This source file includes following definitions.
- is_action_required
- get_action_delay_max
- get_action_delay_base
- get_action_timeout
- free_async_command
- create_async_command
- get_action_limit
- get_active_cmds
- fork_cb
- get_agent_metadata_cb
- report_internal_result
- stonith_device_execute
- stonith_device_dispatch
- start_delay_helper
- schedule_stonith_command
- free_device
- free_device_list
- init_device_list
- build_port_aliases
- free_metadata_cache
- init_metadata_cache
- get_agent_metadata
- is_nodeid_required
- add_action
- read_action_metadata
- map_action
- xml2device_params
- target_list_type
- build_device_from_xml
- schedule_internal_command
- status_search_cb
- dynamic_list_search_cb
- device_params_diff
- device_has_duplicate
- stonith_device_register
- stonith_device_remove
- count_active_levels
- free_topology_entry
- free_topology_list
- init_topology_list
- stonith_level_key
- unpack_level_kind
- parse_device_list
- fenced_register_level
- fenced_unregister_level
- list_to_string
- execute_agent_action
- search_devices_record_result
- localhost_is_eligible
- can_fence_host_with_device
- search_devices
- get_capable_devices
- add_action_specific_attributes
- add_disallowed
- add_action_reply
- stonith_query_capable_device_cb
- log_async_result
- send_async_reply
- cancel_stonith_command
- st_child_done
- sort_device_priority
- stonith_fence_get_devices_cb
- fence_locally
- fenced_construct_reply
- construct_async_reply
- fencing_peer_active
- set_fencing_completed
- check_alternate_host
- stonith_send_reply
- remove_relay_op
- is_privileged
- handle_register_request
- handle_agent_request
- handle_update_timeout_request
- handle_query_request
- handle_notify_request
- handle_relay_request
- handle_fence_request
- handle_history_request
- handle_device_add_request
- handle_device_delete_request
- handle_level_add_request
- handle_level_delete_request
- handle_cache_request
- handle_unknown_request
- fenced_register_handlers
- fenced_unregister_handlers
- handle_request
- handle_reply
- stonith_command
1
2
3
4
5
6
7
8
9
10 #include <crm_internal.h>
11
12 #include <sys/param.h>
13 #include <stdio.h>
14 #include <sys/types.h>
15 #include <sys/wait.h>
16 #include <sys/stat.h>
17 #include <unistd.h>
18 #include <sys/utsname.h>
19
20 #include <stdlib.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <ctype.h>
24
25 #include <crm/crm.h>
26 #include <crm/msg_xml.h>
27 #include <crm/common/ipc.h>
28 #include <crm/common/ipc_internal.h>
29 #include <crm/cluster/internal.h>
30 #include <crm/common/mainloop.h>
31
32 #include <crm/stonith-ng.h>
33 #include <crm/fencing/internal.h>
34 #include <crm/common/xml.h>
35
36 #include <pacemaker-fenced.h>
37
38 GHashTable *device_list = NULL;
39 GHashTable *topology = NULL;
40 GList *cmd_list = NULL;
41
42 static GHashTable *fenced_handlers = NULL;
43
44 struct device_search_s {
45
46 char *host;
47
48 char *action;
49
50 int per_device_timeout;
51
52 int replies_needed;
53
54 int replies_received;
55
56 bool allow_suicide;
57
58
59 void *user_data;
60
61 void (*callback) (GList * devices, void *user_data);
62
63 GList *capable;
64 };
65
66 static gboolean stonith_device_dispatch(gpointer user_data);
67 static void st_child_done(int pid, const pcmk__action_result_t *result,
68 void *user_data);
69 static void stonith_send_reply(xmlNode * reply, int call_options, const char *remote_peer,
70 pcmk__client_t *client);
71
72 static void search_devices_record_result(struct device_search_s *search, const char *device,
73 gboolean can_fence);
74
75 static int get_agent_metadata(const char *agent, xmlNode **metadata);
76 static void read_action_metadata(stonith_device_t *device);
77 static enum fenced_target_by unpack_level_kind(xmlNode *level);
78
79 typedef struct async_command_s {
80
81 int id;
82 int pid;
83 int fd_stdout;
84 int options;
85 int default_timeout;
86 int timeout;
87
88 int start_delay;
89 int delay_id;
90
91 char *op;
92 char *origin;
93 char *client;
94 char *client_name;
95 char *remote_op_id;
96
97 char *victim;
98 uint32_t victim_nodeid;
99 char *action;
100 char *device;
101
102 GList *device_list;
103 GList *device_next;
104
105 void *internal_user_data;
106 void (*done_cb) (int pid, const pcmk__action_result_t *result,
107 void *user_data);
108 guint timer_sigterm;
109 guint timer_sigkill;
110
111
112 int last_timeout_signo;
113
114 stonith_device_t *active_on;
115 stonith_device_t *activating_on;
116 } async_command_t;
117
118 static xmlNode *construct_async_reply(async_command_t *cmd,
119 const pcmk__action_result_t *result);
120
121 static gboolean
122 is_action_required(const char *action, stonith_device_t *device)
123 {
124 return device && device->automatic_unfencing && pcmk__str_eq(action, "on",
125 pcmk__str_casei);
126 }
127
128 static int
129 get_action_delay_max(stonith_device_t * device, const char * action)
130 {
131 const char *value = NULL;
132 int delay_max = 0;
133
134 if (!pcmk__is_fencing_action(action)) {
135 return 0;
136 }
137
138 value = g_hash_table_lookup(device->params, PCMK_STONITH_DELAY_MAX);
139 if (value) {
140 delay_max = crm_parse_interval_spec(value) / 1000;
141 }
142
143 return delay_max;
144 }
145
146 static int
147 get_action_delay_base(stonith_device_t *device, const char *action, const char *victim)
148 {
149 char *hash_value = NULL;
150 int delay_base = 0;
151
152 if (!pcmk__is_fencing_action(action)) {
153 return 0;
154 }
155
156 hash_value = g_hash_table_lookup(device->params, PCMK_STONITH_DELAY_BASE);
157
158 if (hash_value) {
159 char *value = strdup(hash_value);
160 char *valptr = value;
161
162 CRM_ASSERT(value != NULL);
163
164 if (victim) {
165 for (char *val = strtok(value, "; \t"); val != NULL; val = strtok(NULL, "; \t")) {
166 char *mapval = strchr(val, ':');
167
168 if (mapval == NULL || mapval[1] == 0) {
169 crm_err("pcmk_delay_base: empty value in mapping", val);
170 continue;
171 }
172
173 if (mapval != val && strncasecmp(victim, val, (size_t)(mapval - val)) == 0) {
174 value = mapval + 1;
175 crm_debug("pcmk_delay_base mapped to %s for %s", value, victim);
176 break;
177 }
178 }
179 }
180
181 if (strchr(value, ':') == 0) {
182 delay_base = crm_parse_interval_spec(value) / 1000;
183 }
184
185 free(valptr);
186 }
187
188 return delay_base;
189 }
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211 static int
212 get_action_timeout(stonith_device_t * device, const char *action, int default_timeout)
213 {
214 if (action && device && device->params) {
215 char buffer[64] = { 0, };
216 const char *value = NULL;
217
218
219
220
221 if (pcmk__str_eq(action, "reboot", pcmk__str_casei)
222 && !pcmk_is_set(device->flags, st_device_supports_reboot)) {
223 crm_trace("%s doesn't support reboot, using timeout for off instead",
224 device->id);
225 action = "off";
226 }
227
228
229 snprintf(buffer, sizeof(buffer), "pcmk_%s_timeout", action);
230 value = g_hash_table_lookup(device->params, buffer);
231 if (value) {
232 return atoi(value);
233 }
234 }
235 return default_timeout;
236 }
237
238 static void
239 free_async_command(async_command_t * cmd)
240 {
241 if (!cmd) {
242 return;
243 }
244
245 if (cmd->delay_id) {
246 g_source_remove(cmd->delay_id);
247 }
248
249 cmd_list = g_list_remove(cmd_list, cmd);
250
251 g_list_free_full(cmd->device_list, free);
252 free(cmd->device);
253 free(cmd->action);
254 free(cmd->victim);
255 free(cmd->remote_op_id);
256 free(cmd->client);
257 free(cmd->client_name);
258 free(cmd->origin);
259 free(cmd->op);
260 free(cmd);
261 }
262
263 static async_command_t *
264 create_async_command(xmlNode * msg)
265 {
266 async_command_t *cmd = NULL;
267 xmlNode *op = get_xpath_object("//@" F_STONITH_ACTION, msg, LOG_ERR);
268 const char *action = crm_element_value(op, F_STONITH_ACTION);
269
270 CRM_CHECK(action != NULL, crm_log_xml_warn(msg, "NoAction"); return NULL);
271
272 crm_log_xml_trace(msg, "Command");
273 cmd = calloc(1, sizeof(async_command_t));
274 crm_element_value_int(msg, F_STONITH_CALLID, &(cmd->id));
275 crm_element_value_int(msg, F_STONITH_CALLOPTS, &(cmd->options));
276 crm_element_value_int(msg, F_STONITH_TIMEOUT, &(cmd->default_timeout));
277 cmd->timeout = cmd->default_timeout;
278
279 crm_element_value_int(msg, F_STONITH_DELAY, &(cmd->start_delay));
280
281 cmd->origin = crm_element_value_copy(msg, F_ORIG);
282 cmd->remote_op_id = crm_element_value_copy(msg, F_STONITH_REMOTE_OP_ID);
283 cmd->client = crm_element_value_copy(msg, F_STONITH_CLIENTID);
284 cmd->client_name = crm_element_value_copy(msg, F_STONITH_CLIENTNAME);
285 cmd->op = crm_element_value_copy(msg, F_STONITH_OPERATION);
286 cmd->action = strdup(action);
287 cmd->victim = crm_element_value_copy(op, F_STONITH_TARGET);
288 cmd->device = crm_element_value_copy(op, F_STONITH_DEVICE);
289
290 CRM_CHECK(cmd->op != NULL, crm_log_xml_warn(msg, "NoOp"); free_async_command(cmd); return NULL);
291 CRM_CHECK(cmd->client != NULL, crm_log_xml_warn(msg, "NoClient"));
292
293 cmd->done_cb = st_child_done;
294 cmd_list = g_list_append(cmd_list, cmd);
295 return cmd;
296 }
297
298 static int
299 get_action_limit(stonith_device_t * device)
300 {
301 const char *value = NULL;
302 int action_limit = 1;
303
304 value = g_hash_table_lookup(device->params, PCMK_STONITH_ACTION_LIMIT);
305 if ((value == NULL)
306 || (pcmk__scan_min_int(value, &action_limit, INT_MIN) != pcmk_rc_ok)
307 || (action_limit == 0)) {
308 action_limit = 1;
309 }
310 return action_limit;
311 }
312
313 static int
314 get_active_cmds(stonith_device_t * device)
315 {
316 int counter = 0;
317 GList *gIter = NULL;
318 GList *gIterNext = NULL;
319
320 CRM_CHECK(device != NULL, return 0);
321
322 for (gIter = cmd_list; gIter != NULL; gIter = gIterNext) {
323 async_command_t *cmd = gIter->data;
324
325 gIterNext = gIter->next;
326
327 if (cmd->active_on == device) {
328 counter++;
329 }
330 }
331
332 return counter;
333 }
334
335 static void
336 fork_cb(int pid, void *user_data)
337 {
338 async_command_t *cmd = (async_command_t *) user_data;
339 stonith_device_t * device =
340
341
342
343 cmd->activating_on?cmd->activating_on:cmd->active_on;
344
345 CRM_ASSERT(device);
346 crm_debug("Operation '%s' [%d]%s%s using %s now running with %ds timeout",
347 cmd->action, pid,
348 ((cmd->victim == NULL)? "" : " targeting "),
349 ((cmd->victim == NULL)? "" : cmd->victim),
350 device->id, cmd->timeout);
351 cmd->active_on = device;
352 cmd->activating_on = NULL;
353 }
354
355 static int
356 get_agent_metadata_cb(gpointer data) {
357 stonith_device_t *device = data;
358 guint period_ms;
359
360 switch (get_agent_metadata(device->agent, &device->agent_metadata)) {
361 case pcmk_rc_ok:
362 if (device->agent_metadata) {
363 read_action_metadata(device);
364 stonith__device_parameter_flags(&(device->flags), device->id,
365 device->agent_metadata);
366 }
367 return G_SOURCE_REMOVE;
368
369 case EAGAIN:
370 period_ms = pcmk__mainloop_timer_get_period(device->timer);
371 if (period_ms < 160 * 1000) {
372 mainloop_timer_set_period(device->timer, 2 * period_ms);
373 }
374 return G_SOURCE_CONTINUE;
375
376 default:
377 return G_SOURCE_REMOVE;
378 }
379 }
380
381
382
383
384
385
386
387
388
389
390 static void
391 report_internal_result(async_command_t *cmd, int exit_status,
392 int execution_status, const char *exit_reason)
393 {
394 pcmk__action_result_t result = PCMK__UNKNOWN_RESULT;
395
396 pcmk__set_result(&result, exit_status, execution_status, exit_reason);
397 cmd->done_cb(0, &result, cmd);
398 pcmk__reset_result(&result);
399 }
400
401 static gboolean
402 stonith_device_execute(stonith_device_t * device)
403 {
404 int exec_rc = 0;
405 const char *action_str = NULL;
406 const char *host_arg = NULL;
407 async_command_t *cmd = NULL;
408 stonith_action_t *action = NULL;
409 int active_cmds = 0;
410 int action_limit = 0;
411 GList *gIter = NULL;
412 GList *gIterNext = NULL;
413
414 CRM_CHECK(device != NULL, return FALSE);
415
416 active_cmds = get_active_cmds(device);
417 action_limit = get_action_limit(device);
418 if (action_limit > -1 && active_cmds >= action_limit) {
419 crm_trace("%s is over its action limit of %d (%u active action%s)",
420 device->id, action_limit, active_cmds,
421 pcmk__plural_s(active_cmds));
422 return TRUE;
423 }
424
425 for (gIter = device->pending_ops; gIter != NULL; gIter = gIterNext) {
426 async_command_t *pending_op = gIter->data;
427
428 gIterNext = gIter->next;
429
430 if (pending_op && pending_op->delay_id) {
431 crm_trace("Operation '%s'%s%s using %s was asked to run too early, "
432 "waiting for start delay of %ds",
433 pending_op->action,
434 ((pending_op->victim == NULL)? "" : " targeting "),
435 ((pending_op->victim == NULL)? "" : pending_op->victim),
436 device->id, pending_op->start_delay);
437 continue;
438 }
439
440 device->pending_ops = g_list_remove_link(device->pending_ops, gIter);
441 g_list_free_1(gIter);
442
443 cmd = pending_op;
444 break;
445 }
446
447 if (cmd == NULL) {
448 crm_trace("No actions using %s are needed", device->id);
449 return TRUE;
450 }
451
452 if (pcmk__str_any_of(device->agent, STONITH_WATCHDOG_AGENT,
453 STONITH_WATCHDOG_AGENT_INTERNAL, NULL)) {
454 if (pcmk__is_fencing_action(cmd->action)) {
455 if (node_does_watchdog_fencing(stonith_our_uname)) {
456 pcmk__panic(__func__);
457 goto done;
458 }
459 } else {
460 crm_info("Faking success for %s watchdog operation", cmd->action);
461 report_internal_result(cmd, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
462 goto done;
463 }
464 }
465
466 #if SUPPORT_CIBSECRETS
467 exec_rc = pcmk__substitute_secrets(device->id, device->params);
468 if (exec_rc != pcmk_rc_ok) {
469 if (pcmk__str_eq(cmd->action, "stop", pcmk__str_casei)) {
470 crm_info("Proceeding with stop operation for %s "
471 "despite being unable to load CIB secrets (%s)",
472 device->id, pcmk_rc_str(exec_rc));
473 } else {
474 crm_err("Considering %s unconfigured "
475 "because unable to load CIB secrets: %s",
476 device->id, pcmk_rc_str(exec_rc));
477 report_internal_result(cmd, CRM_EX_ERROR, PCMK_EXEC_NO_SECRETS,
478 "Failed to get CIB secrets");
479 goto done;
480 }
481 }
482 #endif
483
484 action_str = cmd->action;
485 if (pcmk__str_eq(cmd->action, "reboot", pcmk__str_casei)
486 && !pcmk_is_set(device->flags, st_device_supports_reboot)) {
487
488 crm_notice("Remapping 'reboot' action%s%s using %s to 'off' "
489 "because agent '%s' does not support reboot",
490 ((cmd->victim == NULL)? "" : " targeting "),
491 ((cmd->victim == NULL)? "" : cmd->victim),
492 device->id, device->agent);
493 action_str = "off";
494 }
495
496 if (pcmk_is_set(device->flags, st_device_supports_parameter_port)) {
497 host_arg = "port";
498
499 } else if (pcmk_is_set(device->flags, st_device_supports_parameter_plug)) {
500 host_arg = "plug";
501 }
502
503 action = stonith_action_create(device->agent,
504 action_str,
505 cmd->victim,
506 cmd->victim_nodeid,
507 cmd->timeout, device->params,
508 device->aliases, host_arg);
509
510
511
512 cmd->activating_on = device;
513 exec_rc = stonith_action_execute_async(action, (void *)cmd,
514 cmd->done_cb, fork_cb);
515 if (exec_rc < 0) {
516 cmd->activating_on = NULL;
517 cmd->done_cb(0, stonith__action_result(action), cmd);
518 stonith__destroy_action(action);
519 }
520
521 done:
522
523
524
525 if (device->pending_ops) {
526 mainloop_set_trigger(device->work);
527 }
528 return TRUE;
529 }
530
531 static gboolean
532 stonith_device_dispatch(gpointer user_data)
533 {
534 return stonith_device_execute(user_data);
535 }
536
537 static gboolean
538 start_delay_helper(gpointer data)
539 {
540 async_command_t *cmd = data;
541 stonith_device_t *device = NULL;
542
543 cmd->delay_id = 0;
544 device = cmd->device ? g_hash_table_lookup(device_list, cmd->device) : NULL;
545
546 if (device) {
547 mainloop_set_trigger(device->work);
548 }
549
550 return FALSE;
551 }
552
553 static void
554 schedule_stonith_command(async_command_t * cmd, stonith_device_t * device)
555 {
556 int delay_max = 0;
557 int delay_base = 0;
558 int requested_delay = cmd->start_delay;
559
560 CRM_CHECK(cmd != NULL, return);
561 CRM_CHECK(device != NULL, return);
562
563 if (cmd->device) {
564 free(cmd->device);
565 }
566
567 if (device->include_nodeid && cmd->victim) {
568 crm_node_t *node = crm_get_peer(0, cmd->victim);
569
570 cmd->victim_nodeid = node->id;
571 }
572
573 cmd->device = strdup(device->id);
574 cmd->timeout = get_action_timeout(device, cmd->action, cmd->default_timeout);
575
576 if (cmd->remote_op_id) {
577 crm_debug("Scheduling '%s' action%s%s using %s for remote peer %s "
578 "with op id %.8s and timeout %ds",
579 cmd->action,
580 cmd->victim ? " targeting " : "", cmd->victim ? cmd->victim : "",
581 device->id, cmd->origin, cmd->remote_op_id, cmd->timeout);
582 } else {
583 crm_debug("Scheduling '%s' action%s%s using %s for %s with timeout %ds",
584 cmd->action,
585 cmd->victim ? " targeting " : "", cmd->victim ? cmd->victim : "",
586 device->id, cmd->client, cmd->timeout);
587 }
588
589 device->pending_ops = g_list_append(device->pending_ops, cmd);
590 mainloop_set_trigger(device->work);
591
592
593 if (requested_delay < 0) {
594 return;
595 }
596
597 delay_max = get_action_delay_max(device, cmd->action);
598 delay_base = get_action_delay_base(device, cmd->action, cmd->victim);
599 if (delay_max == 0) {
600 delay_max = delay_base;
601 }
602 if (delay_max < delay_base) {
603 crm_warn(PCMK_STONITH_DELAY_BASE " (%ds) is larger than "
604 PCMK_STONITH_DELAY_MAX " (%ds) for %s using %s "
605 "(limiting to maximum delay)",
606 delay_base, delay_max, cmd->action, device->id);
607 delay_base = delay_max;
608 }
609 if (delay_max > 0) {
610
611 cmd->start_delay +=
612 ((delay_max != delay_base)?(rand() % (delay_max - delay_base)):0)
613 + delay_base;
614 }
615
616 if (cmd->start_delay > 0) {
617 crm_notice("Delaying '%s' action%s%s using %s for %ds " CRM_XS
618 " timeout=%ds requested_delay=%ds base=%ds max=%ds",
619 cmd->action,
620 cmd->victim ? " targeting " : "", cmd->victim ? cmd->victim : "",
621 device->id, cmd->start_delay, cmd->timeout,
622 requested_delay, delay_base, delay_max);
623 cmd->delay_id =
624 g_timeout_add_seconds(cmd->start_delay, start_delay_helper, cmd);
625 }
626 }
627
628 static void
629 free_device(gpointer data)
630 {
631 GList *gIter = NULL;
632 stonith_device_t *device = data;
633
634 g_hash_table_destroy(device->params);
635 g_hash_table_destroy(device->aliases);
636
637 for (gIter = device->pending_ops; gIter != NULL; gIter = gIter->next) {
638 async_command_t *cmd = gIter->data;
639
640 crm_warn("Removal of device '%s' purged operation '%s'", device->id, cmd->action);
641 report_internal_result(cmd, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
642 "Device was removed before action could be executed");
643 }
644 g_list_free(device->pending_ops);
645
646 g_list_free_full(device->targets, free);
647
648 if (device->timer) {
649 mainloop_timer_stop(device->timer);
650 mainloop_timer_del(device->timer);
651 }
652
653 mainloop_destroy_trigger(device->work);
654
655 free_xml(device->agent_metadata);
656 free(device->namespace);
657 free(device->on_target_actions);
658 free(device->agent);
659 free(device->id);
660 free(device);
661 }
662
663 void free_device_list(void)
664 {
665 if (device_list != NULL) {
666 g_hash_table_destroy(device_list);
667 device_list = NULL;
668 }
669 }
670
671 void
672 init_device_list(void)
673 {
674 if (device_list == NULL) {
675 device_list = pcmk__strkey_table(NULL, free_device);
676 }
677 }
678
679 static GHashTable *
680 build_port_aliases(const char *hostmap, GList ** targets)
681 {
682 char *name = NULL;
683 int last = 0, lpc = 0, max = 0, added = 0;
684 GHashTable *aliases = pcmk__strikey_table(free, free);
685
686 if (hostmap == NULL) {
687 return aliases;
688 }
689
690 max = strlen(hostmap);
691 for (; lpc <= max; lpc++) {
692 switch (hostmap[lpc]) {
693
694 case '\\':
695 lpc++;
696 break;
697
698
699 case '=':
700 case ':':
701 if (lpc > last) {
702 free(name);
703 name = calloc(1, 1 + lpc - last);
704 memcpy(name, hostmap + last, lpc - last);
705 }
706 last = lpc + 1;
707 break;
708
709
710
711 case 0:
712 case ';':
713 case ' ':
714 case '\t':
715 if (name) {
716 char *value = NULL;
717 int k = 0;
718
719 value = calloc(1, 1 + lpc - last);
720 memcpy(value, hostmap + last, lpc - last);
721
722 for (int i = 0; value[i] != '\0'; i++) {
723 if (value[i] != '\\') {
724 value[k++] = value[i];
725 }
726 }
727 value[k] = '\0';
728
729 crm_debug("Adding alias '%s'='%s'", name, value);
730 g_hash_table_replace(aliases, name, value);
731 if (targets) {
732 *targets = g_list_append(*targets, strdup(value));
733 }
734 value = NULL;
735 name = NULL;
736 added++;
737
738 } else if (lpc > last) {
739 crm_debug("Parse error at offset %d near '%s'", lpc - last, hostmap + last);
740 }
741
742 last = lpc + 1;
743 break;
744 }
745
746 if (hostmap[lpc] == 0) {
747 break;
748 }
749 }
750
751 if (added == 0) {
752 crm_info("No host mappings detected in '%s'", hostmap);
753 }
754
755 free(name);
756 return aliases;
757 }
758
759 GHashTable *metadata_cache = NULL;
760
761 void
762 free_metadata_cache(void) {
763 if (metadata_cache != NULL) {
764 g_hash_table_destroy(metadata_cache);
765 metadata_cache = NULL;
766 }
767 }
768
769 static void
770 init_metadata_cache(void) {
771 if (metadata_cache == NULL) {
772 metadata_cache = pcmk__strkey_table(free, free);
773 }
774 }
775
776 int
777 get_agent_metadata(const char *agent, xmlNode ** metadata)
778 {
779 char *buffer = NULL;
780
781 if (metadata == NULL) {
782 return EINVAL;
783 }
784 *metadata = NULL;
785 if (pcmk__str_eq(agent, STONITH_WATCHDOG_AGENT_INTERNAL, pcmk__str_none)) {
786 return pcmk_rc_ok;
787 }
788 init_metadata_cache();
789 buffer = g_hash_table_lookup(metadata_cache, agent);
790 if (buffer == NULL) {
791 stonith_t *st = stonith_api_new();
792 int rc;
793
794 if (st == NULL) {
795 crm_warn("Could not get agent meta-data: "
796 "API memory allocation failed");
797 return EAGAIN;
798 }
799 rc = st->cmds->metadata(st, st_opt_sync_call, agent,
800 NULL, &buffer, 10);
801 stonith_api_delete(st);
802 if (rc || !buffer) {
803 crm_err("Could not retrieve metadata for fencing agent %s", agent);
804 return EAGAIN;
805 }
806 g_hash_table_replace(metadata_cache, strdup(agent), buffer);
807 }
808
809 *metadata = string2xml(buffer);
810 return pcmk_rc_ok;
811 }
812
813 static gboolean
814 is_nodeid_required(xmlNode * xml)
815 {
816 xmlXPathObjectPtr xpath = NULL;
817
818 if (stand_alone) {
819 return FALSE;
820 }
821
822 if (!xml) {
823 return FALSE;
824 }
825
826 xpath = xpath_search(xml, "//parameter[@name='nodeid']");
827 if (numXpathResults(xpath) <= 0) {
828 freeXpathObject(xpath);
829 return FALSE;
830 }
831
832 freeXpathObject(xpath);
833 return TRUE;
834 }
835
836 #define MAX_ACTION_LEN 256
837
838 static char *
839 add_action(char *actions, const char *action)
840 {
841 int offset = 0;
842
843 if (actions == NULL) {
844 actions = calloc(1, MAX_ACTION_LEN);
845 } else {
846 offset = strlen(actions);
847 }
848
849 if (offset > 0) {
850 offset += snprintf(actions+offset, MAX_ACTION_LEN - offset, " ");
851 }
852 offset += snprintf(actions+offset, MAX_ACTION_LEN - offset, "%s", action);
853
854 return actions;
855 }
856
857 static void
858 read_action_metadata(stonith_device_t *device)
859 {
860 xmlXPathObjectPtr xpath = NULL;
861 int max = 0;
862 int lpc = 0;
863
864 if (device->agent_metadata == NULL) {
865 return;
866 }
867
868 xpath = xpath_search(device->agent_metadata, "//action");
869 max = numXpathResults(xpath);
870
871 if (max <= 0) {
872 freeXpathObject(xpath);
873 return;
874 }
875
876 for (lpc = 0; lpc < max; lpc++) {
877 const char *action = NULL;
878 xmlNode *match = getXpathResult(xpath, lpc);
879
880 CRM_LOG_ASSERT(match != NULL);
881 if(match == NULL) { continue; };
882
883 action = crm_element_value(match, "name");
884
885 if(pcmk__str_eq(action, "list", pcmk__str_casei)) {
886 stonith__set_device_flags(device->flags, device->id,
887 st_device_supports_list);
888 } else if(pcmk__str_eq(action, "status", pcmk__str_casei)) {
889 stonith__set_device_flags(device->flags, device->id,
890 st_device_supports_status);
891 } else if(pcmk__str_eq(action, "reboot", pcmk__str_casei)) {
892 stonith__set_device_flags(device->flags, device->id,
893 st_device_supports_reboot);
894 } else if (pcmk__str_eq(action, "on", pcmk__str_casei)) {
895
896
897 if (pcmk__xe_attr_is_true(match, "automatic") || pcmk__xe_attr_is_true(match, "required")) {
898 device->automatic_unfencing = TRUE;
899 }
900 }
901
902 if (action && pcmk__xe_attr_is_true(match, "on_target")) {
903 device->on_target_actions = add_action(device->on_target_actions, action);
904 }
905 }
906
907 freeXpathObject(xpath);
908 }
909
910
911
912
913
914
915
916
917
918 static void
919 map_action(GHashTable *params, const char *action, const char *value)
920 {
921 char *key = crm_strdup_printf("pcmk_%s_action", action);
922
923 if (g_hash_table_lookup(params, key)) {
924 crm_warn("Ignoring %s='%s', see %s instead",
925 STONITH_ATTR_ACTION_OP, value, key);
926 free(key);
927 } else {
928 crm_warn("Mapping %s='%s' to %s='%s'",
929 STONITH_ATTR_ACTION_OP, value, key, value);
930 g_hash_table_insert(params, key, strdup(value));
931 }
932 }
933
934
935
936
937
938
939
940
941 static GHashTable *
942 xml2device_params(const char *name, xmlNode *dev)
943 {
944 GHashTable *params = xml2list(dev);
945 const char *value;
946
947
948
949
950
951 value = g_hash_table_lookup(params, STONITH_ATTR_ACTION_OP);
952 if (value != NULL) {
953 crm_warn("%s has '%s' parameter, which should never be specified in configuration",
954 name, STONITH_ATTR_ACTION_OP);
955
956 if (*value == '\0') {
957 crm_warn("Ignoring empty '%s' parameter", STONITH_ATTR_ACTION_OP);
958
959 } else if (strcmp(value, "reboot") == 0) {
960 crm_warn("Ignoring %s='reboot' (see stonith-action cluster property instead)",
961 STONITH_ATTR_ACTION_OP);
962
963 } else if (strcmp(value, "off") == 0) {
964 map_action(params, "reboot", value);
965
966 } else {
967 map_action(params, "off", value);
968 map_action(params, "reboot", value);
969 }
970
971 g_hash_table_remove(params, STONITH_ATTR_ACTION_OP);
972 }
973
974 return params;
975 }
976
977 static const char *
978 target_list_type(stonith_device_t * dev)
979 {
980 const char *check_type = NULL;
981
982 check_type = g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_CHECK);
983
984 if (check_type == NULL) {
985
986 if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_LIST)) {
987 check_type = "static-list";
988 } else if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_MAP)) {
989 check_type = "static-list";
990 } else if (pcmk_is_set(dev->flags, st_device_supports_list)) {
991 check_type = "dynamic-list";
992 } else if (pcmk_is_set(dev->flags, st_device_supports_status)) {
993 check_type = "status";
994 } else {
995 check_type = PCMK__VALUE_NONE;
996 }
997 }
998
999 return check_type;
1000 }
1001
1002 static stonith_device_t *
1003 build_device_from_xml(xmlNode * msg)
1004 {
1005 const char *value;
1006 xmlNode *dev = get_xpath_object("//" F_STONITH_DEVICE, msg, LOG_ERR);
1007 stonith_device_t *device = NULL;
1008 char *agent = crm_element_value_copy(dev, "agent");
1009
1010 CRM_CHECK(agent != NULL, return device);
1011
1012 device = calloc(1, sizeof(stonith_device_t));
1013
1014 CRM_CHECK(device != NULL, {free(agent); return device;});
1015
1016 device->id = crm_element_value_copy(dev, XML_ATTR_ID);
1017 device->agent = agent;
1018 device->namespace = crm_element_value_copy(dev, "namespace");
1019 device->params = xml2device_params(device->id, dev);
1020
1021 value = g_hash_table_lookup(device->params, PCMK_STONITH_HOST_LIST);
1022 if (value) {
1023 device->targets = stonith__parse_targets(value);
1024 }
1025
1026 value = g_hash_table_lookup(device->params, PCMK_STONITH_HOST_MAP);
1027 device->aliases = build_port_aliases(value, &(device->targets));
1028
1029 value = target_list_type(device);
1030 if (!pcmk__str_eq(value, "static-list", pcmk__str_casei) && device->targets) {
1031
1032 g_list_free_full(device->targets, free);
1033 device->targets = NULL;
1034 }
1035 switch (get_agent_metadata(device->agent, &device->agent_metadata)) {
1036 case pcmk_rc_ok:
1037 if (device->agent_metadata) {
1038 read_action_metadata(device);
1039 stonith__device_parameter_flags(&(device->flags), device->id,
1040 device->agent_metadata);
1041 }
1042 break;
1043
1044 case EAGAIN:
1045 if (device->timer == NULL) {
1046 device->timer = mainloop_timer_add("get_agent_metadata", 10 * 1000,
1047 TRUE, get_agent_metadata_cb, device);
1048 }
1049 if (!mainloop_timer_running(device->timer)) {
1050 mainloop_timer_start(device->timer);
1051 }
1052 break;
1053
1054 default:
1055 break;
1056 }
1057
1058 value = g_hash_table_lookup(device->params, "nodeid");
1059 if (!value) {
1060 device->include_nodeid = is_nodeid_required(device->agent_metadata);
1061 }
1062
1063 value = crm_element_value(dev, "rsc_provides");
1064 if (pcmk__str_eq(value, "unfencing", pcmk__str_casei)) {
1065 device->automatic_unfencing = TRUE;
1066 }
1067
1068 if (is_action_required("on", device)) {
1069 crm_info("Fencing device '%s' requires unfencing", device->id);
1070 }
1071
1072 if (device->on_target_actions) {
1073 crm_info("Fencing device '%s' requires actions (%s) to be executed "
1074 "on target", device->id, device->on_target_actions);
1075 }
1076
1077 device->work = mainloop_add_trigger(G_PRIORITY_HIGH, stonith_device_dispatch, device);
1078
1079
1080 return device;
1081 }
1082
1083 static void
1084 schedule_internal_command(const char *origin,
1085 stonith_device_t * device,
1086 const char *action,
1087 const char *victim,
1088 int timeout,
1089 void *internal_user_data,
1090 void (*done_cb) (int pid,
1091 const pcmk__action_result_t *result,
1092 void *user_data))
1093 {
1094 async_command_t *cmd = NULL;
1095
1096 cmd = calloc(1, sizeof(async_command_t));
1097
1098 cmd->id = -1;
1099 cmd->default_timeout = timeout ? timeout : 60;
1100 cmd->timeout = cmd->default_timeout;
1101 cmd->action = strdup(action);
1102 pcmk__str_update(&cmd->victim, victim);
1103 cmd->device = strdup(device->id);
1104 cmd->origin = strdup(origin);
1105 cmd->client = strdup(crm_system_name);
1106 cmd->client_name = strdup(crm_system_name);
1107
1108 cmd->internal_user_data = internal_user_data;
1109 cmd->done_cb = done_cb;
1110
1111 schedule_stonith_command(cmd, device);
1112 }
1113
1114
1115 enum fence_status_code {
1116 fence_status_invalid = -1,
1117 fence_status_active = 0,
1118 fence_status_unknown = 1,
1119 fence_status_inactive = 2,
1120 };
1121
1122 static void
1123 status_search_cb(int pid, const pcmk__action_result_t *result, void *user_data)
1124 {
1125 async_command_t *cmd = user_data;
1126 struct device_search_s *search = cmd->internal_user_data;
1127 stonith_device_t *dev = cmd->device ? g_hash_table_lookup(device_list, cmd->device) : NULL;
1128 gboolean can = FALSE;
1129
1130 free_async_command(cmd);
1131
1132 if (!dev) {
1133 search_devices_record_result(search, NULL, FALSE);
1134 return;
1135 }
1136
1137 mainloop_set_trigger(dev->work);
1138
1139 if (result->execution_status != PCMK_EXEC_DONE) {
1140 crm_warn("Assuming %s cannot fence %s "
1141 "because status could not be executed: %s%s%s%s",
1142 dev->id, search->host,
1143 pcmk_exec_status_str(result->execution_status),
1144 ((result->exit_reason == NULL)? "" : " ("),
1145 ((result->exit_reason == NULL)? "" : result->exit_reason),
1146 ((result->exit_reason == NULL)? "" : ")"));
1147 search_devices_record_result(search, dev->id, FALSE);
1148 return;
1149 }
1150
1151 switch (result->exit_status) {
1152 case fence_status_unknown:
1153 crm_trace("%s reported it cannot fence %s", dev->id, search->host);
1154 break;
1155
1156 case fence_status_active:
1157 case fence_status_inactive:
1158 crm_trace("%s reported it can fence %s", dev->id, search->host);
1159 can = TRUE;
1160 break;
1161
1162 default:
1163 crm_warn("Assuming %s cannot fence %s "
1164 "(status returned unknown code %d)",
1165 dev->id, search->host, result->exit_status);
1166 break;
1167 }
1168 search_devices_record_result(search, dev->id, can);
1169 }
1170
1171 static void
1172 dynamic_list_search_cb(int pid, const pcmk__action_result_t *result,
1173 void *user_data)
1174 {
1175 async_command_t *cmd = user_data;
1176 struct device_search_s *search = cmd->internal_user_data;
1177 stonith_device_t *dev = cmd->device ? g_hash_table_lookup(device_list, cmd->device) : NULL;
1178 gboolean can_fence = FALSE;
1179
1180 free_async_command(cmd);
1181
1182
1183
1184
1185
1186
1187 if (!dev) {
1188 search_devices_record_result(search, NULL, FALSE);
1189 return;
1190 }
1191
1192 mainloop_set_trigger(dev->work);
1193
1194 if (pcmk__result_ok(result)) {
1195 crm_info("Refreshing target list for %s", dev->id);
1196 g_list_free_full(dev->targets, free);
1197 dev->targets = stonith__parse_targets(result->action_stdout);
1198 dev->targets_age = time(NULL);
1199
1200 } else if (dev->targets != NULL) {
1201 if (result->execution_status == PCMK_EXEC_DONE) {
1202 crm_info("Reusing most recent target list for %s "
1203 "because list returned error code %d",
1204 dev->id, result->exit_status);
1205 } else {
1206 crm_info("Reusing most recent target list for %s "
1207 "because list could not be executed: %s%s%s%s",
1208 dev->id, pcmk_exec_status_str(result->execution_status),
1209 ((result->exit_reason == NULL)? "" : " ("),
1210 ((result->exit_reason == NULL)? "" : result->exit_reason),
1211 ((result->exit_reason == NULL)? "" : ")"));
1212 }
1213
1214 } else {
1215 if (result->execution_status == PCMK_EXEC_DONE) {
1216 crm_warn("Assuming %s cannot fence %s "
1217 "because list returned error code %d",
1218 dev->id, search->host, result->exit_status);
1219 } else {
1220 crm_warn("Assuming %s cannot fence %s "
1221 "because list could not be executed: %s%s%s%s",
1222 dev->id, search->host,
1223 pcmk_exec_status_str(result->execution_status),
1224 ((result->exit_reason == NULL)? "" : " ("),
1225 ((result->exit_reason == NULL)? "" : result->exit_reason),
1226 ((result->exit_reason == NULL)? "" : ")"));
1227 }
1228
1229
1230
1231
1232 if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_CHECK) == NULL) {
1233 crm_notice("Switching to pcmk_host_check='status' for %s", dev->id);
1234 g_hash_table_replace(dev->params, strdup(PCMK_STONITH_HOST_CHECK),
1235 strdup("status"));
1236 }
1237 }
1238
1239 if (dev->targets) {
1240 const char *alias = g_hash_table_lookup(dev->aliases, search->host);
1241
1242 if (!alias) {
1243 alias = search->host;
1244 }
1245 if (pcmk__str_in_list(alias, dev->targets, pcmk__str_casei)) {
1246 can_fence = TRUE;
1247 }
1248 }
1249 search_devices_record_result(search, dev->id, can_fence);
1250 }
1251
1252
1253
1254
1255
1256 static int
1257 device_params_diff(GHashTable *first, GHashTable *second) {
1258 char *key = NULL;
1259 char *value = NULL;
1260 GHashTableIter gIter;
1261
1262 g_hash_table_iter_init(&gIter, first);
1263 while (g_hash_table_iter_next(&gIter, (void **)&key, (void **)&value)) {
1264
1265 if(strstr(key, "CRM_meta") == key) {
1266 continue;
1267 } else if(strcmp(key, "crm_feature_set") == 0) {
1268 continue;
1269 } else {
1270 char *other_value = g_hash_table_lookup(second, key);
1271
1272 if (!other_value || !pcmk__str_eq(other_value, value, pcmk__str_casei)) {
1273 crm_trace("Different value for %s: %s != %s", key, other_value, value);
1274 return 1;
1275 }
1276 }
1277 }
1278
1279 return 0;
1280 }
1281
1282
1283
1284
1285
1286 static stonith_device_t *
1287 device_has_duplicate(stonith_device_t * device)
1288 {
1289 stonith_device_t *dup = g_hash_table_lookup(device_list, device->id);
1290
1291 if (!dup) {
1292 crm_trace("No match for %s", device->id);
1293 return NULL;
1294
1295 } else if (!pcmk__str_eq(dup->agent, device->agent, pcmk__str_casei)) {
1296 crm_trace("Different agent: %s != %s", dup->agent, device->agent);
1297 return NULL;
1298 }
1299
1300
1301 if (device_params_diff(device->params, dup->params) ||
1302 device_params_diff(dup->params, device->params)) {
1303 return NULL;
1304 }
1305
1306 crm_trace("Match");
1307 return dup;
1308 }
1309
1310 int
1311 stonith_device_register(xmlNode * msg, const char **desc, gboolean from_cib)
1312 {
1313 stonith_device_t *dup = NULL;
1314 stonith_device_t *device = build_device_from_xml(msg);
1315 guint ndevices = 0;
1316 int rv = pcmk_ok;
1317
1318 CRM_CHECK(device != NULL, return -ENOMEM);
1319
1320
1321 if (pcmk__str_eq(device->id, STONITH_WATCHDOG_ID, pcmk__str_none) ||
1322 pcmk__str_any_of(device->agent, STONITH_WATCHDOG_AGENT,
1323 STONITH_WATCHDOG_AGENT_INTERNAL, NULL)) do {
1324 if (stonith_watchdog_timeout_ms <= 0) {
1325 crm_err("Ignoring watchdog fence device without "
1326 "stonith-watchdog-timeout set.");
1327 rv = -ENODEV;
1328
1329 } else if (!pcmk__str_any_of(device->agent, STONITH_WATCHDOG_AGENT,
1330 STONITH_WATCHDOG_AGENT_INTERNAL, NULL)) {
1331 crm_err("Ignoring watchdog fence device with unknown "
1332 "agent '%s' unequal '" STONITH_WATCHDOG_AGENT "'.",
1333 device->agent?device->agent:"");
1334 rv = -ENODEV;
1335
1336 } else if (!pcmk__str_eq(device->id, STONITH_WATCHDOG_ID,
1337 pcmk__str_none)) {
1338 crm_err("Ignoring watchdog fence device "
1339 "named %s !='"STONITH_WATCHDOG_ID"'.",
1340 device->id?device->id:"");
1341 rv = -ENODEV;
1342
1343 } else {
1344 if (pcmk__str_eq(device->agent, STONITH_WATCHDOG_AGENT,
1345 pcmk__str_none)) {
1346
1347
1348
1349 g_list_free_full(stonith_watchdog_targets, free);
1350 stonith_watchdog_targets = device->targets;
1351 device->targets = NULL;
1352 }
1353 if (node_does_watchdog_fencing(stonith_our_uname)) {
1354 g_list_free_full(device->targets, free);
1355 device->targets = stonith__parse_targets(stonith_our_uname);
1356 g_hash_table_replace(device->params,
1357 strdup(PCMK_STONITH_HOST_LIST),
1358 strdup(stonith_our_uname));
1359
1360 break;
1361 }
1362
1363 crm_debug("Skip registration of watchdog fence device on node not in host-list.");
1364
1365 device->targets = NULL;
1366 stonith_device_remove(device->id, from_cib);
1367 }
1368 free_device(device);
1369 return rv;
1370 } while (0);
1371
1372 dup = device_has_duplicate(device);
1373 if (dup) {
1374 ndevices = g_hash_table_size(device_list);
1375 crm_debug("Device '%s' already in device list (%d active device%s)",
1376 device->id, ndevices, pcmk__plural_s(ndevices));
1377 free_device(device);
1378 device = dup;
1379 dup = g_hash_table_lookup(device_list, device->id);
1380 dup->dirty = FALSE;
1381
1382 } else {
1383 stonith_device_t *old = g_hash_table_lookup(device_list, device->id);
1384
1385 if (from_cib && old && old->api_registered) {
1386
1387
1388
1389
1390 crm_info("Overwriting existing entry for %s from CIB", device->id);
1391 device->pending_ops = old->pending_ops;
1392 device->api_registered = TRUE;
1393 old->pending_ops = NULL;
1394 if (device->pending_ops) {
1395 mainloop_set_trigger(device->work);
1396 }
1397 }
1398 g_hash_table_replace(device_list, device->id, device);
1399
1400 ndevices = g_hash_table_size(device_list);
1401 crm_notice("Added '%s' to device list (%d active device%s)",
1402 device->id, ndevices, pcmk__plural_s(ndevices));
1403 }
1404 if (desc) {
1405 *desc = device->id;
1406 }
1407
1408 if (from_cib) {
1409 device->cib_registered = TRUE;
1410 } else {
1411 device->api_registered = TRUE;
1412 }
1413
1414 return pcmk_ok;
1415 }
1416
1417 void
1418 stonith_device_remove(const char *id, bool from_cib)
1419 {
1420 stonith_device_t *device = g_hash_table_lookup(device_list, id);
1421 guint ndevices = 0;
1422
1423 if (!device) {
1424 ndevices = g_hash_table_size(device_list);
1425 crm_info("Device '%s' not found (%d active device%s)",
1426 id, ndevices, pcmk__plural_s(ndevices));
1427 return;
1428 }
1429
1430 if (from_cib) {
1431 device->cib_registered = FALSE;
1432 } else {
1433 device->verified = FALSE;
1434 device->api_registered = FALSE;
1435 }
1436
1437 if (!device->cib_registered && !device->api_registered) {
1438 g_hash_table_remove(device_list, id);
1439 ndevices = g_hash_table_size(device_list);
1440 crm_info("Removed '%s' from device list (%d active device%s)",
1441 id, ndevices, pcmk__plural_s(ndevices));
1442 } else {
1443 crm_trace("Not removing '%s' from device list (%d active) because "
1444 "still registered via:%s%s",
1445 id, g_hash_table_size(device_list),
1446 (device->cib_registered? " cib" : ""),
1447 (device->api_registered? " api" : ""));
1448 }
1449 }
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460 static int
1461 count_active_levels(stonith_topology_t * tp)
1462 {
1463 int lpc = 0;
1464 int count = 0;
1465
1466 for (lpc = 0; lpc < ST_LEVEL_MAX; lpc++) {
1467 if (tp->levels[lpc] != NULL) {
1468 count++;
1469 }
1470 }
1471 return count;
1472 }
1473
1474 static void
1475 free_topology_entry(gpointer data)
1476 {
1477 stonith_topology_t *tp = data;
1478
1479 int lpc = 0;
1480
1481 for (lpc = 0; lpc < ST_LEVEL_MAX; lpc++) {
1482 if (tp->levels[lpc] != NULL) {
1483 g_list_free_full(tp->levels[lpc], free);
1484 }
1485 }
1486 free(tp->target);
1487 free(tp->target_value);
1488 free(tp->target_pattern);
1489 free(tp->target_attribute);
1490 free(tp);
1491 }
1492
1493 void
1494 free_topology_list(void)
1495 {
1496 if (topology != NULL) {
1497 g_hash_table_destroy(topology);
1498 topology = NULL;
1499 }
1500 }
1501
1502 void
1503 init_topology_list(void)
1504 {
1505 if (topology == NULL) {
1506 topology = pcmk__strkey_table(NULL, free_topology_entry);
1507 }
1508 }
1509
1510 char *
1511 stonith_level_key(xmlNode *level, enum fenced_target_by mode)
1512 {
1513 if (mode == fenced_target_by_unknown) {
1514 mode = unpack_level_kind(level);
1515 }
1516 switch (mode) {
1517 case fenced_target_by_name:
1518 return crm_element_value_copy(level, XML_ATTR_STONITH_TARGET);
1519
1520 case fenced_target_by_pattern:
1521 return crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_PATTERN);
1522
1523 case fenced_target_by_attribute:
1524 return crm_strdup_printf("%s=%s",
1525 crm_element_value(level, XML_ATTR_STONITH_TARGET_ATTRIBUTE),
1526 crm_element_value(level, XML_ATTR_STONITH_TARGET_VALUE));
1527
1528 default:
1529 return crm_strdup_printf("unknown-%s", ID(level));
1530 }
1531 }
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541 static int
1542 unpack_level_kind(xmlNode *level)
1543 {
1544 if (crm_element_value(level, XML_ATTR_STONITH_TARGET) != NULL) {
1545 return fenced_target_by_name;
1546 }
1547 if (crm_element_value(level, XML_ATTR_STONITH_TARGET_PATTERN) != NULL) {
1548 return fenced_target_by_pattern;
1549 }
1550 if (!stand_alone
1551 && (crm_element_value(level, XML_ATTR_STONITH_TARGET_ATTRIBUTE) != NULL)
1552 && (crm_element_value(level, XML_ATTR_STONITH_TARGET_VALUE) == NULL)) {
1553 return fenced_target_by_attribute;
1554 }
1555 return fenced_target_by_unknown;
1556 }
1557
1558 static stonith_key_value_t *
1559 parse_device_list(const char *devices)
1560 {
1561 int lpc = 0;
1562 int max = 0;
1563 int last = 0;
1564 stonith_key_value_t *output = NULL;
1565
1566 if (devices == NULL) {
1567 return output;
1568 }
1569
1570 max = strlen(devices);
1571 for (lpc = 0; lpc <= max; lpc++) {
1572 if (devices[lpc] == ',' || devices[lpc] == 0) {
1573 char *line = strndup(devices + last, lpc - last);
1574
1575 output = stonith_key_value_add(output, NULL, line);
1576 free(line);
1577
1578 last = lpc + 1;
1579 }
1580 }
1581
1582 return output;
1583 }
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598 void
1599 fenced_register_level(xmlNode *msg, char **desc, pcmk__action_result_t *result)
1600 {
1601 int id = 0;
1602 xmlNode *level;
1603 enum fenced_target_by mode;
1604 char *target;
1605
1606 stonith_topology_t *tp;
1607 stonith_key_value_t *dIter = NULL;
1608 stonith_key_value_t *devices = NULL;
1609
1610 CRM_CHECK(result != NULL, return);
1611
1612 if (msg == NULL) {
1613 fenced_set_protocol_error(result);
1614 return;
1615 }
1616
1617
1618
1619
1620
1621 if (pcmk__str_eq(TYPE(msg), XML_TAG_FENCING_LEVEL, pcmk__str_casei)) {
1622 level = msg;
1623 } else {
1624 level = get_xpath_object("//" XML_TAG_FENCING_LEVEL, msg, LOG_WARNING);
1625 }
1626 if (level == NULL) {
1627 fenced_set_protocol_error(result);
1628 return;
1629 }
1630
1631 mode = unpack_level_kind(level);
1632 target = stonith_level_key(level, mode);
1633 crm_element_value_int(level, XML_ATTR_STONITH_INDEX, &id);
1634
1635 if (desc) {
1636 *desc = crm_strdup_printf("%s[%d]", target, id);
1637 }
1638
1639
1640 if (mode == fenced_target_by_unknown) {
1641 crm_warn("Ignoring registration for topology level '%s' "
1642 "without valid target", crm_str(ID(level)));
1643 free(target);
1644 crm_log_xml_info(level, "Bad level");
1645 pcmk__format_result(result, CRM_EX_INVALID_PARAM, PCMK_EXEC_INVALID,
1646 "Invalid target for topology level '%s'",
1647 crm_str(ID(level)));
1648 return;
1649 }
1650
1651
1652 if ((id <= 0) || (id >= ST_LEVEL_MAX)) {
1653 crm_warn("Ignoring topology registration for %s with invalid level %d",
1654 target, id);
1655 free(target);
1656 crm_log_xml_info(level, "Bad level");
1657 pcmk__format_result(result, CRM_EX_INVALID_PARAM, PCMK_EXEC_INVALID,
1658 "Invalid level number '%s' for topology level '%s'",
1659 crm_str(crm_element_value(level,
1660 XML_ATTR_STONITH_INDEX)),
1661 crm_str(ID(level)));
1662 return;
1663 }
1664
1665
1666 tp = g_hash_table_lookup(topology, target);
1667 if (tp == NULL) {
1668 tp = calloc(1, sizeof(stonith_topology_t));
1669 if (tp == NULL) {
1670 pcmk__set_result(result, CRM_EX_ERROR, PCMK_EXEC_ERROR,
1671 strerror(ENOMEM));
1672 return;
1673 }
1674 tp->kind = mode;
1675 tp->target = target;
1676 tp->target_value = crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_VALUE);
1677 tp->target_pattern = crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_PATTERN);
1678 tp->target_attribute = crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_ATTRIBUTE);
1679
1680 g_hash_table_replace(topology, tp->target, tp);
1681 crm_trace("Added %s (%d) to the topology (%d active entries)",
1682 target, (int) mode, g_hash_table_size(topology));
1683 } else {
1684 free(target);
1685 }
1686
1687 if (tp->levels[id] != NULL) {
1688 crm_info("Adding to the existing %s[%d] topology entry",
1689 tp->target, id);
1690 }
1691
1692 devices = parse_device_list(crm_element_value(level, XML_ATTR_STONITH_DEVICES));
1693 for (dIter = devices; dIter; dIter = dIter->next) {
1694 const char *device = dIter->value;
1695
1696 crm_trace("Adding device '%s' for %s[%d]", device, tp->target, id);
1697 tp->levels[id] = g_list_append(tp->levels[id], strdup(device));
1698 }
1699 stonith_key_value_freeall(devices, 1, 1);
1700
1701 {
1702 int nlevels = count_active_levels(tp);
1703
1704 crm_info("Target %s has %d active fencing level%s",
1705 tp->target, nlevels, pcmk__plural_s(nlevels));
1706 }
1707
1708 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1709 }
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723 void
1724 fenced_unregister_level(xmlNode *msg, char **desc,
1725 pcmk__action_result_t *result)
1726 {
1727 int id = -1;
1728 stonith_topology_t *tp;
1729 char *target;
1730 xmlNode *level = NULL;
1731
1732 CRM_CHECK(result != NULL, return);
1733
1734 if (msg == NULL) {
1735 fenced_set_protocol_error(result);
1736 return;
1737 }
1738
1739
1740 level = get_xpath_object("//" XML_TAG_FENCING_LEVEL, msg, LOG_WARNING);
1741 if (level == NULL) {
1742 fenced_set_protocol_error(result);
1743 return;
1744 }
1745
1746 target = stonith_level_key(level, fenced_target_by_unknown);
1747 crm_element_value_int(level, XML_ATTR_STONITH_INDEX, &id);
1748
1749
1750 if ((id < 0) || (id >= ST_LEVEL_MAX)) {
1751 crm_warn("Ignoring topology unregistration for %s with invalid level %d",
1752 target, id);
1753 free(target);
1754 crm_log_xml_info(level, "Bad level");
1755 pcmk__format_result(result, CRM_EX_INVALID_PARAM, PCMK_EXEC_INVALID,
1756 "Invalid level number '%s' for topology level '%s'",
1757 crm_str(crm_element_value(level,
1758 XML_ATTR_STONITH_INDEX)),
1759 crm_str(ID(level)));
1760 return;
1761 }
1762
1763 if (desc) {
1764 *desc = crm_strdup_printf("%s[%d]", target, id);
1765 }
1766
1767 tp = g_hash_table_lookup(topology, target);
1768 if (tp == NULL) {
1769 guint nentries = g_hash_table_size(topology);
1770
1771 crm_info("No fencing topology found for %s (%d active %s)",
1772 target, nentries,
1773 pcmk__plural_alt(nentries, "entry", "entries"));
1774
1775 } else if (id == 0 && g_hash_table_remove(topology, target)) {
1776 guint nentries = g_hash_table_size(topology);
1777
1778 crm_info("Removed all fencing topology entries related to %s "
1779 "(%d active %s remaining)", target, nentries,
1780 pcmk__plural_alt(nentries, "entry", "entries"));
1781
1782 } else if (tp->levels[id] != NULL) {
1783 guint nlevels;
1784
1785 g_list_free_full(tp->levels[id], free);
1786 tp->levels[id] = NULL;
1787
1788 nlevels = count_active_levels(tp);
1789 crm_info("Removed level %d from fencing topology for %s "
1790 "(%d active level%s remaining)",
1791 id, target, nlevels, pcmk__plural_s(nlevels));
1792 }
1793
1794 free(target);
1795 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1796 }
1797
1798 static char *
1799 list_to_string(GList *list, const char *delim, gboolean terminate_with_delim)
1800 {
1801 int max = g_list_length(list);
1802 size_t delim_len = delim?strlen(delim):0;
1803 size_t alloc_size = 1 + (max?((max-1+(terminate_with_delim?1:0))*delim_len):0);
1804 char *rv;
1805 GList *gIter;
1806
1807 for (gIter = list; gIter != NULL; gIter = gIter->next) {
1808 const char *value = (const char *) gIter->data;
1809
1810 alloc_size += strlen(value);
1811 }
1812 rv = calloc(alloc_size, sizeof(char));
1813 if (rv) {
1814 char *pos = rv;
1815 const char *lead_delim = "";
1816
1817 for (gIter = list; gIter != NULL; gIter = gIter->next) {
1818 const char *value = (const char *) gIter->data;
1819
1820 pos = &pos[sprintf(pos, "%s%s", lead_delim, value)];
1821 lead_delim = delim;
1822 }
1823 if (max && terminate_with_delim) {
1824 sprintf(pos, "%s", delim);
1825 }
1826 }
1827 return rv;
1828 }
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845 static void
1846 execute_agent_action(xmlNode *msg, pcmk__action_result_t *result)
1847 {
1848 xmlNode *dev = get_xpath_object("//" F_STONITH_DEVICE, msg, LOG_ERR);
1849 xmlNode *op = get_xpath_object("//@" F_STONITH_ACTION, msg, LOG_ERR);
1850 const char *id = crm_element_value(dev, F_STONITH_DEVICE);
1851 const char *action = crm_element_value(op, F_STONITH_ACTION);
1852 async_command_t *cmd = NULL;
1853 stonith_device_t *device = NULL;
1854
1855 if ((id == NULL) || (action == NULL)) {
1856 crm_info("Malformed API action request: device %s, action %s",
1857 (id? id : "not specified"),
1858 (action? action : "not specified"));
1859 fenced_set_protocol_error(result);
1860 return;
1861 }
1862
1863 if (pcmk__str_eq(id, STONITH_WATCHDOG_ID, pcmk__str_none)) {
1864
1865 if (stonith_watchdog_timeout_ms <= 0) {
1866 pcmk__set_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
1867 "Watchdog fence device not configured");
1868 return;
1869
1870 } else if (pcmk__str_eq(action, "list", pcmk__str_casei)) {
1871 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1872 pcmk__set_result_output(result,
1873 list_to_string(stonith_watchdog_targets,
1874 "\n", TRUE),
1875 NULL);
1876 return;
1877
1878 } else if (pcmk__str_eq(action, "monitor", pcmk__str_casei)) {
1879 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1880 return;
1881 }
1882 }
1883
1884 device = g_hash_table_lookup(device_list, id);
1885 if (device == NULL) {
1886 crm_info("Ignoring API '%s' action request because device %s not found",
1887 action, id);
1888 pcmk__format_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
1889 "'%s' not found", id);
1890 return;
1891
1892 } else if (!device->api_registered && !strcmp(action, "monitor")) {
1893
1894 crm_info("Ignoring API '%s' action request because device %s not active",
1895 action, id);
1896 pcmk__format_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
1897 "'%s' not active", id);
1898 return;
1899 }
1900
1901 cmd = create_async_command(msg);
1902 if (cmd == NULL) {
1903 fenced_set_protocol_error(result);
1904 return;
1905 }
1906
1907 schedule_stonith_command(cmd, device);
1908 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_PENDING, NULL);
1909 }
1910
1911 static void
1912 search_devices_record_result(struct device_search_s *search, const char *device, gboolean can_fence)
1913 {
1914 search->replies_received++;
1915
1916 if (can_fence && device) {
1917 search->capable = g_list_append(search->capable, strdup(device));
1918 }
1919
1920 if (search->replies_needed == search->replies_received) {
1921
1922 guint ndevices = g_list_length(search->capable);
1923
1924 crm_debug("Search found %d device%s that can perform '%s' targeting %s",
1925 ndevices, pcmk__plural_s(ndevices),
1926 (search->action? search->action : "unknown action"),
1927 (search->host? search->host : "any node"));
1928
1929 search->callback(search->capable, search->user_data);
1930 free(search->host);
1931 free(search->action);
1932 free(search);
1933 }
1934 }
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947 static gboolean
1948 localhost_is_eligible(const stonith_device_t *device, const char *action,
1949 const char *target, gboolean allow_suicide)
1950 {
1951 gboolean localhost_is_target = pcmk__str_eq(target, stonith_our_uname,
1952 pcmk__str_casei);
1953
1954 if (device && action && device->on_target_actions
1955 && strstr(device->on_target_actions, action)) {
1956 if (!localhost_is_target) {
1957 crm_trace("Operation '%s' using %s can only be executed for "
1958 "local host, not %s", action, device->id, target);
1959 return FALSE;
1960 }
1961
1962 } else if (localhost_is_target && !allow_suicide) {
1963 crm_trace("'%s' operation does not support self-fencing", action);
1964 return FALSE;
1965 }
1966 return TRUE;
1967 }
1968
1969 static void
1970 can_fence_host_with_device(stonith_device_t * dev, struct device_search_s *search)
1971 {
1972 gboolean can = FALSE;
1973 const char *check_type = NULL;
1974 const char *host = search->host;
1975 const char *alias = NULL;
1976
1977 CRM_LOG_ASSERT(dev != NULL);
1978
1979 if (dev == NULL) {
1980 goto search_report_results;
1981 } else if (host == NULL) {
1982 can = TRUE;
1983 goto search_report_results;
1984 }
1985
1986
1987 if (pcmk__str_eq(search->action, "reboot", pcmk__str_casei)) {
1988
1989
1990
1991
1992
1993 if (!localhost_is_eligible(dev, "reboot", host, search->allow_suicide)
1994 && !localhost_is_eligible(dev, "off", host, search->allow_suicide)
1995 && !localhost_is_eligible(dev, "on", host, FALSE)) {
1996 goto search_report_results;
1997 }
1998 } else if (!localhost_is_eligible(dev, search->action, host,
1999 search->allow_suicide)) {
2000 goto search_report_results;
2001 }
2002
2003 alias = g_hash_table_lookup(dev->aliases, host);
2004 if (alias == NULL) {
2005 alias = host;
2006 }
2007
2008 check_type = target_list_type(dev);
2009
2010 if (pcmk__str_eq(check_type, PCMK__VALUE_NONE, pcmk__str_casei)) {
2011 can = TRUE;
2012
2013 } else if (pcmk__str_eq(check_type, "static-list", pcmk__str_casei)) {
2014
2015
2016
2017
2018
2019 if (pcmk__str_in_list(host, dev->targets, pcmk__str_casei)) {
2020 can = TRUE;
2021 } else if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_MAP)
2022 && g_hash_table_lookup(dev->aliases, host)) {
2023 can = TRUE;
2024 }
2025
2026 } else if (pcmk__str_eq(check_type, "dynamic-list", pcmk__str_casei)) {
2027 time_t now = time(NULL);
2028
2029 if (dev->targets == NULL || dev->targets_age + 60 < now) {
2030 int device_timeout = get_action_timeout(dev, "list", search->per_device_timeout);
2031
2032 if (device_timeout > search->per_device_timeout) {
2033 crm_notice("Since the pcmk_list_timeout(%ds) parameter of %s is larger than stonith-timeout(%ds), timeout may occur",
2034 device_timeout, dev->id, search->per_device_timeout);
2035 }
2036
2037 crm_trace("Running '%s' to check whether %s is eligible to fence %s (%s)",
2038 check_type, dev->id, search->host, search->action);
2039
2040 schedule_internal_command(__func__, dev, "list", NULL,
2041 search->per_device_timeout, search, dynamic_list_search_cb);
2042
2043
2044 return;
2045 }
2046
2047 if (pcmk__str_in_list(alias, dev->targets, pcmk__str_casei)) {
2048 can = TRUE;
2049 }
2050
2051 } else if (pcmk__str_eq(check_type, "status", pcmk__str_casei)) {
2052 int device_timeout = get_action_timeout(dev, check_type, search->per_device_timeout);
2053
2054 if (device_timeout > search->per_device_timeout) {
2055 crm_notice("Since the pcmk_status_timeout(%ds) parameter of %s is larger than stonith-timeout(%ds), timeout may occur",
2056 device_timeout, dev->id, search->per_device_timeout);
2057 }
2058
2059 crm_trace("Running '%s' to check whether %s is eligible to fence %s (%s)",
2060 check_type, dev->id, search->host, search->action);
2061 schedule_internal_command(__func__, dev, "status", search->host,
2062 search->per_device_timeout, search, status_search_cb);
2063
2064 return;
2065 } else {
2066 crm_err("Invalid value for " PCMK_STONITH_HOST_CHECK ": %s", check_type);
2067 check_type = "Invalid " PCMK_STONITH_HOST_CHECK;
2068 }
2069
2070 if (pcmk__str_eq(host, alias, pcmk__str_casei)) {
2071 crm_notice("%s is%s eligible to fence (%s) %s: %s",
2072 dev->id, (can? "" : " not"), search->action, host,
2073 check_type);
2074 } else {
2075 crm_notice("%s is%s eligible to fence (%s) %s (aka. '%s'): %s",
2076 dev->id, (can? "" : " not"), search->action, host, alias,
2077 check_type);
2078 }
2079
2080 search_report_results:
2081 search_devices_record_result(search, dev ? dev->id : NULL, can);
2082 }
2083
2084 static void
2085 search_devices(gpointer key, gpointer value, gpointer user_data)
2086 {
2087 stonith_device_t *dev = value;
2088 struct device_search_s *search = user_data;
2089
2090 can_fence_host_with_device(dev, search);
2091 }
2092
2093 #define DEFAULT_QUERY_TIMEOUT 20
2094 static void
2095 get_capable_devices(const char *host, const char *action, int timeout, bool suicide, void *user_data,
2096 void (*callback) (GList * devices, void *user_data))
2097 {
2098 struct device_search_s *search;
2099 guint ndevices = g_hash_table_size(device_list);
2100
2101 if (ndevices == 0) {
2102 callback(NULL, user_data);
2103 return;
2104 }
2105
2106 search = calloc(1, sizeof(struct device_search_s));
2107 if (!search) {
2108 crm_crit("Cannot search for capable fence devices: %s",
2109 strerror(ENOMEM));
2110 callback(NULL, user_data);
2111 return;
2112 }
2113
2114 pcmk__str_update(&search->host, host);
2115 pcmk__str_update(&search->action, action);
2116 search->per_device_timeout = timeout;
2117 search->allow_suicide = suicide;
2118 search->callback = callback;
2119 search->user_data = user_data;
2120
2121
2122
2123
2124 search->replies_needed = ndevices;
2125
2126 crm_debug("Searching %d device%s to see which can execute '%s' targeting %s",
2127 ndevices, pcmk__plural_s(ndevices),
2128 (search->action? search->action : "unknown action"),
2129 (search->host? search->host : "any node"));
2130 g_hash_table_foreach(device_list, search_devices, search);
2131 }
2132
2133 struct st_query_data {
2134 xmlNode *reply;
2135 char *remote_peer;
2136 char *client_id;
2137 char *target;
2138 char *action;
2139 int call_options;
2140 };
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151 static void
2152 add_action_specific_attributes(xmlNode *xml, const char *action,
2153 stonith_device_t *device, const char *target)
2154 {
2155 int action_specific_timeout;
2156 int delay_max;
2157 int delay_base;
2158
2159 CRM_CHECK(xml && action && device, return);
2160
2161 if (is_action_required(action, device)) {
2162 crm_trace("Action '%s' is required using %s", action, device->id);
2163 crm_xml_add_int(xml, F_STONITH_DEVICE_REQUIRED, 1);
2164 }
2165
2166 action_specific_timeout = get_action_timeout(device, action, 0);
2167 if (action_specific_timeout) {
2168 crm_trace("Action '%s' has timeout %dms using %s",
2169 action, action_specific_timeout, device->id);
2170 crm_xml_add_int(xml, F_STONITH_ACTION_TIMEOUT, action_specific_timeout);
2171 }
2172
2173 delay_max = get_action_delay_max(device, action);
2174 if (delay_max > 0) {
2175 crm_trace("Action '%s' has maximum random delay %dms using %s",
2176 action, delay_max, device->id);
2177 crm_xml_add_int(xml, F_STONITH_DELAY_MAX, delay_max / 1000);
2178 }
2179
2180 delay_base = get_action_delay_base(device, action, target);
2181 if (delay_base > 0) {
2182 crm_xml_add_int(xml, F_STONITH_DELAY_BASE, delay_base / 1000);
2183 }
2184
2185 if ((delay_max > 0) && (delay_base == 0)) {
2186 crm_trace("Action '%s' has maximum random delay %dms using %s",
2187 action, delay_max, device->id);
2188 } else if ((delay_max == 0) && (delay_base > 0)) {
2189 crm_trace("Action '%s' has a static delay of %dms using %s",
2190 action, delay_base, device->id);
2191 } else if ((delay_max > 0) && (delay_base > 0)) {
2192 crm_trace("Action '%s' has a minimum delay of %dms and a randomly chosen "
2193 "maximum delay of %dms using %s",
2194 action, delay_base, delay_max, device->id);
2195 }
2196 }
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208 static void
2209 add_disallowed(xmlNode *xml, const char *action, stonith_device_t *device,
2210 const char *target, gboolean allow_suicide)
2211 {
2212 if (!localhost_is_eligible(device, action, target, allow_suicide)) {
2213 crm_trace("Action '%s' using %s is disallowed for local host",
2214 action, device->id);
2215 pcmk__xe_set_bool_attr(xml, F_STONITH_ACTION_DISALLOWED, true);
2216 }
2217 }
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229 static void
2230 add_action_reply(xmlNode *xml, const char *action, stonith_device_t *device,
2231 const char *target, gboolean allow_suicide)
2232 {
2233 xmlNode *child = create_xml_node(xml, F_STONITH_ACTION);
2234
2235 crm_xml_add(child, XML_ATTR_ID, action);
2236 add_action_specific_attributes(child, action, device, target);
2237 add_disallowed(child, action, device, target, allow_suicide);
2238 }
2239
2240 static void
2241 stonith_query_capable_device_cb(GList * devices, void *user_data)
2242 {
2243 struct st_query_data *query = user_data;
2244 int available_devices = 0;
2245 xmlNode *dev = NULL;
2246 xmlNode *list = NULL;
2247 GList *lpc = NULL;
2248 pcmk__client_t *client = NULL;
2249
2250 if (query->client_id != NULL) {
2251 client = pcmk__find_client_by_id(query->client_id);
2252 if ((client == NULL) && (query->remote_peer == NULL)) {
2253 crm_trace("Skipping reply to %s: no longer a client",
2254 query->client_id);
2255 goto done;
2256 }
2257 }
2258
2259
2260 list = create_xml_node(NULL, __func__);
2261 crm_xml_add(list, F_STONITH_TARGET, query->target);
2262 for (lpc = devices; lpc != NULL; lpc = lpc->next) {
2263 stonith_device_t *device = g_hash_table_lookup(device_list, lpc->data);
2264 const char *action = query->action;
2265
2266 if (!device) {
2267
2268
2269 continue;
2270 }
2271
2272 available_devices++;
2273
2274 dev = create_xml_node(list, F_STONITH_DEVICE);
2275 crm_xml_add(dev, XML_ATTR_ID, device->id);
2276 crm_xml_add(dev, "namespace", device->namespace);
2277 crm_xml_add(dev, "agent", device->agent);
2278 crm_xml_add_int(dev, F_STONITH_DEVICE_VERIFIED, device->verified);
2279
2280
2281
2282
2283 if (!pcmk_is_set(device->flags, st_device_supports_reboot)
2284 && pcmk__str_eq(query->action, "reboot", pcmk__str_casei)) {
2285 crm_trace("%s doesn't support reboot, using values for off instead",
2286 device->id);
2287 action = "off";
2288 }
2289
2290
2291 add_action_specific_attributes(dev, action, device, query->target);
2292 if (pcmk__str_eq(query->action, "reboot", pcmk__str_casei)) {
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304 add_disallowed(dev, action, device, query->target,
2305 pcmk_is_set(query->call_options, st_opt_allow_suicide));
2306 add_action_reply(dev, "off", device, query->target,
2307 pcmk_is_set(query->call_options, st_opt_allow_suicide));
2308 add_action_reply(dev, "on", device, query->target, FALSE);
2309 }
2310
2311
2312 if (query->target == NULL) {
2313 xmlNode *attrs = create_xml_node(dev, XML_TAG_ATTRS);
2314
2315 g_hash_table_foreach(device->params, hash2field, attrs);
2316 }
2317 }
2318
2319 crm_xml_add_int(list, F_STONITH_AVAILABLE_DEVICES, available_devices);
2320 if (query->target) {
2321 crm_debug("Found %d matching device%s for target '%s'",
2322 available_devices, pcmk__plural_s(available_devices),
2323 query->target);
2324 } else {
2325 crm_debug("%d device%s installed",
2326 available_devices, pcmk__plural_s(available_devices));
2327 }
2328
2329 if (list != NULL) {
2330 crm_log_xml_trace(list, "Add query results");
2331 add_message_xml(query->reply, F_STONITH_CALLDATA, list);
2332 }
2333
2334 stonith_send_reply(query->reply, query->call_options, query->remote_peer,
2335 client);
2336
2337 done:
2338 free_xml(query->reply);
2339 free(query->remote_peer);
2340 free(query->client_id);
2341 free(query->target);
2342 free(query->action);
2343 free(query);
2344 free_xml(list);
2345 g_list_free_full(devices, free);
2346 }
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358 static void
2359 log_async_result(async_command_t *cmd, const pcmk__action_result_t *result,
2360 int pid, const char *next, bool op_merged)
2361 {
2362 int log_level = LOG_ERR;
2363 int output_log_level = LOG_NEVER;
2364 guint devices_remaining = g_list_length(cmd->device_next);
2365
2366 GString *msg = g_string_sized_new(80);
2367
2368
2369 if (pcmk__result_ok(result)) {
2370 log_level = (cmd->victim == NULL)? LOG_DEBUG : LOG_NOTICE;
2371 if ((result->action_stdout != NULL)
2372 && !pcmk__str_eq(cmd->action, "metadata", pcmk__str_casei)) {
2373 output_log_level = LOG_DEBUG;
2374 }
2375 next = NULL;
2376 } else {
2377 log_level = (cmd->victim == NULL)? LOG_NOTICE : LOG_ERR;
2378 if ((result->action_stdout != NULL)
2379 && !pcmk__str_eq(cmd->action, "metadata", pcmk__str_casei)) {
2380 output_log_level = LOG_WARNING;
2381 }
2382 }
2383
2384
2385 g_string_printf(msg, "Operation '%s' ", cmd->action);
2386 if (pid != 0) {
2387 g_string_append_printf(msg, "[%d] ", pid);
2388 }
2389 if (cmd->victim != NULL) {
2390 g_string_append_printf(msg, "targeting %s ", cmd->victim);
2391 }
2392 g_string_append_printf(msg, "using %s ", cmd->device);
2393
2394
2395 if (result->execution_status == PCMK_EXEC_DONE) {
2396 g_string_append_printf(msg, "returned %d", result->exit_status);
2397 } else {
2398 g_string_append_printf(msg, "could not be executed: %s",
2399 pcmk_exec_status_str(result->execution_status));
2400 }
2401
2402
2403 if (result->exit_reason != NULL) {
2404 g_string_append_printf(msg, " (%s)", result->exit_reason);
2405 }
2406 if (next != NULL) {
2407 g_string_append_printf(msg, ", retrying with %s", next);
2408 }
2409 if (devices_remaining > 0) {
2410 g_string_append_printf(msg, " (%u device%s remaining)",
2411 (unsigned int) devices_remaining,
2412 pcmk__plural_s(devices_remaining));
2413 }
2414 g_string_append_printf(msg, " " CRM_XS " %scall %d from %s",
2415 (op_merged? "merged " : ""), cmd->id,
2416 cmd->client_name);
2417
2418
2419 do_crm_log(log_level, "%s", msg->str);
2420 g_string_free(msg, TRUE);
2421
2422
2423 if (output_log_level != LOG_NEVER) {
2424 char *prefix = crm_strdup_printf("%s[%d]", cmd->device, pid);
2425
2426 crm_log_output(output_log_level, prefix, result->action_stdout);
2427 free(prefix);
2428 }
2429 }
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440 static void
2441 send_async_reply(async_command_t *cmd, const pcmk__action_result_t *result,
2442 int pid, bool merged)
2443 {
2444 xmlNode *reply = NULL;
2445 pcmk__client_t *client = NULL;
2446
2447 CRM_CHECK((cmd != NULL) && (result != NULL), return);
2448
2449 log_async_result(cmd, result, pid, NULL, merged);
2450
2451 if (cmd->client != NULL) {
2452 client = pcmk__find_client_by_id(cmd->client);
2453 if ((client == NULL) && (cmd->origin == NULL)) {
2454 crm_trace("Skipping reply to %s: no longer a client", cmd->client);
2455 return;
2456 }
2457 }
2458
2459 reply = construct_async_reply(cmd, result);
2460 if (merged) {
2461 pcmk__xe_set_bool_attr(reply, F_STONITH_MERGED, true);
2462 }
2463
2464 if (!stand_alone && pcmk__is_fencing_action(cmd->action)
2465 && pcmk__str_eq(cmd->origin, cmd->victim, pcmk__str_casei)) {
2466
2467
2468
2469 crm_trace("Broadcast '%s' result for %s (target was also originator)",
2470 cmd->action, cmd->victim);
2471 crm_xml_add(reply, F_SUBTYPE, "broadcast");
2472 crm_xml_add(reply, F_STONITH_OPERATION, T_STONITH_NOTIFY);
2473 send_cluster_message(NULL, crm_msg_stonith_ng, reply, FALSE);
2474 } else {
2475
2476 stonith_send_reply(reply, cmd->options, cmd->origin, client);
2477 }
2478
2479 crm_log_xml_trace(reply, "Reply");
2480 free_xml(reply);
2481
2482 if (stand_alone) {
2483
2484 xmlNode *notify_data = create_xml_node(NULL, T_STONITH_NOTIFY_FENCE);
2485
2486 stonith__xe_set_result(notify_data, result);
2487 crm_xml_add(notify_data, F_STONITH_TARGET, cmd->victim);
2488 crm_xml_add(notify_data, F_STONITH_OPERATION, cmd->op);
2489 crm_xml_add(notify_data, F_STONITH_DELEGATE, "localhost");
2490 crm_xml_add(notify_data, F_STONITH_DEVICE, cmd->device);
2491 crm_xml_add(notify_data, F_STONITH_REMOTE_OP_ID, cmd->remote_op_id);
2492 crm_xml_add(notify_data, F_STONITH_ORIGIN, cmd->client);
2493
2494 fenced_send_notification(T_STONITH_NOTIFY_FENCE, result, notify_data);
2495 fenced_send_notification(T_STONITH_NOTIFY_HISTORY, NULL, NULL);
2496 }
2497 }
2498
2499 static void
2500 cancel_stonith_command(async_command_t * cmd)
2501 {
2502 stonith_device_t *device;
2503
2504 CRM_CHECK(cmd != NULL, return);
2505
2506 if (!cmd->device) {
2507 return;
2508 }
2509
2510 device = g_hash_table_lookup(device_list, cmd->device);
2511
2512 if (device) {
2513 crm_trace("Cancel scheduled '%s' action using %s",
2514 cmd->action, device->id);
2515 device->pending_ops = g_list_remove(device->pending_ops, cmd);
2516 }
2517 }
2518
2519 static void
2520 st_child_done(int pid, const pcmk__action_result_t *result, void *user_data)
2521 {
2522 stonith_device_t *device = NULL;
2523 stonith_device_t *next_device = NULL;
2524 async_command_t *cmd = user_data;
2525
2526 GList *gIter = NULL;
2527 GList *gIterNext = NULL;
2528
2529 CRM_CHECK(cmd != NULL, return);
2530
2531 cmd->active_on = NULL;
2532
2533
2534 device = g_hash_table_lookup(device_list, cmd->device);
2535 if (device) {
2536 if (!device->verified && pcmk__result_ok(result) &&
2537 (pcmk__strcase_any_of(cmd->action, "list", "monitor", "status", NULL))) {
2538
2539 device->verified = TRUE;
2540 }
2541
2542 mainloop_set_trigger(device->work);
2543 }
2544
2545 if (pcmk__result_ok(result)) {
2546 GList *iter;
2547
2548 for (iter = cmd->device_next; iter != NULL; iter = iter->next) {
2549 next_device = g_hash_table_lookup(device_list, iter->data);
2550
2551 if (next_device != NULL && is_action_required(cmd->action, next_device)) {
2552 cmd->device_next = iter->next;
2553 break;
2554 }
2555 next_device = NULL;
2556 }
2557
2558 } else if ((cmd->device_next != NULL)
2559 && !is_action_required(cmd->action, device)) {
2560
2561
2562 next_device = g_hash_table_lookup(device_list, cmd->device_next->data);
2563 cmd->device_next = cmd->device_next->next;
2564 }
2565
2566
2567 if (next_device) {
2568 log_async_result(cmd, result, pid, next_device->id, false);
2569 schedule_stonith_command(cmd, next_device);
2570
2571 cmd = NULL;
2572 goto done;
2573 }
2574
2575 send_async_reply(cmd, result, pid, false);
2576
2577 if (!pcmk__result_ok(result)) {
2578 goto done;
2579 }
2580
2581
2582
2583
2584
2585 for (gIter = cmd_list; gIter != NULL; gIter = gIterNext) {
2586 async_command_t *cmd_other = gIter->data;
2587
2588 gIterNext = gIter->next;
2589
2590 if (cmd == cmd_other) {
2591 continue;
2592 }
2593
2594
2595
2596
2597
2598
2599
2600 if (pcmk__str_eq(cmd->client, cmd_other->client, pcmk__str_casei) ||
2601 !pcmk__str_eq(cmd->victim, cmd_other->victim, pcmk__str_casei) ||
2602 !pcmk__str_eq(cmd->action, cmd_other->action, pcmk__str_casei) ||
2603 !pcmk__str_eq(cmd->device, cmd_other->device, pcmk__str_casei)) {
2604
2605 continue;
2606 }
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616 crm_notice("Merging fencing action '%s' targeting %s originating from "
2617 "client %s with identical fencing request from client %s",
2618 cmd_other->action, cmd_other->victim, cmd_other->client_name,
2619 cmd->client_name);
2620
2621 cmd_list = g_list_remove_link(cmd_list, gIter);
2622
2623 send_async_reply(cmd_other, result, pid, true);
2624 cancel_stonith_command(cmd_other);
2625
2626 free_async_command(cmd_other);
2627 g_list_free_1(gIter);
2628 }
2629
2630 done:
2631 free_async_command(cmd);
2632 }
2633
2634 static gint
2635 sort_device_priority(gconstpointer a, gconstpointer b)
2636 {
2637 const stonith_device_t *dev_a = a;
2638 const stonith_device_t *dev_b = b;
2639
2640 if (dev_a->priority > dev_b->priority) {
2641 return -1;
2642 } else if (dev_a->priority < dev_b->priority) {
2643 return 1;
2644 }
2645 return 0;
2646 }
2647
2648 static void
2649 stonith_fence_get_devices_cb(GList * devices, void *user_data)
2650 {
2651 async_command_t *cmd = user_data;
2652 stonith_device_t *device = NULL;
2653 guint ndevices = g_list_length(devices);
2654
2655 crm_info("Found %d matching device%s for target '%s'",
2656 ndevices, pcmk__plural_s(ndevices), cmd->victim);
2657
2658 if (devices != NULL) {
2659
2660 devices = g_list_sort(devices, sort_device_priority);
2661 device = g_hash_table_lookup(device_list, devices->data);
2662 }
2663
2664 if (device == NULL) {
2665 pcmk__action_result_t result = PCMK__UNKNOWN_RESULT;
2666
2667 pcmk__format_result(&result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
2668 "No device configured for target '%s'",
2669 cmd->victim);
2670 send_async_reply(cmd, &result, 0, false);
2671 pcmk__reset_result(&result);
2672 free_async_command(cmd);
2673 g_list_free_full(devices, free);
2674
2675 } else {
2676 cmd->device_list = devices;
2677 cmd->device_next = devices->next;
2678 schedule_stonith_command(cmd, device);
2679 }
2680 }
2681
2682
2683
2684
2685
2686
2687
2688
2689 static void
2690 fence_locally(xmlNode *msg, pcmk__action_result_t *result)
2691 {
2692 const char *device_id = NULL;
2693 stonith_device_t *device = NULL;
2694 async_command_t *cmd = create_async_command(msg);
2695 xmlNode *dev = get_xpath_object("//@" F_STONITH_TARGET, msg, LOG_ERR);
2696
2697 CRM_CHECK(result != NULL, return);
2698
2699 if (cmd == NULL) {
2700 fenced_set_protocol_error(result);
2701 return;
2702 }
2703
2704 device_id = crm_element_value(dev, F_STONITH_DEVICE);
2705 if (device_id != NULL) {
2706 device = g_hash_table_lookup(device_list, device_id);
2707 if (device == NULL) {
2708 crm_err("Requested device '%s' is not available", device_id);
2709 pcmk__format_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
2710 "Requested device '%s' not found", device_id);
2711 return;
2712 }
2713 schedule_stonith_command(cmd, device);
2714
2715 } else {
2716 const char *host = crm_element_value(dev, F_STONITH_TARGET);
2717
2718 if (pcmk_is_set(cmd->options, st_opt_cs_nodeid)) {
2719 int nodeid = 0;
2720 crm_node_t *node = NULL;
2721
2722 pcmk__scan_min_int(host, &nodeid, 0);
2723 node = pcmk__search_known_node_cache(nodeid, NULL, CRM_GET_PEER_ANY);
2724 if (node != NULL) {
2725 host = node->uname;
2726 }
2727 }
2728
2729
2730 get_capable_devices(host, cmd->action, cmd->default_timeout,
2731 TRUE, cmd, stonith_fence_get_devices_cb);
2732 }
2733
2734 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_PENDING, NULL);
2735 }
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751 xmlNode *
2752 fenced_construct_reply(xmlNode *request, xmlNode *data,
2753 pcmk__action_result_t *result)
2754 {
2755 xmlNode *reply = NULL;
2756
2757 reply = create_xml_node(NULL, T_STONITH_REPLY);
2758
2759 crm_xml_add(reply, "st_origin", __func__);
2760 crm_xml_add(reply, F_TYPE, T_STONITH_NG);
2761 stonith__xe_set_result(reply, result);
2762
2763 if (request == NULL) {
2764
2765
2766
2767
2768
2769
2770 crm_warn("Missing request information for client notifications for "
2771 "operation with result '%s' (initiated before we came up?)",
2772 pcmk_exec_status_str(result->execution_status));
2773
2774 } else {
2775 const char *name = NULL;
2776 const char *value = NULL;
2777
2778
2779 const char *names[] = {
2780 F_STONITH_OPERATION,
2781 F_STONITH_CALLID,
2782 F_STONITH_CLIENTID,
2783 F_STONITH_CLIENTNAME,
2784 F_STONITH_REMOTE_OP_ID,
2785 F_STONITH_CALLOPTS
2786 };
2787
2788 for (int lpc = 0; lpc < PCMK__NELEM(names); lpc++) {
2789 name = names[lpc];
2790 value = crm_element_value(request, name);
2791 crm_xml_add(reply, name, value);
2792 }
2793 if (data != NULL) {
2794 add_message_xml(reply, F_STONITH_CALLDATA, data);
2795 }
2796 }
2797 return reply;
2798 }
2799
2800
2801
2802
2803
2804
2805
2806
2807 static xmlNode *
2808 construct_async_reply(async_command_t *cmd, const pcmk__action_result_t *result)
2809 {
2810 xmlNode *reply = create_xml_node(NULL, T_STONITH_REPLY);
2811
2812 crm_xml_add(reply, "st_origin", __func__);
2813 crm_xml_add(reply, F_TYPE, T_STONITH_NG);
2814 crm_xml_add(reply, F_STONITH_OPERATION, cmd->op);
2815 crm_xml_add(reply, F_STONITH_DEVICE, cmd->device);
2816 crm_xml_add(reply, F_STONITH_REMOTE_OP_ID, cmd->remote_op_id);
2817 crm_xml_add(reply, F_STONITH_CLIENTID, cmd->client);
2818 crm_xml_add(reply, F_STONITH_CLIENTNAME, cmd->client_name);
2819 crm_xml_add(reply, F_STONITH_TARGET, cmd->victim);
2820 crm_xml_add(reply, F_STONITH_ACTION, cmd->op);
2821 crm_xml_add(reply, F_STONITH_ORIGIN, cmd->origin);
2822 crm_xml_add_int(reply, F_STONITH_CALLID, cmd->id);
2823 crm_xml_add_int(reply, F_STONITH_CALLOPTS, cmd->options);
2824
2825 stonith__xe_set_result(reply, result);
2826 return reply;
2827 }
2828
2829 bool fencing_peer_active(crm_node_t *peer)
2830 {
2831 if (peer == NULL) {
2832 return FALSE;
2833 } else if (peer->uname == NULL) {
2834 return FALSE;
2835 } else if (pcmk_is_set(peer->processes, crm_get_cluster_proc())) {
2836 return TRUE;
2837 }
2838 return FALSE;
2839 }
2840
2841 void
2842 set_fencing_completed(remote_fencing_op_t *op)
2843 {
2844 struct timespec tv;
2845
2846 qb_util_timespec_from_epoch_get(&tv);
2847 op->completed = tv.tv_sec;
2848 op->completed_nsec = tv.tv_nsec;
2849 }
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860 static const char *
2861 check_alternate_host(const char *target)
2862 {
2863 const char *alternate_host = NULL;
2864
2865 crm_trace("Checking if we (%s) can fence %s", stonith_our_uname, target);
2866 if (find_topology_for_host(target) && pcmk__str_eq(target, stonith_our_uname, pcmk__str_casei)) {
2867 GHashTableIter gIter;
2868 crm_node_t *entry = NULL;
2869
2870 g_hash_table_iter_init(&gIter, crm_peer_cache);
2871 while (g_hash_table_iter_next(&gIter, NULL, (void **)&entry)) {
2872 crm_trace("Checking for %s.%d != %s", entry->uname, entry->id, target);
2873 if (fencing_peer_active(entry)
2874 && !pcmk__str_eq(entry->uname, target, pcmk__str_casei)) {
2875 alternate_host = entry->uname;
2876 break;
2877 }
2878 }
2879 if (alternate_host == NULL) {
2880 crm_err("No alternate host available to handle request "
2881 "for self-fencing with topology");
2882 g_hash_table_iter_init(&gIter, crm_peer_cache);
2883 while (g_hash_table_iter_next(&gIter, NULL, (void **)&entry)) {
2884 crm_notice("Peer[%d] %s", entry->id, entry->uname);
2885 }
2886 }
2887 }
2888
2889 return alternate_host;
2890 }
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901 static void
2902 stonith_send_reply(xmlNode *reply, int call_options, const char *remote_peer,
2903 pcmk__client_t *client)
2904 {
2905 CRM_CHECK((reply != NULL) && ((remote_peer != NULL) || (client != NULL)),
2906 return);
2907
2908 if (remote_peer == NULL) {
2909 do_local_reply(reply, client, call_options);
2910 } else {
2911 send_cluster_message(crm_get_peer(0, remote_peer), crm_msg_stonith_ng,
2912 reply, FALSE);
2913 }
2914 }
2915
2916 static void
2917 remove_relay_op(xmlNode * request)
2918 {
2919 xmlNode *dev = get_xpath_object("//@" F_STONITH_ACTION, request, LOG_TRACE);
2920 const char *relay_op_id = NULL;
2921 const char *op_id = NULL;
2922 const char *client_name = NULL;
2923 const char *target = NULL;
2924 remote_fencing_op_t *relay_op = NULL;
2925
2926 if (dev) {
2927 target = crm_element_value(dev, F_STONITH_TARGET);
2928 }
2929
2930 relay_op_id = crm_element_value(request, F_STONITH_REMOTE_OP_ID_RELAY);
2931 op_id = crm_element_value(request, F_STONITH_REMOTE_OP_ID);
2932 client_name = crm_element_value(request, F_STONITH_CLIENTNAME);
2933
2934
2935 if (relay_op_id && target && pcmk__str_eq(target, stonith_our_uname, pcmk__str_casei)) {
2936 relay_op = g_hash_table_lookup(stonith_remote_op_list, relay_op_id);
2937
2938 if (relay_op) {
2939 GHashTableIter iter;
2940 remote_fencing_op_t *list_op = NULL;
2941 g_hash_table_iter_init(&iter, stonith_remote_op_list);
2942
2943
2944 while (g_hash_table_iter_next(&iter, NULL, (void **)&list_op)) {
2945 GList *dup_iter = NULL;
2946 if (list_op != relay_op) {
2947 for (dup_iter = list_op->duplicates; dup_iter != NULL; dup_iter = dup_iter->next) {
2948 remote_fencing_op_t *other = dup_iter->data;
2949 if (other == relay_op) {
2950 other->duplicates = g_list_remove(other->duplicates, relay_op);
2951 break;
2952 }
2953 }
2954 }
2955 }
2956 crm_debug("Deleting relay op %s ('%s' targeting %s for %s), "
2957 "replaced by op %s ('%s' targeting %s for %s)",
2958 relay_op->id, relay_op->action, relay_op->target,
2959 relay_op->client_name, op_id, relay_op->action, target,
2960 client_name);
2961
2962 g_hash_table_remove(stonith_remote_op_list, relay_op_id);
2963 }
2964 }
2965 }
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981 static inline bool
2982 is_privileged(pcmk__client_t *c, const char *op)
2983 {
2984 if ((c == NULL) || pcmk_is_set(c->flags, pcmk__client_privileged)) {
2985 return true;
2986 } else {
2987 crm_warn("Rejecting IPC request '%s' from unprivileged client %s",
2988 crm_str(op), pcmk__client_name(c));
2989 return false;
2990 }
2991 }
2992
2993
2994 static xmlNode *
2995 handle_register_request(pcmk__request_t *request)
2996 {
2997 xmlNode *reply = create_xml_node(NULL, "reply");
2998
2999 CRM_ASSERT(request->ipc_client != NULL);
3000 crm_xml_add(reply, F_STONITH_OPERATION, CRM_OP_REGISTER);
3001 crm_xml_add(reply, F_STONITH_CLIENTID, request->ipc_client->id);
3002 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3003 pcmk__set_request_flags(request, pcmk__request_reuse_options);
3004 return reply;
3005 }
3006
3007
3008 static xmlNode *
3009 handle_agent_request(pcmk__request_t *request)
3010 {
3011 execute_agent_action(request->xml, &request->result);
3012 if (request->result.execution_status == PCMK_EXEC_PENDING) {
3013 return NULL;
3014 }
3015 return fenced_construct_reply(request->xml, NULL, &request->result);
3016 }
3017
3018
3019 static xmlNode *
3020 handle_update_timeout_request(pcmk__request_t *request)
3021 {
3022 const char *call_id = crm_element_value(request->xml, F_STONITH_CALLID);
3023 const char *client_id = crm_element_value(request->xml, F_STONITH_CLIENTID);
3024 int op_timeout = 0;
3025
3026 crm_element_value_int(request->xml, F_STONITH_TIMEOUT, &op_timeout);
3027 do_stonith_async_timeout_update(client_id, call_id, op_timeout);
3028 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3029 return NULL;
3030 }
3031
3032
3033 static xmlNode *
3034 handle_query_request(pcmk__request_t *request)
3035 {
3036 int timeout = 0;
3037 xmlNode *dev = NULL;
3038 const char *action = NULL;
3039 const char *target = NULL;
3040 const char *client_id = crm_element_value(request->xml, F_STONITH_CLIENTID);
3041 struct st_query_data *query = NULL;
3042
3043 if (request->peer != NULL) {
3044
3045 create_remote_stonith_op(client_id, request->xml, TRUE);
3046 }
3047
3048
3049 remove_relay_op(request->xml);
3050
3051 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3052
3053 dev = get_xpath_object("//@" F_STONITH_ACTION, request->xml, LOG_NEVER);
3054 if (dev != NULL) {
3055 const char *device = crm_element_value(dev, F_STONITH_DEVICE);
3056
3057 if (pcmk__str_eq(device, "manual_ack", pcmk__str_casei)) {
3058 return NULL;
3059 }
3060 target = crm_element_value(dev, F_STONITH_TARGET);
3061 action = crm_element_value(dev, F_STONITH_ACTION);
3062 }
3063
3064 crm_log_xml_debug(request->xml, "Query");
3065
3066 query = calloc(1, sizeof(struct st_query_data));
3067 CRM_ASSERT(query != NULL);
3068
3069 query->reply = fenced_construct_reply(request->xml, NULL, &request->result);
3070 pcmk__str_update(&query->remote_peer, request->peer);
3071 pcmk__str_update(&query->client_id, client_id);
3072 pcmk__str_update(&query->target, target);
3073 pcmk__str_update(&query->action, action);
3074 query->call_options = request->call_options;
3075
3076 crm_element_value_int(request->xml, F_STONITH_TIMEOUT, &timeout);
3077 get_capable_devices(target, action, timeout,
3078 pcmk_is_set(query->call_options, st_opt_allow_suicide),
3079 query, stonith_query_capable_device_cb);
3080 return NULL;
3081 }
3082
3083
3084 static xmlNode *
3085 handle_notify_request(pcmk__request_t *request)
3086 {
3087 const char *flag_name = NULL;
3088
3089 CRM_ASSERT(request->ipc_client != NULL);
3090 flag_name = crm_element_value(request->xml, F_STONITH_NOTIFY_ACTIVATE);
3091 if (flag_name != NULL) {
3092 crm_debug("Enabling %s callbacks for client %s",
3093 flag_name, pcmk__request_origin(request));
3094 pcmk__set_client_flags(request->ipc_client, get_stonith_flag(flag_name));
3095 }
3096
3097 flag_name = crm_element_value(request->xml, F_STONITH_NOTIFY_DEACTIVATE);
3098 if (flag_name != NULL) {
3099 crm_debug("Disabling %s callbacks for client %s",
3100 flag_name, pcmk__request_origin(request));
3101 pcmk__clear_client_flags(request->ipc_client,
3102 get_stonith_flag(flag_name));
3103 }
3104
3105 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3106 pcmk__set_request_flags(request, pcmk__request_reuse_options);
3107
3108 return pcmk__ipc_create_ack(request->ipc_flags, "ack", CRM_EX_OK);
3109 }
3110
3111
3112 static xmlNode *
3113 handle_relay_request(pcmk__request_t *request)
3114 {
3115 xmlNode *dev = get_xpath_object("//@" F_STONITH_TARGET, request->xml,
3116 LOG_TRACE);
3117
3118 crm_notice("Received forwarded fencing request from "
3119 "%s %s to fence (%s) peer %s",
3120 pcmk__request_origin_type(request),
3121 pcmk__request_origin(request),
3122 crm_element_value(dev, F_STONITH_ACTION),
3123 crm_element_value(dev, F_STONITH_TARGET));
3124
3125 if (initiate_remote_stonith_op(NULL, request->xml, FALSE) == NULL) {
3126 fenced_set_protocol_error(&request->result);
3127 return fenced_construct_reply(request->xml, NULL, &request->result);
3128 }
3129
3130 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING, NULL);
3131 return NULL;
3132 }
3133
3134
3135 static xmlNode *
3136 handle_fence_request(pcmk__request_t *request)
3137 {
3138 if ((request->peer != NULL) || stand_alone) {
3139 fence_locally(request->xml, &request->result);
3140
3141 } else if (pcmk_is_set(request->call_options, st_opt_manual_ack)) {
3142 switch (fenced_handle_manual_confirmation(request->ipc_client,
3143 request->xml)) {
3144 case pcmk_rc_ok:
3145 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE,
3146 NULL);
3147 break;
3148 case EINPROGRESS:
3149 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING,
3150 NULL);
3151 break;
3152 default:
3153 fenced_set_protocol_error(&request->result);
3154 break;
3155 }
3156
3157 } else {
3158 const char *alternate_host = NULL;
3159 xmlNode *dev = get_xpath_object("//@" F_STONITH_TARGET, request->xml,
3160 LOG_TRACE);
3161 const char *target = crm_element_value(dev, F_STONITH_TARGET);
3162 const char *action = crm_element_value(dev, F_STONITH_ACTION);
3163 const char *device = crm_element_value(dev, F_STONITH_DEVICE);
3164
3165 if (request->ipc_client != NULL) {
3166 int tolerance = 0;
3167
3168 crm_notice("Client %s wants to fence (%s) %s using %s",
3169 pcmk__request_origin(request), action,
3170 target, (device? device : "any device"));
3171 crm_element_value_int(dev, F_STONITH_TOLERANCE, &tolerance);
3172 if (stonith_check_fence_tolerance(tolerance, target, action)) {
3173 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE,
3174 NULL);
3175 return fenced_construct_reply(request->xml, NULL,
3176 &request->result);
3177 }
3178
3179 } else {
3180 crm_notice("Peer %s wants to fence (%s) '%s' with device '%s'",
3181 request->peer, action, target,
3182 (device == NULL)? "(any)" : device);
3183 }
3184
3185 alternate_host = check_alternate_host(target);
3186
3187 if ((alternate_host != NULL) && (request->ipc_client != NULL)) {
3188 const char *client_id = NULL;
3189 remote_fencing_op_t *op = NULL;
3190
3191 crm_notice("Forwarding self-fencing request to peer %s "
3192 "due to topology", alternate_host);
3193
3194 if (request->ipc_client->id == 0) {
3195 client_id = crm_element_value(request->xml, F_STONITH_CLIENTID);
3196 } else {
3197 client_id = request->ipc_client->id;
3198 }
3199
3200
3201
3202
3203
3204 op = create_remote_stonith_op(client_id, request->xml, FALSE);
3205
3206 crm_xml_add(request->xml, F_STONITH_OPERATION, STONITH_OP_RELAY);
3207 crm_xml_add(request->xml, F_STONITH_CLIENTID,
3208 request->ipc_client->id);
3209 crm_xml_add(request->xml, F_STONITH_REMOTE_OP_ID, op->id);
3210 send_cluster_message(crm_get_peer(0, alternate_host),
3211 crm_msg_stonith_ng, request->xml, FALSE);
3212 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING,
3213 NULL);
3214
3215 } else if (initiate_remote_stonith_op(request->ipc_client, request->xml,
3216 FALSE) == NULL) {
3217 fenced_set_protocol_error(&request->result);
3218
3219 } else {
3220 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING,
3221 NULL);
3222 }
3223 }
3224
3225 if (request->result.execution_status == PCMK_EXEC_PENDING) {
3226 return NULL;
3227 }
3228 return fenced_construct_reply(request->xml, NULL, &request->result);
3229 }
3230
3231
3232 static xmlNode *
3233 handle_history_request(pcmk__request_t *request)
3234 {
3235 xmlNode *reply = NULL;
3236 xmlNode *data = NULL;
3237
3238 stonith_fence_history(request->xml, &data, request->peer,
3239 request->call_options);
3240 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3241 if (!pcmk_is_set(request->call_options, st_opt_discard_reply)) {
3242
3243
3244
3245 reply = fenced_construct_reply(request->xml, data, &request->result);
3246 }
3247 free_xml(data);
3248 return reply;
3249 }
3250
3251
3252 static xmlNode *
3253 handle_device_add_request(pcmk__request_t *request)
3254 {
3255 const char *device_id = NULL;
3256 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3257
3258 if (is_privileged(request->ipc_client, op)) {
3259 int rc = stonith_device_register(request->xml, &device_id, FALSE);
3260
3261 pcmk__set_result(&request->result,
3262 ((rc == pcmk_ok)? CRM_EX_OK : CRM_EX_ERROR),
3263 stonith__legacy2status(rc),
3264 ((rc == pcmk_ok)? NULL : pcmk_strerror(rc)));
3265 } else {
3266 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3267 PCMK_EXEC_INVALID,
3268 "Unprivileged users must register device via CIB");
3269 }
3270 fenced_send_device_notification(op, &request->result, device_id);
3271 return fenced_construct_reply(request->xml, NULL, &request->result);
3272 }
3273
3274
3275 static xmlNode *
3276 handle_device_delete_request(pcmk__request_t *request)
3277 {
3278 xmlNode *dev = get_xpath_object("//" F_STONITH_DEVICE, request->xml,
3279 LOG_ERR);
3280 const char *device_id = crm_element_value(dev, XML_ATTR_ID);
3281 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3282
3283 if (is_privileged(request->ipc_client, op)) {
3284 stonith_device_remove(device_id, false);
3285 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3286 } else {
3287 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3288 PCMK_EXEC_INVALID,
3289 "Unprivileged users must delete device via CIB");
3290 }
3291 fenced_send_device_notification(op, &request->result, device_id);
3292 return fenced_construct_reply(request->xml, NULL, &request->result);
3293 }
3294
3295
3296 static xmlNode *
3297 handle_level_add_request(pcmk__request_t *request)
3298 {
3299 char *device_id = NULL;
3300 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3301
3302 if (is_privileged(request->ipc_client, op)) {
3303 fenced_register_level(request->xml, &device_id, &request->result);
3304 } else {
3305 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3306 PCMK_EXEC_INVALID,
3307 "Unprivileged users must add level via CIB");
3308 }
3309 fenced_send_level_notification(op, &request->result, device_id);
3310 free(device_id);
3311 return fenced_construct_reply(request->xml, NULL, &request->result);
3312 }
3313
3314
3315 static xmlNode *
3316 handle_level_delete_request(pcmk__request_t *request)
3317 {
3318 char *device_id = NULL;
3319 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3320
3321 if (is_privileged(request->ipc_client, op)) {
3322 fenced_unregister_level(request->xml, &device_id, &request->result);
3323 } else {
3324 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3325 PCMK_EXEC_INVALID,
3326 "Unprivileged users must delete level via CIB");
3327 }
3328 fenced_send_level_notification(op, &request->result, device_id);
3329 return fenced_construct_reply(request->xml, NULL, &request->result);
3330 }
3331
3332
3333 static xmlNode *
3334 handle_cache_request(pcmk__request_t *request)
3335 {
3336 int node_id = 0;
3337 const char *name = NULL;
3338
3339 crm_element_value_int(request->xml, XML_ATTR_ID, &node_id);
3340 name = crm_element_value(request->xml, XML_ATTR_UNAME);
3341 reap_crm_member(node_id, name);
3342 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3343 return NULL;
3344 }
3345
3346 static xmlNode *
3347 handle_unknown_request(pcmk__request_t *request)
3348 {
3349 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3350
3351 crm_err("Unknown IPC request %s from %s %s",
3352 op, pcmk__request_origin_type(request),
3353 pcmk__request_origin(request));
3354 pcmk__format_result(&request->result, CRM_EX_PROTOCOL, PCMK_EXEC_INVALID,
3355 "Unknown IPC request type '%s' (bug?)", crm_str(op));
3356 return fenced_construct_reply(request->xml, NULL, &request->result);
3357 }
3358
3359 static void
3360 fenced_register_handlers(void)
3361 {
3362 pcmk__server_command_t handlers[] = {
3363 { CRM_OP_REGISTER, handle_register_request },
3364 { STONITH_OP_EXEC, handle_agent_request },
3365 { STONITH_OP_TIMEOUT_UPDATE, handle_update_timeout_request },
3366 { STONITH_OP_QUERY, handle_query_request },
3367 { T_STONITH_NOTIFY, handle_notify_request },
3368 { STONITH_OP_RELAY, handle_relay_request },
3369 { STONITH_OP_FENCE, handle_fence_request },
3370 { STONITH_OP_FENCE_HISTORY, handle_history_request },
3371 { STONITH_OP_DEVICE_ADD, handle_device_add_request },
3372 { STONITH_OP_DEVICE_DEL, handle_device_delete_request },
3373 { STONITH_OP_LEVEL_ADD, handle_level_add_request },
3374 { STONITH_OP_LEVEL_DEL, handle_level_delete_request },
3375 { CRM_OP_RM_NODE_CACHE, handle_cache_request },
3376 { NULL, handle_unknown_request },
3377 };
3378
3379 fenced_handlers = pcmk__register_handlers(handlers);
3380 }
3381
3382 void
3383 fenced_unregister_handlers(void)
3384 {
3385 if (fenced_handlers != NULL) {
3386 g_hash_table_destroy(fenced_handlers);
3387 fenced_handlers = NULL;
3388 }
3389 }
3390
3391 static void
3392 handle_request(pcmk__request_t *request)
3393 {
3394 xmlNode *reply = NULL;
3395 const char *reason = NULL;
3396
3397 if (fenced_handlers == NULL) {
3398 fenced_register_handlers();
3399 }
3400 reply = pcmk__process_request(request, fenced_handlers);
3401 if (reply != NULL) {
3402 if (pcmk_is_set(request->flags, pcmk__request_reuse_options)
3403 && (request->ipc_client != NULL)) {
3404
3405
3406
3407
3408 pcmk__ipc_send_xml(request->ipc_client, request->ipc_id, reply,
3409 request->ipc_flags);
3410 request->ipc_client->request_id = 0;
3411 } else {
3412 stonith_send_reply(reply, request->call_options,
3413 request->peer, request->ipc_client);
3414 }
3415 free_xml(reply);
3416 }
3417
3418 reason = request->result.exit_reason;
3419 crm_debug("Processed %s request from %s %s: %s%s%s%s",
3420 request->op, pcmk__request_origin_type(request),
3421 pcmk__request_origin(request),
3422 pcmk_exec_status_str(request->result.execution_status),
3423 (reason == NULL)? "" : " (",
3424 (reason == NULL)? "" : reason,
3425 (reason == NULL)? "" : ")");
3426 }
3427
3428 static void
3429 handle_reply(pcmk__client_t *client, xmlNode *request, const char *remote_peer)
3430 {
3431
3432 char *op = crm_element_value_copy(request, F_STONITH_OPERATION);
3433
3434 if (pcmk__str_eq(op, STONITH_OP_QUERY, pcmk__str_none)) {
3435 process_remote_stonith_query(request);
3436 } else if (pcmk__str_any_of(op, T_STONITH_NOTIFY, STONITH_OP_FENCE, NULL)) {
3437 fenced_process_fencing_reply(request);
3438 } else {
3439 crm_err("Ignoring unknown %s reply from %s %s",
3440 crm_str(op), ((client == NULL)? "peer" : "client"),
3441 ((client == NULL)? remote_peer : pcmk__client_name(client)));
3442 crm_log_xml_warn(request, "UnknownOp");
3443 free(op);
3444 return;
3445 }
3446 crm_debug("Processed %s reply from %s %s",
3447 op, ((client == NULL)? "peer" : "client"),
3448 ((client == NULL)? remote_peer : pcmk__client_name(client)));
3449 free(op);
3450 }
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462 void
3463 stonith_command(pcmk__client_t *client, uint32_t id, uint32_t flags,
3464 xmlNode *message, const char *remote_peer)
3465 {
3466 int call_options = st_opt_none;
3467 bool is_reply = false;
3468
3469 CRM_CHECK(message != NULL, return);
3470
3471 if (get_xpath_object("//" T_STONITH_REPLY, message, LOG_NEVER) != NULL) {
3472 is_reply = true;
3473 }
3474 crm_element_value_int(message, F_STONITH_CALLOPTS, &call_options);
3475 crm_debug("Processing %ssynchronous %s %s %u from %s %s",
3476 pcmk_is_set(call_options, st_opt_sync_call)? "" : "a",
3477 crm_element_value(message, F_STONITH_OPERATION),
3478 (is_reply? "reply" : "request"), id,
3479 ((client == NULL)? "peer" : "client"),
3480 ((client == NULL)? remote_peer : pcmk__client_name(client)));
3481
3482 if (pcmk_is_set(call_options, st_opt_sync_call)) {
3483 CRM_ASSERT(client == NULL || client->request_id == id);
3484 }
3485
3486 if (is_reply) {
3487 handle_reply(client, message, remote_peer);
3488 } else {
3489 pcmk__request_t request = {
3490 .ipc_client = client,
3491 .ipc_id = id,
3492 .ipc_flags = flags,
3493 .peer = remote_peer,
3494 .xml = message,
3495 .call_options = call_options,
3496 .result = PCMK__UNKNOWN_RESULT,
3497 };
3498
3499 request.op = crm_element_value(request.xml, F_STONITH_OPERATION);
3500 CRM_CHECK(request.op != NULL, return);
3501
3502 if (pcmk_is_set(request.call_options, st_opt_sync_call)) {
3503 pcmk__set_request_flags(&request, pcmk__request_sync);
3504 }
3505
3506 handle_request(&request);
3507 pcmk__reset_result(&request.result);
3508 }
3509 }
![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
![[next]](../icons/right.png)
![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
![[previous]](../icons/left.png)
![[last]](../icons/n_last.png)
![[bottom]](../icons/n_bottom.png){kind=icon}