watchdog +Version: 5.15 +Release: 8%{?dist} +License: GPLv2+ + +URL: http://sourceforge.net/projects/watchdog/ +Source0: http://downloads.sourceforge.net/watchdog/watchdog-%{version}.tar.gz +Source2: README.watchdog.ipmi +Source3: README.Fedora +Source4: watchdog.service +Source5: watchdog-ping.service + +# Upstream patches since 5.15. +Patch1: 0001-Include-linux-param.h-for-EXEC_PAGESIZE-definition.patch +Patch2: 0002-Generalize-and-make-watchdog-refresh-settimeout-work.patch +Patch3: 0003-Ignore-build-products-in-GIT.patch +Patch4: 0004-Compile-with-musl-when-nfs-is-disabled.patch +Patch5: 0005-Rename-READ_ENUM-to-READ_YESNO.patch +Patch6: 0006-Make-IT87-fix-up-automatic-by-default.patch +Patch7: 0007-Synced-Debian-files-with-5.15-2.patch +Patch8: 0008-Fix-automated-CentOS-7-build.patch +Patch9: 0009-Bugfix-against-watchdog-configuration-file-corruptio.patch +# Fixes building on glibc without RPC. Sent upstream 2019-02-06. +Patch10: 0010-Choose-libtirpc-or-another-RPC-library-for-XDR-heade.patch + +# Non-upstream patch to document SELinux support. +Patch99: 0004-watchdog-5.13-rhseldoc.patch + +BuildRequires: gcc +BuildRequires: libtirpc-devel +BuildRequires: systemd-units +# Required because patches touch configure.ac and Makefile.am: +BuildRequires: autoconf, automake + +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd + + +%description +The watchdog program can be used as a powerful software watchdog daemon +or may be alternately used with a hardware watchdog device such as the +IPMI hardware watchdog driver interface to a resident Baseboard +Management Controller (BMC). watchdog periodically writes to /dev/watchdog; +the interval between writes to /dev/watchdog is configurable through settings +in the watchdog config file. This configuration file is also used to +set the watchdog to be used as a hardware watchdog instead of its default +software watchdog operation. In either case, if the device is open but not +written to within the configured time period, the watchdog timer expiration +will trigger a machine reboot. When operating as a software watchdog, the +ability to reboot will depend on the state of the machine and interrupts. +When operating as a hardware watchdog, the machine will experience a hard +reset (or whatever action was configured to be taken upon watchdog timer +expiration) initiated by the BMC. + + +%prep +%setup -q -n %{name}-%{version} +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch99 -p1 -b .rhseldoc +autoreconf -i + +cp %{SOURCE2} . +cp %{SOURCE3} . +%if 0%{?rhel} +mv README.Fedora README.RHEL +%endif + +mv README README.orig +iconv -f ISO-8859-1 -t UTF-8 < README.orig > README + + +%build +%configure \ + CFLAGS="%{__global_cflags} -I/usr/include/tirpc" \ + LDFLAGS="%{__global_ldflags} -ltirpc" +make %{?_smp_mflags} + + +%install +install -d -m0755 ${RPM_BUILD_ROOT}%{_sysconfdir} +install -d -m0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/watchdog.d +make DESTDIR=${RPM_BUILD_ROOT} install +install -Dp -m0644 %{SOURCE4} ${RPM_BUILD_ROOT}%{_unitdir}/watchdog.service +install -Dp -m0644 %{SOURCE5} ${RPM_BUILD_ROOT}%{_unitdir}/watchdog-ping.service +install -Dd -m0755 ${RPM_BUILD_ROOT}%{_libexecdir}/watchdog/scripts +rm %{name}.sysconfig + + +%post +%systemd_post watchdog.service + +%preun +%systemd_preun watchdog.service +%systemd_preun watchdog.ping.service + +%postun +%systemd_postun_with_restart watchdog.service +%systemd_postun_with_restart watchdog.ping.service + +%triggerun -- watchdog < 5.9-4 +# Save the current service runlevel info +# User must manually run systemd-sysv-convert --apply watchdog +# to migrate them to systemd targets +/usr/bin/systemd-sysv-convert --save watchdog >/dev/null 2>&1 ||: + +# Run these because the SysV package being removed won't do them +/sbin/chkconfig --del watchdog >/dev/null 2>&1 || : +/bin/systemctl try-restart watchdog.service >/dev/null 2>&1 || : +/bin/systemctl try-restart watchdog-ping.service >/dev/null 2>&1 || : + + +%files +%doc AUTHORS ChangeLog COPYING examples/ IAFA-PACKAGE NEWS README TODO README.watchdog.ipmi +%if 0%{?rhel} +%doc README.RHEL +%else +%doc README.Fedora +%endif +%config(noreplace) %{_sysconfdir}/watchdog.conf +%{_sysconfdir}/watchdog.d +%{_sbindir}/watchdog +%{_sbindir}/wd_identify +%{_sbindir}/wd_keepalive +%{_mandir}/man5/watchdog.conf.5* +%{_mandir}/man8/watchdog.8* +%{_mandir}/man8/wd_identify.8* +%{_mandir}/man8/wd_keepalive.8* +%{_unitdir}/watchdog.service +%{_unitdir}/watchdog-ping.service +%{_libexecdir}/watchdog/scripts + + +%changelog +* Wed Jul 29 2020 Fedora Release Engineering - 5.15-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Feb 03 2020 Václav Doležal - 5.15-7 +- Clean up old SysV-init related files + +* Fri Jan 31 2020 Fedora Release Engineering - 5.15-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sat Jul 27 2019 Fedora Release Engineering - 5.15-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Wed Feb 06 2019 Richard W.M. Jones - 5.15-5 +- Add all upstream patches since 5.15. +- Fix RPC/libtirpc (again?). +- Remove .rhsel patch. Equivalent added upstream in 7310afccc1. + +* Sun Feb 03 2019 Fedora Release Engineering - 5.15-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Dec 03 2018 Josef Ridky - 5.15-3 +- update service files (#1542632) + +* Sat Jul 14 2018 Fedora Release Engineering - 5.15-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Feb 13 2018 Richard W.M. Jones - 5.15-1 +- Rebase to watchdog 5.15. +- Remove upstream patches. +- Modify code to use libtirpc. + +* Fri Feb 09 2018 Fedora Release Engineering - 5.13-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Aug 03 2017 Fedora Release Engineering - 5.13-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 5.13-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Mar 06 2017 Josef Ridky - 5.13-16 +- Scriptlets replaced with new systemd macros (#850364) + +* Sat Feb 11 2017 Fedora Release Engineering - 5.13-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Feb 05 2016 Fedora Release Engineering - 5.13-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jun 19 2015 Fedora Release Engineering - 5.13-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu Aug 21 2014 Kevin Fenzi - 5.13-12 +- Rebuild for rpm bug 1131960 + +* Mon Aug 18 2014 Fedora Release Engineering - 5.13-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering - 5.13-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Nov 7 2013 Ales Ledvinka - 5.13-9 +- SELinux: Add /usr/libexec/watchdog/scripts/ for test-bin and repair-bin to inherit from. +- systemd: service with network available dependency +- systemd: correct cgroup for realtime settings +- Document SELinux and systemd. + +* Thu Oct 24 2013 Ales Ledvinka - 5.13-5 +- SELinux: do not reopen descriptors for reading when only appending. + +* Fri Aug 9 2013 Richard W.M. Jones - 5.13-4 +- Fix License field (software is GPLv2+, not "GPL+"). + +* Thu Aug 8 2013 Richard W.M. Jones - 5.13-3 +- Rename README.Fedora to README.RHEL on RHEL. + +* Tue Jul 30 2013 Richard W.M. Jones - 5.13-2 +- Enable /etc/watchdog.d directory for storing test binaries + (RHBZ#657750, RHBZ#831190). +- Missing BR systemd-units. +- Update .gitignore. +- Drop Group line, not required by modern RPM. + +* Thu May 16 2013 Richard W.M. Jones - 5.13-1 +- New upstream version 5.13. +- Various documentation fixes (RHBZ#948883). + +* Fri Feb 15 2013 Fedora Release Engineering - 5.12-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sun Jul 22 2012 Fedora Release Engineering - 5.12-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jul 06 2012 Richard W.M. Jones - 5.12-1 +- New upstream version 5.12 (RHBZ#837949). +- Bring specfile up to modern standards. +- Remove commented sections from previous commit. +- Remove both patches (equivalent changes now upstream). + +* Wed Mar 14 2012 Jon Ciesla - 5.9-4 +- Migrate to systemd, BZ 661220. + +* Sat Jan 14 2012 Fedora Release Engineering - 5.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Feb 07 2011 Fedora Release Engineering - 5.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Jan 17 2011 Richard W.M. Jones - 5.9-1 +- New upstream version 5.9 (RHBZ#645541). +- Package new wd_identify program. +- Drop old cleanup patch, most of it is now upstream. +- Add newer cleanup patch, sent upstream. +- Fix some problems with the initscript (RHBZ#523391). +- Add systemd service (file installed but not used) (RHBZ#661220). + +* Wed Jan 13 2010 Richard W.M. Jones - 5.5-7 +- Fix Source0 URL. + +* Mon Jul 27 2009 Fedora Release Engineering - 5.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Fri Mar 13 2009 Richard W.M. Jones - 5.5-5 +- Updated the cleanup patch and sent upstream. + +* Fri Mar 13 2009 Richard W.M. Jones - 5.5-3 +- Remove dubious "cleanup-nfs" patch. + +* Thu Mar 5 2009 Richard W.M. Jones - 5.5-2 +- Use '-' in defattr line instead of explicit file mode. + +* Thu Feb 26 2009 Richard W.M. Jones - 5.5-1 +- New upstream version 5.5. +- Prepared the package for Fedora review. + +* Mon Jun 11 2007 Lon Hohberger - 5.3.1-7 +- Rebuild for RHEL5 Update 1 - Resolves: 227401 + +* Wed May 30 2007 Konrad Rzeszutek - 5.3.1-6 +- Fixed the init script file. + +* Tue May 29 2007 Konrad Rzeszutek - 5.3.1-5 +- Fixed a compile warning in nfsmount_xdr file. + +* Wed May 23 2007 Konrad Rzeszutek - 5.3.1-4 +- Fixed rpmlint warnings. + +* Wed May 16 2007 Konrad Rzeszutek - 5.3.1-3 +- Changes to spec, init script and README file per Carol Hebert recommendation. + +* Thu Apr 19 2007 Konrad Rzeszutek - 5.3.1-2 +- Added README.watchdog.ipmi + +* Mon Apr 16 2007 Konrad Rzeszutek - 5.3.1-1 +- Initial copy.