diff --git a/doc/Makefile.am b/doc/Makefile.am index ee3b3f9fc..3659544a6 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,159 +1,160 @@ # # doc: Linux-HA resource agents # # Copyright (C) 2009 Florian Haas # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # MAINTAINERCLEANFILES = Makefile.in EXTRA_DIST = $(doc_DATA) $(REFENTRY_STYLESHEET) \ mkappendix.sh ralist.sh CLEANFILES = $(man_MANS) $(xmlfiles) metadata-*.xml doc_DATA = README.webapps STYLESHEET_PREFIX ?= http://docbook.sourceforge.net/release/xsl/current MANPAGES_STYLESHEET ?= $(STYLESHEET_PREFIX)/manpages/docbook.xsl HTML_STYLESHEET ?= $(STYLESHEET_PREFIX)/xhtml/docbook.xsl FO_STYLESHEET ?= $(STYLESHEET_PREFIX)/fo/docbook.xsl REFENTRY_STYLESHEET ?= ra2refentry.xsl XSLTPROC_OPTIONS ?= --xinclude XSLTPROC_MANPAGES_OPTIONS ?= $(XSLTPROC_OPTIONS) XSLTPROC_HTML_OPTIONS ?= $(XSLTPROC_OPTIONS) XSLTPROC_FO_OPTIONS ?= $(XSLTPROC_OPTIONS) radir = $(top_srcdir)/heartbeat # OCF_ROOT=. is necessary due to a sanity check in ocf-shellfuncs # (which tests whether $OCF_ROOT points to a directory metadata-%.xml: $(radir)/% OCF_ROOT=. OCF_FUNCTIONS_DIR=$(radir) $< meta-data > $@ metadata-IPv6addr.xml: ../heartbeat/IPv6addr OCF_ROOT=. OCF_FUNCTIONS_DIR=$(radir) $< meta-data > $@ # Please note: we can't name the man pages # ocf:heartbeat:. Believe me, I've tried. It looks like it # works, but then it doesn't. While make can deal correctly with # colons in target names (when properly escaped), it royally messes up # when it is deals with _dependencies_ that contain colons. See Bug # 12126 on savannah.gnu.org. But, maybe it gets fixed soon, it was # first reported in 1995 and added to Savannah in in 2005... if BUILD_DOC man_MANS = ocf_heartbeat_AoEtarget.7 \ ocf_heartbeat_AudibleAlarm.7 \ ocf_heartbeat_ClusterMon.7 \ ocf_heartbeat_CTDB.7 \ ocf_heartbeat_Delay.7 \ ocf_heartbeat_Dummy.7 \ ocf_heartbeat_EvmsSCC.7 \ ocf_heartbeat_Evmsd.7 \ ocf_heartbeat_Filesystem.7 \ ocf_heartbeat_ICP.7 \ ocf_heartbeat_IPaddr.7 \ ocf_heartbeat_IPaddr2.7 \ ocf_heartbeat_IPsrcaddr.7 \ ocf_heartbeat_LVM.7 \ ocf_heartbeat_LinuxSCSI.7 \ ocf_heartbeat_MailTo.7 \ ocf_heartbeat_ManageRAID.7 \ ocf_heartbeat_ManageVE.7 \ ocf_heartbeat_Pure-FTPd.7 \ ocf_heartbeat_Raid1.7 \ ocf_heartbeat_Route.7 \ ocf_heartbeat_SAPDatabase.7 \ ocf_heartbeat_SAPInstance.7 \ ocf_heartbeat_SendArp.7 \ ocf_heartbeat_ServeRAID.7 \ ocf_heartbeat_SphinxSearchDaemon.7 \ ocf_heartbeat_Squid.7 \ ocf_heartbeat_Stateful.7 \ ocf_heartbeat_SysInfo.7 \ ocf_heartbeat_VIPArip.7 \ ocf_heartbeat_VirtualDomain.7 \ ocf_heartbeat_WAS.7 \ ocf_heartbeat_WAS6.7 \ ocf_heartbeat_WinPopup.7 \ ocf_heartbeat_Xen.7 \ ocf_heartbeat_Xinetd.7 \ ocf_heartbeat_anything.7 \ ocf_heartbeat_apache.7 \ ocf_heartbeat_conntrackd.7 \ ocf_heartbeat_db2.7 \ ocf_heartbeat_drbd.7 \ ocf_heartbeat_eDir88.7 \ ocf_heartbeat_ethmonitor.7 \ ocf_heartbeat_exportfs.7 \ ocf_heartbeat_fio.7 \ ocf_heartbeat_iSCSILogicalUnit.7 \ ocf_heartbeat_iSCSITarget.7 \ ocf_heartbeat_ids.7 \ ocf_heartbeat_iscsi.7 \ ocf_heartbeat_jboss.7 \ ocf_heartbeat_lxc.7 \ ocf_heartbeat_mysql.7 \ ocf_heartbeat_mysql-proxy.7 \ ocf_heartbeat_named.7 \ ocf_heartbeat_nfsserver.7 \ ocf_heartbeat_nginx.7 \ ocf_heartbeat_oracle.7 \ ocf_heartbeat_oralsnr.7 \ ocf_heartbeat_pgsql.7 \ ocf_heartbeat_pingd.7 \ ocf_heartbeat_portblock.7 \ ocf_heartbeat_postfix.7 \ ocf_heartbeat_proftpd.7 \ ocf_heartbeat_rsyncd.7 \ ocf_heartbeat_scsi2reservation.7 \ ocf_heartbeat_sfex.7 \ + ocf_heartbeat_slapd.7 \ ocf_heartbeat_symlink.7 \ ocf_heartbeat_syslog-ng.7 \ ocf_heartbeat_tomcat.7 \ ocf_heartbeat_vmware.7 if USE_IPV6ADDR man_MANS += ocf_heartbeat_IPv6addr.7 endif xmlfiles = $(man_MANS:.7=.xml) %.1 %.5 %.7 %.8: %.xml $(XSLTPROC) \ $(XSLTPROC_MANPAGES_OPTIONS) \ $(MANPAGES_STYLESHEET) $< ocf_heartbeat_%.xml: metadata-%.xml $(srcdir)/$(REFENTRY_STYLESHEET) $(XSLTPROC) --novalid \ --stringparam package $(PACKAGE_NAME) \ --stringparam version $(VERSION) \ --output $@ \ $(srcdir)/$(REFENTRY_STYLESHEET) $< ocf_resource_agents.xml: $(xmlfiles) mkappendix.sh ./mkappendix.sh $(xmlfiles) > $@ %.html: %.xml $(XSLTPROC) \ $(XSLTPROC_HTML_OPTIONS) \ --output $@ \ $(HTML_STYLESHEET) $< xml: ocf_resource_agents.xml endif diff --git a/heartbeat/Makefile.am b/heartbeat/Makefile.am index cc7baac9f..f2ecf6fed 100644 --- a/heartbeat/Makefile.am +++ b/heartbeat/Makefile.am @@ -1,124 +1,125 @@ # Makefile.am for OCF RAs # # Author: Sun Jing Dong # Copyright (C) 2004 IBM # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # MAINTAINERCLEANFILES = Makefile.in EXTRA_DIST = $(ocf_SCRIPTS) $(ocfcommon_DATA) \ $(common_DATA) $(hb_DATA) $(dtd_DATA) \ README INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/linux-ha ocfdir = $(OCF_RA_DIR_PREFIX)/heartbeat dtddir = $(datadir)/$(PACKAGE_NAME) dtd_DATA = ra-api-1.dtd if USE_IPV6ADDR ocf_PROGRAMS = IPv6addr else ocf_PROGRAMS = endif IPv6addr_SOURCES = IPv6addr.c IPv6addr_LDADD = -lplumb $(LIBNETLIBS) ocf_SCRIPTS = ClusterMon \ CTDB \ Dummy \ IPaddr \ IPaddr2 \ drbd \ anything \ AoEtarget \ apache \ nginx \ AudibleAlarm \ conntrackd \ db2 \ Delay \ eDir88 \ EvmsSCC \ Evmsd \ ethmonitor \ exportfs \ Filesystem \ fio \ ids \ iscsi \ ICP \ IPsrcaddr \ iSCSITarget \ iSCSILogicalUnit \ jboss \ LinuxSCSI \ LVM \ lxc \ MailTo \ ManageRAID \ ManageVE \ mysql \ mysql-proxy \ named \ nfsserver \ oracle \ oralsnr \ pingd \ portblock \ postfix \ pgsql \ proftpd \ Pure-FTPd \ Raid1 \ Route \ rsyncd \ SAPDatabase \ SAPInstance \ SendArp \ ServeRAID \ + slapd \ SphinxSearchDaemon \ Squid \ Stateful \ SysInfo \ scsi2reservation \ sfex \ symlink \ syslog-ng \ tomcat \ VIPArip \ VirtualDomain \ vmware \ WAS \ WAS6 \ WinPopup \ Xen \ Xinetd ocfcommondir = $(OCF_LIB_DIR_PREFIX)/heartbeat ocfcommon_DATA = ocf-shellfuncs \ ocf-binaries \ ocf-directories \ ocf-returncodes \ apache-conf.sh \ http-mon.sh # Legacy locations hbdir = $(sysconfdir)/ha.d hb_DATA = shellfuncs diff --git a/heartbeat/slapd b/heartbeat/slapd new file mode 100755 index 000000000..06a118190 --- /dev/null +++ b/heartbeat/slapd @@ -0,0 +1,556 @@ +#!/bin/bash +# +# Stand-alone LDAP Daemon (slapd) +# +# Description: Manages Stand-alone LDAP Daemon (slapd) as an OCF resource in +# an high-availability setup. +# +# Authors: Jeroen Koekkoek +# nozawat@gmail.com +# John Keith Hohm +# +# License: GNU General Public License (GPL) +# Copyright: (C) 2011 Pagelink B.V. +# +# The OCF code was inspired by the Postfix resource script written by +# Raoul Bhatia . +# +# The code for managing the slapd instance is based on the the slapd init +# script found in Debian GNU/Linux 6.0. +# +# OCF parameters: +# OCF_RESKEY_slapd +# OCF_RESKEY_ldapsearch +# OCF_RESKEY_config +# OCF_RESKEY_pidfile +# OCF_RESKEY_user +# OCF_RESKEY_group +# OCF_RESKEY_services +# OCF_RESKEY_watch_suffix +# OCF_RESKEY_ignore_suffix +# OCF_RESKEY_bind_dn +# OCF_RESKEY_password +# OCF_RESKEY_parameters +# OCF_RESKEY_stop_escalate +# +################################################################################ + +# Initialization: + +: ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/resource.d/heartbeat} +. ${OCF_FUNCTIONS_DIR}/.ocf-shellfuncs + +: ${OCF_RESKEY_slapd="/usr/sbin/slapd"} +: ${OCF_RESKEY_ldapsearch="ldapsearch"} +: ${OCF_RESKEY_config=""} +: ${OCF_RESKEY_pidfile=""} +: ${OCF_RESKEY_user=""} +: ${OCF_RESKEY_group=""} +: ${OCF_RESKEY_services="ldap:///"} +: ${OCF_RESKEY_watch_suffix=""} +: ${OCF_RESKEY_ignore_suffix=""} +: ${OCF_RESKEY_bind_dn=""} +: ${OCF_RESKEY_password=""} +: ${OCF_RESKEY_parameters=""} +: ${OCF_RESKEY_stop_escalate=15} + +USAGE="Usage: $0 {start|stop|status|monitor|validate-all|meta-data}" +ORIG_IFS=$IFS +NEWLINE=' +' + +################################################################################ + +usage() { + echo $USAGE >&2 +} + +meta_data() +{ + cat < + + +0.1 + + +Resource script for Stand-alone LDAP Daemon (slapd). It manages a slapd instance as an OCF resource. + +Manages a Stand-alone LDAP Daemon (slapd) instance + + + + + +Full path to the slapd binary. +For example, "/usr/sbin/slapd". + +Full path to slapd binary + + + + + +Full path to the ldapsearch binary. +For example, "/usr/bin/ldapsearch". + +Full path to ldapsearch binary + + + + + +Full path to a slapd configuration directory or a slapd configuration file. +For example, "/etc/ldap/slapd.d" or "/etc/ldap/slapd.conf". + +Full path to configuration directory or file + + + + + +File to read the PID from; read from olcPidFile/pidfile in config if not set. + +File to read PID from + + + + + +User name or id slapd will run with. The group id is also changed to this +user's gid, unless the group parameter is used to override. + +User name or id slapd will run with + + + + + +Group name or id slapd will run with. + +Group name or id slapd will run with + + + + + +LDAP (and other scheme) URLs slapd will serve. +For example, "ldap://127.0.0.1:389 ldaps:/// ldapi:///" + +LDAP (and other scheme) URLs to serve + + + + + +Suffix (database backend) that will be monitored for availability. Multiple +suffixes can be specified by providing a space seperated list. By providing one +or more suffixes here, the ignore_suffix parameter is discarded. All suffixes +will be monitored if left blank. + +Suffix that will be monitored for availability. + + + + + +Suffix (database backend) that will not be monitored for availability. Multiple +suffixes can be specified by providing a space seperated list. No suffix will +be excluded if left blank. + +Suffix that will not be monitored for availability. + + + + + +Distinguished Name used to bind to the LDAP directory for testing. Leave blank +to bind to the LDAP directory anonymously. + +Distinguished Name used to bind to the LDAP directory for testing. + + + + + +Password used to bind to the LDAP directory for testing. + +Password used to bind to the LDAP directory for testing. + + + + + +slapd may be called with additional parameters. +Specify any of them here. + +Any additional parameters to slapd. + + + + + +Number of seconds to wait for shutdown (using SIGTERM) before resorting to +SIGKILL + +Seconds before stop escalation to KILL + + + + + + + + + + + + +END +} + +terminate() +{ + local pid=$1 + local signal=$2 + local recheck=${3-0} + local result + local waited=0 + + kill -$signal $pid >/dev/null 2>&1; result=$? + + while [ $result -eq 0 ] && [ $recheck -eq 0 ] || [ $waited -lt $recheck ]; do + kill -0 $pid >/dev/null 2>&1; result=$? + let "waited += 1" + + if [ $result -eq 0 ]; then + sleep 1 + fi + done + + if [ $result -ne 0 ]; then + return 0 + fi + + return 1 +} + +watch_suffix() +{ + local result + + if [ -n "$OCF_RESKEY_watch_suffix" ]; then + if echo "'$OCF_RESKEY_watch_suffix'" | grep "'$1'" >/dev/null 2>&1; then + result=0 + else + result=1 + fi + else + if echo "'$OCF_RESKEY_ignore_suffix'" | grep "'$1'" >/dev/null 2>&1; then + result=1 + else + result=0 + fi + fi + + return $result +} + +slapd_pid() +{ + local pid + + if [ -f "$pid_file" ]; then + pid=`head -n 1 "$pid_file" 2>/dev/null` + + if [ "X$pid" != "X" ]; then + echo "$pid" + return $OCF_SUCCESS + fi + + ocf_log err "slapd pid file '$pid_file' empty." + return $OCF_ERR_GENERIC + fi + + ocf_log info "slapd pid file '$pid_file' does not exist." + return $OCF_NOT_RUNNING +} + +slapd_status() +{ + local pid=$1 + local state=$? + + if [ $state -eq $OCF_SUCCESS ]; then + + if ! kill -0 $pid >/dev/null 2>&1; then + return $OCF_NOT_RUNNING + else + return $OCF_SUCCESS + fi + fi + + return $state +} + +slapd_start() +{ + local options + local reason + local result + local state + + slapd_status `slapd_pid`; state=$? + + if [ $state -eq $OCF_SUCCESS ]; then + ocf_log info "slapd already running." + return $state + elif [ $state -eq $OCF_ERR_GENERIC ]; then + return $state + fi + + options="-u $user -g $group" + + if [ -d "$config" ]; then + options="$options -F $config" + elif [ -f "$config" ]; then + options="$options -f $config" + else + ocf_log err "slapd configuration '$config' does not exist." + return $OCF_ERR_INSTALLED + fi + + if [ -n "$parameters" ]; then + options="$options $parameters" + fi + + if [ -n "$services" ]; then + $slapd -h "$services" $options 2>&1; result=$? + else + $slapd $options 2>&1; result=$? + fi + + if [ $result -ne 0 ]; then + ocf_log err "slapd returned error." + + return $OCF_ERR_GENERIC + fi + + ocf_log info "slapd started." + + return $OCF_SUCCESS +} + +slapd_stop() +{ + local pid + local result + local state + + pid=`slapd_pid`; slapd_status $pid; state=$? + + if [ $state -eq $OCF_NOT_RUNNING ]; then + ocf_log info "slapd already stopped." + return $OCF_SUCCESS + elif [ $state -eq $OCF_ERR_GENERIC ]; then + return $state + fi + + terminate $pid TERM $OCF_RESKEY_stop_escalate; result=$? + if [ $result -ne 0 ]; then + ocf_log err "slapd failed to stop. Escalating to KILL." + terminate $pid KILL; result=$? + fi + + if [ -f "$pid_file" ]; then + rm -f "$pid_file" >/dev/null 2>&1 + fi + + ocf_log info "slapd stopped." + return $OCF_SUCCESS +} + +slapd_monitor() +{ + local options + local result + local state + local suffix + local suffixes + + slapd_status `slapd_pid`; state=$? + if [ $state -eq $OCF_NOT_RUNNING ]; then + ocf_log debug "slapd is stopped." + return $state + elif [ $state -ne $OCF_SUCCESS ]; then + ocf_log err "slapd returned error." + return $state + fi + + if [ -d "$config" ]; then + for suffix in `find "$config"/'cn=config' -type f -name olcDatabase* -exec \ + sed -ne 's/^[[:space:]]*olcSuffix:[[:space:]]\+\(.\+\)/\1/p' {} \;` + do + suffix=${suffix#\"*} + suffix=${suffix%\"*} + + if watch_suffix $suffix; then + suffixes="$suffixes $suffix" + fi + done + + elif [ -f "$config" ]; then + for suffix in `sed -ne 's/^[[:space:]]*suffix[[:space:]]\+\(.\+\)/\1/p' "$config"` + do + suffix=${suffix#\"*} + suffix=${suffix%\"*} + + if watch_suffix $suffix; then + suffixes="$suffixes $suffix" + fi + done + + else + ocf_log err "slapd configuration '$config' does not exist." + return $OCF_ERR_INSTALLED + fi + + options="-LLL -s base -x" + + if [ -n "$bind_dn" ]; then + options="$options -D '$bind_dn' -w '$password'" + fi + + for suffix in $suffixes; do + ocf_run "$ldapsearch" -H "$services" -b "$suffix" $options >/dev/null 2>&1; result=$? + + case "$result" in + "0") + ocf_log debug "slapd database with suffix '$suffix' reachable" + ;; + "49") + ocf_log err "slapd database with suffix '$suffix' unreachable. Invalid credentials." + return $OCF_ERR_CONFIGURED + ;; + *) + ocf_log err "slapd database with suffix '$suffix' unreachable." + state=$OCF_ERR_GENERIC + ;; + esac + done + + return $state +} + +slapd_validate_all() +{ + check_binary "$slapd" + check_binary "$ldapsearch" + + if [ -z "$pid_file" ]; then + if [ -d "$config" ]; then + pid_file=`sed -ne \ + 's/^olcPidFile:[[:space:]]\+\(.\+\)[[:space:]]*/\1/p' \ + "$config"/'cn=config.ldif' 2>/dev/null` + elif [ -f "$config" ]; then + pid_file=`sed -ne \ + 's/^pidfile[[:space:]]\+\(.\+\)/\1/p' \ + "$config" 2>/dev/null` + else + ocf_log err "slapd configuration '$config' does not exist." + return $OCF_ERR_INSTALLED + fi + fi + + if [ -z "$user" ]; then + user=`id -nu 2>/dev/null` + elif ! id "$user" >/dev/null 2>&1; then + ocf_log err "slapd user '$user' does not exist" + return $OCF_ERR_INSTALLED + fi + + if [ -z "$group" ]; then + group=`id -ng 2>/dev/null` + elif ! grep "^$group:" /etc/group >/dev/null 2>&1; then + ocf_log err "slapd group '$group' does not exist" + return $OCF_ERR_INSTALED + fi + + return $OCF_SUCCESS +} + +# +# Main +# + +slapd=$OCF_RESKEY_slapd +ldapsearch=$OCF_RESKEY_ldapsearch +config=$OCF_RESKEY_config +user=$OCF_RESKEY_user +group=$OCF_RESKEY_group +services=$OCF_RESKEY_services +bind_dn=$OCF_RESKEY_bind_dn +password=$OCF_RESKEY_password +parameters=$OCF_RESKEY_parameters +pid_file=$OCF_RESKEY_pidfile + +if [ -z "$config" ]; then + if [ -e "/etc/ldap/slapd.d" ]; then + config="/etc/ldap/slapd.d" + else + config="/etc/ldap/slapd.conf" + fi +fi + +if [ $# -ne 1 ]; then + usage + exit $OCF_ERR_ARGS +fi + +case $1 in + meta-data) + meta_data + exit $OCF_SUCCESS + ;; + usage|help) + usage + exit $OCF_SUCCESS + ;; +esac + +slapd_validate_all + +[ $? -eq $OCF_SUCCESS ] || exit $? + +case $1 in + status) + slapd_status `slapd_pid`; state=$? + + if [ $state -eq $OCF_SUCCESS ]; then + ocf_log debug "slapd is running." + elif [ $state -eq $OCF_NOT_RUNNING ]; then + ocf_log debug "slapd is stopped." + fi + + exit $state + ;; + start) + slapd_start + exit $? + ;; + stop) + slapd_stop + exit $? + ;; + monitor) + slapd_monitor; state=$? + exit $state + ;; + validate-all) + exit $OCF_SUCCESS + ;; + *) + usage + exit $OCF_ERR_UNIMPLEMENTED + ;; +esac