Merge ~rafaeldtinoco/ubuntu/+source/samba:lp1831381-eoan-devel-ctdb into ubuntu/+source/samba:ubuntu/eoan-devel
- Git
- lp:~rafaeldtinoco/ubuntu/+source/samba
- lp1831381-eoan-devel-ctdb
- Merge into ubuntu/eoan-devel
Status: | Merged | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Approved by: | Andreas Hasenack | ||||||||||||
Approved revision: | 44d89a65cc17b45a65ec131f53243a47d9933001 | ||||||||||||
Merged at revision: | 44d89a65cc17b45a65ec131f53243a47d9933001 | ||||||||||||
Proposed branch: | ~rafaeldtinoco/ubuntu/+source/samba:lp1831381-eoan-devel-ctdb | ||||||||||||
Merge into: | ubuntu/+source/samba:ubuntu/eoan-devel | ||||||||||||
Diff against target: |
672 lines (+541/-0) 15 files modified
debian/changelog (+29/-0) debian/ctdb.dirs (+4/-0) debian/ctdb.example.enable.nfs.sh (+196/-0) debian/ctdb.example.nfs-common (+19/-0) debian/ctdb.example.nfs-kernel-server (+16/-0) debian/ctdb.example.services (+16/-0) debian/ctdb.example.sysctl-nfs-static-ports.conf (+5/-0) debian/ctdb.install (+1/-0) debian/ctdb.postrm (+13/-0) debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch (+36/-0) debian/patches/ctdb-config-enable-syslog-by-default.patch (+49/-0) debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch (+43/-0) debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch (+97/-0) debian/patches/series (+4/-0) debian/rules (+13/-0) |
||||||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Andreas Hasenack | Approve | ||
Canonical Server | Pending | ||
Review via email: mp+368550@code.launchpad.net |
Commit message
BUG taking care of all the CTDB bugs related to enablement and NFS enablement:
https:/
Other bugs (samba/apache/... resources) will be taken care in other bugs inside:
https:/
in the appropriate time.
---- Obs ----
I have fully tested the PPA for Eoan and the documentation is here:
https:/
And the PPA:
https:/
And the git repo:
I'm changing the public bugs for the SRU template now AND will submit-to-debian as soon as this review is over (before attempting the SRUs).
Description of the change
Andreas Hasenack (ahasenack) wrote : | # |
Would it make sense to merge ctdb-scripts-
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Fixing after review, will push it again. Tks a lot for reviewing/
Rafael David Tinoco (rafaeldtinoco) : | # |
Andreas Hasenack (ahasenack) wrote : | # |
Continuing review.
Andreas Hasenack (ahasenack) wrote : | # |
Comment inline, will continue tomorrow. Thanks so far!
Andreas Hasenack (ahasenack) wrote : | # |
Few more comments
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Dropping:
commit 782ee0afdec549f
Author: Rafael David Tinoco <email address hidden>
Date: Fri Jun 7 00:47:56 2019
* d/control: added nfs and quota as recommended packages since CTDB
NFS HA scripts, when enabled, need them (LP: #722201)
Signed-off-by: Rafael David Tinoco <email address hidden>
diff --git a/debian/control b/debian/control
index d9fd63cac.
--- a/debian/control
+++ b/debian/control
@@ -437,7 +437,10 @@ Depends: iproute2 [linux-any],
time,
-Recommends: ethtool [linux-any]
+Recommends: ethtool [linux-any],
+ nfs-kernel-server,
+ nfs-common,
+ quota
Suggests: logrotate, lsof
Description: clustered database to store temporary data
CTDB is a cluster implementation of the TDB database used by Samba and other
Based on in-person discussion we had.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Some inline responses while doing the rebase
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
$ sudo dpkg -i ./ctdb_
Selecting previously unselected package ctdb.
(Reading database ... 129258 files and directories currently installed.)
Preparing to unpack .../ctdb_
Unpacking ctdb (2:4.10.
Setting up ctdb (2:4.10.
Created symlink /etc/systemd/
Processing triggers for libc-bin (2.29-0ubuntu2) ...
Processing triggers for systemd (240-6ubuntu9) ...
Processing triggers for man-db (2.8.5-2) ...
(c)inaddy@
Synchronizing state of ctdb.service with SysV service script with /lib/systemd/
Executing: /lib/systemd/
(c)inaddy@
(c)inaddy@
● ctdb.service - CTDB
Loaded: loaded (/lib/systemd/
Active: active (running) since Thu 2019-06-27 12:19:20 UTC; 1s ago
Docs: man:ctdbd(1)
Process: 26458 ExecStart=
Main PID: 26460 (ctdbd)
Tasks: 3 (limit: 4915)
Memory: 6.1M
CGroup: /system.
├─26460 /usr/sbin/ctdbd
├─26462 /usr/lib/
└─26492 /usr/sbin/ctdbd
Jun 27 12:19:19 ctdbdevel systemd[1]: Starting CTDB...
Jun 27 12:19:19 ctdbdevel ctdbd[26459]: CTDB logging to location file:/var/
Jun 27 12:19:20 ctdbdevel systemd[1]: Started CTDB.
(c)inaddy@
(c)inaddy@
Reading package lists... Done
Building dependency tree
Reading state information... Done
Starting pkgProblemResolver with broken count: 0
Starting 2 pkgProblemResolver with broken count: 0
Done
The following packages were automatically installed and are no longer required:
ethtool libwbclient0 samba-libs tdb-tools time
Use 'sudo apt autoremove' to remove them.
The following packages will be REMOVED:
ctdb*
0 upgraded, 0 newly installed, 1 to remove and 1 not upgraded.
After this operation, 7,854 kB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 129371 files and directories currently installed.)
Removing ctdb (2:4.10.
Processing triggers for man-db (2.8.5-2) ...
Processing triggers for libc-bin (2.29-0ubuntu2) ...
(Reading database ... 129288 files and directories currently installed.)
Purging configuration files for ctdb (2:4.10.
dpkg: warning: while removing ctdb, directory '/var/log/ctdb' not empty so not removed
dpkg: warning: while removing ctdb, directory '/var/lib/
dpkg: warning: while removing ctdb, directory '/var/lib/
Processing triggers for systemd (240-6ubuntu9) ...
(c)inaddy@
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Transferred examples to documentation:
$ cat ctdb.files | grep doc
/usr/share/doc
/usr/share/doc/ctdb
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
/usr/share/
Testing scripts now...
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Current status:
REVIEW being done:
* d/p/ctdb-
tcp_tw_recycle existence check. (LP: #722201)
ok
* d/p/fix-
service name from nfs to nfs-kernel-server (LP: #722201)
ok - check quilt patch description (upstream svc name is ok)
* d/ctdb.install, d/rules: create ctdb run directory into tmpfiles.d
to allow pid file to exist (LP: #1821775)
- dpkg: warning: while removing ctdb, directory '/var/lib/
- dpkg: warning: while removing ctdb, directory '/var/lib/
* d/ctdb.dirs: added /var/lib/ctdb/* directories to allow proper ctdb
initialization. (LP: #1828799)
ok
* d/ctdb.postinst, d/ctdb.postrm: allow service to start by default in
a single localhost node setup with no errors. (LP: #722201)
- do not start service by default
* NEW PATCH
1- make systemd service to depend on:
- /etc/ctdb/nodes
2- change logging to syslog (journal -f -u ctdb will work)
* Examples of NFS HA CTDB config files + helper script:
- d/ctdb.
- d/ctdb.
- d/ctdb.
- d/ctdb.
- d/ctdb.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Alright, I think I got all we have discussed covered. I have tested the .sh script by gunziping it in ~/ and executing it with sudo. I'm providing new instructions in a post in discourse and will point the old blueprint to that post (much better interface until we don't have documentation place to concentrate docs).
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Provided new documentation in here:
https:/
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
PPA failed because of a leftover I had as a workaround to libaesni case:
dh_missing: usr/lib/
I'm fixing it and re-pushing.
Andreas Hasenack (ahasenack) wrote : | # |
Hello CTDB, we meet again!
aka, /me continues the review
Andreas Hasenack (ahasenack) wrote : | # |
Very nice explanation on debian/
Other comments inline, about examples and how to install them, and the post script which I think you changed already (we talked on irc), but I didn't reload the page yet.
Andreas Hasenack (ahasenack) : | # |
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Okay, sorry for the huge delay in between the pushes. I'll be more careful about that from now on. Let me handle what you've suggested in this review. Starting over again...
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
I'm fixing things you pointed AND also something I forgot about last push.
The following fix I sent upstream:
https:/
And I'm pushing it again for the Salsa CI to work.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Thanks again for reviewing this Andreas. Be sure I'll provide quick feedback if needed and, tomorrow, I'll be available, if you want to have a hangout (or in-office meeting), so we can finish this.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
I uploaded this new version to the PPA as well!
Andreas Hasenack (ahasenack) wrote : | # |
Checking it out, thanks for the update
Andreas Hasenack (ahasenack) : | # |
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Replied to your suggestions, depending on the answer I'll work one way or another. Tks!
Andreas Hasenack (ahasenack) : | # |
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Answers, new push to git and dput to ppa.
Rafael David Tinoco (rafaeldtinoco) : | # |
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
14:42 <andreas> rafaeldtinoco: bug upstream with patch attached, and we continue on our own while they check that
14:42 <andreas> no need to block
14:43 <andreas> and record the upstream bug in the dep3 header
14:43 <rafaeldtinoco> yep just added a comment on DEP3
14:43 <rafaeldtinoco> (forward to upstream opened)
14:43 <rafaeldtinoco> and will submit to debian together
14:58 <rafaeldtinoco> andreas: re-pushed
14:58 <rafaeldtinoco> https:/
14:58 <rafaeldtinoco> opened upstream, attached patch
14:58 <rafaeldtinoco> mailed patch to samba mailing list
14:59 <rafaeldtinoco> added DEP3 forwarded to our patch before push
Andreas Hasenack (ahasenack) : | # |
Andreas Hasenack (ahasenack) : | # |
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
I fixed and I'm pushing again the first comment. Asked you a few things on the second.
Andreas Hasenack (ahasenack) wrote : | # |
Thanks for the responses.
I'm EOD now, and will finish this tomorrow. Cheers!
Andreas Hasenack (ahasenack) : | # |
Rafael David Tinoco (rafaeldtinoco) : | # |
Andreas Hasenack (ahasenack) wrote : | # |
Sponsoring 44d89a65cc17b45
Tagged and uploaded:
$ git push pkg upload/
Enumerating objects: 61, done.
Counting objects: 100% (61/61), done.
Delta compression using up to 2 threads
Compressing objects: 100% (52/52), done.
Writing objects: 100% (52/52), 11.68 KiB | 221.00 KiB/s, done.
Total 52 (delta 32), reused 0 (delta 0)
To ssh://git.
* [new tag] upload/
$ dput ubuntu ../samba_
Checking signature on .changes
gpg: ../samba_
Checking signature on .dsc
gpg: ../samba_
Uploading to ubuntu (via ftp to upload.ubuntu.com):
Uploading samba_4.
Uploading samba_4.
Uploading samba_4.
Uploading samba_4.
Successfully uploaded packages.
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index a64b76a..0e180bf 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,32 @@ |
6 | +samba (2:4.10.0+dfsg-0ubuntu5) eoan; urgency=medium |
7 | + |
8 | + * debian/rules: Make DEB_HOST_ARCH_CPU initialized through |
9 | + dpkg-architecture (Closes: #931138) |
10 | + * d/p/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch: |
11 | + fix tcp_tw_recycle existence check. (LP: #722201) |
12 | + * d/p/fix-nfs-service-name-to-nfs-kernel-server.patch: |
13 | + change nfs service name from nfs to nfs-kernel-server |
14 | + (LP: #722201) |
15 | + * d/ctdb.install, d/rules: create ctdb run directory into tmpfiles.d |
16 | + to allow pid file to exist (LP: #1821775) |
17 | + * Allow proper ctdb initialization (LP: #1828799): |
18 | + - d/ctdb.dirs: added /var/lib/ctdb/* directories |
19 | + - d/ctdb.postrm: remove leftovers from: |
20 | + /var/lib/ctdb/{state,persistent,volatile,scripts} |
21 | + * d/rules: installing provided config examples and helper scripts |
22 | + * Examples of NFS HA CTDB config files + helper script: |
23 | + - d/ctdb.example.enable.nfs.sh |
24 | + - d/ctdb.example.nfs-common |
25 | + - d/ctdb.example.nfs-kernel-server |
26 | + - d/ctdb.example.services |
27 | + - d/ctdb.example.sysctl-nfs-static-ports.conf |
28 | + * d/p/ctdb-config-depend-on-etc-default-nodes-file.patch: |
29 | + do not try to start daemon if /etc/ctdb/nodes does not exist |
30 | + * d/p/ctdb-config-enable-syslog-by-default.patch: |
31 | + enable syslog and systemd journal by default |
32 | + |
33 | + -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Fri, 28 Jun 2019 00:14:27 +0000 |
34 | + |
35 | samba (2:4.10.0+dfsg-0ubuntu4) eoan; urgency=medium |
36 | |
37 | * SECURITY UPDATE: zone operations can crash rpc server |
38 | diff --git a/debian/ctdb.dirs b/debian/ctdb.dirs |
39 | index 2c65b74..3907a72 100644 |
40 | --- a/debian/ctdb.dirs |
41 | +++ b/debian/ctdb.dirs |
42 | @@ -1 +1,5 @@ |
43 | var/log/ctdb |
44 | +var/lib/ctdb |
45 | +var/lib/ctdb/persistent |
46 | +var/lib/ctdb/state |
47 | +var/lib/ctdb/volatile |
48 | diff --git a/debian/ctdb.example.enable.nfs.sh b/debian/ctdb.example.enable.nfs.sh |
49 | new file mode 100755 |
50 | index 0000000..2a99074 |
51 | --- /dev/null |
52 | +++ b/debian/ctdb.example.enable.nfs.sh |
53 | @@ -0,0 +1,196 @@ |
54 | +#!/bin/bash -e |
55 | + |
56 | +base="/usr/share/doc/ctdb/examples/nfs-kernel-server/" |
57 | +logfile="/tmp/enable-ctdb-nfs.$$.log" ; touch $logfile ; |
58 | +ghostname="" |
59 | + |
60 | +# functions --------- |
61 | + |
62 | +die() { echo error: $@; echo ; exit 1; }; |
63 | +getout() { echo exit: $@; echo ; exit 0; }; |
64 | +stopservice() { echo stopping $1... ; systemctl stop $1 2>&1 >> $logfile 2>&1; } |
65 | +disableservice() { echo disabling $1... ; systemctl disable $1 2>&1 >> $logfile 2>&1; } |
66 | +startservice() { echo starting $1... ; systemctl start $1 2>&1 >> $logfile 2>&1; } |
67 | +sysctlrefresh() { echo refreshing sysctl... ; sysctl --system 2>&1 >> $logfile 2>&1; } |
68 | + |
69 | +backupfile() { |
70 | + echo backing up $1 |
71 | + [ -f $1.prvctdb ] && die "backup file $1 already exists!" |
72 | + [ -f $1 ] && cp $1 $1.prvctdb || true |
73 | +} |
74 | + |
75 | +checkservice() { |
76 | + (systemctl list-unit-files | grep -q $1.service) || die "service $1 not found" |
77 | +} |
78 | + |
79 | +replacefile() { |
80 | + |
81 | + origfile=$1 |
82 | + replfile=$2 |
83 | + |
84 | + |
85 | + [ ! -f $base/$origfile ] && die "coult not find $base/$origfile" |
86 | + |
87 | + echo replacing $replfile... |
88 | + cp $base/$origfile $replfile |
89 | +} |
90 | + |
91 | +appendfile() { |
92 | + |
93 | + origfile=$1 |
94 | + replfile=$2 |
95 | + |
96 | + [ ! -f $base/$origfile ] && die "coult not find $base/$origfile" |
97 | + |
98 | + echo appending $base/$origfile to $replfile... |
99 | + cat $base/$origfile >> $replfile |
100 | +} |
101 | + |
102 | +appendnfsenv() { |
103 | + |
104 | + file=$1 ; [ -f $file ] || die "inexistent file $file"; |
105 | + |
106 | + echo appending NFS_HOSTNAME to $file... |
107 | + |
108 | + grep -q "NFS_HOSTNAME" $file || \ |
109 | + { |
110 | + echo |
111 | + echo "echo NFS_HOSTNAME=\\\"\$NFS_HOSTNAME\\\"" \>\> \/run\/sysconfig\/nfs-utils |
112 | + echo |
113 | + } >> $file |
114 | +} |
115 | + |
116 | +execnfsenv() { |
117 | + |
118 | + file=$1 ; [ -f $file ] || due "inexistent file $file"; |
119 | + |
120 | + echo executing $file... |
121 | + |
122 | + $file 2>&1 >> $logfile 2>&1; |
123 | +} |
124 | + |
125 | +fixnfshostname() { |
126 | + |
127 | + file=$1 ; [ -f $file ] || due "inexistent file $file"; |
128 | + |
129 | + if [ "$ghostname" == "" ]; then |
130 | + echo "What is the FQDN for the public IP address of this host ?" |
131 | + echo -n "> " |
132 | + read ghostname |
133 | + fi |
134 | + |
135 | + echo placing hostname $ghostname into $file... |
136 | + sed -i "s:PLACE_HOSTNAME_HERE:$ghostname:g" $file |
137 | +} |
138 | + |
139 | +# end of functions -- |
140 | + |
141 | +[ $UID != 0 ] && die "you need root privileges" |
142 | + |
143 | +echo """ |
144 | +This script will enable CTDB NFS HA by changing the following files: |
145 | + |
146 | +(1) /etc/default/nfs-common ( replace ) |
147 | +(2) /etc/default/nfs-kernel-server ( replace ) |
148 | +(3) /etc/services ( append ) |
149 | +(4) /etc/sysctl.d/99-nfs-static-ports.conf ( create ) |
150 | +(5) /usr/lib/systemd/scripts/nfs-utils_env.sh ( modify ) |
151 | + |
152 | +and disabling the following services: |
153 | + |
154 | +(1) rpcbind |
155 | +(2) nfs-kernel-server |
156 | +(3) rpc.rquotad |
157 | + |
158 | +Obs: |
159 | + - replaced files keep previous versions as "file".prevctdb |
160 | + - dependant services will also be stopped |
161 | +""" |
162 | + |
163 | +while true; do |
164 | + echo -n "Do you agree with this change ? (N/y) => " |
165 | + read answer |
166 | + [ "$answer" == "n" ] && getout "exiting without any changes" |
167 | + [ "$answer" == "y" ] && break |
168 | +done |
169 | + |
170 | + |
171 | +echo "checking requirements..." |
172 | + |
173 | +checkservice nfs-kernel-server |
174 | +checkservice quota |
175 | +checkservice rpcbind |
176 | + |
177 | +echo "requirements okay!" |
178 | +echo |
179 | + |
180 | +backupfile /etc/default/nfs-common |
181 | +backupfile /etc/default/nfs-kernel-server |
182 | +backupfile /etc/services |
183 | +backupfile /usr/lib/systemd/scripts/nfs-utils_env.sh |
184 | +echo |
185 | + |
186 | +set +e |
187 | + |
188 | +stopservice ctdb.service |
189 | +stopservice quota.service |
190 | +stopservice nfs-kernel-server.service |
191 | +stopservice rpcbind.service |
192 | +stopservice rpcbind.socket |
193 | +stopservice rpcbind.target |
194 | +echo |
195 | + |
196 | +disableservice ctdb.service |
197 | +disableservice quota.service |
198 | +disableservice nfs-kernel-server.service |
199 | +disableservice rpcbind.service |
200 | +disableservice rpcbind.socket |
201 | +disableservice rpcbind.target |
202 | +echo |
203 | + |
204 | +set -e |
205 | + |
206 | +replacefile nfs-common /etc/default/nfs-common |
207 | +replacefile nfs-kernel-server /etc/default/nfs-kernel-server |
208 | +replacefile 99-nfs-static-ports.conf /etc/sysctl.d/99-nfs-static-ports.conf |
209 | +echo |
210 | + |
211 | +appendfile services /etc/services |
212 | +echo |
213 | + |
214 | +fixnfshostname /etc/default/nfs-common |
215 | +fixnfshostname /etc/default/nfs-kernel-server |
216 | +echo |
217 | + |
218 | +appendnfsenv /usr/lib/systemd/scripts/nfs-utils_env.sh |
219 | +execnfsenv /usr/lib/systemd/scripts/nfs-utils_env.sh |
220 | +echo |
221 | + |
222 | +sysctlrefresh |
223 | +echo |
224 | + |
225 | +echo """Finished! Make sure to configure properly: |
226 | + |
227 | + - /etc/exports (containing the clustered fs to be exported) |
228 | + - /etc/ctdb/nodes (containing all your node private IPs) |
229 | + - /etc/ctdb/public_addressess (containing public addresses) |
230 | + |
231 | +A log file can be found at: |
232 | + |
233 | + - /tmp/enable-ctdb-nfs.$$.log |
234 | + |
235 | +Remember: |
236 | + |
237 | + - to place a recovery lock in /etc/ctdb/ctdb.conf: |
238 | + ... |
239 | + [cluster] |
240 | + recovery lock = /clustered.filesystem/.reclock |
241 | + ... |
242 | + |
243 | +And, make sure you enable ctdb service again: |
244 | + |
245 | + - systemctl enable ctdb.service |
246 | + - systemctl start ctdb.service |
247 | + |
248 | +Enjoy! |
249 | +""" |
250 | diff --git a/debian/ctdb.example.nfs-common b/debian/ctdb.example.nfs-common |
251 | new file mode 100644 |
252 | index 0000000..9d4f22c |
253 | --- /dev/null |
254 | +++ b/debian/ctdb.example.nfs-common |
255 | @@ -0,0 +1,19 @@ |
256 | +# CTDB: /etc/default/nfs-common for clustering |
257 | + |
258 | +NFS_HOSTNAME="PLACE_HOSTNAME_HERE" |
259 | + |
260 | +# rpc.statd - daemon listening for reboot notifications (locks related) |
261 | +NEED_STATD="yes" |
262 | +STATDOPTS="-n ${NFS_HOSTNAME} -p 32765 -o 32766 -H /etc/ctdb/statd-callout -T 32768 -U 32768" |
263 | +STATD_HOSTNAME="$NFS_HOSTNAME" |
264 | + |
265 | +# rpc.gssd - security context for rpc connections |
266 | +NEED_GSSD="no" |
267 | + |
268 | +# rpc.idmapd - NFSv4 <-> name mapping daemon (fallback nowadays) |
269 | +# recent kernels use nfsidmap(8) instead |
270 | +NEED_IDMAPD="no" |
271 | + |
272 | +# rpc.quota - usage quota |
273 | +RPCRQUOTADOPTS="-p 32769" |
274 | + |
275 | diff --git a/debian/ctdb.example.nfs-kernel-server b/debian/ctdb.example.nfs-kernel-server |
276 | new file mode 100644 |
277 | index 0000000..6aa5df9 |
278 | --- /dev/null |
279 | +++ b/debian/ctdb.example.nfs-kernel-server |
280 | @@ -0,0 +1,16 @@ |
281 | +# CTDB: /etc/default/nfs-kernel-server for clustering |
282 | + |
283 | +NFS_HOSTNAME="PLACE_HOSTNAME_HERE" |
284 | + |
285 | +# rpc.nfsd - user level part of nfs service (kernel: nfsd module) |
286 | +RPCNFSDPRIORITY=0 |
287 | +RPCNFSDCOUNT=8 |
288 | +RPCNFSDOPTS="-N 4" |
289 | + |
290 | +# rpc.mountd - server side of nfs mount protocol |
291 | +RPCMOUNTDOPTS="-p 32767 --manage-gids --no-nfs-version 4" |
292 | + |
293 | +# rpc.svcgssd - userspace daemon to handle sec context for kernel rpcsec_gss |
294 | +NEED_SVCGSSD="no" |
295 | +RPCSVCGSSDOPTS="" |
296 | + |
297 | diff --git a/debian/ctdb.example.services b/debian/ctdb.example.services |
298 | new file mode 100644 |
299 | index 0000000..3ff6b1d |
300 | --- /dev/null |
301 | +++ b/debian/ctdb.example.services |
302 | @@ -0,0 +1,16 @@ |
303 | +# CTDB: fixed NFS/RPC service ports for clustering |
304 | + |
305 | +rpc.nfsd 2049/tcp # RPC nfsd |
306 | +rpc.nfsd 2049/udp # RPC nfsd |
307 | +rpc.nfs-cb 32764/tcp # RPC nfs callback |
308 | +rpc.nfs-cb 32764/udp # RPC nfs callback |
309 | +rpc.statd-bc 32765/tcp # RPC statd broadcast |
310 | +rpc.statd-bc 32765/udp # RPC statd broadcast |
311 | +rpc.statd 32766/tcp # RPC statd listen |
312 | +rpc.statd 32766/udp # RPC statd listen |
313 | +rpc.mountd 32767/tcp # RPC mountd |
314 | +rpc.mountd 32767/udp # RPC mountd |
315 | +rpc.lockd 32768/tcp # RPC lockd/nlockmgr |
316 | +rpc.lockd 32768/udp # RPC lockd/nlockmgr |
317 | +rpc.quotad 32769/tcp # RPC quotad |
318 | +rpc.quotad 32769/udp # RPC quotad |
319 | diff --git a/debian/ctdb.example.sysctl-nfs-static-ports.conf b/debian/ctdb.example.sysctl-nfs-static-ports.conf |
320 | new file mode 100644 |
321 | index 0000000..7b83623 |
322 | --- /dev/null |
323 | +++ b/debian/ctdb.example.sysctl-nfs-static-ports.conf |
324 | @@ -0,0 +1,5 @@ |
325 | +# CTDB: /etc/sysctl.d/98-nfs-static-ports.conf |
326 | + |
327 | +fs.nfs.nfs_callback_tcpport = 32764 |
328 | +fs.nfs.nlm_tcpport = 32768 |
329 | +fs.nfs.nlm_udpport = 32768 |
330 | \ No newline at end of file |
331 | diff --git a/debian/ctdb.install b/debian/ctdb.install |
332 | index efbdde1..4e4cd13 100755 |
333 | --- a/debian/ctdb.install |
334 | +++ b/debian/ctdb.install |
335 | @@ -24,6 +24,7 @@ usr/lib/*/ctdb/ctdb_recovery_helper |
336 | usr/lib/*/ctdb/ctdb_takeover_helper |
337 | usr/lib/*/ctdb/smnotify |
338 | usr/lib/*/samba/libctdb-event-client.so.0 |
339 | +usr/lib/tmpfiles.d/ctdb.conf |
340 | usr/sbin/ctdbd |
341 | usr/sbin/ctdbd_wrapper |
342 | usr/share/ctdb/events/legacy/*.script |
343 | diff --git a/debian/ctdb.postrm b/debian/ctdb.postrm |
344 | index 221c2bb..3ba81db 100644 |
345 | --- a/debian/ctdb.postrm |
346 | +++ b/debian/ctdb.postrm |
347 | @@ -29,9 +29,22 @@ disable_legacy() { # From ctdb/packaging/RPM/ctdb.spec.in |
348 | fi |
349 | } |
350 | |
351 | +remove_leftover() { |
352 | + |
353 | + # Remove files created after initalization |
354 | + |
355 | + rm -f /etc/ctdb/nodes |
356 | + rm -f /etc/ctdb/public_addresses |
357 | + rm -f /var/lib/ctdb/volatile/* |
358 | + rm -f /var/lib/ctdb/state/* |
359 | + rm -f /var/lib/ctdb/persistent/* |
360 | + rm -rf /var/lib/ctdb/scripts |
361 | +} |
362 | + |
363 | case "$1" in |
364 | purge) |
365 | disable_legacy 0 |
366 | + remove_leftover |
367 | ;; |
368 | |
369 | remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) |
370 | diff --git a/debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch b/debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch |
371 | new file mode 100644 |
372 | index 0000000..5a7018b |
373 | --- /dev/null |
374 | +++ b/debian/patches/ctdb-config-depend-on-etc-default-nodes-file.patch |
375 | @@ -0,0 +1,36 @@ |
376 | +ctdb-config: depend on /etc/default/nodes file |
377 | + |
378 | +CTDB should start as a disabled unit (systemd) in most of the distributions and, |
379 | +when trying to enable it for the first time, user should get an unconfigured, or |
380 | +similar, error. |
381 | + |
382 | +Depending on /etc/ctdb/nodes file will give a clear direction to final user on |
383 | +what is needed in order to get cluster up and running. It should work like |
384 | +previous ENABLED=NO variables in SySV like initialization scripts. |
385 | + |
386 | +Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
387 | +- |
388 | +Author: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
389 | +Bug-Debian: https://bugs.debian.org/929931 |
390 | +Bug-Ubuntu: https://bugs.launchpad.net/bugs/722201 |
391 | +Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14026 |
392 | +Last-Update: 2018-06-27 |
393 | +--- |
394 | + ctdb/config/ctdb.service | 1 + |
395 | + 1 file changed, 1 insertion(+) |
396 | + |
397 | +diff --git a/ctdb/config/ctdb.service b/ctdb/config/ctdb.service |
398 | +index 675b3147417..fd81c38e26d 100644 |
399 | +--- a/ctdb/config/ctdb.service |
400 | ++++ b/ctdb/config/ctdb.service |
401 | +@@ -2,6 +2,7 @@ |
402 | + Description=CTDB |
403 | + Documentation=man:ctdbd(1) man:ctdb(7) |
404 | + After=network-online.target time-sync.target |
405 | ++ConditionFileNotEmpty=/etc/ctdb/nodes |
406 | + |
407 | + [Service] |
408 | + Type=forking |
409 | +-- |
410 | +2.20.1 |
411 | + |
412 | diff --git a/debian/patches/ctdb-config-enable-syslog-by-default.patch b/debian/patches/ctdb-config-enable-syslog-by-default.patch |
413 | new file mode 100644 |
414 | index 0000000..3e96c5a |
415 | --- /dev/null |
416 | +++ b/debian/patches/ctdb-config-enable-syslog-by-default.patch |
417 | @@ -0,0 +1,49 @@ |
418 | +ctdb-config: enable syslog by default |
419 | + |
420 | +CTDB uses /var/log/ctdb/ directory for the default log files. With |
421 | +syslog disabled, systemd journal is not able to correctly inform |
422 | +errors happening during service initialization. |
423 | + |
424 | +Upstream community creates generic config files to be used by different |
425 | +distributions, so this change makes no big difference to be accepted by |
426 | +upstream. |
427 | + |
428 | +With this patch the end user will be able to identify initialization |
429 | +errors by executing: |
430 | + |
431 | + systemctl status ctdb.service |
432 | + |
433 | +or to follow ctdb logs by executing: |
434 | + |
435 | + journalctl -f -u ctdb |
436 | + |
437 | +Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
438 | +- |
439 | +Author: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
440 | +Bug-Debian: https://bugs.debian.org/929931 |
441 | +Bug-Ubuntu: https://bugs.launchpad.net/bugs/722201 |
442 | +Last-Update: 2018-06-27 |
443 | +--- |
444 | + ctdb/config/ctdb.conf | 4 ++-- |
445 | + 1 file changed, 2 insertions(+), 2 deletions(-) |
446 | + |
447 | +diff --git a/ctdb/config/ctdb.conf b/ctdb/config/ctdb.conf |
448 | +index 5440600a4..cde24280e 100644 |
449 | +--- a/ctdb/config/ctdb.conf |
450 | ++++ b/ctdb/config/ctdb.conf |
451 | +@@ -5,10 +5,10 @@ |
452 | + |
453 | + [logging] |
454 | + # Enable logging to syslog |
455 | +- # location = syslog |
456 | ++ location = syslog |
457 | + |
458 | + # Default log level |
459 | +- # log level = NOTICE |
460 | ++ log level = NOTICE |
461 | + |
462 | + [cluster] |
463 | + # Shared recovery lock file to avoid split brain. Daemon |
464 | +-- |
465 | +2.20.1 |
466 | + |
467 | diff --git a/debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch b/debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch |
468 | new file mode 100644 |
469 | index 0000000..bef5284 |
470 | --- /dev/null |
471 | +++ b/debian/patches/ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch |
472 | @@ -0,0 +1,43 @@ |
473 | +Description: ctdb-scripts: Fix tcp_tw_recycle existence check |
474 | + |
475 | +net.ipv4.tcp_tw_recycle has been removed from Linux 4.12 but, still, |
476 | +makes sense to check its existence. Unfortunately, current check does |
477 | +not test for the procfs file existence. This commit fixes the issue. |
478 | + |
479 | +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13984 |
480 | + |
481 | +Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
482 | +Reviewed-by: Martin Schwenke <martin@meltin.net> |
483 | +Reviewed-by: Amitay Isaacs <amitay@gmail.com> |
484 | + |
485 | +Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> |
486 | +Autobuild-Date(master): Tue Jun 4 23:31:24 UTC 2019 on sn-devel-184 |
487 | + |
488 | +(cherry picked from commit 843fbb1207ee7ac84f3282974b66b9290d8da0ac) |
489 | + |
490 | +Author: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
491 | +Origin: upstream, https://attachments.samba.org/attachment.cgi?id=15224 |
492 | +Forwarded: https://lists.samba.org/archive/samba-technical/2019-June/133700.html |
493 | +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13984 |
494 | +Bug-Debian: http://bugs.debian.org/929931 |
495 | +Bug-Ubuntu: http://bugs.launchpad.net/bugs/722201 |
496 | +--- |
497 | + ctdb/config/nfs-linux-kernel-callout | 4 ++-- |
498 | + 1 file changed, 2 insertions(+), 2 deletions(-) |
499 | + |
500 | +diff --git a/ctdb/config/nfs-linux-kernel-callout b/ctdb/config/nfs-linux-kernel-callout |
501 | +index def69a04649..71d8ecf8074 100755 |
502 | +--- a/ctdb/config/nfs-linux-kernel-callout |
503 | ++++ b/ctdb/config/nfs-linux-kernel-callout |
504 | +@@ -281,8 +281,8 @@ nfs_startup () |
505 | + basic_stop "nfs" || true |
506 | + basic_start "nfs" |
507 | + _f="${PROCFS_PATH}/sys/net/ipv4/tcp_tw_recycle" |
508 | +- if [ "$_f" ] ; then |
509 | +- echo 1 >"$_f" |
510 | ++ if [ -f "$_f" ] ; then |
511 | ++ echo 1 >"$_f" |
512 | + fi |
513 | + } |
514 | + |
515 | +-- 2.20.1 |
516 | diff --git a/debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch b/debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch |
517 | new file mode 100644 |
518 | index 0000000..c0d8843 |
519 | --- /dev/null |
520 | +++ b/debian/patches/fix-nfs-service-name-to-nfs-kernel-server.patch |
521 | @@ -0,0 +1,97 @@ |
522 | +Description: fix nfs service name to nfs-kernel-server |
523 | + |
524 | +Upstream code used to comment in/out service script names related to a specific |
525 | +distribution. Recently, they've changed this to a method of detecting on which |
526 | +distribution ctdb is running, and then setting the systemd unit file name, for |
527 | +example. |
528 | + |
529 | +Because of this new detection mechanism, it is impossible to suggest upstream a |
530 | +change like this patch and, at the same time, backporting this new code could |
531 | +bring more problems. Instead, this patch should be kept until a new merge with |
532 | +upstream is done. |
533 | + |
534 | +This temporary patch fixes the NFS service name for Debian & Ubuntu. |
535 | + |
536 | +Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com> |
537 | + |
538 | +Author: Rafael David Tinoco <rafaeldtinoco@gmail.com> |
539 | +Bug-Debian: https://bugs.debian.org/929931 |
540 | +Bug-Ubuntu: https://bugs.launchpad.net/bugs/722201 |
541 | +Last-Update: 2018-06-26 |
542 | + |
543 | +--- |
544 | + ctdb/config/events/legacy/60.nfs.script | 4 ++-- |
545 | + ctdb/config/nfs-linux-kernel-callout | 12 ++++++------ |
546 | + ctdb/config/statd-callout | 4 ++-- |
547 | + 3 files changed, 10 insertions(+), 10 deletions(-) |
548 | + |
549 | +diff --git a/ctdb/config/events/legacy/60.nfs.script b/ctdb/config/events/legacy/60.nfs.script |
550 | +index 2eb90b421..5c6a09033 100755 |
551 | +--- a/ctdb/config/events/legacy/60.nfs.script |
552 | ++++ b/ctdb/config/events/legacy/60.nfs.script |
553 | +@@ -6,9 +6,9 @@ |
554 | + |
555 | + . "${CTDB_BASE}/functions" |
556 | + |
557 | +-service_name="nfs" |
558 | ++service_name="nfs-kernel-server" |
559 | + |
560 | +-load_system_config "nfs" |
561 | ++load_system_config "nfs-kernel-server" |
562 | + |
563 | + load_script_options |
564 | + |
565 | +diff --git a/ctdb/config/nfs-linux-kernel-callout b/ctdb/config/nfs-linux-kernel-callout |
566 | +index 9b72446b4..3acd43fee 100755 |
567 | +--- a/ctdb/config/nfs-linux-kernel-callout |
568 | ++++ b/ctdb/config/nfs-linux-kernel-callout |
569 | +@@ -13,9 +13,9 @@ set -e |
570 | + nfs_exports_file="${CTDB_NFS_EXPORTS_FILE:-/var/lib/nfs/etab}" |
571 | + |
572 | + # Red Hat |
573 | +-nfs_service="nfs" |
574 | +-nfslock_service="nfslock" |
575 | +-nfs_config="/etc/sysconfig/nfs" |
576 | ++#nfs_service="nfs" |
577 | ++#nfslock_service="nfslock" |
578 | ++#nfs_config="/etc/sysconfig/nfs" |
579 | + |
580 | + # SUSE |
581 | + #nfs_service="nfsserver" |
582 | +@@ -23,9 +23,9 @@ nfs_config="/etc/sysconfig/nfs" |
583 | + #nfs_config="/etc/sysconfig/nfs" |
584 | + |
585 | + # Debian |
586 | +-#nfs_service="nfs-kernel-server" |
587 | +-#nfslock_service="" |
588 | +-#nfs_config="/etc/default/nfs-kernel-server" |
589 | ++nfs_service="nfs-kernel-server" |
590 | ++nfslock_service="" |
591 | ++nfs_config="/etc/default/nfs-kernel-server" |
592 | + |
593 | + # Override for unit testing |
594 | + if [ -z "$PROCFS_PATH" ] ; then |
595 | +diff --git a/ctdb/config/statd-callout b/ctdb/config/statd-callout |
596 | +index bf18b5586..d0c807ee3 100755 |
597 | +--- a/ctdb/config/statd-callout |
598 | ++++ b/ctdb/config/statd-callout |
599 | +@@ -20,14 +20,14 @@ die () |
600 | + exit 1 |
601 | + } |
602 | + |
603 | +-load_system_config "nfs" |
604 | ++load_system_config "nfs-kernel-server" |
605 | + |
606 | + [ -n "$NFS_HOSTNAME" ] || \ |
607 | + die "NFS_HOSTNAME is not configured. statd-callout failed" |
608 | + |
609 | + ############################################################ |
610 | + |
611 | +-ctdb_setup_state_dir "service" "nfs" |
612 | ++ctdb_setup_state_dir "service" "nfs-kernel-server" |
613 | + |
614 | + # script_state_dir set by ctdb_setup_state_dir() |
615 | + # shellcheck disable=SC2154 |
616 | +-- |
617 | +2.20.1 |
618 | + |
619 | diff --git a/debian/patches/series b/debian/patches/series |
620 | index f2c5483..4b5d752 100644 |
621 | --- a/debian/patches/series |
622 | +++ b/debian/patches/series |
623 | @@ -18,3 +18,7 @@ CVE-2018-16860-2.patch |
624 | CVE-2019-12435-1.patch |
625 | CVE-2019-12435-2.patch |
626 | CVE-2019-12436.patch |
627 | +ctdb-scripts-fix-tcp_tw_recycle-existence-check.patch |
628 | +fix-nfs-service-name-to-nfs-kernel-server.patch |
629 | +ctdb-config-depend-on-etc-default-nodes-file.patch |
630 | +ctdb-config-enable-syslog-by-default.patch |
631 | diff --git a/debian/rules b/debian/rules |
632 | index 34a5f48..d45700e 100755 |
633 | --- a/debian/rules |
634 | +++ b/debian/rules |
635 | @@ -11,6 +11,7 @@ include /usr/share/dpkg/buildflags.mk |
636 | DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) |
637 | DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) |
638 | DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) |
639 | +DEB_HOST_ARCH_CPU ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU) |
640 | |
641 | LDB_VERSION = $(shell pkg-config --modversion ldb) |
642 | LDB_EPOCH = $(shell dpkg-query -f '$${Version}' -W libldb-dev | sed 's/:.*//') |
643 | @@ -169,6 +170,7 @@ endif |
644 | # such as OpenRC's opentmpfiles |
645 | mkdir -p $(DESTDIR)/usr/lib/tmpfiles.d |
646 | echo "d /run/samba 0755 root root -" > $(DESTDIR)/usr/lib/tmpfiles.d/samba.conf |
647 | + echo "d /run/ctdb 0755 root root -" > $(DESTDIR)/usr/lib/tmpfiles.d/ctdb.conf |
648 | |
649 | override_dh_installdocs-arch: |
650 | cp ctdb/config/events/README ctdb/README.eventscripts |
651 | @@ -181,6 +183,16 @@ ifeq ($(DEB_HOST_ARCH_OS), kfreebsd) |
652 | dh_installdocs -pctdb debian/ctdb.README.kfreebsd |
653 | endif |
654 | |
655 | +override_dh_installexamples-arch: |
656 | + # CTDB config examples and helper scripts |
657 | + mkdir -p ctdb/doc/examples/nfs-kernel-server |
658 | + cp debian/ctdb.example.enable.nfs.sh ctdb/doc/examples/nfs-kernel-server/enable-nfs.sh |
659 | + cp debian/ctdb.example.nfs-common ctdb/doc/examples/nfs-kernel-server/nfs-common |
660 | + cp debian/ctdb.example.nfs-kernel-server ctdb/doc/examples/nfs-kernel-server/nfs-kernel-server |
661 | + cp debian/ctdb.example.services ctdb/doc/examples/nfs-kernel-server/services |
662 | + cp debian/ctdb.example.sysctl-nfs-static-ports.conf ctdb/doc/examples/nfs-kernel-server/99-nfs-static-ports.conf |
663 | + dh_installexamples |
664 | + |
665 | override_dh_installchangelogs: |
666 | dh_installchangelogs |
667 | |
668 | @@ -267,3 +279,4 @@ override_dh_auto_clean: |
669 | rm -f .lock-wscript |
670 | rm -f ctdb/README.eventscripts |
671 | rm -f ctdb/README.notification |
672 | + rm -rf ctdb/doc/examples/nfs-kernel-server/ |
Thanks for all this work!
Taking a first pass.
needs-info about +ctdb-scripts- fix-60- nfs-service- name.patch
Will continue the review.