diff --git a/conf/Makefile.am b/conf/Makefile.am index 807b6cc9..6382386e 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -1,73 +1,73 @@ # Copyright (c) 2009 Red Hat, Inc. # # Authors: Andrew Beekhof # Steven Dake (sdake@redhat.com) # # This software licensed under BSD license, the text of which follows: # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # - Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # - Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # - Neither the name of the MontaVista Software, Inc. nor the names of its # contributors may be used to endorse or promote products derived from this # software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. MAINTAINERCLEANFILES = Makefile.in EXTRA_DIST = COROSYNC-MIB.txt corosync-signals.conf \ corosync.conf.example \ corosync.conf.example.udpu \ corosync.xml.example \ xml2conf.xsl \ lenses/corosync.aug \ lenses/tests/test_corosync.aug corosysconfdir = ${COROSYSCONFDIR} corosysconf_DATA = corosync.conf.example \ corosync.conf.example.udpu if INSTALL_AUGEAS corolensdir = ${datadir}/augeas/lenses corolens_DATA = lenses/corosync.aug corolenstestdir = ${corolensdir}/tests corolenstest_DATA = lenses/tests/test_corosync.aug endif if INSTALL_XMLCONF corosysxmlconfdir = ${COROSYSCONFDIR} corosysxmlconf_DATA = corosync.xml.example corosysxmlxsltdir = ${datadir}/corosync corosysxmlxslt_DATA = xml2conf.xsl endif if INSTALL_MIB mibdir = $(datadir)/snmp/mibs mib_DATA = COROSYNC-MIB.txt endif if INSTALL_DBUSCONF dbusdir = $(sysconfdir)/dbus-1/system.d dbus_DATA = corosync-signals.conf endif -SUBDIRS = logrotate +SUBDIRS = logrotate tmpfiles.d diff --git a/conf/Makefile.am b/conf/tmpfiles.d/Makefile.am similarity index 61% copy from conf/Makefile.am copy to conf/tmpfiles.d/Makefile.am index 807b6cc9..37eb69ac 100644 --- a/conf/Makefile.am +++ b/conf/tmpfiles.d/Makefile.am @@ -1,73 +1,42 @@ -# Copyright (c) 2009 Red Hat, Inc. +# Copyright (c) 2016 Red Hat, Inc. # -# Authors: Andrew Beekhof -# Steven Dake (sdake@redhat.com) +# Authors:Jan Friesse (jfriesse@redhat.com) # # This software licensed under BSD license, the text of which follows: # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # - Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # - Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # - Neither the name of the MontaVista Software, Inc. nor the names of its # contributors may be used to endorse or promote products derived from this # software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. MAINTAINERCLEANFILES = Makefile.in -EXTRA_DIST = COROSYNC-MIB.txt corosync-signals.conf \ - corosync.conf.example \ - corosync.conf.example.udpu \ - corosync.xml.example \ - xml2conf.xsl \ - lenses/corosync.aug \ - lenses/tests/test_corosync.aug +EXTRA_DIST = corosync-qnetd.conf -corosysconfdir = ${COROSYSCONFDIR} +tmpfilesdirdir = ${TMPFILESDIR} +tmpfilesdir_DATA = -corosysconf_DATA = corosync.conf.example \ - corosync.conf.example.udpu - -if INSTALL_AUGEAS -corolensdir = ${datadir}/augeas/lenses -corolens_DATA = lenses/corosync.aug - -corolenstestdir = ${corolensdir}/tests -corolenstest_DATA = lenses/tests/test_corosync.aug +if BUILD_QNETD +if INSTALL_SYSTEMD +tmpfilesdir_DATA += corosync-qnetd.conf endif - -if INSTALL_XMLCONF -corosysxmlconfdir = ${COROSYSCONFDIR} -corosysxmlconf_DATA = corosync.xml.example - -corosysxmlxsltdir = ${datadir}/corosync -corosysxmlxslt_DATA = xml2conf.xsl endif - -if INSTALL_MIB -mibdir = $(datadir)/snmp/mibs -mib_DATA = COROSYNC-MIB.txt -endif - -if INSTALL_DBUSCONF -dbusdir = $(sysconfdir)/dbus-1/system.d -dbus_DATA = corosync-signals.conf -endif - -SUBDIRS = logrotate diff --git a/conf/tmpfiles.d/corosync-qnetd.conf b/conf/tmpfiles.d/corosync-qnetd.conf new file mode 100644 index 00000000..f4cbd033 --- /dev/null +++ b/conf/tmpfiles.d/corosync-qnetd.conf @@ -0,0 +1 @@ +d /var/run/corosync-qnetd 0770 root root - diff --git a/configure.ac b/configure.ac index 444eebb8..81fc91bd 100644 --- a/configure.ac +++ b/configure.ac @@ -1,772 +1,780 @@ # -*- Autoconf -*- # Process this file with autoconf to produce a configure script. # bootstrap / init AC_PREREQ([2.61]) AC_INIT([corosync], m4_esyscmd([build-aux/git-version-gen .tarball-version]), [users@clusterlabs.org]) AC_USE_SYSTEM_EXTENSIONS AM_INIT_AUTOMAKE([foreign 1.11]) LT_PREREQ([2.2.6]) LT_INIT AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([lib/cpg.c]) AC_CONFIG_HEADER([include/corosync/config.h]) AC_CONFIG_MACRO_DIR([m4]) AC_CANONICAL_HOST AC_LANG([C]) AC_SUBST(WITH_LIST, [""]) #Enable inter-library dependencies AC_ARG_ENABLE(interlib-deps, [AC_HELP_STRING([--disable-interlib-deps ],[disable inter-library dependencies (might break builds)])], [enable_interlib_deps="$enableval"], [enable_interlib_deps="yes"]) AC_MSG_NOTICE([enable inter-library dependencies: $enable_interlib_deps]) if test "${enable_interlib_deps}" == "yes"; then link_all_deplibs=yes link_all_deplibs_CXX=yes else link_all_deplibs=no link_all_deplibs_CXX=no fi dnl Fix default variables - "prefix" variable if not specified if test "$prefix" = "NONE"; then prefix="/usr" dnl Fix "localstatedir" variable if not specified if test "$localstatedir" = "\${prefix}/var"; then localstatedir="/var" fi dnl Fix "sysconfdir" variable if not specified if test "$sysconfdir" = "\${prefix}/etc"; then sysconfdir="/etc" fi dnl Fix "libdir" variable if not specified if test "$libdir" = "\${exec_prefix}/lib"; then if test -e /usr/lib64; then libdir="/usr/lib64" else libdir="/usr/lib" fi fi fi if test "$srcdir" = "."; then AC_MSG_NOTICE([building in place srcdir:$srcdir]) AC_DEFINE([BUILDING_IN_PLACE], 1, [building in place]) else AC_MSG_NOTICE([building out of tree srcdir:$srcdir]) fi # Checks for programs. # check stolen from gnulib/m4/gnu-make.m4 if ! ${MAKE-make} --version /cannot/make/this >/dev/null 2>&1; then AC_MSG_ERROR([you don't seem to have GNU make; it is required]) fi sinclude(corosync-default.m4) AC_PROG_CC AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_MAKE_SET AC_PROG_SED AC_CHECK_PROGS([GROFF], [groff]) AC_CHECK_PROGS([PKGCONFIG], [pkg-config]) AC_CHECK_PROGS([AUGTOOL], [augtool]) AC_CHECK_PROGS([DOT], [dot]) AC_CHECK_PROGS([DOXYGEN], [doxygen]) AC_CHECK_PROGS([AWK], [awk]) AC_CHECK_PROGS([SED], [sed]) AC_PATH_PROG([BASHPATH], [bash]) # Checks for compiler characteristics. AC_PROG_GCC_TRADITIONAL AC_C_CONST AC_C_INLINE AC_C_VOLATILE # Checks for header files. AC_HEADER_DIRENT AC_HEADER_STDC AC_HEADER_SYS_WAIT AC_CHECK_HEADERS([arpa/inet.h fcntl.h limits.h netdb.h netinet/in.h stdint.h \ stdlib.h string.h sys/ioctl.h sys/param.h sys/socket.h \ sys/time.h syslog.h unistd.h sys/types.h getopt.h malloc.h \ utmpx.h ifaddrs.h stddef.h sys/file.h sys/uio.h]) # Check entries in specific structs AC_CHECK_MEMBER([struct sockaddr_in.sin_len], [AC_DEFINE_UNQUOTED([HAVE_SOCK_SIN_LEN], [1], [sockaddr_in needs sin_len])], [], [[#include ]]) AC_CHECK_MEMBER([struct sockaddr_in6.sin6_len], [AC_DEFINE_UNQUOTED([HAVE_SOCK_SIN6_LEN], [1], [sockaddr_in6 needs sin6_len])], [], [[#include ]]) AC_CHECK_MEMBER([struct msghdr.msg_control], [AC_DEFINE_UNQUOTED([HAVE_MSGHDR_CONTROL], [1], [msghdr has msg_control])], [], [[#include ]]) AC_CHECK_MEMBER([struct msghdr.msg_controllen], [AC_DEFINE_UNQUOTED([HAVE_MSGHDR_CONTROLLEN], [1], [msghdr has msg_controllen])], [], [[#include ]]) AC_CHECK_MEMBER([struct msghdr.msg_flags], [AC_DEFINE_UNQUOTED([HAVE_MSGHDR_FLAGS], [1], [msghdr has msg_flags])], [], [[#include ]]) AC_CHECK_MEMBER([struct msghdr.msg_accrights], [AC_DEFINE_UNQUOTED([HAVE_MSGHDR_ACCRIGHTS], [1], [msghdr has msg_accrights])], [], [[#include ]]) AC_CHECK_MEMBER([struct msghdr.msg_accrightslen], [AC_DEFINE_UNQUOTED([HAVE_MSGHDR_ACCRIGHTSLEN], [1], [msghdr has msg_accrightslen])], [], [[#include ]]) # Checks for typedefs. AC_TYPE_UID_T AC_TYPE_INT16_T AC_TYPE_INT32_T AC_TYPE_INT64_T AC_TYPE_INT8_T AC_TYPE_UINT16_T AC_TYPE_UINT32_T AC_TYPE_UINT64_T AC_TYPE_UINT8_T AC_TYPE_SIZE_T AC_TYPE_SSIZE_T # Checks for libraries. PKG_CHECK_MODULES([nss],[nss]) SAVE_CPPFLAGS="$CPPFLAGS" SAVE_LIBS="$LIBS" PKG_CHECK_MODULES([LIBQB], [libqb]) CPPFLAGS="$CPPFLAGS $LIBQB_CFLAGS" LIBS="$LIBS $LIBQB_LIBS" AC_CHECK_LIB([qb], [qb_log_thread_priority_set], \ have_qb_log_thread_priority_set="yes", \ have_qb_log_thread_priority_set="no") if test "x${have_qb_log_thread_priority_set}" = xyes; then AC_DEFINE_UNQUOTED([HAVE_QB_LOG_THREAD_PRIORITY_SET], 1, [have qb_log_thread_priority_set]) fi CPPFLAGS="$SAVE_CPPFLAGS" LIBS="$SAVE_LIBS" AC_CHECK_LIB([pthread], [pthread_create]) AC_CHECK_LIB([socket], [socket]) AC_CHECK_LIB([nsl], [t_open]) AC_CHECK_LIB([rt], [sched_getscheduler]) AC_CHECK_LIB([z], [crc32], AM_CONDITIONAL([BUILD_CPGHUM], true), AM_CONDITIONAL([BUILD_CPGHUM], false)) # Checks for library functions. AC_FUNC_ALLOCA AC_FUNC_CLOSEDIR_VOID AC_FUNC_ERROR_AT_LINE AC_FUNC_FORK AC_FUNC_MALLOC AC_FUNC_MEMCMP AC_FUNC_MMAP AC_FUNC_REALLOC AC_FUNC_SELECT_ARGTYPES AC_FUNC_VPRINTF AC_CHECK_FUNCS([alarm alphasort atexit bzero dup2 endgrent endpwent fdatasync \ fcntl getcwd getpeerucred getpeereid gettimeofday inet_ntoa \ memmove memset mkdir scandir select socket strcasecmp strchr \ strdup strerror strrchr strspn strstr pthread_setschedparam \ sched_get_priority_max sched_setscheduler getifaddrs \ clock_gettime ftruncate gethostname localtime_r munmap strtol]) AC_CONFIG_FILES([Makefile exec/Makefile include/Makefile init/Makefile lib/Makefile common_lib/Makefile man/Makefile pkgconfig/Makefile test/Makefile cts/Makefile cts/agents/Makefile cts/CTSvars.py tools/Makefile conf/Makefile qdevices/Makefile Doxyfile - conf/logrotate/Makefile]) + conf/logrotate/Makefile + conf/tmpfiles.d/Makefile]) ### Local business dnl =============================================== dnl Functions / global M4 variables dnl =============================================== dnl Global list of LIB names m4_define([local_soname_list], [])dnl dnl Upcase parameter m4_define([local_upcase], [translit([$*], [a-z], [A-Z])])dnl dnl M4 macro for include lib/lib$1.soname and subst that m4_define([LIB_SONAME_IMPORT],[dnl m4_define([local_libname], local_upcase($1)[_SONAME])dnl m4_define([local_soname], translit(m4_sinclude(lib/lib$1.verso), [ ], []))dnl local_libname="local_soname"dnl m4_define([local_soname_list], m4_defn([local_soname_list])[,]local_libname[,]local_upcase($1))dnl AC_SUBST(local_libname)dnl ])dnl dnl M4 macro for print padspaces (used in LIB_MSG_RESULT). It takes 2 arguments, length of string to pad and desired dnl (padded) length m4_define([m4_printpadspace],[ifelse(m4_eval([$2 - $1 < 1]),[1],,[ ][m4_printpadspace([$1],m4_eval([$2 - 1]))])])dnl dnl Show AC_MSG_RESULT for specific libraries m4_define([LIB_MSG_RESULT], [ifelse([$#], [1], ,[dnl AC_MSG_RESULT([ $2 Library SONAME m4_printpadspace(len($2),8) = ${$1}]) LIB_MSG_RESULT(m4_shift(m4_shift($@)))dnl ])])dnl # =============================================== # Helpers # =============================================== ## check if the compiler supports -Werror -Wunknown-warning-option AC_MSG_CHECKING([whether $CC supports -Wunknown-warning-option -Werror]) BACKUP="$CPPFLAGS" CPPFLAGS="$CPPFLAGS -Werror -Wunknown-warning-option" AC_PREPROC_IFELSE([AC_LANG_PROGRAM([])], [unknown_warnings_as_errors='-Wunknown-warning-option -Werror'; AC_MSG_RESULT([yes])], [unknown_warnings_as_errors=''; AC_MSG_RESULT([no])]) CPPFLAGS="$BACKUP" ## helper for CC stuff cc_supports_flag() { BACKUP="$CPPFLAGS" CPPFLAGS="$CPPFLAGS $@ $unknown_warnings_as_errors" AC_MSG_CHECKING([whether $CC supports "$@"]) AC_PREPROC_IFELSE([AC_LANG_PROGRAM([])], [RC=0; AC_MSG_RESULT([yes])], [RC=1; AC_MSG_RESULT([no])]) CPPFLAGS="$BACKUP" return $RC } ## cleanup AC_MSG_NOTICE(Sanitizing prefix: ${prefix}) case $prefix in NONE) prefix=/usr/local;; esac AC_MSG_NOTICE(Sanitizing exec_prefix: ${exec_prefix}) case $exec_prefix in dnl For consistency with Corosync, map NONE->$prefix NONE) exec_prefix=$prefix;; prefix) exec_prefix=$prefix;; esac ## local defines PACKAGE_FEATURES="" LINT_FLAGS="-weak -unrecog +posixlib +ignoresigns -fcnuse \ -badflag -D__gnuc_va_list=va_list -D__attribute\(x\)=" # default libraries SONAME SOMAJOR="5" SOMINOR="0" SOMICRO="0" SONAME="${SOMAJOR}.${SOMINOR}.${SOMICRO}" # specific libraries SONAME LIB_SONAME_IMPORT([cfg]) LIB_SONAME_IMPORT([cpg]) LIB_SONAME_IMPORT([quorum]) LIB_SONAME_IMPORT([sam]) LIB_SONAME_IMPORT([votequorum]) LIB_SONAME_IMPORT([cmap]) # local options AC_ARG_ENABLE([ansi], [ --enable-ansi : force to build with ANSI standards. ], [ default="no" ]) AC_ARG_ENABLE([fatal-warnings], [ --enable-fatal-warnings : enable fatal warnings. ], [ default="no" ]) AC_ARG_ENABLE([debug], [ --enable-debug : enable debug build. ], [ default="no" ]) AC_ARG_ENABLE([secure-build], [ --enable-secure-build : enable PIE/RELRO build. ], [], [enable_secure_build="yes"]) AC_ARG_ENABLE([user-flags], [ --enable-user-flags : rely on user environment. ], [ default="no" ]) AC_ARG_ENABLE([coverage], [ --enable-coverage : coverage analysis of the codebase. ], [ default="no" ]) AC_ARG_ENABLE([small-memory-footprint], [ --enable-small-memory-footprint : Use small message queues and small messages sizes. ], [ default="no" ]) AC_ARG_ENABLE([dbus], [ --enable-dbus : dbus events. ],, [ enable_dbus="no" ]) AC_ARG_ENABLE([testagents], [ --enable-testagents : Install Test Agents. ],, [ default="no" ]) AC_ARG_ENABLE([rdma], [ --enable-rdma : Infiniband RDMA transport support ],, [ enable_rdma="no" ]) AM_CONDITIONAL(BUILD_RDMA, test x$enable_rdma = xyes) AC_ARG_ENABLE([monitoring], [ --enable-monitoring : resource monitoring ],, [ default="no" ]) AM_CONDITIONAL(BUILD_MONITORING, test x$enable_monitoring = xyes) AC_ARG_ENABLE([watchdog], [ --enable-watchdog : Watchdog support ],, [ default="no" ]) AM_CONDITIONAL(BUILD_WATCHDOG, test x$enable_watchdog = xyes) AC_ARG_ENABLE([augeas], [ --enable-augeas : Install the augeas lens for corosync.conf ],, [ enable_augeas="no" ]) AM_CONDITIONAL(INSTALL_AUGEAS, test x$enable_augeas = xyes) AC_ARG_ENABLE([systemd], [ --enable-systemd : Install systemd service files],, [ enable_systemd="no" ]) AM_CONDITIONAL(INSTALL_SYSTEMD, test x$enable_systemd = xyes) AC_ARG_ENABLE([upstart], [ --enable-upstart : Install upstart service files],, [ enable_upstart="no" ]) AM_CONDITIONAL(INSTALL_UPSTART, test x$enable_upstart = xyes) AC_ARG_WITH([initddir], [ --with-initddir=DIR : path to init script directory. ], [ INITDDIR="$withval" ], [ INITDDIR="$sysconfdir/init.d" ]) AC_ARG_WITH([systemddir], [ --with-systemddir=DIR : path to systemd unit files directory. ], [ SYSTEMDDIR="$withval" ], [ SYSTEMDDIR="/lib/systemd/system" ]) AC_ARG_WITH([upstartdir], [ --with-upstartdir=DIR : path to upstart config files directory. ], [ UPSTARTDIR="$withval" ], [ UPSTARTDIR="$sysconfdir/init" ]) AC_ARG_WITH([initwrappersdir], [ --with-initwrappersdir=DIR : path to init wrappers files directory. ], [ INITWRAPPERSDIR="$withval" ], [ INITWRAPPERSDIR="$datarootdir/corosync" ]) AC_ARG_WITH([logdir], [ --with-logdir=DIR : the base directory for corosync logging files. ], [ LOGDIR="$withval" ], [ LOGDIR="$localstatedir/log/cluster" ]) AC_ARG_WITH([logrotatedir], [ --with-logrotatedir=DIR : the base directory for logrorate.d files. ], [ LOGROTATEDIR="$withval" ], [ LOGROTATEDIR="$sysconfdir/logrotate.d" ]) +AC_ARG_WITH([tmpfilesdir], + [ --with-tmpfilesdir=DIR : path to tmpfiles.d configuration files directory. ], + [ TMPFILESDIR="$withval" ], + [ TMPFILESDIR="/lib/tmpfiles.d" ]) + AC_ARG_ENABLE([snmp], [ --enable-snmp : SNMP protocol support ], [ default="no" ]) AC_ARG_ENABLE([xmlconf], [ --enable-xmlconf : XML configuration support ],, [ enable_xmlconf="no" ]) AM_CONDITIONAL(INSTALL_XMLCONF, test x$enable_xmlconf = xyes) AC_ARG_ENABLE([qdevices], [ --enable-qdevices : Quorum devices support ],, [ enable_qdevices="no" ]) AM_CONDITIONAL(BUILD_QDEVICES, test x$enable_qdevices = xyes) AC_ARG_ENABLE([qnetd], [ --enable-qnetd : Quorum Net Daemon support ],, [ enable_qnetd="no" ]) AM_CONDITIONAL(BUILD_QNETD, test x$enable_qnetd = xyes) # *FLAGS handling goes here ENV_CFLAGS="$CFLAGS" ENV_CPPFLAGS="$CPPFLAGS" ENV_LDFLAGS="$LDFLAGS" # debug build stuff if test "x${enable_debug}" = xyes; then AC_DEFINE_UNQUOTED([DEBUG], [1], [Compiling Debugging code]) OPT_CFLAGS="-O0" PACKAGE_FEATURES="$PACKAGE_FEATURES debug" else OPT_CFLAGS="-O3" fi # gdb flags if test "x${GCC}" = xyes; then GDB_FLAGS="-ggdb3" else GDB_FLAGS="-g" fi # Look for dbus-1 if test "x${enable_dbus}" = xyes; then PKG_CHECK_MODULES([DBUS],[dbus-1]) AC_DEFINE_UNQUOTED([HAVE_DBUS], 1, [have dbus]) PACKAGE_FEATURES="$PACKAGE_FEATURES dbus" WITH_LIST="$WITH_LIST --with dbus" fi if test "x${enable_testagents}" = xyes; then AC_DEFINE_UNQUOTED([HAVE_TESTAGENTS], 1, [have testagents]) PACKAGE_FEATURES="$PACKAGE_FEATURES testagents" WITH_LIST="$WITH_LIST --with testagents" fi if test "x${enable_rdma}" = xyes; then PKG_CHECK_MODULES([rdmacm],[rdmacm]) PKG_CHECK_MODULES([ibverbs],[ibverbs]) AC_DEFINE_UNQUOTED([HAVE_RDMA], 1, [have rdmacm]) PACKAGE_FEATURES="$PACKAGE_FEATURES rdma" WITH_LIST="$WITH_LIST --with rdma" fi if test "x${enable_monitoring}" = xyes; then PKG_CHECK_MODULES([statgrab], [libstatgrab]) PKG_CHECK_MODULES([statgrabge090], [libstatgrab >= 0.90], AC_DEFINE_UNQUOTED([HAVE_LIBSTATGRAB_GE_090], 1, [have libstatgrab >= 0.90]), TMP_VARIABLE=1) AC_DEFINE_UNQUOTED([HAVE_MONITORING], 1, [have resource monitoring]) PACKAGE_FEATURES="$PACKAGE_FEATURES monitoring" WITH_LIST="$WITH_LIST --with monitoring" fi if test "x${enable_watchdog}" = xyes; then AC_CHECK_HEADER([linux/watchdog.h], [], [AC_MSG_ERROR([watchdog requires linux/watchdog.h])]) AC_CHECK_HEADER([linux/reboot.h], [], [AC_MSG_ERROR([watchdog requires linux/reboot.h])]) AC_DEFINE_UNQUOTED([HAVE_WATCHDOG], 1, [have watchdog]) PACKAGE_FEATURES="$PACKAGE_FEATURES watchdog" WITH_LIST="$WITH_LIST --with watchdog" fi if test "x${enable_augeas}" = xyes; then PACKAGE_FEATURES="$PACKAGE_FEATURES augeas" fi if test "x${enable_systemd}" = xyes; then PACKAGE_FEATURES="$PACKAGE_FEATURES systemd" WITH_LIST="$WITH_LIST --with systemd" fi if test "x${enable_upstart}" = xyes; then PACKAGE_FEATURES="$PACKAGE_FEATURES upstart" WITH_LIST="$WITH_LIST --with upstart" fi if test "x${enable_xmlconf}" = xyes; then PACKAGE_FEATURES="$PACKAGE_FEATURES xmlconf" WITH_LIST="$WITH_LIST --with xmlconf" fi if test "x${enable_qdevices}" = xyes; then PACKAGE_FEATURES="$PACKAGE_FEATURES qdevices" fi if test "x${enable_qnetd}" = xyes; then PACKAGE_FEATURES="$PACKAGE_FEATURES qnetd" fi do_snmp=0 if test "x${enable_snmp}" = xyes; then AC_PATH_PROGS([SNMPCONFIG], [net-snmp-config]) if test "x${SNMPCONFIG}" != "x"; then AC_MSG_CHECKING([for snmp includes]) SNMP_PREFIX=`$SNMPCONFIG --prefix` SNMP_INCLUDES="-I$SNMP_PREFIX/include" AC_MSG_RESULT([$SNMP_INCLUDES]) AC_MSG_CHECKING([for snmp libraries]) SNMP_LIBS=`$SNMPCONFIG --libs` AC_MSG_RESULT([$SNMP_LIBS]) AC_SUBST([SNMP_LIBS]) saveCFLAGS="$CFLAGS" CFLAGS="$CFLAGS $SNMP_INCLUDES" AC_CHECK_HEADERS([net-snmp/net-snmp-config.h]) CFLAGS="$saveCFLAGS" if test "x${ac_cv_header_net_snmp_net_snmp_config_h}" != "xyes"; then AC_MSG_ERROR([Unable to use net-snmp/net-snmp-config.h]) fi savedLibs=$LIBS LIBS="$LIBS $SNMP_LIBS" AC_CHECK_FUNCS([netsnmp_transport_open_client]) if test $ac_cv_func_netsnmp_transport_open_client != yes; then AC_CHECK_FUNCS([netsnmp_tdomain_transport]) if test $ac_cv_func_netsnmp_tdomain_transport != yes; then AC_MSG_ERROR([No usable SNMP client transport implementation found]) fi else AC_DEFINE_UNQUOTED([NETSNMPV54], $NETSNMP_NEW_SUPPORT, [have net-snmp5.4 over]) fi LIBS=$savedLibs do_snmp=1 PACKAGE_FEATURES="$PACKAGE_FEATURES snmp" WITH_LIST="$WITH_LIST --with snmp" AC_DEFINE_UNQUOTED([ENABLE_SNMP], $do_snmp, [Build in support for sending SNMP traps]) else AC_MSG_ERROR([You need the net_snmp development package to continue.]) fi fi AM_CONDITIONAL(BUILD_SNMP, test "${do_snmp}" = "1") # extra warnings EXTRA_WARNINGS="" WARNLIST=" all shadow missing-prototypes missing-declarations strict-prototypes declaration-after-statement pointer-arith write-strings cast-align bad-function-cast missing-format-attribute format=2 format-security format-nonliteral no-long-long unsigned-char gnu89-inline no-strict-aliasing " for j in $WARNLIST; do if cc_supports_flag -W$j; then EXTRA_WARNINGS="$EXTRA_WARNINGS -W$j"; fi done if test "x${enable_coverage}" = xyes && \ cc_supports_flag -ftest-coverage && \ cc_supports_flag -fprofile-arcs ; then AC_MSG_NOTICE([Enabling Coverage (enable -O0 by default)]) OPT_CFLAGS="-O0" COVERAGE_CFLAGS="-ftest-coverage -fprofile-arcs" COVERAGE_LDFLAGS="-ftest-coverage -fprofile-arcs" PACKAGE_FEATURES="$PACKAGE_FEATURES coverage" else COVERAGE_CFLAGS="" COVERAGE_LDFLAGS="" fi if test "x${enable_small_memory_footprint}" = xyes ; then AC_DEFINE_UNQUOTED([HAVE_SMALL_MEMORY_FOOTPRINT], 1, [have small_memory_footprint]) PACKAGE_FEATURES="$PACKAGE_FEATURES small-memory-footprint" fi if test "x${enable_ansi}" = xyes && \ cc_supports_flag -std=iso9899:199409 ; then AC_MSG_NOTICE([Enabling ANSI Compatibility]) ANSI_CPPFLAGS="-ansi -DANSI_ONLY" PACKAGE_FEATURES="$PACKAGE_FEATURES ansi" else ANSI_CPPFLAGS="" fi if test "x${enable_fatal_warnings}" = xyes && \ cc_supports_flag -Werror ; then AC_MSG_NOTICE([Enabling Fatal Warnings (-Werror)]) WERROR_CFLAGS="-Werror" PACKAGE_FEATURES="$PACKAGE_FEATURES fatal-warnings" else WERROR_CFLAGS="" fi # don't add addtional cflags if test "x${enable_user_flags}" = xyes; then OPT_CFLAGS="" GDB_FLAGS="" EXTRA_WARNINGS="" fi if test "x${enable_secure_build}" = xyes; then # stolen from apache configure snippet AC_CACHE_CHECK([whether $CC accepts PIE flags], [ap_cv_cc_pie], [ save_CFLAGS=$CFLAGS save_LDFLAGS=$LDFLAGS CFLAGS="$CFLAGS -fPIE" LDFLAGS="$LDFLAGS -pie" AC_TRY_RUN([static int foo[30000]; int main () { return 0; }], [ap_cv_cc_pie=yes], [ap_cv_cc_pie=no], [ap_cv_cc_pie=yes]) CFLAGS=$save_CFLAGS LDFLAGS=$save_LDFLAGS ]) if test "$ap_cv_cc_pie" = "yes"; then SEC_FLAGS="$SEC_FLAGS -fPIE" SEC_LDFLAGS="$SEC_LDFLAGS -pie" PACKAGE_FEATURES="$PACKAGE_FEATURES pie" fi # similar to above AC_CACHE_CHECK([whether $CC accepts RELRO flags], [ap_cv_cc_relro], [ save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -Wl,-z,relro" AC_TRY_RUN([static int foo[30000]; int main () { return 0; }], [ap_cv_cc_relro=yes], [ap_cv_cc_relro=no], [ap_cv_cc_relro=yes]) LDFLAGS=$save_LDFLAGS ]) if test "$ap_cv_cc_relro" = "yes"; then SEC_LDFLAGS="$SEC_LDFLAGS -Wl,-z,relro" PACKAGE_FEATURES="$PACKAGE_FEATURES relro" fi AC_CACHE_CHECK([whether $CC accepts BINDNOW flags], [ap_cv_cc_bindnow], [ save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -Wl,-z,now" AC_TRY_RUN([static int foo[30000]; int main () { return 0; }], [ap_cv_cc_bindnow=yes], [ap_cv_cc_bindnow=no], [ap_cv_cc_bindnow=yes]) LDFLAGS=$save_LDFLAGS ]) if test "$ap_cv_cc_bindnow" = "yes"; then SEC_LDFLAGS="$SEC_LDFLAGS -Wl,-z,now" PACKAGE_FEATURES="$PACKAGE_FEATURES bindnow" fi fi AC_CACHE_CHECK([whether $CC accepts "--as-needed"], [ap_cv_cc_as_needed], [ save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -Wl,--as-needed" AC_TRY_RUN([static int foo[30000]; int main () { return 0; }], [ap_cv_cc_as_needed=yes], [ap_cv_cc_as_needed=no], [ap_cv_cc_as_needed=yes]) LDFLAGS=$save_LDFLAGS ]) AC_CACHE_CHECK([whether $CC accepts "--version-script"], [ap_cv_cc_version_script], [ save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -Wl,--version-script=conftest.versions" echo "CONFTEST { };" >conftest.versions AC_TRY_RUN([static int foo[30000]; int main () { return 0; }], [ap_cv_cc_version_script=yes], [ap_cv_cc_version_script=no], [ap_cv_cc_version_script=yes]) rm -f conftest.versions LDFLAGS=$save_LDFLAGS ]) if test "$ap_cv_cc_version_script" = "yes"; then AC_SUBST(VERSCRIPT_LDFLAGS, ["-Wl,--version-script=\$(srcdir)/lib\$(call get_libname,\$<).versions"]) else AC_SUBST(VERSCRIPT_LDFLAGS, [""]) fi # define global include dirs INCLUDE_DIRS="$INCLUDE_DIRS -I\$(top_builddir)/include -I\$(top_srcdir)/include" INCLUDE_DIRS="$INCLUDE_DIRS -I\$(top_builddir)/include/corosync -I\$(top_srcdir)/include/corosync" # final build of *FLAGS CFLAGS="$ENV_CFLAGS $lt_prog_compiler_pic $SEC_FLAGS $OPT_CFLAGS $GDB_FLAGS \ $COVERAGE_CFLAGS $EXTRA_WARNINGS \ $WERROR_CFLAGS $NSS_CFLAGS $LIBQB_CFLAGS \ $SNMP_INCLUDES" CPPFLAGS="$ENV_CPPFLAGS $ANSI_CPPFLAGS $INCLUDE_DIRS" LDFLAGS="$ENV_LDFLAGS $lt_prog_compiler_pic $SEC_LDFLAGS $COVERAGE_LDFLAGS" if test "$ap_cv_cc_as_needed" = "yes"; then LDFLAGS="$LDFLAGS -Wl,--as-needed" fi # substitute what we need: AC_SUBST([BASHPATH]) AC_SUBST([INITDDIR]) AC_SUBST([SYSTEMDDIR]) AC_SUBST([UPSTARTDIR]) INITWRAPPERSDIR=$(eval echo ${INITWRAPPERSDIR}) AC_SUBST([INITWRAPPERSDIR]) AC_SUBST([LOGDIR]) AC_SUBST([LOGROTATEDIR]) +AC_SUBST([TMPFILESDIR]) AC_SUBST([SOMAJOR]) AC_SUBST([SOMINOR]) AC_SUBST([SOMICRO]) AC_SUBST([SONAME]) AM_CONDITIONAL(INSTALL_TESTAGENTS, test "${enable_testagents}" = "yes") AM_CONDITIONAL(INSTALL_MIB, test "${do_snmp}" = "1") AM_CONDITIONAL(INSTALL_DBUSCONF, test "${enable_dbus}" = "yes") AM_CONDITIONAL(AUGTOOL, test -n "${AUGTOOL}") AC_SUBST([NSS_LDFLAGS]) AM_CONDITIONAL(BUILD_HTML_DOCS, test -n "${GROFF}") AC_SUBST([LINT_FLAGS]) AC_DEFINE_UNQUOTED([LOCALSTATEDIR], "$(eval echo ${localstatedir})", [localstate directory]) COROSYSCONFDIR=${sysconfdir}/corosync AC_SUBST([COROSYSCONFDIR]) AC_DEFINE_UNQUOTED([COROSYSCONFDIR], "$(eval echo ${COROSYSCONFDIR})", [corosync config directory]) AC_DEFINE_UNQUOTED([PACKAGE_FEATURES], "${PACKAGE_FEATURES}", [corosync built-in features]) AC_OUTPUT AC_MSG_RESULT([]) AC_MSG_RESULT([$PACKAGE configuration:]) AC_MSG_RESULT([ Version = ${VERSION}]) AC_MSG_RESULT([ Prefix = ${prefix}]) AC_MSG_RESULT([ Executables = ${sbindir}]) AC_MSG_RESULT([ Man pages = ${mandir}]) AC_MSG_RESULT([ Doc dir = ${docdir}]) AC_MSG_RESULT([ Libraries = ${libdir}]) AC_MSG_RESULT([ Header files = ${includedir}]) AC_MSG_RESULT([ Arch-independent files = ${datadir}]) AC_MSG_RESULT([ State information = ${localstatedir}]) AC_MSG_RESULT([ System configuration = ${sysconfdir}]) AC_MSG_RESULT([ System init.d directory = ${INITDDIR}]) AC_MSG_RESULT([ System systemd directory = ${SYSTEMDDIR}]) AC_MSG_RESULT([ System upstart directory = ${UPSTARTDIR}]) AC_MSG_RESULT([ System init wraps dir = ${INITWRAPPERSDIR}]) +AC_MSG_RESULT([ System tmpfiles.d = ${TMPFILESDIR}]) AC_MSG_RESULT([ Log directory = ${LOGDIR}]) AC_MSG_RESULT([ Log rotate directory = ${LOGROTATEDIR}]) AC_MSG_RESULT([ corosync config dir = ${COROSYSCONFDIR}]) AC_MSG_RESULT([ Features =${PACKAGE_FEATURES}]) AC_MSG_RESULT([]) AC_MSG_RESULT([$PACKAGE build info:]) AC_MSG_RESULT([ Library SONAME = ${SONAME}]) LIB_MSG_RESULT(m4_shift(local_soname_list))dnl AC_MSG_RESULT([ Default optimization = ${OPT_CFLAGS}]) AC_MSG_RESULT([ Default debug options = ${GDB_CFLAGS}]) AC_MSG_RESULT([ Extra compiler warnings = ${EXTRA_WARNING}]) AC_MSG_RESULT([ Env. defined CFLAG = ${ENV_CFLAGS}]) AC_MSG_RESULT([ Env. defined CPPFLAGS = ${ENV_CPPFLAGS}]) AC_MSG_RESULT([ Env. defined LDFLAGS = ${ENV_LDFLAGS}]) AC_MSG_RESULT([ ANSI defined CPPFLAGS = ${ANSI_CPPFLAGS}]) AC_MSG_RESULT([ Coverage CFLAGS = ${COVERAGE_CFLAGS}]) AC_MSG_RESULT([ Coverage LDFLAGS = ${COVERAGE_LDFLAGS}]) AC_MSG_RESULT([ Fatal War. CFLAGS = ${WERROR_CFLAGS}]) AC_MSG_RESULT([ Final CFLAGS = ${CFLAGS}]) AC_MSG_RESULT([ Final CPPFLAGS = ${CPPFLAGS}]) AC_MSG_RESULT([ Final LDFLAGS = ${LDFLAGS}]) diff --git a/corosync.spec.in b/corosync.spec.in index 1b3246f5..3ef0025f 100644 --- a/corosync.spec.in +++ b/corosync.spec.in @@ -1,500 +1,505 @@ @ALPHATAG@ @NUMCOMM@ @DIRTY@ # Conditionals # Invoke "rpmbuild --without " or "rpmbuild --with " # to disable or enable specific features %bcond_with testagents %bcond_with watchdog %bcond_with monitoring %bcond_with snmp %bcond_with dbus %bcond_with rdma %bcond_with systemd %bcond_with upstart %bcond_with xmlconf %bcond_with runautogen %bcond_with qdevices %bcond_with qnetd %global gitver %{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}} %global gittarver %{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}} Name: corosync Summary: The Corosync Cluster Engine and Application Programming Interfaces Version: @version@ Release: 1%{?gitver}%{?dist} License: BSD Group: System Environment/Base URL: http://corosync.github.io/corosync/ Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz # Runtime bits Requires: corosynclib = %{version}-%{release} Requires(pre): /usr/sbin/useradd Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig Conflicts: openais <= 0.89, openais-devel <= 0.89 # Build bits BuildRequires: groff BuildRequires: libqb-devel BuildRequires: nss-devel BuildRequires: zlib-devel %if %{with runautogen} BuildRequires: autoconf automake libtool %endif %if %{with monitoring} BuildRequires: libstatgrab-devel %endif %if %{with rdma} BuildRequires: libibverbs-devel librdmacm-devel %endif %if %{with snmp} BuildRequires: net-snmp-devel %endif %if %{with dbus} BuildRequires: dbus-devel %endif %if %{with systemd} BuildRequires: systemd-units Requires(post): systemd Requires(preun): systemd Requires(postun): systemd %endif %if %{with xmlconf} Requires: libxslt %endif %if %{with qdevices} || %{with qnetd} Requires: nss-tools %endif %if %{with qnetd} BuildRequires: sed %endif BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) %prep %setup -q -n %{name}-%{version}%{?gittarver} %build %if %{with runautogen} ./autogen.sh %endif %if %{with rdma} export ibverbs_CFLAGS=-I/usr/include/infiniband \ export ibverbs_LIBS=-libverbs \ export rdmacm_CFLAGS=-I/usr/include/rdma \ export rdmacm_LIBS=-lrdmacm \ %endif %{configure} \ %if %{with testagents} --enable-testagents \ %endif %if %{with watchdog} --enable-watchdog \ %endif %if %{with monitoring} --enable-monitoring \ %endif %if %{with snmp} --enable-snmp \ %endif %if %{with dbus} --enable-dbus \ %endif %if %{with rdma} --enable-rdma \ %endif %if %{with systemd} --enable-systemd \ %endif %if %{with upstart} --enable-upstart \ %endif %if %{with xmlconf} --enable-xmlconf \ %endif %if %{with qdevices} --enable-qdevices \ %endif %if %{with qnetd} --enable-qnetd \ %endif --with-initddir=%{_initrddir} \ --with-systemddir=%{_unitdir} \ - --with-upstartdir=%{_sysconfdir}/init + --with-upstartdir=%{_sysconfdir}/init \ + --with-tmpfilesdir=%{_tmpfilesdir} make %{_smp_mflags} %install rm -rf %{buildroot} make install DESTDIR=%{buildroot} %if %{with dbus} mkdir -p -m 0700 %{buildroot}/%{_sysconfdir}/dbus-1/system.d install -m 644 %{_builddir}/%{name}-%{version}%{?gittarver}/conf/corosync-signals.conf %{buildroot}/%{_sysconfdir}/dbus-1/system.d/corosync-signals.conf %endif ## tree fixup # drop static libs rm -f %{buildroot}%{_libdir}/*.a rm -f %{buildroot}%{_libdir}/*.la # drop docs and html docs for now rm -rf %{buildroot}%{_docdir}/* # /etc/sysconfig/corosync-notifyd mkdir -p %{buildroot}%{_sysconfdir}/sysconfig install -m 644 tools/corosync-notifyd.sysconfig.example \ %{buildroot}%{_sysconfdir}/sysconfig/corosync-notifyd # /etc/sysconfig/corosync install -m 644 init/corosync.sysconfig.example \ %{buildroot}%{_sysconfdir}/sysconfig/corosync %if %{with qdevices} # /etc/sysconfig/corosync-qdevice install -m 644 init/corosync-qdevice.sysconfig.example \ %{buildroot}%{_sysconfdir}/sysconfig/corosync-qdevice %endif %if %{with qnetd} # /etc/sysconfig/corosync-qnetd install -m 644 init/corosync-qnetd.sysconfig.example \ %{buildroot}%{_sysconfdir}/sysconfig/corosync-qnetd %if %{with systemd} sed -i -e 's/^#User=/User=/' \ %{buildroot}%{_unitdir}/corosync-qnetd.service +sed -i -e 's/root/coroqnetd/g' \ + %{buildroot}%{_tmpfilesdir}/corosync-qnetd.conf %else sed -i -e 's/^COROSYNC_QNETD_RUNAS=""$/COROSYNC_QNETD_RUNAS="coroqnetd"/' \ %{buildroot}%{_sysconfdir}/sysconfig/corosync-qnetd %endif %endif %clean rm -rf %{buildroot} %description This package contains the Corosync Cluster Engine Executive, several default APIs and libraries, default configuration files, and an init script. %post %if %{with systemd} && 0%{?systemd_post:1} %systemd_post corosync.service %else if [ $1 -eq 1 ]; then /sbin/chkconfig --add corosync || : fi %endif %preun %if %{with systemd} && 0%{?systemd_preun:1} %systemd_preun corosync.service %else if [ $1 -eq 0 ]; then /sbin/service corosync stop &>/dev/null || : /sbin/chkconfig --del corosync || : fi %endif %postun %if %{with systemd} && 0%{?systemd_postun:1} %systemd_postun %endif %files %defattr(-,root,root,-) %doc LICENSE SECURITY %{_sbindir}/corosync %{_sbindir}/corosync-keygen %{_sbindir}/corosync-cmapctl %{_sbindir}/corosync-cfgtool %{_sbindir}/corosync-cpgtool %{_sbindir}/corosync-quorumtool %{_sbindir}/corosync-notifyd %{_bindir}/corosync-blackbox %if %{with xmlconf} %{_bindir}/corosync-xmlproc %config(noreplace) %{_sysconfdir}/corosync/corosync.xml.example %dir %{_datadir}/corosync %{_datadir}/corosync/xml2conf.xsl %{_mandir}/man8/corosync-xmlproc.8* %{_mandir}/man5/corosync.xml.5* %endif %dir %{_sysconfdir}/corosync %dir %{_sysconfdir}/corosync/uidgid.d %config(noreplace) %{_sysconfdir}/corosync/corosync.conf.example %config(noreplace) %{_sysconfdir}/corosync/corosync.conf.example.udpu %config(noreplace) %{_sysconfdir}/sysconfig/corosync-notifyd %config(noreplace) %{_sysconfdir}/sysconfig/corosync %config(noreplace) %{_sysconfdir}/logrotate.d/corosync %if %{with dbus} %{_sysconfdir}/dbus-1/system.d/corosync-signals.conf %endif %if %{with snmp} %{_datadir}/snmp/mibs/COROSYNC-MIB.txt %endif %if %{with systemd} %{_unitdir}/corosync.service %{_unitdir}/corosync-notifyd.service %dir %{_datadir}/corosync %{_datadir}/corosync/corosync %{_datadir}/corosync/corosync-notifyd %else %{_initrddir}/corosync %{_initrddir}/corosync-notifyd %endif %if %{with upstart} %{_sysconfdir}/init/corosync.conf %{_sysconfdir}/init/corosync-notifyd.conf %endif %dir %{_localstatedir}/lib/corosync %dir %{_localstatedir}/log/cluster %{_mandir}/man8/corosync_overview.8* %{_mandir}/man8/corosync.8* %{_mandir}/man8/corosync-blackbox.8* %{_mandir}/man8/corosync-cmapctl.8* %{_mandir}/man8/corosync-keygen.8* %{_mandir}/man8/corosync-cfgtool.8* %{_mandir}/man8/corosync-cpgtool.8* %{_mandir}/man8/corosync-notifyd.8* %{_mandir}/man8/corosync-quorumtool.8* %{_mandir}/man5/corosync.conf.5* %{_mandir}/man5/votequorum.5* %{_mandir}/man8/cmap_keys.8* # optional testagent rpm # %if %{with testagents} %package -n corosync-testagents Summary: The Corosync Cluster Engine Test Agents Group: Development/Libraries Requires: %{name} = %{version}-%{release} %description -n corosync-testagents This package contains corosync test agents. %files -n corosync-testagents %defattr(755,root,root,-) %{_datadir}/corosync/tests/mem_leak_test.sh %{_datadir}/corosync/tests/net_breaker.sh %{_datadir}/corosync/tests/cmap-dispatch-deadlock.sh %{_datadir}/corosync/tests/shm_leak_audit.sh %{_bindir}/cpg_test_agent %{_bindir}/sam_test_agent %{_bindir}/votequorum_test_agent %endif # library # %package -n corosynclib Summary: The Corosync Cluster Engine Libraries Group: System Environment/Libraries Requires: %{name} = %{version}-%{release} %description -n corosynclib This package contains corosync libraries. %files -n corosynclib %defattr(-,root,root,-) %doc LICENSE %{_libdir}/libcfg.so.* %{_libdir}/libcpg.so.* %{_libdir}/libcmap.so.* %{_libdir}/libtotem_pg.so.* %{_libdir}/libquorum.so.* %{_libdir}/libvotequorum.so.* %{_libdir}/libsam.so.* %{_libdir}/libcorosync_common.so.* %post -n corosynclib -p /sbin/ldconfig %postun -n corosynclib -p /sbin/ldconfig %package -n corosynclib-devel Summary: The Corosync Cluster Engine Development Kit Group: Development/Libraries Requires: corosynclib = %{version}-%{release} Requires: pkgconfig Provides: corosync-devel = %{version} Obsoletes: corosync-devel < 0.92-7 %description -n corosynclib-devel This package contains include files and man pages used to develop using The Corosync Cluster Engine APIs. %files -n corosynclib-devel %defattr(-,root,root,-) %doc LICENSE %dir %{_includedir}/corosync/ %{_includedir}/corosync/corodefs.h %{_includedir}/corosync/cfg.h %{_includedir}/corosync/cmap.h %{_includedir}/corosync/corotypes.h %{_includedir}/corosync/cpg.h %{_includedir}/corosync/hdb.h %{_includedir}/corosync/sam.h %{_includedir}/corosync/quorum.h %{_includedir}/corosync/votequorum.h %dir %{_includedir}/corosync/totem/ %{_includedir}/corosync/totem/totem.h %{_includedir}/corosync/totem/totemip.h %{_includedir}/corosync/totem/totempg.h %{_libdir}/libcfg.so %{_libdir}/libcpg.so %{_libdir}/libcmap.so %{_libdir}/libtotem_pg.so %{_libdir}/libquorum.so %{_libdir}/libvotequorum.so %{_libdir}/libsam.so %{_libdir}/libcorosync_common.so %{_libdir}/pkgconfig/*.pc %{_mandir}/man3/cpg_*3* %{_mandir}/man3/quorum_*3* %{_mandir}/man3/votequorum_*3* %{_mandir}/man3/sam_*3* %{_mandir}/man8/cpg_overview.8* %{_mandir}/man8/votequorum_overview.8* %{_mandir}/man8/sam_overview.8* %{_mandir}/man3/cmap_*3* %{_mandir}/man8/cmap_overview.8* %{_mandir}/man8/quorum_overview.8* # optional qdevices # %if %{with qdevices} %package -n corosync-qdevice Summary: The Corosync Cluster Engine Qdevice Group: System Environment/Base Requires: corosync Requires: nss-tools %if %{with systemd} Requires(post): systemd Requires(preun): systemd Requires(postun): systemd %endif %description -n corosync-qdevice This package contains the Corosync Cluster Engine Qdevice, script for creating NSS certificates and an init script. %post -n corosync-qdevice %if %{with systemd} && 0%{?systemd_post:1} %systemd_post corosync-qdevice.service %else if [ $1 -eq 1 ]; then /sbin/chkconfig --add corosync-qdevice || : fi %endif %preun -n corosync-qdevice %if %{with systemd} && 0%{?systemd_preun:1} %systemd_preun corosync-qdevice.service %else if [ $1 -eq 0 ]; then /sbin/service corosync-qdevice stop &>/dev/null || : /sbin/chkconfig --del corosync-qdevice || : fi %endif %postun -n corosync-qdevice %if %{with systemd} && 0%{?systemd_postun:1} %systemd_postun %endif %files -n corosync-qdevice %defattr(-,root,root,-) %dir %{_sysconfdir}/corosync/qdevice %dir %config(noreplace) %{_sysconfdir}/corosync/qdevice/net %dir %{_localstatedir}/run/corosync-qdevice %{_sbindir}/corosync-qdevice %{_sbindir}/corosync-qdevice-net-certutil %{_sbindir}/corosync-qdevice-tool %config(noreplace) %{_sysconfdir}/sysconfig/corosync-qdevice %if %{with systemd} %{_unitdir}/corosync-qdevice.service %dir %{_datadir}/corosync %{_datadir}/corosync/corosync-qdevice %else %{_initrddir}/corosync-qdevice %endif - +%{_mandir}/man8/corosync-qdevice-tool.8* %endif # optional qnetd # %if %{with qnetd} %package -n corosync-qnetd Summary: The Corosync Cluster Engine Qdevice Network Daemon Group: System Environment/Base Requires: nss-tools Requires(pre): shadow-utils %if %{with systemd} Requires(post): systemd Requires(preun): systemd Requires(postun): systemd %endif %description -n corosync-qnetd This package contains the Corosync Cluster Engine Qdevice Network Daemon, script for creating NSS certificates and an init script. %pre -n corosync-qnetd getent group coroqnetd >/dev/null || groupadd -r coroqnetd getent passwd coroqnetd >/dev/null || \ useradd -r -g coroqnetd -d / -s /sbin/nologin -c "User for corosync-qnetd" coroqnetd exit 0 %post -n corosync-qnetd %if %{with systemd} && 0%{?systemd_post:1} %systemd_post corosync-qnetd.service %else if [ $1 -eq 1 ]; then /sbin/chkconfig --add corosync-qnetd || : fi %endif %preun -n corosync-qnetd %if %{with systemd} && 0%{?systemd_preun:1} %systemd_preun corosync-qnetd.service %else if [ $1 -eq 0 ]; then /sbin/service corosync-qnetd stop &>/dev/null || : /sbin/chkconfig --del corosync-qnetd || : fi %endif %postun -n corosync-qnetd %if %{with systemd} && 0%{?systemd_postun:1} %systemd_postun %endif %files -n corosync-qnetd %defattr(-,root,root,-) %dir %config(noreplace) %attr(770, coroqnetd, coroqnetd) %{_sysconfdir}/corosync/qnetd %dir %attr(770, coroqnetd, coroqnetd) %{_localstatedir}/run/corosync-qnetd %{_bindir}/corosync-qnetd %{_bindir}/corosync-qnetd-certutil %{_bindir}/corosync-qnetd-tool %config(noreplace) %{_sysconfdir}/sysconfig/corosync-qnetd %if %{with systemd} %{_unitdir}/corosync-qnetd.service %dir %{_datadir}/corosync %{_datadir}/corosync/corosync-qnetd +%{_tmpfilesdir}/corosync-qnetd.conf %else %{_initrddir}/corosync-qnetd %endif - +%{_mandir}/man8/corosync-qnetd-tool.8* +%{_mandir}/man8/corosync-qnetd-certutil.8* %endif %changelog * @date@ Autotools generated version - @version@-1-@numcomm@.@alphatag@.@dirty@ - Autotools generated version diff --git a/init/corosync-qdevice.in b/init/corosync-qdevice.in index 9aa42ef8..913e0333 100755 --- a/init/corosync-qdevice.in +++ b/init/corosync-qdevice.in @@ -1,164 +1,167 @@ #!@BASHPATH@ # Authors: # Jan Friesse # # License: Revised BSD # chkconfig: - 20 80 # description: Corosync Qdevice daemon # processname: corosync-qdevice # ### BEGIN INIT INFO # Provides: corosync-qdevice # Required-Start: $corosync # Required-Stop: $corosync # Default-Start: # Default-Stop: # Short-Description: Starts and stops Corosync Qdevice daemon. # Description: Starts and stops Corosync Qdevice daemon. ### END INIT INFO desc="Corosync Qdevice daemon" prog="corosync-qdevice" # set secure PATH PATH="/sbin:/bin:/usr/sbin:/usr/bin:@SBINDIR@" success() { echo -ne "[ OK ]\r" } failure() { echo -ne "[FAILED]\r" } status() { pid=$(pidof $1 2>/dev/null) res=$? if [ $res -ne 0 ]; then echo "$1 is stopped" else echo "$1 (pid $pid) is running..." fi return $res } # rpm based distros if [ -d @SYSCONFDIR@/sysconfig ]; then [ -f @INITDDIR@/functions ] && . @INITDDIR@/functions [ -f @SYSCONFDIR@/sysconfig/$prog ] && . @SYSCONFDIR@/sysconfig/$prog [ -z "$LOCK_FILE" ] && LOCK_FILE="@LOCALSTATEDIR@/lock/subsys/$prog" fi # deb based distros if [ -d @SYSCONFDIR@/default ]; then [ -f @SYSCONFDIR@/default/$prog ] && . @SYSCONFDIR@/default/$prog [ -z "$LOCK_FILE" ] && LOCK_FILE="@LOCALSTATEDIR@/lock/$prog" fi # The version of __pids_pidof in /etc/init.d/functions calls pidof with -x # This means it matches scripts, including this one. # Redefine it here so that status (from the same file) works. # Otherwise simultaneous calls to stop() will loop forever __pids_pidof() { pidof -c -o $$ -o $PPID -o %PPID "$1" || \ pidof -c -o $$ -o $PPID -o %PPID "${1##*/}" } cluster_disabled_at_boot() { if grep -q nocluster /proc/cmdline && \ [ "$(tty)" = "/dev/console" ]; then echo -e "not configured to run at boot" failure return 1 fi return 0 } start() { echo -n "Starting $desc ($prog): " ! cluster_disabled_at_boot && return # most recent distributions use tmpfs for @LOCALSTATEDIR@/run # to avoid to clean it up on every boot. # they also assume that init scripts will create # required subdirectories for proper operations - mkdir -p @LOCALSTATEDIR@/run + if [ ! -d "@LOCALSTATEDIR@/run/corosync-qdevice" ];then + mkdir -p "@LOCALSTATEDIR@/run/corosync-qdevice" + chmod 0770 "@LOCALSTATEDIR@/run/corosync-qdevice" + fi if status $prog > /dev/null 2>&1; then success else $prog $COROSYNC_QDEVICE_OPTIONS > /dev/null 2>&1 if [ "$?" != 0 ]; then failure rtrn=1 else touch $LOCK_FILE success fi fi echo } stop() { ! status $prog > /dev/null 2>&1 && return echo -n "Signaling $desc ($prog) to terminate: " kill -TERM $(pidof $prog) > /dev/null 2>&1 success echo echo -n "Waiting for $prog services to unload:" while status $prog > /dev/null 2>&1; do sleep 1 echo -n "." done rm -f $LOCK_FILE success echo } restart() { stop start } rtrn=0 case "$1" in start) start ;; restart|reload|force-reload) restart ;; condrestart|try-restart) if status $prog > /dev/null 2>&1; then restart fi ;; status) status $prog rtrn=$? ;; stop) stop ;; *) echo "usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status}" rtrn=2 ;; esac exit $rtrn diff --git a/init/corosync-qnetd.in b/init/corosync-qnetd.in index ac97d1f4..15d30eab 100755 --- a/init/corosync-qnetd.in +++ b/init/corosync-qnetd.in @@ -1,168 +1,174 @@ #!@BASHPATH@ # Authors: # Jan Friesse # # License: Revised BSD # chkconfig: - 20 80 # description: Corosync Qdevice Network daemon # processname: corosync-qnetd # ### BEGIN INIT INFO # Provides: corosync-qnetd # Required-Start: $network $syslog # Required-Stop: $network $syslog # Default-Start: # Default-Stop: # Short-Description: Starts and stops Corosync Qdevice Network daemon. # Description: Starts and stops Corosync Qdevice Network daemon. ### END INIT INFO desc="Corosync Qdevice Network daemon" prog="corosync-qnetd" # set secure PATH PATH="/sbin:/bin:/usr/sbin:/usr/bin:@SBINDIR@" success() { echo -ne "[ OK ]\r" } failure() { echo -ne "[FAILED]\r" } status() { pid=$(pidof $1 2>/dev/null) res=$? if [ $res -ne 0 ]; then echo "$1 is stopped" else echo "$1 (pid $pid) is running..." fi return $res } # rpm based distros if [ -d @SYSCONFDIR@/sysconfig ]; then [ -f @INITDDIR@/functions ] && . @INITDDIR@/functions [ -f @SYSCONFDIR@/sysconfig/$prog ] && . @SYSCONFDIR@/sysconfig/$prog [ -z "$LOCK_FILE" ] && LOCK_FILE="@LOCALSTATEDIR@/lock/subsys/$prog" fi # deb based distros if [ -d @SYSCONFDIR@/default ]; then [ -f @SYSCONFDIR@/default/$prog ] && . @SYSCONFDIR@/default/$prog [ -z "$LOCK_FILE" ] && LOCK_FILE="@LOCALSTATEDIR@/lock/$prog" fi # The version of __pids_pidof in /etc/init.d/functions calls pidof with -x # This means it matches scripts, including this one. # Redefine it here so that status (from the same file) works. # Otherwise simultaneous calls to stop() will loop forever __pids_pidof() { pidof -c -o $$ -o $PPID -o %PPID "$1" || \ pidof -c -o $$ -o $PPID -o %PPID "${1##*/}" } cluster_disabled_at_boot() { if grep -q nocluster /proc/cmdline && \ [ "$(tty)" = "/dev/console" ]; then echo -e "not configured to run at boot" failure return 1 fi return 0 } start() { echo -n "Starting $desc ($prog): " ! cluster_disabled_at_boot && return # most recent distributions use tmpfs for @LOCALSTATEDIR@/run # to avoid to clean it up on every boot. # they also assume that init scripts will create # required subdirectories for proper operations - mkdir -p @LOCALSTATEDIR@/run + if [ ! -d "@LOCALSTATEDIR@/run/corosync-qnetd" ];then + mkdir -p "@LOCALSTATEDIR@/run/corosync-qnetd" + chmod 0770 "@LOCALSTATEDIR@/run/corosync-qnetd" + if [ ! -z "$COROSYNC_QNETD_RUNAS" ];then + chown "$COROSYNC_QNETD_RUNAS:$COROSYNC_QNETD_RUNAS" "@LOCALSTATEDIR@/run/corosync-qnetd" + fi + fi if status $prog > /dev/null 2>&1; then success else if [ -z "$COROSYNC_QNETD_RUNAS" ];then $prog $COROSYNC_QNETD_OPTIONS > /dev/null 2>&1 else runuser -s @BASHPATH@ $COROSYNC_QNETD_RUNAS -c "$prog $COROSYNC_QNETD_OPTIONS > /dev/null 2>&1" fi if [ "$?" != 0 ]; then failure rtrn=1 else touch $LOCK_FILE success fi fi echo } stop() { ! status $prog > /dev/null 2>&1 && return echo -n "Signaling $desc ($prog) to terminate: " kill -TERM $(pidof $prog) > /dev/null 2>&1 success echo echo -n "Waiting for $prog services to unload:" while status $prog > /dev/null 2>&1; do sleep 1 echo -n "." done rm -f $LOCK_FILE success echo } restart() { stop start } rtrn=0 case "$1" in start) start ;; restart|reload|force-reload) restart ;; condrestart|try-restart) if status $prog > /dev/null 2>&1; then restart fi ;; status) status $prog rtrn=$? ;; stop) stop ;; *) echo "usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status}" rtrn=2 ;; esac exit $rtrn diff --git a/man/Makefile.am b/man/Makefile.am index 314ba053..c4824693 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -1,183 +1,187 @@ # Copyright (c) 2004 MontaVista Software, Inc. # Copyright (c) 2009, 2012, 2014 Red Hat, Inc. # # Authors: Steven Dake (sdake@redhat.com) # Fabio M. Di Nitto (fdinitto@redhat.com) # # All rights reserved. # # This software licensed under BSD license, the text of which follows: # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # - Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # - Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # - Neither the name of the MontaVista Software, Inc. nor the names of its # contributors may be used to endorse or promote products derived from this # software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. MAINTAINERCLEANFILES = Makefile.in xml_man = corosync-xmlproc.8 \ corosync.xml.5 INDEX_HTML = index.html autogen_man = cpg_context_get.3 \ cpg_context_set.3 \ cpg_dispatch.3 \ cpg_fd_get.3 \ cpg_finalize.3 \ cpg_initialize.3 \ cpg_join.3 \ cpg_leave.3 \ cpg_local_get.3 \ cpg_mcast_joined.3 \ cpg_model_initialize.3 \ cpg_zcb_mcast_joined.3 \ cpg_zcb_alloc.3 \ cpg_zcb_free.3 \ cpg_membership_get.3 \ cpg_iteration_finalize.3 \ cpg_iteration_initialize.3 \ cpg_iteration_next.3 \ quorum_initialize.3 \ quorum_finalize.3 \ quorum_fd_get.3 \ quorum_dispatch.3 \ quorum_context_get.3 \ quorum_context_set.3 \ quorum_getquorate.3 \ quorum_trackstart.3 \ quorum_trackstop.3 \ votequorum_dispatch.3 \ votequorum_fd_get.3 \ votequorum_context_get.3 \ votequorum_context_set.3 \ votequorum_finalize.3 \ votequorum_getinfo.3 \ votequorum_initialize.3 \ votequorum_setexpected.3 \ votequorum_setvotes.3 \ votequorum_trackstart.3 \ votequorum_trackstop.3 \ votequorum_qdevice_register.3 \ votequorum_qdevice_unregister.3 \ votequorum_qdevice_update.3 \ votequorum_qdevice_master_wins.3 \ votequorum_qdevice_poll.3 \ sam_data_getsize.3 \ sam_data_restore.3 \ sam_data_store.3 \ sam_finalize.3 \ sam_hc_callback_register.3 \ sam_hc_send.3 \ sam_initialize.3 \ sam_mark_failed.3 \ sam_register.3 \ sam_start.3 \ sam_stop.3 \ sam_warn_signal_set.3 \ cmap_context_get.3 \ cmap_dec.3 \ cmap_iter_init.3 \ cmap_get.3 \ cmap_inc.3 \ cmap_set.3 \ cmap_iter_next.3 \ cmap_delete.3 \ cmap_iter_finalize.3 \ cmap_finalize.3 \ cmap_dispatch.3 \ cmap_initialize.3 \ cmap_track_add.3 \ cmap_context_set.3 \ cmap_fd_get.3 \ cmap_track_delete.3 autogen_common = ipc_common.sh.errors EXTRA_DIST = $(INDEX_HTML) \ $(xml_man) \ $(autogen_man:%=%.in) \ $(autogen_common) man_MANS = $(autogen_man) dist_man_MANS = corosync.conf.5 \ votequorum.5 \ corosync.8 \ corosync-cmapctl.8 \ corosync-blackbox.8 \ corosync-keygen.8 \ corosync-cfgtool.8 \ corosync-cpgtool.8 \ corosync-notifyd.8 \ corosync-quorumtool.8 \ corosync_overview.8 \ cpg_overview.8 \ quorum_overview.8 \ votequorum_overview.8 \ sam_overview.8 \ cmap_overview.8 \ cmap_keys.8 if INSTALL_XMLCONF dist_man_MANS += $(xml_man) endif if BUILD_QNETD dist_man_MANS += corosync-qnetd-tool.8 \ corosync-qnetd-certutil.8 endif +if BUILD_QDEVICES +dist_man_MANS += corosync-qdevice-tool.8 +endif + HTML_DOCS = $(dist_man_MANS:%=%.html) $(man_MANS:%=%.html) # developer man page generation %.3: %.3.in $(autogen_common) @echo Generating $@ man page && \ rm -f $@-t-t $@-t $@ && \ date="$$(LC_ALL=C date "+%F")" && \ awk "{print}(\$$1 ~ /@COMMONIPCERRORS@/){exit 0}" ${top_srcdir}/man/$@.in > $@-t-t && \ cat ${top_srcdir}/man/$(autogen_common) >> $@-t-t && \ awk -v p=0 "(\$$1 ~ /@COMMONIPCERRORS@/){p = 1} {if(p==1)print}" ${top_srcdir}/man/$@.in >> $@-t-t && \ cat $@-t-t | \ sed -e 's#@BUILDDATE@#'$$date'#g' \ -e 's#@COMMONIPCERRORS@##g' \ > $@-t && \ rm -f $@-t-t && \ mv $@-t $@ clean-local: rm -rf $(HTML_DOCS) $(autogen_man) if BUILD_HTML_DOCS %.html: % $(GROFF) -mandoc -Thtml $^ > $@ install-data-local: $(INSTALL) -d $(DESTDIR)/${docdir}/html $(INSTALL) -m 644 ${srcdir}/$(INDEX_HTML) $(HTML_DOCS) $(DESTDIR)/${docdir}/html/ uninstall-local: cd $(DESTDIR)/${docdir}/html && rm -f $(INDEX_HTML) $(HTML_DOCS) rmdir $(DESTDIR)/${docdir}/html 2> /dev/null || : all-local: $(HTML_DOCS) endif diff --git a/qdevices/corosync-qdevice-net-certutil.sh b/qdevices/corosync-qdevice-net-certutil.sh index ba0d5a69..10b47c8a 100644 --- a/qdevices/corosync-qdevice-net-certutil.sh +++ b/qdevices/corosync-qdevice-net-certutil.sh @@ -1,404 +1,404 @@ #!@BASHPATH@ # # Copyright (c) 2015-2016 Red Hat, Inc. # # All rights reserved. # # Author: Jan Friesse (jfriesse@redhat.com) # # This software licensed under BSD license, the text of which follows: # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # - Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # - Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # - Neither the name of the Red Hat, Inc. nor the names of its # contributors may be used to endorse or promote products derived from this # software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. # BASE_DIR="@COROSYSCONFDIR@/qdevice/net" DB_DIR_QNETD="@COROSYSCONFDIR@/qnetd/nssdb" DB_DIR_NODE="$BASE_DIR/nssdb" # Validity of certificate (months) CRT_VALIDITY=1200 CA_NICKNAME="QNet CA" SERVER_NICKNAME="QNetd Cert" CLUSTER_NICKNAME="Cluster Cert" CA_SUBJECT="CN=QNet CA" SERVER_SUBJECT="CN=Qnetd Server" PWD_FILE_BASE="pwdfile.txt" NOISE_FILE_BASE="noise.txt" SERIAL_NO_FILE_BASE="serial.txt" CA_EXPORT_FILE="$DB_DIR_QNETD/qnetd-cacert.crt" CRQ_FILE_BASE="qdevice-net-node.crq" CRT_FILE_BASE="" # Generated from cluster name P12_FILE_BASE="qdevice-net-node.p12" QNETD_CERTUTIL_CMD="corosync-qnetd-certutil" usage() { echo "$0: [-i|-m|-M|-r|-s|-Q] [-c certificate] [-n cluster_name]" echo echo " -i Initialize node CA. Needs CA certificate from server" echo " -m Import cluster certificate on node (needs pk12 certificate)" echo " -r Generate cluster certificate request" echo " -M Import signed cluster certificate and export certificate with key to pk12 file" echo " -Q Quick start. Uses ssh/scp to initialze both qnetd and nodes." echo "" echo " -c certificate Ether CA, CRQ, CRT or pk12 certificate (operation dependant)" echo " -n cluster_name Name of cluster (for -r and -s operations)" echo "" echo "Typical usage:" echo "- Initialize database on QNetd server by running $QNETD_CERTUTIL_CMD -i" echo "- Copy exported QNetd CA certificate ($CA_EXPORT_FILE) to every node" echo "- On one of cluster node initialize database by running $0 -i -c `basename $CA_EXPORT_FILE`" echo "- Generate certificate request: $0 -r -n Cluster (Cluster name must match cluster_name key in the corosync.conf)" echo "- Copy exported CRQ to QNetd server" echo "- On QNetd server sign and export cluster certificate by running $QNETD_CERTUTIL_CMD -s -c `basename $CRQ_FILE_BASE` -n Cluster" echo "- Copy exported CRT to node where certificate request was created" echo "- Import certificate on node where certificate request was created by running $0 -M -c cluster-Cluster.crt" echo "- Copy output $P12_FILE_BASE to all other cluster nodes" echo "- On all other nodes in cluster:" echo " - Init database by running $0 -i -c `basename $CA_EXPORT_FILE`" echo " - Import cluster certificate and key: $0 -m -c `basename $P12_FILE_BASE`" echo "" echo "It is also possible to use Quick start (-Q). This needs properly configured ssh." echo " $0 -Q -n Cluster qnetd_server node1 node2 ... nodeN" exit 0 } create_new_noise_file() { local noise_file="$1" if [ ! -e "$noise_file" ];then echo "Creating new noise file $noise_file" (ps -elf; date; w) | sha1sum | (read sha_sum rest; echo $sha_sum) > "$noise_file" chown root:root "$noise_file" - chmod 660 "$noise_file" + chmod 0660 "$noise_file" else echo "Using existing noise file $noise_file" fi } get_serial_no() { local serial_no if ! [ -f "$SERIAL_NO_FILE" ];then echo "100" > $SERIAL_NO_FILE chown root:root "$DB_DIR" - chmod 660 "$SERIAL_NO_FILE" + chmod 0660 "$SERIAL_NO_FILE" fi serial_no=`cat $SERIAL_NO_FILE` serial_no=$((serial_no+1)) echo "$serial_no" > $SERIAL_NO_FILE echo "$serial_no" } init_node_ca() { if [ -f "$DB_DIR/cert8.db" ];then echo "Certificate database already exists. Delete it to continue" >&2 exit 1 fi if ! [ -d "$DB_DIR" ];then echo "Creating $DB_DIR" mkdir -p "$DB_DIR" chown root:root "$DB_DIR" - chmod 770 "$DB_DIR" + chmod 0770 "$DB_DIR" fi echo "Creating new key and cert db" echo -n "" > "$PWD_FILE" chown root:root "$PWD_FILE" - chmod 660 "$PWD_FILE" + chmod 0660 "$PWD_FILE" certutil -N -d "$DB_DIR" -f "$PWD_FILE" chown root:root "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db" - chmod 660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db" + chmod 0660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db" create_new_noise_file "$NOISE_FILE" echo "Importing CA" certutil -d "$DB_DIR" -A -t "CT,c,c" -n "$CA_NICKNAME" -f "$PWD_FILE" \ -i "$CERTIFICATE_FILE" } gen_cluster_cert_req() { if ! [ -f "$DB_DIR/cert8.db" ];then echo "Certificate database doesn't exists. Use $0 -i to create it" >&2 exit 1 fi echo "Creating new certificate request" certutil -R -s "CN=$CLUSTER_NAME" -o "$CRQ_FILE" -d "$DB_DIR" -f "$PWD_FILE" -z "$NOISE_FILE" echo "Certificate request stored in $CRQ_FILE" } import_signed_cert() { if ! [ -f "$DB_DIR/cert8.db" ];then echo "Certificate database doesn't exists. Use $0 -i to create it" >&2 exit 1 fi echo "Importing signed cluster certificate" certutil -d "$DB_DIR" -A -t "u,u,u" -n "$CLUSTER_NICKNAME" -i "$CERTIFICATE_FILE" pk12util -d "$DB_DIR" -o "$P12_FILE" -W "" -n "$CLUSTER_NICKNAME" echo "Certificate stored in $P12_FILE" } import_pk12() { if ! [ -f "$DB_DIR/cert8.db" ];then echo "Certificate database doesn't exists. Use $0 -i to create it" >&2 exit 1 fi echo "Importing cluster certificate and key" pk12util -i "$CERTIFICATE_FILE" -d "$DB_DIR" -W "" } quick_start() { qnetd_addr="$1" master_node="$2" other_nodes="$3" # Sanity check for i in "$master_node" $other_nodes;do if ssh root@$i "[ -d \"$DB_DIR_NODE\" ]";then echo "Node $i seems to be already initialized. Please delete $DB_DIR_NODE" >&2 exit 1 fi if ! ssh "root@$i" "$0" > /dev/null;then echo "Node $i doesn't have $0 installed" >&2 exit 1 fi done # Initialize qnetd server (it's no problem if server is already initialized) ssh "root@$qnetd_addr" "$QNETD_CERTUTIL_CMD -i" # Copy CA cert to all nodes and initialize them for node in "$master_node" $other_nodes;do scp "root@$qnetd_addr:$CA_EXPORT_FILE" "$node:/tmp" ssh "root@$node" "$0 -i -c \"/tmp/`basename $CA_EXPORT_FILE`\" && rm /tmp/`basename $CA_EXPORT_FILE`" done # Generate cert request ssh "root@$master_node" "$0 -r -n \"$CLUSTER_NAME\"" # Copy exported cert request to qnetd server scp "root@$master_node:$DB_DIR_NODE/$CRQ_FILE_BASE" "root@$qnetd_addr:/tmp" # Sign and export cluster certificate ssh "root@$qnetd_addr" "$QNETD_CERTUTIL_CMD -s -c \"/tmp/$CRQ_FILE_BASE\" -n \"$CLUSTER_NAME\"" # Copy exported CRT to master node scp "root@$qnetd_addr:$DB_DIR_QNETD/cluster-$CLUSTER_NAME.crt" "root@$master_node:$DB_DIR_NODE" # Import certificate ssh "root@$master_node" "$0 -M -c \"$DB_DIR_NODE/cluster-$CLUSTER_NAME.crt\"" # Copy pk12 cert to all nodes and import it for node in $other_nodes;do scp "root@$master_node:$DB_DIR_NODE/$P12_FILE" "$node:$DB_DIR_NODE/$P12_FILE" ssh "root@$node" "$0 -m -c \"$DB_DIR_NODE/$P12_FILE\"" done } OPERATION="" CERTIFICATE_FILE="" CLUSTER_NAME="" while getopts ":hiMmQrc:n:" opt; do case $opt in r) OPERATION=gen_cluster_cert_req ;; i) OPERATION=init_node_ca ;; m) OPERATION=import_pk12 ;; M) OPERATION=import_signed_cert ;; Q) OPERATION=quick_start ;; n) CLUSTER_NAME="$OPTARG" ;; h) usage ;; c) CERTIFICATE_FILE="$OPTARG" ;; \?) echo "Invalid option: -$OPTARG" >&2 exit 1 ;; :) echo "Option -$OPTARG requires an argument." >&2 exit 1 ;; esac done case "$OPERATION" in "init_qnetd_ca") DB_DIR="$DB_DIR_QNETD" ;; "init_node_ca") DB_DIR="$DB_DIR_NODE" ;; "gen_cluster_cert_req") DB_DIR="$DB_DIR_NODE" ;; "sign_cluster_cert") DB_DIR="$DB_DIR_QNETD" ;; "import_signed_cert") DB_DIR="$DB_DIR_NODE" ;; "import_pk12") DB_DIR="$DB_DIR_NODE" ;; "quick_start") DB_DIR="" ;; *) usage ;; esac PWD_FILE="$DB_DIR/$PWD_FILE_BASE" NOISE_FILE="$DB_DIR/$NOISE_FILE_BASE" SERIAL_NO_FILE="$DB_DIR/$SERIAL_NO_FILE_BASE" CRQ_FILE="$DB_DIR/$CRQ_FILE_BASE" CRT_FILE="$DB_DIR/cluster-$CLUSTER_NAME.crt" P12_FILE="$DB_DIR/$P12_FILE_BASE" case "$OPERATION" in "init_qnetd_ca") init_qnetd_ca ;; "init_node_ca") if ! [ -e "$CERTIFICATE_FILE" ];then echo "Can't open certificate file $CERTIFICATE_FILE" >&2 exit 2 fi init_node_ca ;; "gen_cluster_cert_req") if [ "$CLUSTER_NAME" == "" ];then echo "You have to specify cluster name" >&2 exit 2 fi gen_cluster_cert_req ;; "sign_cluster_cert") if ! [ -e "$CERTIFICATE_FILE" ];then echo "Can't open certificate file $CERTIFICATE_FILE" >&2 exit 2 fi if [ "$CLUSTER_NAME" == "" ];then echo "You have to specify cluster name" >&2 exit 2 fi sign_cluster_cert ;; "import_signed_cert") if ! [ -e "$CERTIFICATE_FILE" ];then echo "Can't open certificate file $CERTIFICATE_FILE" >&2 exit 2 fi import_signed_cert ;; "import_pk12") if ! [ -e "$CERTIFICATE_FILE" ];then echo "Can't open certificate file $CERTIFICATE_FILE" >&2 exit 2 fi import_pk12 ;; "quick_start") shift $((OPTIND-1)) qnetd_addr="$1" shift 1 master_node="$1" shift 1 other_nodes="$@" if [ "$CLUSTER_NAME" == "" ];then echo "You have to specify cluster name" >&2 exit 2 fi if [ "$qnetd_addr" == "" ];then echo "No QNetd server address provided." >&2 exit 2 fi if [ "$master_node" == "" ];then echo "No nodes provided." >&2 exit 2 fi quick_start "$qnetd_addr" "$master_node" "$other_nodes" ;; *) usage ;; esac diff --git a/qdevices/corosync-qnetd-certutil.sh b/qdevices/corosync-qnetd-certutil.sh index 7b2ed2da..726f482f 100644 --- a/qdevices/corosync-qnetd-certutil.sh +++ b/qdevices/corosync-qnetd-certutil.sh @@ -1,215 +1,215 @@ #!@BASHPATH@ # # Copyright (c) 2015-2016 Red Hat, Inc. # # All rights reserved. # # Author: Jan Friesse (jfriesse@redhat.com) # # This software licensed under BSD license, the text of which follows: # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # - Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # - Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # - Neither the name of the Red Hat, Inc. nor the names of its # contributors may be used to endorse or promote products derived from this # software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. # CONFIG_DIR="@COROSYSCONFDIR@/qnetd" DB_DIR="$CONFIG_DIR/nssdb" # Validity of certificate (months) CRT_VALIDITY=1200 CA_NICKNAME="QNet CA" SERVER_NICKNAME="QNetd Cert" CLUSTER_NICKNAME="Cluster Cert" CA_SUBJECT="CN=QNet CA" SERVER_SUBJECT="CN=Qnetd Server" PWD_FILE="$DB_DIR/pwdfile.txt" NOISE_FILE="$DB_DIR/noise.txt" SERIAL_NO_FILE="$DB_DIR/serial.txt" CA_EXPORT_FILE="$DB_DIR/qnetd-cacert.crt" CRT_FILE_BASE="" # Generated from cluster name usage() { - echo "$0: [-i|-s] [-c certificate]" + echo "$0: [-i|-s] [-c certificate] [-n cluster_name]" echo echo " -i Initialize QNetd CA and generate server certificate" echo " -s Sign cluster certificate (needs cluster certificate)" echo " -c certificate CRQ certificate file name" echo " -n cluster_name Name of cluster (for -s operation)" exit 0 } chown_ref_cfgdir() { if [ "$UID" == "0" ];then chown --reference="$CONFIG_DIR" "$@" 2>/dev/null || chown `stat -f "%u:%g" "$CONFIG_DIR"` "$@" 2>/dev/null || return $? fi } create_new_noise_file() { local noise_file="$1" if [ ! -e "$noise_file" ];then echo "Creating new noise file $noise_file" (ps -elf; date; w) | sha1sum | (read sha_sum rest; echo $sha_sum) > "$noise_file" chown_ref_cfgdir "$noise_file" - chmod 660 "$noise_file" + chmod 0660 "$noise_file" else echo "Using existing noise file $noise_file" fi } get_serial_no() { local serial_no if ! [ -f "$SERIAL_NO_FILE" ];then echo "100" > $SERIAL_NO_FILE chown_ref_cfgdir "$SERIAL_NO_FILE" - chmod 660 "$SERIAL_NO_FILE" + chmod 0660 "$SERIAL_NO_FILE" fi serial_no=`cat $SERIAL_NO_FILE` serial_no=$((serial_no+1)) echo "$serial_no" > $SERIAL_NO_FILE echo "$serial_no" } init_qnetd_ca() { if [ -f "$DB_DIR/cert8.db" ];then echo "Certificate database ($DB_DIR) already exists. Delete it to initialize new db" >&2 exit 1 fi if ! [ -d "$DB_DIR" ];then echo "Creating $DB_DIR" mkdir -p "$DB_DIR" chown_ref_cfgdir "$DB_DIR" - chmod 770 "$DB_DIR" + chmod 0770 "$DB_DIR" fi echo "Creating new key and cert db" echo -n "" > "$PWD_FILE" chown_ref_cfgdir "$PWD_FILE" - chmod 660 "$PWD_FILE" + chmod 0660 "$PWD_FILE" certutil -N -d "$DB_DIR" -f "$PWD_FILE" chown_ref_cfgdir "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db" - chmod 660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db" + chmod 0660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db" create_new_noise_file "$NOISE_FILE" echo "Creating new CA" # Create self-signed certificate (CA). Asks 3 questions (is this CA, lifetime and critical extension echo -e "y\n0\ny\n" | certutil -S -n "$CA_NICKNAME" -s "$CA_SUBJECT" -x \ -t "CT,," -m `get_serial_no` -v $CRT_VALIDITY -d "$DB_DIR" \ -z "$NOISE_FILE" -f "$PWD_FILE" -2 # Export CA certificate in ascii certutil -L -d "$DB_DIR" -n "$CA_NICKNAME" > "$CA_EXPORT_FILE" certutil -L -d "$DB_DIR" -n "$CA_NICKNAME" -a >> "$CA_EXPORT_FILE" chown_ref_cfgdir "$CA_EXPORT_FILE" certutil -S -n "$SERVER_NICKNAME" -s "$SERVER_SUBJECT" -c "$CA_NICKNAME" -t "u,u,u" -m `get_serial_no` \ -v $CRT_VALIDITY -d "$DB_DIR" -z "$NOISE_FILE" -f "$PWD_FILE" echo "QNetd CA certificate is exported as $CA_EXPORT_FILE" } sign_cluster_cert() { if ! [ -f "$DB_DIR/cert8.db" ];then echo "Certificate database doesn't exists. Use $0 -I to create it" >&2 exit 1 fi echo "Signing cluster certificate" certutil -C -v "$CRT_VALIDITY" -m `get_serial_no` -i "$CERTIFICATE_FILE" -o "$CRT_FILE" -c "$CA_NICKNAME" -d "$DB_DIR" chown_ref_cfgdir "$CRT_FILE" echo "Certificate stored in $CRT_FILE" } OPERATION="" CERTIFICATE_FILE="" CLUSTER_NAME="" while getopts ":hisc:n:" opt; do case $opt in i) OPERATION=init_qnetd_ca ;; s) OPERATION=sign_cluster_cert ;; h) usage ;; c) CERTIFICATE_FILE="$OPTARG" ;; n) CLUSTER_NAME="$OPTARG" ;; \?) echo "Invalid option: -$OPTARG" >&2 exit 1 ;; :) echo "Option -$OPTARG requires an argument." >&2 exit 1 ;; esac done [ "$OPERATION" == "" ] && usage CRT_FILE="$DB_DIR/cluster-$CLUSTER_NAME.crt" case "$OPERATION" in "init_qnetd_ca") init_qnetd_ca ;; "sign_cluster_cert") if ! [ -e "$CERTIFICATE_FILE" ];then echo "Can't open certificate file $CERTIFICATE_FILE" >&2 exit 2 fi if [ "$CLUSTER_NAME" == "" ];then echo "You have to specify cluster name" >&2 exit 2 fi sign_cluster_cert ;; *) usage ;; esac