Merge ~rafaeldtinoco/ubuntu/+source/samba:lp1831381-eoan-devel-ctdb into ubuntu/+source/samba:ubuntu/eoan-devel

Proposed by Rafael David Tinoco on 2019-06-07
Status: Merged
Approved by: Andreas Hasenack on 2019-07-05
Approved revision: 44d89a65cc17b45a65ec131f53243a47d9933001
Merged at revision: 44d89a65cc17b45a65ec131f53243a47d9933001
Proposed branch: ~rafaeldtinoco/ubuntu/+source/samba:lp1831381-eoan-devel-ctdb
Merge into: ubuntu/+source/samba:ubuntu/eoan-devel
Diff against target: 672 lines (+541/-0)
15 files modified
debian/changelog (+29/-0)
debian/ctdb.dirs (+4/-0)
debian/ctdb.example.enable.nfs.sh (+196/-0)
debian/ctdb.example.nfs-common (+19/-0)
debian/ctdb.example.nfs-kernel-server (+16/-0)
debian/ctdb.example.services (+16/-0)
debian/ctdb.example.sysctl-nfs-static-ports.conf (+5/-0)
debian/ctdb.install (+1/-0)
debian/ctdb.postrm (+13/-0)
debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch (+36/-0)
debian/patches/ctdb-config-enable-syslog-by-default.patch (+49/-0)
debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch (+43/-0)
debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch (+97/-0)
debian/patches/series (+4/-0)
debian/rules (+13/-0)
Reviewer Review Type Date Requested Status
Andreas Hasenack Approve on 2019-07-05
Canonical Server Team 2019-06-07 Pending
Review via email: mp+368550@code.launchpad.net

Commit message

BUG taking care of all the CTDB bugs related to enablement and NFS enablement:

https://bugs.launchpad.net/ubuntu-server-ha/+bug/1831381

Other bugs (samba/apache/... resources) will be taken care in other bugs inside:

https://bugs.launchpad.net/ubuntu-server-ha/

in the appropriate time.

---- Obs ----

I have fully tested the PPA for Eoan and the documentation is here:

https://blueprints.launchpad.net/ubuntu-server-ha/+spec/ctdb-enablement-nfs

And the PPA:

https://launchpad.net/~rafaeldtinoco/+archive/ubuntu/lp1831381

And the git repo:

https://code.launchpad.net/~rafaeldtinoco/ubuntu/+source/samba/+git/samba/+ref/lp1831381-eoan-devel-ctdb

I'm changing the public bugs for the SRU template now AND will submit-to-debian as soon as this review is over (before attempting the SRUs).

To post a comment you must log in.
Andreas Hasenack (ahasenack) wrote :

Thanks for all this work!

Taking a first pass.

needs-info about +ctdb-scripts-fix-60-nfs-service-name.patch

Will continue the review.

review: Needs Information
Andreas Hasenack (ahasenack) wrote :

Would it make sense to merge ctdb-scripts-change-callout-files-for-debian-and-ubuntu.patch and ctdb-scripts-fix-60-nfs-service-name.patch? Both are about changing the service names for Ubuntu, and point at the same bug both in ubuntu and upstream (#13860)

Rafael David Tinoco (rafaeldtinoco) wrote :

Fixing after review, will push it again. Tks a lot for reviewing/sponsoring it for me!

Andreas Hasenack (ahasenack) wrote :

Continuing review.

Andreas Hasenack (ahasenack) wrote :

Comment inline, will continue tomorrow. Thanks so far!

Andreas Hasenack (ahasenack) wrote :

Few more comments

Rafael David Tinoco (rafaeldtinoco) wrote :

Dropping:

commit 782ee0afdec549f63bfe3e6abdfe2bdce6039316 (HEAD)
Author: Rafael David Tinoco <email address hidden>
Date: Fri Jun 7 00:47:56 2019

      * d/control: added nfs and quota as recommended packages since CTDB
        NFS HA scripts, when enabled, need them (LP: #722201)

    Signed-off-by: Rafael David Tinoco <email address hidden>

diff --git a/debian/control b/debian/control
index d9fd63cac..c915ed110 100644
--- a/debian/control
+++ b/debian/control
@@ -437,7 +437,10 @@ Depends: iproute2 [linux-any],
          time,
          ${misc:Depends},
          ${shlibs:Depends}
-Recommends: ethtool [linux-any]
+Recommends: ethtool [linux-any],
+ nfs-kernel-server,
+ nfs-common,
+ quota
 Suggests: logrotate, lsof
 Description: clustered database to store temporary data
  CTDB is a cluster implementation of the TDB database used by Samba and other

Based on in-person discussion we had.

Rafael David Tinoco (rafaeldtinoco) wrote :

Some inline responses while doing the rebase

Rafael David Tinoco (rafaeldtinoco) wrote :
Download full text (4.0 KiB)

$ sudo dpkg -i ./ctdb_4.10.0+dfsg-0ubuntu4_amd64.deb
Selecting previously unselected package ctdb.
(Reading database ... 129258 files and directories currently installed.)
Preparing to unpack .../ctdb_4.10.0+dfsg-0ubuntu4_amd64.deb ...
Unpacking ctdb (2:4.10.0+dfsg-0ubuntu4) ...
Setting up ctdb (2:4.10.0+dfsg-0ubuntu4) ...
Created symlink /etc/systemd/system/multi-user.target.wants/ctdb.service → /lib/systemd/system/ctdb.service.
Processing triggers for libc-bin (2.29-0ubuntu2) ...
Processing triggers for systemd (240-6ubuntu9) ...
Processing triggers for man-db (2.8.5-2) ...

(c)inaddy@ctdbdevel:~/work/sources/ubuntu/git$ systemctl enable ctdb
Synchronizing state of ctdb.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable ctdb
(c)inaddy@ctdbdevel:~/work/sources/ubuntu/git$ systemctl start ctdb
(c)inaddy@ctdbdevel:~/work/sources/ubuntu/git$ systemctl status ctdb
● ctdb.service - CTDB
   Loaded: loaded (/lib/systemd/system/ctdb.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2019-06-27 12:19:20 UTC; 1s ago
     Docs: man:ctdbd(1)
           man:ctdb(7)
  Process: 26458 ExecStart=/usr/sbin/ctdbd_wrapper start (code=exited, status=0/SUCCESS)
 Main PID: 26460 (ctdbd)
    Tasks: 3 (limit: 4915)
   Memory: 6.1M
   CGroup: /system.slice/ctdb.service
           ├─26460 /usr/sbin/ctdbd
           ├─26462 /usr/lib/x86_64-linux-gnu/ctdb/ctdb-eventd -P 26460 -S 14
           └─26492 /usr/sbin/ctdbd

Jun 27 12:19:19 ctdbdevel systemd[1]: Starting CTDB...
Jun 27 12:19:19 ctdbdevel ctdbd[26459]: CTDB logging to location file:/var/log/ctdb/log.ctdb
Jun 27 12:19:20 ctdbdevel systemd[1]: Started CTDB.

(c)inaddy@ctdbdevel:~/work/sources/ubuntu/git$ dpkg -L ctdb > ctdb.files

(c)inaddy@ctdbdevel:~/work/sources/ubuntu/git$ apt-get remove --purge ctdb
Reading package lists... Done
Building dependency tree
Reading state information... Done
Starting pkgProblemResolver with broken count: 0
Starting 2 pkgProblemResolver with broken count: 0
Done
The following packages were automatically installed and are no longer required:
  ethtool libwbclient0 samba-libs tdb-tools time
Use 'sudo apt autoremove' to remove them.
The following packages will be REMOVED:
  ctdb*
0 upgraded, 0 newly installed, 1 to remove and 1 not upgraded.
After this operation, 7,854 kB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 129371 files and directories currently installed.)
Removing ctdb (2:4.10.0+dfsg-0ubuntu4) ...
Processing triggers for man-db (2.8.5-2) ...
Processing triggers for libc-bin (2.29-0ubuntu2) ...
(Reading database ... 129288 files and directories currently installed.)
Purging configuration files for ctdb (2:4.10.0+dfsg-0ubuntu4) ...
dpkg: warning: while removing ctdb, directory '/var/log/ctdb' not empty so not removed
dpkg: warning: while removing ctdb, directory '/var/lib/ctdb/state' not empty so not removed
dpkg: warning: while removing ctdb, directory '/var/lib/ctdb/persistent' not empty so not removed
Processing triggers for systemd (240-6ubuntu9) ...

(c)inaddy@ctdbdevel:~/work/sources/ubuntu/git$ for entry in $(cat ctdb.files); do [ -...

Read more...

Rafael David Tinoco (rafaeldtinoco) wrote :

Transferred examples to documentation:

$ cat ctdb.files | grep doc
/usr/share/doc
/usr/share/doc/ctdb
/usr/share/doc/ctdb/NEWS.Debian.gz
/usr/share/doc/ctdb/README
/usr/share/doc/ctdb/README.eventscripts.gz
/usr/share/doc/ctdb/README.notification
/usr/share/doc/ctdb/changelog.Debian.gz
/usr/share/doc/ctdb/cluster_mutex_helper.txt
/usr/share/doc/ctdb/copyright
/usr/share/doc/ctdb/examples
/usr/share/doc/ctdb/examples/11.natgw.options
/usr/share/doc/ctdb/examples/20.nfs_ganesha.check
/usr/share/doc/ctdb/examples/91.lvs.options
/usr/share/doc/ctdb/examples/README
/usr/share/doc/ctdb/examples/config_migrate.sh.gz
/usr/share/doc/ctdb/examples/config_migrate.test_input
/usr/share/doc/ctdb/examples/ctdb.conf
/usr/share/doc/ctdb/examples/nfs-ganesha-callout.gz
/usr/share/doc/ctdb/examples/nfs-kernel-server
/usr/share/doc/ctdb/examples/nfs-kernel-server/99-nfs-static-pors.conf
/usr/share/doc/ctdb/examples/nfs-kernel-server/enable-nfs.sh.gz
/usr/share/doc/ctdb/examples/nfs-kernel-server/nfs-common
/usr/share/doc/ctdb/examples/nfs-kernel-server/nfs-kernel-server
/usr/share/doc/ctdb/examples/nfs-kernel-server/services
/usr/share/doc/ctdb/readonlyrecords.txt.gz
/usr/share/doc/ctdb/recovery-process.txt.gz

Testing scripts now...

Rafael David Tinoco (rafaeldtinoco) wrote :

Current status:

REVIEW being done:

  * d/p/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch: fix
    tcp_tw_recycle existence check. (LP: #722201)

  ok

  * d/p/fix-nfs-service-name-to-nfs-kernel-server.patch: change nfs
    service name from nfs to nfs-kernel-server (LP: #722201)

  ok - check quilt patch description (upstream svc name is ok)

  * d/ctdb.install, d/rules: create ctdb run directory into tmpfiles.d
    to allow pid file to exist (LP: #1821775)

  - dpkg: warning: while removing ctdb, directory '/var/lib/ctdb/state' not empty so not removed
  - dpkg: warning: while removing ctdb, directory '/var/lib/ctdb/persistent' not empty so not removed

  * d/ctdb.dirs: added /var/lib/ctdb/* directories to allow proper ctdb
    initialization. (LP: #1828799)

  ok

  * d/ctdb.postinst, d/ctdb.postrm: allow service to start by default in
    a single localhost node setup with no errors. (LP: #722201)

  - do not start service by default

  * NEW PATCH

   1- make systemd service to depend on:
      - /etc/ctdb/nodes

   2- change logging to syslog (journal -f -u ctdb will work)

  * Examples of NFS HA CTDB config files + helper script:
    - d/ctdb.example.enable.nfs.sh
    - d/ctdb.example.nfs-common
    - d/ctdb.example.nfs-kernel-server
    - d/ctdb.example.services
    - d/ctdb.example.sysctl-nfs-static-ports.conf

Rafael David Tinoco (rafaeldtinoco) wrote :

Alright, I think I got all we have discussed covered. I have tested the .sh script by gunziping it in ~/ and executing it with sudo. I'm providing new instructions in a post in discourse and will point the old blueprint to that post (much better interface until we don't have documentation place to concentrate docs).

Rafael David Tinoco (rafaeldtinoco) wrote :

PPA failed because of a leftover I had as a workaround to libaesni case:

dh_missing: usr/lib/x86_64-linux-gnu/samba/libaesni-intel.so.0 exists in debian/tmp but is not installed to anywhere

I'm fixing it and re-pushing.

Andreas Hasenack (ahasenack) wrote :

Hello CTDB, we meet again!

aka, /me continues the review

Andreas Hasenack (ahasenack) wrote :

Very nice explanation on debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch, thanks for that.

Other comments inline, about examples and how to install them, and the post script which I think you changed already (we talked on irc), but I didn't reload the page yet.

Rafael David Tinoco (rafaeldtinoco) wrote :

Okay, sorry for the huge delay in between the pushes. I'll be more careful about that from now on. Let me handle what you've suggested in this review. Starting over again...

Rafael David Tinoco (rafaeldtinoco) wrote :

I'm fixing things you pointed AND also something I forgot about last push.

The following fix I sent upstream:

https://salsa.debian.org/samba-team/samba/merge_requests/24#note_93728

And I'm pushing it again for the Salsa CI to work.

Rafael David Tinoco (rafaeldtinoco) wrote :

Thanks again for reviewing this Andreas. Be sure I'll provide quick feedback if needed and, tomorrow, I'll be available, if you want to have a hangout (or in-office meeting), so we can finish this.

Rafael David Tinoco (rafaeldtinoco) wrote :

I uploaded this new version to the PPA as well!

Andreas Hasenack (ahasenack) wrote :

Checking it out, thanks for the update

Rafael David Tinoco (rafaeldtinoco) wrote :

Replied to your suggestions, depending on the answer I'll work one way or another. Tks!

Rafael David Tinoco (rafaeldtinoco) wrote :

Answers, new push to git and dput to ppa.

Rafael David Tinoco (rafaeldtinoco) wrote :

14:42 <andreas> rafaeldtinoco: bug upstream with patch attached, and we continue on our own while they check that
14:42 <andreas> no need to block
14:43 <andreas> and record the upstream bug in the dep3 header
14:43 <rafaeldtinoco> yep just added a comment on DEP3
14:43 <rafaeldtinoco> (forward to upstream opened)
14:43 <rafaeldtinoco> and will submit to debian together

14:58 <rafaeldtinoco> andreas: re-pushed
14:58 <rafaeldtinoco> https://bugzilla.samba.org/show_bug.cgi?id=14026
14:58 <rafaeldtinoco> opened upstream, attached patch
14:58 <rafaeldtinoco> mailed patch to samba mailing list
14:59 <rafaeldtinoco> added DEP3 forwarded to our patch before push

Rafael David Tinoco (rafaeldtinoco) wrote :

I fixed and I'm pushing again the first comment. Asked you a few things on the second.

Andreas Hasenack (ahasenack) wrote :

Thanks for the responses.

I'm EOD now, and will finish this tomorrow. Cheers!

Andreas Hasenack (ahasenack) wrote :

Nice, +1!

review: Approve
Andreas Hasenack (ahasenack) wrote :

Sponsoring 44d89a65cc17b45a65ec131f53243a47d9933001

Tagged and uploaded:

$ git push pkg upload/2%4.10.0+dfsg-0ubuntu5
Enumerating objects: 61, done.
Counting objects: 100% (61/61), done.
Delta compression using up to 2 threads
Compressing objects: 100% (52/52), done.
Writing objects: 100% (52/52), 11.68 KiB | 221.00 KiB/s, done.
Total 52 (delta 32), reused 0 (delta 0)
To ssh://git.launchpad.net/~usd-import-team/ubuntu/+source/samba
 * [new tag] upload/2%4.10.0+dfsg-0ubuntu5 -> upload/2%4.10.0+dfsg-0ubuntu5

$ dput ubuntu ../samba_4.10.0+dfsg-0ubuntu5_source.changes
Checking signature on .changes
gpg: ../samba_4.10.0+dfsg-0ubuntu5_source.changes: Valid signature from AC983EB5BF6BCBA9
Checking signature on .dsc
gpg: ../samba_4.10.0+dfsg-0ubuntu5.dsc: Valid signature from AC983EB5BF6BCBA9
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading samba_4.10.0+dfsg-0ubuntu5.dsc: done.
  Uploading samba_4.10.0+dfsg-0ubuntu5.debian.tar.xz: done.
  Uploading samba_4.10.0+dfsg-0ubuntu5_source.buildinfo: done.
  Uploading samba_4.10.0+dfsg-0ubuntu5_source.changes: done.
Successfully uploaded packages.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index a64b76a..0e180bf 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,32 @@
6+samba (2:4.10.0+dfsg-0ubuntu5) eoan; urgency=medium
7+
8+ * debian/rules: Make DEB_HOST_ARCH_CPU initialized through
9+ dpkg-architecture (Closes: #931138)
10+ * d/p/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch:
11+ fix tcp_tw_recycle existence check. (LP: #722201)
12+ * d/p/fix-nfs-service-name-to-nfs-kernel-server.patch:
13+ change nfs service name from nfs to nfs-kernel-server
14+ (LP: #722201)
15+ * d/ctdb.install, d/rules: create ctdb run directory into tmpfiles.d
16+ to allow pid file to exist (LP: #1821775)
17+ * Allow proper ctdb initialization (LP: #1828799):
18+ - d/ctdb.dirs: added /var/lib/ctdb/* directories
19+ - d/ctdb.postrm: remove leftovers from:
20+ /var/lib/ctdb/{state,persistent,volatile,scripts}
21+ * d/rules: installing provided config examples and helper scripts
22+ * Examples of NFS HA CTDB config files + helper script:
23+ - d/ctdb.example.enable.nfs.sh
24+ - d/ctdb.example.nfs-common
25+ - d/ctdb.example.nfs-kernel-server
26+ - d/ctdb.example.services
27+ - d/ctdb.example.sysctl-nfs-static-ports.conf
28+ * d/p/ctdb-config-depend-on-etc-default-nodes-file.patch:
29+ do not try to start daemon if /etc/ctdb/nodes does not exist
30+ * d/p/ctdb-config-enable-syslog-by-default.patch:
31+ enable syslog and systemd journal by default
32+
33+ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Fri, 28 Jun 2019 00:14:27 +0000
34+
35 samba (2:4.10.0+dfsg-0ubuntu4) eoan; urgency=medium
36
37 * SECURITY UPDATE: zone operations can crash rpc server
38diff --git a/debian/ctdb.dirs b/debian/ctdb.dirs
39index 2c65b74..3907a72 100644
40--- a/debian/ctdb.dirs
41+++ b/debian/ctdb.dirs
42@@ -1 +1,5 @@
43 var/log/ctdb
44+var/lib/ctdb
45+var/lib/ctdb/persistent
46+var/lib/ctdb/state
47+var/lib/ctdb/volatile
48diff --git a/debian/ctdb.example.enable.nfs.sh b/debian/ctdb.example.enable.nfs.sh
49new file mode 100755
50index 0000000..2a99074
51--- /dev/null
52+++ b/debian/ctdb.example.enable.nfs.sh
53@@ -0,0 +1,196 @@
54+#!/bin/bash -e
55+
56+base="/usr/share/doc/ctdb/examples/nfs-kernel-server/"
57+logfile="/tmp/enable-ctdb-nfs.$$.log" ; touch $logfile ;
58+ghostname=""
59+
60+# functions ---------
61+
62+die() { echo error: $@; echo ; exit 1; };
63+getout() { echo exit: $@; echo ; exit 0; };
64+stopservice() { echo stopping $1... ; systemctl stop $1 2>&1 >> $logfile 2>&1; }
65+disableservice() { echo disabling $1... ; systemctl disable $1 2>&1 >> $logfile 2>&1; }
66+startservice() { echo starting $1... ; systemctl start $1 2>&1 >> $logfile 2>&1; }
67+sysctlrefresh() { echo refreshing sysctl... ; sysctl --system 2>&1 >> $logfile 2>&1; }
68+
69+backupfile() {
70+ echo backing up $1
71+ [ -f $1.prvctdb ] && die "backup file $1 already exists!"
72+ [ -f $1 ] && cp $1 $1.prvctdb || true
73+}
74+
75+checkservice() {
76+ (systemctl list-unit-files | grep -q $1.service) || die "service $1 not found"
77+}
78+
79+replacefile() {
80+
81+ origfile=$1
82+ replfile=$2
83+
84+
85+ [ ! -f $base/$origfile ] && die "coult not find $base/$origfile"
86+
87+ echo replacing $replfile...
88+ cp $base/$origfile $replfile
89+}
90+
91+appendfile() {
92+
93+ origfile=$1
94+ replfile=$2
95+
96+ [ ! -f $base/$origfile ] && die "coult not find $base/$origfile"
97+
98+ echo appending $base/$origfile to $replfile...
99+ cat $base/$origfile >> $replfile
100+}
101+
102+appendnfsenv() {
103+
104+ file=$1 ; [ -f $file ] || die "inexistent file $file";
105+
106+ echo appending NFS_HOSTNAME to $file...
107+
108+ grep -q "NFS_HOSTNAME" $file || \
109+ {
110+ echo
111+ echo "echo NFS_HOSTNAME=\\\"\$NFS_HOSTNAME\\\"" \>\> \/run\/sysconfig\/nfs-utils
112+ echo
113+ } >> $file
114+}
115+
116+execnfsenv() {
117+
118+ file=$1 ; [ -f $file ] || due "inexistent file $file";
119+
120+ echo executing $file...
121+
122+ $file 2>&1 >> $logfile 2>&1;
123+}
124+
125+fixnfshostname() {
126+
127+ file=$1 ; [ -f $file ] || due "inexistent file $file";
128+
129+ if [ "$ghostname" == "" ]; then
130+ echo "What is the FQDN for the public IP address of this host ?"
131+ echo -n "> "
132+ read ghostname
133+ fi
134+
135+ echo placing hostname $ghostname into $file...
136+ sed -i "s:PLACE_HOSTNAME_HERE:$ghostname:g" $file
137+}
138+
139+# end of functions --
140+
141+[ $UID != 0 ] && die "you need root privileges"
142+
143+echo """
144+This script will enable CTDB NFS HA by changing the following files:
145+
146+(1) /etc/default/nfs-common ( replace )
147+(2) /etc/default/nfs-kernel-server ( replace )
148+(3) /etc/services ( append )
149+(4) /etc/sysctl.d/99-nfs-static-ports.conf ( create )
150+(5) /usr/lib/systemd/scripts/nfs-utils_env.sh ( modify )
151+
152+and disabling the following services:
153+
154+(1) rpcbind
155+(2) nfs-kernel-server
156+(3) rpc.rquotad
157+
158+Obs:
159+ - replaced files keep previous versions as "file".prevctdb
160+ - dependant services will also be stopped
161+"""
162+
163+while true; do
164+ echo -n "Do you agree with this change ? (N/y) => "
165+ read answer
166+ [ "$answer" == "n" ] && getout "exiting without any changes"
167+ [ "$answer" == "y" ] && break
168+done
169+
170+
171+echo "checking requirements..."
172+
173+checkservice nfs-kernel-server
174+checkservice quota
175+checkservice rpcbind
176+
177+echo "requirements okay!"
178+echo
179+
180+backupfile /etc/default/nfs-common
181+backupfile /etc/default/nfs-kernel-server
182+backupfile /etc/services
183+backupfile /usr/lib/systemd/scripts/nfs-utils_env.sh
184+echo
185+
186+set +e
187+
188+stopservice ctdb.service
189+stopservice quota.service
190+stopservice nfs-kernel-server.service
191+stopservice rpcbind.service
192+stopservice rpcbind.socket
193+stopservice rpcbind.target
194+echo
195+
196+disableservice ctdb.service
197+disableservice quota.service
198+disableservice nfs-kernel-server.service
199+disableservice rpcbind.service
200+disableservice rpcbind.socket
201+disableservice rpcbind.target
202+echo
203+
204+set -e
205+
206+replacefile nfs-common /etc/default/nfs-common
207+replacefile nfs-kernel-server /etc/default/nfs-kernel-server
208+replacefile 99-nfs-static-ports.conf /etc/sysctl.d/99-nfs-static-ports.conf
209+echo
210+
211+appendfile services /etc/services
212+echo
213+
214+fixnfshostname /etc/default/nfs-common
215+fixnfshostname /etc/default/nfs-kernel-server
216+echo
217+
218+appendnfsenv /usr/lib/systemd/scripts/nfs-utils_env.sh
219+execnfsenv /usr/lib/systemd/scripts/nfs-utils_env.sh
220+echo
221+
222+sysctlrefresh
223+echo
224+
225+echo """Finished! Make sure to configure properly:
226+
227+ - /etc/exports (containing the clustered fs to be exported)
228+ - /etc/ctdb/nodes (containing all your node private IPs)
229+ - /etc/ctdb/public_addressess (containing public addresses)
230+
231+A log file can be found at:
232+
233+ - /tmp/enable-ctdb-nfs.$$.log
234+
235+Remember:
236+
237+ - to place a recovery lock in /etc/ctdb/ctdb.conf:
238+ ...
239+ [cluster]
240+ recovery lock = /clustered.filesystem/.reclock
241+ ...
242+
243+And, make sure you enable ctdb service again:
244+
245+ - systemctl enable ctdb.service
246+ - systemctl start ctdb.service
247+
248+Enjoy!
249+"""
250diff --git a/debian/ctdb.example.nfs-common b/debian/ctdb.example.nfs-common
251new file mode 100644
252index 0000000..9d4f22c
253--- /dev/null
254+++ b/debian/ctdb.example.nfs-common
255@@ -0,0 +1,19 @@
256+# CTDB: /etc/default/nfs-common for clustering
257+
258+NFS_HOSTNAME="PLACE_HOSTNAME_HERE"
259+
260+# rpc.statd - daemon listening for reboot notifications (locks related)
261+NEED_STATD="yes"
262+STATDOPTS="-n ${NFS_HOSTNAME} -p 32765 -o 32766 -H /etc/ctdb/statd-callout -T 32768 -U 32768"
263+STATD_HOSTNAME="$NFS_HOSTNAME"
264+
265+# rpc.gssd - security context for rpc connections
266+NEED_GSSD="no"
267+
268+# rpc.idmapd - NFSv4 <-> name mapping daemon (fallback nowadays)
269+# recent kernels use nfsidmap(8) instead
270+NEED_IDMAPD="no"
271+
272+# rpc.quota - usage quota
273+RPCRQUOTADOPTS="-p 32769"
274+
275diff --git a/debian/ctdb.example.nfs-kernel-server b/debian/ctdb.example.nfs-kernel-server
276new file mode 100644
277index 0000000..6aa5df9
278--- /dev/null
279+++ b/debian/ctdb.example.nfs-kernel-server
280@@ -0,0 +1,16 @@
281+# CTDB: /etc/default/nfs-kernel-server for clustering
282+
283+NFS_HOSTNAME="PLACE_HOSTNAME_HERE"
284+
285+# rpc.nfsd - user level part of nfs service (kernel: nfsd module)
286+RPCNFSDPRIORITY=0
287+RPCNFSDCOUNT=8
288+RPCNFSDOPTS="-N 4"
289+
290+# rpc.mountd - server side of nfs mount protocol
291+RPCMOUNTDOPTS="-p 32767 --manage-gids --no-nfs-version 4"
292+
293+# rpc.svcgssd - userspace daemon to handle sec context for kernel rpcsec_gss
294+NEED_SVCGSSD="no"
295+RPCSVCGSSDOPTS=""
296+
297diff --git a/debian/ctdb.example.services b/debian/ctdb.example.services
298new file mode 100644
299index 0000000..3ff6b1d
300--- /dev/null
301+++ b/debian/ctdb.example.services
302@@ -0,0 +1,16 @@
303+# CTDB: fixed NFS/RPC service ports for clustering
304+
305+rpc.nfsd 2049/tcp # RPC nfsd
306+rpc.nfsd 2049/udp # RPC nfsd
307+rpc.nfs-cb 32764/tcp # RPC nfs callback
308+rpc.nfs-cb 32764/udp # RPC nfs callback
309+rpc.statd-bc 32765/tcp # RPC statd broadcast
310+rpc.statd-bc 32765/udp # RPC statd broadcast
311+rpc.statd 32766/tcp # RPC statd listen
312+rpc.statd 32766/udp # RPC statd listen
313+rpc.mountd 32767/tcp # RPC mountd
314+rpc.mountd 32767/udp # RPC mountd
315+rpc.lockd 32768/tcp # RPC lockd/nlockmgr
316+rpc.lockd 32768/udp # RPC lockd/nlockmgr
317+rpc.quotad 32769/tcp # RPC quotad
318+rpc.quotad 32769/udp # RPC quotad
319diff --git a/debian/ctdb.example.sysctl-nfs-static-ports.conf b/debian/ctdb.example.sysctl-nfs-static-ports.conf
320new file mode 100644
321index 0000000..7b83623
322--- /dev/null
323+++ b/debian/ctdb.example.sysctl-nfs-static-ports.conf
324@@ -0,0 +1,5 @@
325+# CTDB: /etc/sysctl.d/98-nfs-static-ports.conf
326+
327+fs.nfs.nfs_callback_tcpport = 32764
328+fs.nfs.nlm_tcpport = 32768
329+fs.nfs.nlm_udpport = 32768
330\ No newline at end of file
331diff --git a/debian/ctdb.install b/debian/ctdb.install
332index efbdde1..4e4cd13 100755
333--- a/debian/ctdb.install
334+++ b/debian/ctdb.install
335@@ -24,6 +24,7 @@ usr/lib/*/ctdb/ctdb_recovery_helper
336 usr/lib/*/ctdb/ctdb_takeover_helper
337 usr/lib/*/ctdb/smnotify
338 usr/lib/*/samba/libctdb-event-client.so.0
339+usr/lib/tmpfiles.d/ctdb.conf
340 usr/sbin/ctdbd
341 usr/sbin/ctdbd_wrapper
342 usr/share/ctdb/events/legacy/*.script
343diff --git a/debian/ctdb.postrm b/debian/ctdb.postrm
344index 221c2bb..3ba81db 100644
345--- a/debian/ctdb.postrm
346+++ b/debian/ctdb.postrm
347@@ -29,9 +29,22 @@ disable_legacy() { # From ctdb/packaging/RPM/ctdb.spec.in
348 fi
349 }
350
351+remove_leftover() {
352+
353+ # Remove files created after initalization
354+
355+ rm -f /etc/ctdb/nodes
356+ rm -f /etc/ctdb/public_addresses
357+ rm -f /var/lib/ctdb/volatile/*
358+ rm -f /var/lib/ctdb/state/*
359+ rm -f /var/lib/ctdb/persistent/*
360+ rm -rf /var/lib/ctdb/scripts
361+}
362+
363 case "$1" in
364 purge)
365 disable_legacy 0
366+ remove_leftover
367 ;;
368
369 remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
370diff --git a/debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch b/debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch
371new file mode 100644
372index 0000000..5a7018b
373--- /dev/null
374+++ b/debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch
375@@ -0,0 +1,36 @@
376+ctdb-config: depend on /etc/default/nodes file
377+
378+CTDB should start as a disabled unit (systemd) in most of the distributions and,
379+when trying to enable it for the first time, user should get an unconfigured, or
380+similar, error.
381+
382+Depending on /etc/ctdb/nodes file will give a clear direction to final user on
383+what is needed in order to get cluster up and running. It should work like
384+previous ENABLED=NO variables in SySV like initialization scripts.
385+
386+Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
387+-
388+Author: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
389+Bug-Debian: https://bugs.debian.org/929931
390+Bug-Ubuntu: https://bugs.launchpad.net/bugs/722201
391+Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14026
392+Last-Update: 2018-06-27
393+---
394+ ctdb/config/ctdb.service | 1 +
395+ 1 file changed, 1 insertion(+)
396+
397+diff --git a/ctdb/config/ctdb.service b/ctdb/config/ctdb.service
398+index 675b3147417..fd81c38e26d 100644
399+--- a/ctdb/config/ctdb.service
400++++ b/ctdb/config/ctdb.service
401+@@ -2,6 +2,7 @@
402+ Description=CTDB
403+ Documentation=man:ctdbd(1) man:ctdb(7)
404+ After=network-online.target time-sync.target
405++ConditionFileNotEmpty=/etc/ctdb/nodes
406+
407+ [Service]
408+ Type=forking
409+--
410+2.20.1
411+
412diff --git a/debian/patches/ctdb-config-enable-syslog-by-default.patch b/debian/patches/ctdb-config-enable-syslog-by-default.patch
413new file mode 100644
414index 0000000..3e96c5a
415--- /dev/null
416+++ b/debian/patches/ctdb-config-enable-syslog-by-default.patch
417@@ -0,0 +1,49 @@
418+ctdb-config: enable syslog by default
419+
420+CTDB uses /var/log/ctdb/ directory for the default log files. With
421+syslog disabled, systemd journal is not able to correctly inform
422+errors happening during service initialization.
423+
424+Upstream community creates generic config files to be used by different
425+distributions, so this change makes no big difference to be accepted by
426+upstream.
427+
428+With this patch the end user will be able to identify initialization
429+errors by executing:
430+
431+ systemctl status ctdb.service
432+
433+or to follow ctdb logs by executing:
434+
435+ journalctl -f -u ctdb
436+
437+Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
438+-
439+Author: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
440+Bug-Debian: https://bugs.debian.org/929931
441+Bug-Ubuntu: https://bugs.launchpad.net/bugs/722201
442+Last-Update: 2018-06-27
443+---
444+ ctdb/config/ctdb.conf | 4 ++--
445+ 1 file changed, 2 insertions(+), 2 deletions(-)
446+
447+diff --git a/ctdb/config/ctdb.conf b/ctdb/config/ctdb.conf
448+index 5440600a4..cde24280e 100644
449+--- a/ctdb/config/ctdb.conf
450++++ b/ctdb/config/ctdb.conf
451+@@ -5,10 +5,10 @@
452+
453+ [logging]
454+ # Enable logging to syslog
455+- # location = syslog
456++ location = syslog
457+
458+ # Default log level
459+- # log level = NOTICE
460++ log level = NOTICE
461+
462+ [cluster]
463+ # Shared recovery lock file to avoid split brain. Daemon
464+--
465+2.20.1
466+
467diff --git a/debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch b/debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch
468new file mode 100644
469index 0000000..bef5284
470--- /dev/null
471+++ b/debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch
472@@ -0,0 +1,43 @@
473+Description: ctdb-scripts: Fix tcp_tw_recycle existence check
474+
475+net.ipv4.tcp_tw_recycle has been removed from Linux 4.12 but, still,
476+makes sense to check its existence. Unfortunately, current check does
477+not test for the procfs file existence. This commit fixes the issue.
478+
479+BUG: https://bugzilla.samba.org/show_bug.cgi?id=13984
480+
481+Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
482+Reviewed-by: Martin Schwenke <martin@meltin.net>
483+Reviewed-by: Amitay Isaacs <amitay@gmail.com>
484+
485+Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
486+Autobuild-Date(master): Tue Jun 4 23:31:24 UTC 2019 on sn-devel-184
487+
488+(cherry picked from commit 843fbb1207ee7ac84f3282974b66b9290d8da0ac)
489+
490+Author: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
491+Origin: upstream, https://attachments.samba.org/attachment.cgi?id=15224
492+Forwarded: https://lists.samba.org/archive/samba-technical/2019-June/133700.html
493+Bug: https://bugzilla.samba.org/show_bug.cgi?id=13984
494+Bug-Debian: http://bugs.debian.org/929931
495+Bug-Ubuntu: http://bugs.launchpad.net/bugs/722201
496+---
497+ ctdb/config/nfs-linux-kernel-callout | 4 ++--
498+ 1 file changed, 2 insertions(+), 2 deletions(-)
499+
500+diff --git a/ctdb/config/nfs-linux-kernel-callout b/ctdb/config/nfs-linux-kernel-callout
501+index def69a04649..71d8ecf8074 100755
502+--- a/ctdb/config/nfs-linux-kernel-callout
503++++ b/ctdb/config/nfs-linux-kernel-callout
504+@@ -281,8 +281,8 @@ nfs_startup ()
505+ basic_stop "nfs" || true
506+ basic_start "nfs"
507+ _f="${PROCFS_PATH}/sys/net/ipv4/tcp_tw_recycle"
508+- if [ "$_f" ] ; then
509+- echo 1 >"$_f"
510++ if [ -f "$_f" ] ; then
511++ echo 1 >"$_f"
512+ fi
513+ }
514+
515+-- 2.20.1
516diff --git a/debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch b/debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch
517new file mode 100644
518index 0000000..c0d8843
519--- /dev/null
520+++ b/debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch
521@@ -0,0 +1,97 @@
522+Description: fix nfs service name to nfs-kernel-server
523+
524+Upstream code used to comment in/out service script names related to a specific
525+distribution. Recently, they've changed this to a method of detecting on which
526+distribution ctdb is running, and then setting the systemd unit file name, for
527+example.
528+
529+Because of this new detection mechanism, it is impossible to suggest upstream a
530+change like this patch and, at the same time, backporting this new code could
531+bring more problems. Instead, this patch should be kept until a new merge with
532+upstream is done.
533+
534+This temporary patch fixes the NFS service name for Debian & Ubuntu.
535+
536+Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
537+
538+Author: Rafael David Tinoco <rafaeldtinoco@gmail.com>
539+Bug-Debian: https://bugs.debian.org/929931
540+Bug-Ubuntu: https://bugs.launchpad.net/bugs/722201
541+Last-Update: 2018-06-26
542+
543+---
544+ ctdb/config/events/legacy/60.nfs.script | 4 ++--
545+ ctdb/config/nfs-linux-kernel-callout | 12 ++++++------
546+ ctdb/config/statd-callout | 4 ++--
547+ 3 files changed, 10 insertions(+), 10 deletions(-)
548+
549+diff --git a/ctdb/config/events/legacy/60.nfs.script b/ctdb/config/events/legacy/60.nfs.script
550+index 2eb90b421..5c6a09033 100755
551+--- a/ctdb/config/events/legacy/60.nfs.script
552++++ b/ctdb/config/events/legacy/60.nfs.script
553+@@ -6,9 +6,9 @@
554+
555+ . "${CTDB_BASE}/functions"
556+
557+-service_name="nfs"
558++service_name="nfs-kernel-server"
559+
560+-load_system_config "nfs"
561++load_system_config "nfs-kernel-server"
562+
563+ load_script_options
564+
565+diff --git a/ctdb/config/nfs-linux-kernel-callout b/ctdb/config/nfs-linux-kernel-callout
566+index 9b72446b4..3acd43fee 100755
567+--- a/ctdb/config/nfs-linux-kernel-callout
568++++ b/ctdb/config/nfs-linux-kernel-callout
569+@@ -13,9 +13,9 @@ set -e
570+ nfs_exports_file="${CTDB_NFS_EXPORTS_FILE:-/var/lib/nfs/etab}"
571+
572+ # Red Hat
573+-nfs_service="nfs"
574+-nfslock_service="nfslock"
575+-nfs_config="/etc/sysconfig/nfs"
576++#nfs_service="nfs"
577++#nfslock_service="nfslock"
578++#nfs_config="/etc/sysconfig/nfs"
579+
580+ # SUSE
581+ #nfs_service="nfsserver"
582+@@ -23,9 +23,9 @@ nfs_config="/etc/sysconfig/nfs"
583+ #nfs_config="/etc/sysconfig/nfs"
584+
585+ # Debian
586+-#nfs_service="nfs-kernel-server"
587+-#nfslock_service=""
588+-#nfs_config="/etc/default/nfs-kernel-server"
589++nfs_service="nfs-kernel-server"
590++nfslock_service=""
591++nfs_config="/etc/default/nfs-kernel-server"
592+
593+ # Override for unit testing
594+ if [ -z "$PROCFS_PATH" ] ; then
595+diff --git a/ctdb/config/statd-callout b/ctdb/config/statd-callout
596+index bf18b5586..d0c807ee3 100755
597+--- a/ctdb/config/statd-callout
598++++ b/ctdb/config/statd-callout
599+@@ -20,14 +20,14 @@ die ()
600+ exit 1
601+ }
602+
603+-load_system_config "nfs"
604++load_system_config "nfs-kernel-server"
605+
606+ [ -n "$NFS_HOSTNAME" ] || \
607+ die "NFS_HOSTNAME is not configured. statd-callout failed"
608+
609+ ############################################################
610+
611+-ctdb_setup_state_dir "service" "nfs"
612++ctdb_setup_state_dir "service" "nfs-kernel-server"
613+
614+ # script_state_dir set by ctdb_setup_state_dir()
615+ # shellcheck disable=SC2154
616+--
617+2.20.1
618+
619diff --git a/debian/patches/series b/debian/patches/series
620index f2c5483..4b5d752 100644
621--- a/debian/patches/series
622+++ b/debian/patches/series
623@@ -18,3 +18,7 @@ CVE-2018-16860-2.patch
624 CVE-2019-12435-1.patch
625 CVE-2019-12435-2.patch
626 CVE-2019-12436.patch
627+ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch
628+fix-nfs-service-name-to-nfs-kernel-server.patch
629+ctdb-config-depend-on-etc-default-nodes-file.patch
630+ctdb-config-enable-syslog-by-default.patch
631diff --git a/debian/rules b/debian/rules
632index 34a5f48..d45700e 100755
633--- a/debian/rules
634+++ b/debian/rules
635@@ -11,6 +11,7 @@ include /usr/share/dpkg/buildflags.mk
636 DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
637 DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
638 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
639+DEB_HOST_ARCH_CPU ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU)
640
641 LDB_VERSION = $(shell pkg-config --modversion ldb)
642 LDB_EPOCH = $(shell dpkg-query -f '$${Version}' -W libldb-dev | sed 's/:.*//')
643@@ -169,6 +170,7 @@ endif
644 # such as OpenRC's opentmpfiles
645 mkdir -p $(DESTDIR)/usr/lib/tmpfiles.d
646 echo "d /run/samba 0755 root root -" > $(DESTDIR)/usr/lib/tmpfiles.d/samba.conf
647+ echo "d /run/ctdb 0755 root root -" > $(DESTDIR)/usr/lib/tmpfiles.d/ctdb.conf
648
649 override_dh_installdocs-arch:
650 cp ctdb/config/events/README ctdb/README.eventscripts
651@@ -181,6 +183,16 @@ ifeq ($(DEB_HOST_ARCH_OS), kfreebsd)
652 dh_installdocs -pctdb debian/ctdb.README.kfreebsd
653 endif
654
655+override_dh_installexamples-arch:
656+ # CTDB config examples and helper scripts
657+ mkdir -p ctdb/doc/examples/nfs-kernel-server
658+ cp debian/ctdb.example.enable.nfs.sh ctdb/doc/examples/nfs-kernel-server/enable-nfs.sh
659+ cp debian/ctdb.example.nfs-common ctdb/doc/examples/nfs-kernel-server/nfs-common
660+ cp debian/ctdb.example.nfs-kernel-server ctdb/doc/examples/nfs-kernel-server/nfs-kernel-server
661+ cp debian/ctdb.example.services ctdb/doc/examples/nfs-kernel-server/services
662+ cp debian/ctdb.example.sysctl-nfs-static-ports.conf ctdb/doc/examples/nfs-kernel-server/99-nfs-static-ports.conf
663+ dh_installexamples
664+
665 override_dh_installchangelogs:
666 dh_installchangelogs
667
668@@ -267,3 +279,4 @@ override_dh_auto_clean:
669 rm -f .lock-wscript
670 rm -f ctdb/README.eventscripts
671 rm -f ctdb/README.notification
672+ rm -rf ctdb/doc/examples/nfs-kernel-server/

Subscribers

People subscribed via source and target branches