This source file includes following definitions.
- is_action_required
- get_action_delay_max
- get_action_delay_base
- get_action_timeout
- free_async_command
- create_async_command
- get_action_limit
- get_active_cmds
- fork_cb
- get_agent_metadata_cb
- report_internal_result
- stonith_device_execute
- stonith_device_dispatch
- start_delay_helper
- schedule_stonith_command
- free_device
- free_device_list
- init_device_list
- build_port_aliases
- free_metadata_cache
- init_metadata_cache
- get_agent_metadata
- is_nodeid_required
- add_action
- read_action_metadata
- map_action
- xml2device_params
- target_list_type
- build_device_from_xml
- schedule_internal_command
- status_search_cb
- dynamic_list_search_cb
- device_params_diff
- device_has_duplicate
- stonith_device_register
- stonith_device_remove
- count_active_levels
- free_topology_entry
- free_topology_list
- init_topology_list
- stonith_level_key
- unpack_level_kind
- parse_device_list
- fenced_register_level
- fenced_unregister_level
- list_to_string
- execute_agent_action
- search_devices_record_result
- localhost_is_eligible
- can_fence_host_with_device
- search_devices
- get_capable_devices
- add_action_specific_attributes
- add_disallowed
- add_action_reply
- stonith_query_capable_device_cb
- log_async_result
- send_async_reply
- cancel_stonith_command
- st_child_done
- sort_device_priority
- stonith_fence_get_devices_cb
- fence_locally
- fenced_construct_reply
- construct_async_reply
- fencing_peer_active
- set_fencing_completed
- check_alternate_host
- stonith_send_reply
- remove_relay_op
- is_privileged
- handle_register_request
- handle_agent_request
- handle_update_timeout_request
- handle_query_request
- handle_notify_request
- handle_relay_request
- handle_fence_request
- handle_history_request
- handle_device_add_request
- handle_device_delete_request
- handle_level_add_request
- handle_level_delete_request
- handle_cache_request
- handle_unknown_request
- fenced_register_handlers
- fenced_unregister_handlers
- handle_request
- handle_reply
- stonith_command
1
2
3
4
5
6
7
8
9
10 #include <crm_internal.h>
11
12 #include <sys/param.h>
13 #include <stdio.h>
14 #include <sys/types.h>
15 #include <sys/wait.h>
16 #include <sys/stat.h>
17 #include <unistd.h>
18 #include <sys/utsname.h>
19
20 #include <stdlib.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <ctype.h>
24
25 #include <crm/crm.h>
26 #include <crm/msg_xml.h>
27 #include <crm/common/ipc.h>
28 #include <crm/common/ipc_internal.h>
29 #include <crm/cluster/internal.h>
30 #include <crm/common/mainloop.h>
31
32 #include <crm/stonith-ng.h>
33 #include <crm/fencing/internal.h>
34 #include <crm/common/xml.h>
35
36 #include <pacemaker-fenced.h>
37
38 GHashTable *device_list = NULL;
39 GHashTable *topology = NULL;
40 GList *cmd_list = NULL;
41
42 static GHashTable *fenced_handlers = NULL;
43
44 struct device_search_s {
45
46 char *host;
47
48 char *action;
49
50 int per_device_timeout;
51
52 int replies_needed;
53
54 int replies_received;
55
56 bool allow_suicide;
57
58
59 void *user_data;
60
61 void (*callback) (GList * devices, void *user_data);
62
63 GList *capable;
64 };
65
66 static gboolean stonith_device_dispatch(gpointer user_data);
67 static void st_child_done(int pid, const pcmk__action_result_t *result,
68 void *user_data);
69 static void stonith_send_reply(xmlNode * reply, int call_options, const char *remote_peer,
70 pcmk__client_t *client);
71
72 static void search_devices_record_result(struct device_search_s *search, const char *device,
73 gboolean can_fence);
74
75 static int get_agent_metadata(const char *agent, xmlNode **metadata);
76 static void read_action_metadata(stonith_device_t *device);
77 static enum fenced_target_by unpack_level_kind(xmlNode *level);
78
79 typedef struct async_command_s {
80
81 int id;
82 int pid;
83 int fd_stdout;
84 int options;
85 int default_timeout;
86 int timeout;
87
88 int start_delay;
89 int delay_id;
90
91 char *op;
92 char *origin;
93 char *client;
94 char *client_name;
95 char *remote_op_id;
96
97 char *victim;
98 uint32_t victim_nodeid;
99 char *action;
100 char *device;
101
102 GList *device_list;
103 GList *device_next;
104
105 void *internal_user_data;
106 void (*done_cb) (int pid, const pcmk__action_result_t *result,
107 void *user_data);
108 guint timer_sigterm;
109 guint timer_sigkill;
110
111
112 int last_timeout_signo;
113
114 stonith_device_t *active_on;
115 stonith_device_t *activating_on;
116 } async_command_t;
117
118 static xmlNode *construct_async_reply(async_command_t *cmd,
119 const pcmk__action_result_t *result);
120
121 static gboolean
122 is_action_required(const char *action, stonith_device_t *device)
123 {
124 return device && device->automatic_unfencing && pcmk__str_eq(action, "on",
125 pcmk__str_casei);
126 }
127
128 static int
129 get_action_delay_max(stonith_device_t * device, const char * action)
130 {
131 const char *value = NULL;
132 int delay_max = 0;
133
134 if (!pcmk__is_fencing_action(action)) {
135 return 0;
136 }
137
138 value = g_hash_table_lookup(device->params, PCMK_STONITH_DELAY_MAX);
139 if (value) {
140 delay_max = crm_parse_interval_spec(value) / 1000;
141 }
142
143 return delay_max;
144 }
145
146 static int
147 get_action_delay_base(stonith_device_t *device, const char *action, const char *victim)
148 {
149 char *hash_value = NULL;
150 int delay_base = 0;
151
152 if (!pcmk__is_fencing_action(action)) {
153 return 0;
154 }
155
156 hash_value = g_hash_table_lookup(device->params, PCMK_STONITH_DELAY_BASE);
157
158 if (hash_value) {
159 char *value = strdup(hash_value);
160 char *valptr = value;
161
162 CRM_ASSERT(value != NULL);
163
164 if (victim) {
165 for (char *val = strtok(value, "; \t"); val != NULL; val = strtok(NULL, "; \t")) {
166 char *mapval = strchr(val, ':');
167
168 if (mapval == NULL || mapval[1] == 0) {
169 crm_err("pcmk_delay_base: empty value in mapping", val);
170 continue;
171 }
172
173 if (mapval != val && strncasecmp(victim, val, (size_t)(mapval - val)) == 0) {
174 value = mapval + 1;
175 crm_debug("pcmk_delay_base mapped to %s for %s", value, victim);
176 break;
177 }
178 }
179 }
180
181 if (strchr(value, ':') == 0) {
182 delay_base = crm_parse_interval_spec(value) / 1000;
183 }
184
185 free(valptr);
186 }
187
188 return delay_base;
189 }
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211 static int
212 get_action_timeout(stonith_device_t * device, const char *action, int default_timeout)
213 {
214 if (action && device && device->params) {
215 char buffer[64] = { 0, };
216 const char *value = NULL;
217
218
219
220
221 if (pcmk__str_eq(action, "reboot", pcmk__str_casei)
222 && !pcmk_is_set(device->flags, st_device_supports_reboot)) {
223 crm_trace("%s doesn't support reboot, using timeout for off instead",
224 device->id);
225 action = "off";
226 }
227
228
229 snprintf(buffer, sizeof(buffer), "pcmk_%s_timeout", action);
230 value = g_hash_table_lookup(device->params, buffer);
231 if (value) {
232 return atoi(value);
233 }
234 }
235 return default_timeout;
236 }
237
238 static void
239 free_async_command(async_command_t * cmd)
240 {
241 if (!cmd) {
242 return;
243 }
244
245 if (cmd->delay_id) {
246 g_source_remove(cmd->delay_id);
247 }
248
249 cmd_list = g_list_remove(cmd_list, cmd);
250
251 g_list_free_full(cmd->device_list, free);
252 free(cmd->device);
253 free(cmd->action);
254 free(cmd->victim);
255 free(cmd->remote_op_id);
256 free(cmd->client);
257 free(cmd->client_name);
258 free(cmd->origin);
259 free(cmd->op);
260 free(cmd);
261 }
262
263 static async_command_t *
264 create_async_command(xmlNode * msg)
265 {
266 async_command_t *cmd = NULL;
267 xmlNode *op = get_xpath_object("//@" F_STONITH_ACTION, msg, LOG_ERR);
268 const char *action = crm_element_value(op, F_STONITH_ACTION);
269
270 CRM_CHECK(action != NULL, crm_log_xml_warn(msg, "NoAction"); return NULL);
271
272 crm_log_xml_trace(msg, "Command");
273 cmd = calloc(1, sizeof(async_command_t));
274 crm_element_value_int(msg, F_STONITH_CALLID, &(cmd->id));
275 crm_element_value_int(msg, F_STONITH_CALLOPTS, &(cmd->options));
276 crm_element_value_int(msg, F_STONITH_TIMEOUT, &(cmd->default_timeout));
277 cmd->timeout = cmd->default_timeout;
278
279 crm_element_value_int(msg, F_STONITH_DELAY, &(cmd->start_delay));
280
281 cmd->origin = crm_element_value_copy(msg, F_ORIG);
282 cmd->remote_op_id = crm_element_value_copy(msg, F_STONITH_REMOTE_OP_ID);
283 cmd->client = crm_element_value_copy(msg, F_STONITH_CLIENTID);
284 cmd->client_name = crm_element_value_copy(msg, F_STONITH_CLIENTNAME);
285 cmd->op = crm_element_value_copy(msg, F_STONITH_OPERATION);
286 cmd->action = strdup(action);
287 cmd->victim = crm_element_value_copy(op, F_STONITH_TARGET);
288 cmd->device = crm_element_value_copy(op, F_STONITH_DEVICE);
289
290 CRM_CHECK(cmd->op != NULL, crm_log_xml_warn(msg, "NoOp"); free_async_command(cmd); return NULL);
291 CRM_CHECK(cmd->client != NULL, crm_log_xml_warn(msg, "NoClient"));
292
293 cmd->done_cb = st_child_done;
294 cmd_list = g_list_append(cmd_list, cmd);
295 return cmd;
296 }
297
298 static int
299 get_action_limit(stonith_device_t * device)
300 {
301 const char *value = NULL;
302 int action_limit = 1;
303
304 value = g_hash_table_lookup(device->params, PCMK_STONITH_ACTION_LIMIT);
305 if ((value == NULL)
306 || (pcmk__scan_min_int(value, &action_limit, INT_MIN) != pcmk_rc_ok)
307 || (action_limit == 0)) {
308 action_limit = 1;
309 }
310 return action_limit;
311 }
312
313 static int
314 get_active_cmds(stonith_device_t * device)
315 {
316 int counter = 0;
317 GList *gIter = NULL;
318 GList *gIterNext = NULL;
319
320 CRM_CHECK(device != NULL, return 0);
321
322 for (gIter = cmd_list; gIter != NULL; gIter = gIterNext) {
323 async_command_t *cmd = gIter->data;
324
325 gIterNext = gIter->next;
326
327 if (cmd->active_on == device) {
328 counter++;
329 }
330 }
331
332 return counter;
333 }
334
335 static void
336 fork_cb(int pid, void *user_data)
337 {
338 async_command_t *cmd = (async_command_t *) user_data;
339 stonith_device_t * device =
340
341
342
343 cmd->activating_on?cmd->activating_on:cmd->active_on;
344
345 CRM_ASSERT(device);
346 crm_debug("Operation '%s' [%d]%s%s using %s now running with %ds timeout",
347 cmd->action, pid,
348 ((cmd->victim == NULL)? "" : " targeting "),
349 ((cmd->victim == NULL)? "" : cmd->victim),
350 device->id, cmd->timeout);
351 cmd->active_on = device;
352 cmd->activating_on = NULL;
353 }
354
355 static int
356 get_agent_metadata_cb(gpointer data) {
357 stonith_device_t *device = data;
358 guint period_ms;
359
360 switch (get_agent_metadata(device->agent, &device->agent_metadata)) {
361 case pcmk_rc_ok:
362 if (device->agent_metadata) {
363 read_action_metadata(device);
364 stonith__device_parameter_flags(&(device->flags), device->id,
365 device->agent_metadata);
366 }
367 return G_SOURCE_REMOVE;
368
369 case EAGAIN:
370 period_ms = pcmk__mainloop_timer_get_period(device->timer);
371 if (period_ms < 160 * 1000) {
372 mainloop_timer_set_period(device->timer, 2 * period_ms);
373 }
374 return G_SOURCE_CONTINUE;
375
376 default:
377 return G_SOURCE_REMOVE;
378 }
379 }
380
381
382
383
384
385
386
387
388
389
390 static void
391 report_internal_result(async_command_t *cmd, int exit_status,
392 int execution_status, const char *exit_reason)
393 {
394 pcmk__action_result_t result = PCMK__UNKNOWN_RESULT;
395
396 pcmk__set_result(&result, exit_status, execution_status, exit_reason);
397 cmd->done_cb(0, &result, cmd);
398 pcmk__reset_result(&result);
399 }
400
401 static gboolean
402 stonith_device_execute(stonith_device_t * device)
403 {
404 int exec_rc = 0;
405 const char *action_str = NULL;
406 const char *host_arg = NULL;
407 async_command_t *cmd = NULL;
408 stonith_action_t *action = NULL;
409 int active_cmds = 0;
410 int action_limit = 0;
411 GList *gIter = NULL;
412 GList *gIterNext = NULL;
413
414 CRM_CHECK(device != NULL, return FALSE);
415
416 active_cmds = get_active_cmds(device);
417 action_limit = get_action_limit(device);
418 if (action_limit > -1 && active_cmds >= action_limit) {
419 crm_trace("%s is over its action limit of %d (%u active action%s)",
420 device->id, action_limit, active_cmds,
421 pcmk__plural_s(active_cmds));
422 return TRUE;
423 }
424
425 for (gIter = device->pending_ops; gIter != NULL; gIter = gIterNext) {
426 async_command_t *pending_op = gIter->data;
427
428 gIterNext = gIter->next;
429
430 if (pending_op && pending_op->delay_id) {
431 crm_trace("Operation '%s'%s%s using %s was asked to run too early, "
432 "waiting for start delay of %ds",
433 pending_op->action,
434 ((pending_op->victim == NULL)? "" : " targeting "),
435 ((pending_op->victim == NULL)? "" : pending_op->victim),
436 device->id, pending_op->start_delay);
437 continue;
438 }
439
440 device->pending_ops = g_list_remove_link(device->pending_ops, gIter);
441 g_list_free_1(gIter);
442
443 cmd = pending_op;
444 break;
445 }
446
447 if (cmd == NULL) {
448 crm_trace("No actions using %s are needed", device->id);
449 return TRUE;
450 }
451
452 if (pcmk__str_any_of(device->agent, STONITH_WATCHDOG_AGENT,
453 STONITH_WATCHDOG_AGENT_INTERNAL, NULL)) {
454 if (pcmk__is_fencing_action(cmd->action)) {
455 if (node_does_watchdog_fencing(stonith_our_uname)) {
456 pcmk__panic(__func__);
457 goto done;
458 }
459 } else {
460 crm_info("Faking success for %s watchdog operation", cmd->action);
461 report_internal_result(cmd, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
462 goto done;
463 }
464 }
465
466 #if SUPPORT_CIBSECRETS
467 exec_rc = pcmk__substitute_secrets(device->id, device->params);
468 if (exec_rc != pcmk_rc_ok) {
469 if (pcmk__str_eq(cmd->action, "stop", pcmk__str_casei)) {
470 crm_info("Proceeding with stop operation for %s "
471 "despite being unable to load CIB secrets (%s)",
472 device->id, pcmk_rc_str(exec_rc));
473 } else {
474 crm_err("Considering %s unconfigured "
475 "because unable to load CIB secrets: %s",
476 device->id, pcmk_rc_str(exec_rc));
477 report_internal_result(cmd, CRM_EX_ERROR, PCMK_EXEC_NO_SECRETS,
478 "Failed to get CIB secrets");
479 goto done;
480 }
481 }
482 #endif
483
484 action_str = cmd->action;
485 if (pcmk__str_eq(cmd->action, "reboot", pcmk__str_casei)
486 && !pcmk_is_set(device->flags, st_device_supports_reboot)) {
487
488 crm_notice("Remapping 'reboot' action%s%s using %s to 'off' "
489 "because agent '%s' does not support reboot",
490 ((cmd->victim == NULL)? "" : " targeting "),
491 ((cmd->victim == NULL)? "" : cmd->victim),
492 device->id, device->agent);
493 action_str = "off";
494 }
495
496 if (pcmk_is_set(device->flags, st_device_supports_parameter_port)) {
497 host_arg = "port";
498
499 } else if (pcmk_is_set(device->flags, st_device_supports_parameter_plug)) {
500 host_arg = "plug";
501 }
502
503 action = stonith_action_create(device->agent,
504 action_str,
505 cmd->victim,
506 cmd->victim_nodeid,
507 cmd->timeout, device->params,
508 device->aliases, host_arg);
509
510
511
512 cmd->activating_on = device;
513 exec_rc = stonith_action_execute_async(action, (void *)cmd,
514 cmd->done_cb, fork_cb);
515 if (exec_rc < 0) {
516 cmd->activating_on = NULL;
517 cmd->done_cb(0, stonith__action_result(action), cmd);
518 stonith__destroy_action(action);
519 }
520
521 done:
522
523
524
525 if (device->pending_ops) {
526 mainloop_set_trigger(device->work);
527 }
528 return TRUE;
529 }
530
531 static gboolean
532 stonith_device_dispatch(gpointer user_data)
533 {
534 return stonith_device_execute(user_data);
535 }
536
537 static gboolean
538 start_delay_helper(gpointer data)
539 {
540 async_command_t *cmd = data;
541 stonith_device_t *device = NULL;
542
543 cmd->delay_id = 0;
544 device = cmd->device ? g_hash_table_lookup(device_list, cmd->device) : NULL;
545
546 if (device) {
547 mainloop_set_trigger(device->work);
548 }
549
550 return FALSE;
551 }
552
553 static void
554 schedule_stonith_command(async_command_t * cmd, stonith_device_t * device)
555 {
556 int delay_max = 0;
557 int delay_base = 0;
558 int requested_delay = cmd->start_delay;
559
560 CRM_CHECK(cmd != NULL, return);
561 CRM_CHECK(device != NULL, return);
562
563 if (cmd->device) {
564 free(cmd->device);
565 }
566
567 if (device->include_nodeid && cmd->victim) {
568 crm_node_t *node = crm_get_peer(0, cmd->victim);
569
570 cmd->victim_nodeid = node->id;
571 }
572
573 cmd->device = strdup(device->id);
574 cmd->timeout = get_action_timeout(device, cmd->action, cmd->default_timeout);
575
576 if (cmd->remote_op_id) {
577 crm_debug("Scheduling '%s' action%s%s using %s for remote peer %s "
578 "with op id %.8s and timeout %ds",
579 cmd->action,
580 cmd->victim ? " targeting " : "", cmd->victim ? cmd->victim : "",
581 device->id, cmd->origin, cmd->remote_op_id, cmd->timeout);
582 } else {
583 crm_debug("Scheduling '%s' action%s%s using %s for %s with timeout %ds",
584 cmd->action,
585 cmd->victim ? " targeting " : "", cmd->victim ? cmd->victim : "",
586 device->id, cmd->client, cmd->timeout);
587 }
588
589 device->pending_ops = g_list_append(device->pending_ops, cmd);
590 mainloop_set_trigger(device->work);
591
592
593 if (requested_delay < 0) {
594 return;
595 }
596
597 delay_max = get_action_delay_max(device, cmd->action);
598 delay_base = get_action_delay_base(device, cmd->action, cmd->victim);
599 if (delay_max == 0) {
600 delay_max = delay_base;
601 }
602 if (delay_max < delay_base) {
603 crm_warn(PCMK_STONITH_DELAY_BASE " (%ds) is larger than "
604 PCMK_STONITH_DELAY_MAX " (%ds) for %s using %s "
605 "(limiting to maximum delay)",
606 delay_base, delay_max, cmd->action, device->id);
607 delay_base = delay_max;
608 }
609 if (delay_max > 0) {
610
611 cmd->start_delay +=
612 ((delay_max != delay_base)?(rand() % (delay_max - delay_base)):0)
613 + delay_base;
614 }
615
616 if (cmd->start_delay > 0) {
617 crm_notice("Delaying '%s' action%s%s using %s for %ds " CRM_XS
618 " timeout=%ds requested_delay=%ds base=%ds max=%ds",
619 cmd->action,
620 cmd->victim ? " targeting " : "", cmd->victim ? cmd->victim : "",
621 device->id, cmd->start_delay, cmd->timeout,
622 requested_delay, delay_base, delay_max);
623 cmd->delay_id =
624 g_timeout_add_seconds(cmd->start_delay, start_delay_helper, cmd);
625 }
626 }
627
628 static void
629 free_device(gpointer data)
630 {
631 GList *gIter = NULL;
632 stonith_device_t *device = data;
633
634 g_hash_table_destroy(device->params);
635 g_hash_table_destroy(device->aliases);
636
637 for (gIter = device->pending_ops; gIter != NULL; gIter = gIter->next) {
638 async_command_t *cmd = gIter->data;
639
640 crm_warn("Removal of device '%s' purged operation '%s'", device->id, cmd->action);
641 report_internal_result(cmd, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
642 "Device was removed before action could be executed");
643 }
644 g_list_free(device->pending_ops);
645
646 g_list_free_full(device->targets, free);
647
648 if (device->timer) {
649 mainloop_timer_stop(device->timer);
650 mainloop_timer_del(device->timer);
651 }
652
653 mainloop_destroy_trigger(device->work);
654
655 free_xml(device->agent_metadata);
656 free(device->namespace);
657 free(device->on_target_actions);
658 free(device->agent);
659 free(device->id);
660 free(device);
661 }
662
663 void free_device_list(void)
664 {
665 if (device_list != NULL) {
666 g_hash_table_destroy(device_list);
667 device_list = NULL;
668 }
669 }
670
671 void
672 init_device_list(void)
673 {
674 if (device_list == NULL) {
675 device_list = pcmk__strkey_table(NULL, free_device);
676 }
677 }
678
679 static GHashTable *
680 build_port_aliases(const char *hostmap, GList ** targets)
681 {
682 char *name = NULL;
683 int last = 0, lpc = 0, max = 0, added = 0;
684 GHashTable *aliases = pcmk__strikey_table(free, free);
685
686 if (hostmap == NULL) {
687 return aliases;
688 }
689
690 max = strlen(hostmap);
691 for (; lpc <= max; lpc++) {
692 switch (hostmap[lpc]) {
693
694 case '\\':
695 lpc++;
696 break;
697
698
699 case '=':
700 case ':':
701 if (lpc > last) {
702 free(name);
703 name = calloc(1, 1 + lpc - last);
704 memcpy(name, hostmap + last, lpc - last);
705 }
706 last = lpc + 1;
707 break;
708
709
710
711 case 0:
712 case ';':
713 case ' ':
714 case '\t':
715 if (name) {
716 char *value = NULL;
717 int k = 0;
718
719 value = calloc(1, 1 + lpc - last);
720 memcpy(value, hostmap + last, lpc - last);
721
722 for (int i = 0; value[i] != '\0'; i++) {
723 if (value[i] != '\\') {
724 value[k++] = value[i];
725 }
726 }
727 value[k] = '\0';
728
729 crm_debug("Adding alias '%s'='%s'", name, value);
730 g_hash_table_replace(aliases, name, value);
731 if (targets) {
732 *targets = g_list_append(*targets, strdup(value));
733 }
734 value = NULL;
735 name = NULL;
736 added++;
737
738 } else if (lpc > last) {
739 crm_debug("Parse error at offset %d near '%s'", lpc - last, hostmap + last);
740 }
741
742 last = lpc + 1;
743 break;
744 }
745
746 if (hostmap[lpc] == 0) {
747 break;
748 }
749 }
750
751 if (added == 0) {
752 crm_info("No host mappings detected in '%s'", hostmap);
753 }
754
755 free(name);
756 return aliases;
757 }
758
759 GHashTable *metadata_cache = NULL;
760
761 void
762 free_metadata_cache(void) {
763 if (metadata_cache != NULL) {
764 g_hash_table_destroy(metadata_cache);
765 metadata_cache = NULL;
766 }
767 }
768
769 static void
770 init_metadata_cache(void) {
771 if (metadata_cache == NULL) {
772 metadata_cache = pcmk__strkey_table(free, free);
773 }
774 }
775
776 int
777 get_agent_metadata(const char *agent, xmlNode ** metadata)
778 {
779 char *buffer = NULL;
780
781 if (metadata == NULL) {
782 return EINVAL;
783 }
784 *metadata = NULL;
785 if (pcmk__str_eq(agent, STONITH_WATCHDOG_AGENT_INTERNAL, pcmk__str_none)) {
786 return pcmk_rc_ok;
787 }
788 init_metadata_cache();
789 buffer = g_hash_table_lookup(metadata_cache, agent);
790 if (buffer == NULL) {
791 stonith_t *st = stonith_api_new();
792 int rc;
793
794 if (st == NULL) {
795 crm_warn("Could not get agent meta-data: "
796 "API memory allocation failed");
797 return EAGAIN;
798 }
799 rc = st->cmds->metadata(st, st_opt_sync_call, agent,
800 NULL, &buffer, 10);
801 stonith_api_delete(st);
802 if (rc || !buffer) {
803 crm_err("Could not retrieve metadata for fencing agent %s", agent);
804 return EAGAIN;
805 }
806 g_hash_table_replace(metadata_cache, strdup(agent), buffer);
807 }
808
809 *metadata = string2xml(buffer);
810 return pcmk_rc_ok;
811 }
812
813 static gboolean
814 is_nodeid_required(xmlNode * xml)
815 {
816 xmlXPathObjectPtr xpath = NULL;
817
818 if (stand_alone) {
819 return FALSE;
820 }
821
822 if (!xml) {
823 return FALSE;
824 }
825
826 xpath = xpath_search(xml, "//parameter[@name='nodeid']");
827 if (numXpathResults(xpath) <= 0) {
828 freeXpathObject(xpath);
829 return FALSE;
830 }
831
832 freeXpathObject(xpath);
833 return TRUE;
834 }
835
836 #define MAX_ACTION_LEN 256
837
838 static char *
839 add_action(char *actions, const char *action)
840 {
841 int offset = 0;
842
843 if (actions == NULL) {
844 actions = calloc(1, MAX_ACTION_LEN);
845 } else {
846 offset = strlen(actions);
847 }
848
849 if (offset > 0) {
850 offset += snprintf(actions+offset, MAX_ACTION_LEN - offset, " ");
851 }
852 offset += snprintf(actions+offset, MAX_ACTION_LEN - offset, "%s", action);
853
854 return actions;
855 }
856
857 static void
858 read_action_metadata(stonith_device_t *device)
859 {
860 xmlXPathObjectPtr xpath = NULL;
861 int max = 0;
862 int lpc = 0;
863
864 if (device->agent_metadata == NULL) {
865 return;
866 }
867
868 xpath = xpath_search(device->agent_metadata, "//action");
869 max = numXpathResults(xpath);
870
871 if (max <= 0) {
872 freeXpathObject(xpath);
873 return;
874 }
875
876 for (lpc = 0; lpc < max; lpc++) {
877 const char *action = NULL;
878 xmlNode *match = getXpathResult(xpath, lpc);
879
880 CRM_LOG_ASSERT(match != NULL);
881 if(match == NULL) { continue; };
882
883 action = crm_element_value(match, "name");
884
885 if(pcmk__str_eq(action, "list", pcmk__str_casei)) {
886 stonith__set_device_flags(device->flags, device->id,
887 st_device_supports_list);
888 } else if(pcmk__str_eq(action, "status", pcmk__str_casei)) {
889 stonith__set_device_flags(device->flags, device->id,
890 st_device_supports_status);
891 } else if(pcmk__str_eq(action, "reboot", pcmk__str_casei)) {
892 stonith__set_device_flags(device->flags, device->id,
893 st_device_supports_reboot);
894 } else if (pcmk__str_eq(action, "on", pcmk__str_casei)) {
895
896
897 if (pcmk__xe_attr_is_true(match, "automatic") || pcmk__xe_attr_is_true(match, "required")) {
898 device->automatic_unfencing = TRUE;
899 }
900 }
901
902 if (action && pcmk__xe_attr_is_true(match, "on_target")) {
903 device->on_target_actions = add_action(device->on_target_actions, action);
904 }
905 }
906
907 freeXpathObject(xpath);
908 }
909
910
911
912
913
914
915
916
917
918 static void
919 map_action(GHashTable *params, const char *action, const char *value)
920 {
921 char *key = crm_strdup_printf("pcmk_%s_action", action);
922
923 if (g_hash_table_lookup(params, key)) {
924 crm_warn("Ignoring %s='%s', see %s instead",
925 STONITH_ATTR_ACTION_OP, value, key);
926 free(key);
927 } else {
928 crm_warn("Mapping %s='%s' to %s='%s'",
929 STONITH_ATTR_ACTION_OP, value, key, value);
930 g_hash_table_insert(params, key, strdup(value));
931 }
932 }
933
934
935
936
937
938
939
940
941 static GHashTable *
942 xml2device_params(const char *name, xmlNode *dev)
943 {
944 GHashTable *params = xml2list(dev);
945 const char *value;
946
947
948
949
950
951 value = g_hash_table_lookup(params, STONITH_ATTR_ACTION_OP);
952 if (value != NULL) {
953 crm_warn("%s has '%s' parameter, which should never be specified in configuration",
954 name, STONITH_ATTR_ACTION_OP);
955
956 if (*value == '\0') {
957 crm_warn("Ignoring empty '%s' parameter", STONITH_ATTR_ACTION_OP);
958
959 } else if (strcmp(value, "reboot") == 0) {
960 crm_warn("Ignoring %s='reboot' (see stonith-action cluster property instead)",
961 STONITH_ATTR_ACTION_OP);
962
963 } else if (strcmp(value, "off") == 0) {
964 map_action(params, "reboot", value);
965
966 } else {
967 map_action(params, "off", value);
968 map_action(params, "reboot", value);
969 }
970
971 g_hash_table_remove(params, STONITH_ATTR_ACTION_OP);
972 }
973
974 return params;
975 }
976
977 static const char *
978 target_list_type(stonith_device_t * dev)
979 {
980 const char *check_type = NULL;
981
982 check_type = g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_CHECK);
983
984 if (check_type == NULL) {
985
986 if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_LIST)) {
987 check_type = "static-list";
988 } else if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_MAP)) {
989 check_type = "static-list";
990 } else if (pcmk_is_set(dev->flags, st_device_supports_list)) {
991 check_type = "dynamic-list";
992 } else if (pcmk_is_set(dev->flags, st_device_supports_status)) {
993 check_type = "status";
994 } else {
995 check_type = PCMK__VALUE_NONE;
996 }
997 }
998
999 return check_type;
1000 }
1001
1002 static stonith_device_t *
1003 build_device_from_xml(xmlNode * msg)
1004 {
1005 const char *value;
1006 xmlNode *dev = get_xpath_object("//" F_STONITH_DEVICE, msg, LOG_ERR);
1007 stonith_device_t *device = NULL;
1008 char *agent = crm_element_value_copy(dev, "agent");
1009
1010 CRM_CHECK(agent != NULL, return device);
1011
1012 device = calloc(1, sizeof(stonith_device_t));
1013
1014 CRM_CHECK(device != NULL, {free(agent); return device;});
1015
1016 device->id = crm_element_value_copy(dev, XML_ATTR_ID);
1017 device->agent = agent;
1018 device->namespace = crm_element_value_copy(dev, "namespace");
1019 device->params = xml2device_params(device->id, dev);
1020
1021 value = g_hash_table_lookup(device->params, PCMK_STONITH_HOST_LIST);
1022 if (value) {
1023 device->targets = stonith__parse_targets(value);
1024 }
1025
1026 value = g_hash_table_lookup(device->params, PCMK_STONITH_HOST_MAP);
1027 device->aliases = build_port_aliases(value, &(device->targets));
1028
1029 value = target_list_type(device);
1030 if (!pcmk__str_eq(value, "static-list", pcmk__str_casei) && device->targets) {
1031
1032 g_list_free_full(device->targets, free);
1033 device->targets = NULL;
1034 }
1035 switch (get_agent_metadata(device->agent, &device->agent_metadata)) {
1036 case pcmk_rc_ok:
1037 if (device->agent_metadata) {
1038 read_action_metadata(device);
1039 stonith__device_parameter_flags(&(device->flags), device->id,
1040 device->agent_metadata);
1041 }
1042 break;
1043
1044 case EAGAIN:
1045 if (device->timer == NULL) {
1046 device->timer = mainloop_timer_add("get_agent_metadata", 10 * 1000,
1047 TRUE, get_agent_metadata_cb, device);
1048 }
1049 if (!mainloop_timer_running(device->timer)) {
1050 mainloop_timer_start(device->timer);
1051 }
1052 break;
1053
1054 default:
1055 break;
1056 }
1057
1058 value = g_hash_table_lookup(device->params, "nodeid");
1059 if (!value) {
1060 device->include_nodeid = is_nodeid_required(device->agent_metadata);
1061 }
1062
1063 value = crm_element_value(dev, "rsc_provides");
1064 if (pcmk__str_eq(value, "unfencing", pcmk__str_casei)) {
1065 device->automatic_unfencing = TRUE;
1066 }
1067
1068 if (is_action_required("on", device)) {
1069 crm_info("Fencing device '%s' requires unfencing", device->id);
1070 }
1071
1072 if (device->on_target_actions) {
1073 crm_info("Fencing device '%s' requires actions (%s) to be executed "
1074 "on target", device->id, device->on_target_actions);
1075 }
1076
1077 device->work = mainloop_add_trigger(G_PRIORITY_HIGH, stonith_device_dispatch, device);
1078
1079
1080 return device;
1081 }
1082
1083 static void
1084 schedule_internal_command(const char *origin,
1085 stonith_device_t * device,
1086 const char *action,
1087 const char *victim,
1088 int timeout,
1089 void *internal_user_data,
1090 void (*done_cb) (int pid,
1091 const pcmk__action_result_t *result,
1092 void *user_data))
1093 {
1094 async_command_t *cmd = NULL;
1095
1096 cmd = calloc(1, sizeof(async_command_t));
1097
1098 cmd->id = -1;
1099 cmd->default_timeout = timeout ? timeout : 60;
1100 cmd->timeout = cmd->default_timeout;
1101 cmd->action = strdup(action);
1102 pcmk__str_update(&cmd->victim, victim);
1103 cmd->device = strdup(device->id);
1104 cmd->origin = strdup(origin);
1105 cmd->client = strdup(crm_system_name);
1106 cmd->client_name = strdup(crm_system_name);
1107
1108 cmd->internal_user_data = internal_user_data;
1109 cmd->done_cb = done_cb;
1110
1111 schedule_stonith_command(cmd, device);
1112 }
1113
1114
1115 enum fence_status_code {
1116 fence_status_invalid = -1,
1117 fence_status_active = 0,
1118 fence_status_unknown = 1,
1119 fence_status_inactive = 2,
1120 };
1121
1122 static void
1123 status_search_cb(int pid, const pcmk__action_result_t *result, void *user_data)
1124 {
1125 async_command_t *cmd = user_data;
1126 struct device_search_s *search = cmd->internal_user_data;
1127 stonith_device_t *dev = cmd->device ? g_hash_table_lookup(device_list, cmd->device) : NULL;
1128 gboolean can = FALSE;
1129
1130 free_async_command(cmd);
1131
1132 if (!dev) {
1133 search_devices_record_result(search, NULL, FALSE);
1134 return;
1135 }
1136
1137 mainloop_set_trigger(dev->work);
1138
1139 if (result->execution_status != PCMK_EXEC_DONE) {
1140 crm_warn("Assuming %s cannot fence %s "
1141 "because status could not be executed: %s%s%s%s",
1142 dev->id, search->host,
1143 pcmk_exec_status_str(result->execution_status),
1144 ((result->exit_reason == NULL)? "" : " ("),
1145 ((result->exit_reason == NULL)? "" : result->exit_reason),
1146 ((result->exit_reason == NULL)? "" : ")"));
1147 search_devices_record_result(search, dev->id, FALSE);
1148 return;
1149 }
1150
1151 switch (result->exit_status) {
1152 case fence_status_unknown:
1153 crm_trace("%s reported it cannot fence %s", dev->id, search->host);
1154 break;
1155
1156 case fence_status_active:
1157 case fence_status_inactive:
1158 crm_trace("%s reported it can fence %s", dev->id, search->host);
1159 can = TRUE;
1160 break;
1161
1162 default:
1163 crm_warn("Assuming %s cannot fence %s "
1164 "(status returned unknown code %d)",
1165 dev->id, search->host, result->exit_status);
1166 break;
1167 }
1168 search_devices_record_result(search, dev->id, can);
1169 }
1170
1171 static void
1172 dynamic_list_search_cb(int pid, const pcmk__action_result_t *result,
1173 void *user_data)
1174 {
1175 async_command_t *cmd = user_data;
1176 struct device_search_s *search = cmd->internal_user_data;
1177 stonith_device_t *dev = cmd->device ? g_hash_table_lookup(device_list, cmd->device) : NULL;
1178 gboolean can_fence = FALSE;
1179
1180 free_async_command(cmd);
1181
1182
1183
1184
1185
1186
1187 if (!dev) {
1188 search_devices_record_result(search, NULL, FALSE);
1189 return;
1190 }
1191
1192 mainloop_set_trigger(dev->work);
1193
1194 if (pcmk__result_ok(result)) {
1195 crm_info("Refreshing target list for %s", dev->id);
1196 g_list_free_full(dev->targets, free);
1197 dev->targets = stonith__parse_targets(result->action_stdout);
1198 dev->targets_age = time(NULL);
1199
1200 } else if (dev->targets != NULL) {
1201 if (result->execution_status == PCMK_EXEC_DONE) {
1202 crm_info("Reusing most recent target list for %s "
1203 "because list returned error code %d",
1204 dev->id, result->exit_status);
1205 } else {
1206 crm_info("Reusing most recent target list for %s "
1207 "because list could not be executed: %s%s%s%s",
1208 dev->id, pcmk_exec_status_str(result->execution_status),
1209 ((result->exit_reason == NULL)? "" : " ("),
1210 ((result->exit_reason == NULL)? "" : result->exit_reason),
1211 ((result->exit_reason == NULL)? "" : ")"));
1212 }
1213
1214 } else {
1215 if (result->execution_status == PCMK_EXEC_DONE) {
1216 crm_warn("Assuming %s cannot fence %s "
1217 "because list returned error code %d",
1218 dev->id, search->host, result->exit_status);
1219 } else {
1220 crm_warn("Assuming %s cannot fence %s "
1221 "because list could not be executed: %s%s%s%s",
1222 dev->id, search->host,
1223 pcmk_exec_status_str(result->execution_status),
1224 ((result->exit_reason == NULL)? "" : " ("),
1225 ((result->exit_reason == NULL)? "" : result->exit_reason),
1226 ((result->exit_reason == NULL)? "" : ")"));
1227 }
1228
1229
1230
1231
1232 if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_CHECK) == NULL) {
1233 crm_notice("Switching to pcmk_host_check='status' for %s", dev->id);
1234 g_hash_table_replace(dev->params, strdup(PCMK_STONITH_HOST_CHECK),
1235 strdup("status"));
1236 }
1237 }
1238
1239 if (dev->targets) {
1240 const char *alias = g_hash_table_lookup(dev->aliases, search->host);
1241
1242 if (!alias) {
1243 alias = search->host;
1244 }
1245 if (pcmk__str_in_list(alias, dev->targets, pcmk__str_casei)) {
1246 can_fence = TRUE;
1247 }
1248 }
1249 search_devices_record_result(search, dev->id, can_fence);
1250 }
1251
1252
1253
1254
1255
1256 static int
1257 device_params_diff(GHashTable *first, GHashTable *second) {
1258 char *key = NULL;
1259 char *value = NULL;
1260 GHashTableIter gIter;
1261
1262 g_hash_table_iter_init(&gIter, first);
1263 while (g_hash_table_iter_next(&gIter, (void **)&key, (void **)&value)) {
1264
1265 if(strstr(key, "CRM_meta") == key) {
1266 continue;
1267 } else if(strcmp(key, "crm_feature_set") == 0) {
1268 continue;
1269 } else {
1270 char *other_value = g_hash_table_lookup(second, key);
1271
1272 if (!other_value || !pcmk__str_eq(other_value, value, pcmk__str_casei)) {
1273 crm_trace("Different value for %s: %s != %s", key, other_value, value);
1274 return 1;
1275 }
1276 }
1277 }
1278
1279 return 0;
1280 }
1281
1282
1283
1284
1285
1286 static stonith_device_t *
1287 device_has_duplicate(stonith_device_t * device)
1288 {
1289 stonith_device_t *dup = g_hash_table_lookup(device_list, device->id);
1290
1291 if (!dup) {
1292 crm_trace("No match for %s", device->id);
1293 return NULL;
1294
1295 } else if (!pcmk__str_eq(dup->agent, device->agent, pcmk__str_casei)) {
1296 crm_trace("Different agent: %s != %s", dup->agent, device->agent);
1297 return NULL;
1298 }
1299
1300
1301 if (device_params_diff(device->params, dup->params) ||
1302 device_params_diff(dup->params, device->params)) {
1303 return NULL;
1304 }
1305
1306 crm_trace("Match");
1307 return dup;
1308 }
1309
1310 int
1311 stonith_device_register(xmlNode * msg, const char **desc, gboolean from_cib)
1312 {
1313 stonith_device_t *dup = NULL;
1314 stonith_device_t *device = build_device_from_xml(msg);
1315 guint ndevices = 0;
1316 int rv = pcmk_ok;
1317
1318 CRM_CHECK(device != NULL, return -ENOMEM);
1319
1320
1321 if (pcmk__str_eq(device->id, STONITH_WATCHDOG_ID, pcmk__str_none) ||
1322 pcmk__str_any_of(device->agent, STONITH_WATCHDOG_AGENT,
1323 STONITH_WATCHDOG_AGENT_INTERNAL, NULL)) do {
1324 if (stonith_watchdog_timeout_ms <= 0) {
1325 crm_err("Ignoring watchdog fence device without "
1326 "stonith-watchdog-timeout set.");
1327 rv = -ENODEV;
1328
1329 } else if (!pcmk__str_any_of(device->agent, STONITH_WATCHDOG_AGENT,
1330 STONITH_WATCHDOG_AGENT_INTERNAL, NULL)) {
1331 crm_err("Ignoring watchdog fence device with unknown "
1332 "agent '%s' unequal '" STONITH_WATCHDOG_AGENT "'.",
1333 device->agent?device->agent:"");
1334 rv = -ENODEV;
1335
1336 } else if (!pcmk__str_eq(device->id, STONITH_WATCHDOG_ID,
1337 pcmk__str_none)) {
1338 crm_err("Ignoring watchdog fence device "
1339 "named %s !='"STONITH_WATCHDOG_ID"'.",
1340 device->id?device->id:"");
1341 rv = -ENODEV;
1342
1343 } else {
1344 if (pcmk__str_eq(device->agent, STONITH_WATCHDOG_AGENT,
1345 pcmk__str_none)) {
1346
1347
1348
1349 g_list_free_full(stonith_watchdog_targets, free);
1350 stonith_watchdog_targets = device->targets;
1351 device->targets = NULL;
1352 }
1353 if (node_does_watchdog_fencing(stonith_our_uname)) {
1354 g_list_free_full(device->targets, free);
1355 device->targets = stonith__parse_targets(stonith_our_uname);
1356 g_hash_table_replace(device->params,
1357 strdup(PCMK_STONITH_HOST_LIST),
1358 strdup(stonith_our_uname));
1359
1360 break;
1361 }
1362
1363 crm_debug("Skip registration of watchdog fence device on node not in host-list.");
1364
1365 device->targets = NULL;
1366 stonith_device_remove(device->id, from_cib);
1367 }
1368 free_device(device);
1369 return rv;
1370 } while (0);
1371
1372 dup = device_has_duplicate(device);
1373 if (dup) {
1374 ndevices = g_hash_table_size(device_list);
1375 crm_debug("Device '%s' already in device list (%d active device%s)",
1376 device->id, ndevices, pcmk__plural_s(ndevices));
1377 free_device(device);
1378 device = dup;
1379 dup = g_hash_table_lookup(device_list, device->id);
1380 dup->dirty = FALSE;
1381
1382 } else {
1383 stonith_device_t *old = g_hash_table_lookup(device_list, device->id);
1384
1385 if (from_cib && old && old->api_registered) {
1386
1387
1388
1389
1390 crm_info("Overwriting existing entry for %s from CIB", device->id);
1391 device->pending_ops = old->pending_ops;
1392 device->api_registered = TRUE;
1393 old->pending_ops = NULL;
1394 if (device->pending_ops) {
1395 mainloop_set_trigger(device->work);
1396 }
1397 }
1398 g_hash_table_replace(device_list, device->id, device);
1399
1400 ndevices = g_hash_table_size(device_list);
1401 crm_notice("Added '%s' to device list (%d active device%s)",
1402 device->id, ndevices, pcmk__plural_s(ndevices));
1403 }
1404 if (desc) {
1405 *desc = device->id;
1406 }
1407
1408 if (from_cib) {
1409 device->cib_registered = TRUE;
1410 } else {
1411 device->api_registered = TRUE;
1412 }
1413
1414 return pcmk_ok;
1415 }
1416
1417 void
1418 stonith_device_remove(const char *id, bool from_cib)
1419 {
1420 stonith_device_t *device = g_hash_table_lookup(device_list, id);
1421 guint ndevices = 0;
1422
1423 if (!device) {
1424 ndevices = g_hash_table_size(device_list);
1425 crm_info("Device '%s' not found (%d active device%s)",
1426 id, ndevices, pcmk__plural_s(ndevices));
1427 return;
1428 }
1429
1430 if (from_cib) {
1431 device->cib_registered = FALSE;
1432 } else {
1433 device->verified = FALSE;
1434 device->api_registered = FALSE;
1435 }
1436
1437 if (!device->cib_registered && !device->api_registered) {
1438 g_hash_table_remove(device_list, id);
1439 ndevices = g_hash_table_size(device_list);
1440 crm_info("Removed '%s' from device list (%d active device%s)",
1441 id, ndevices, pcmk__plural_s(ndevices));
1442 } else {
1443 crm_trace("Not removing '%s' from device list (%d active) because "
1444 "still registered via:%s%s",
1445 id, g_hash_table_size(device_list),
1446 (device->cib_registered? " cib" : ""),
1447 (device->api_registered? " api" : ""));
1448 }
1449 }
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460 static int
1461 count_active_levels(stonith_topology_t * tp)
1462 {
1463 int lpc = 0;
1464 int count = 0;
1465
1466 for (lpc = 0; lpc < ST_LEVEL_MAX; lpc++) {
1467 if (tp->levels[lpc] != NULL) {
1468 count++;
1469 }
1470 }
1471 return count;
1472 }
1473
1474 static void
1475 free_topology_entry(gpointer data)
1476 {
1477 stonith_topology_t *tp = data;
1478
1479 int lpc = 0;
1480
1481 for (lpc = 0; lpc < ST_LEVEL_MAX; lpc++) {
1482 if (tp->levels[lpc] != NULL) {
1483 g_list_free_full(tp->levels[lpc], free);
1484 }
1485 }
1486 free(tp->target);
1487 free(tp->target_value);
1488 free(tp->target_pattern);
1489 free(tp->target_attribute);
1490 free(tp);
1491 }
1492
1493 void
1494 free_topology_list(void)
1495 {
1496 if (topology != NULL) {
1497 g_hash_table_destroy(topology);
1498 topology = NULL;
1499 }
1500 }
1501
1502 void
1503 init_topology_list(void)
1504 {
1505 if (topology == NULL) {
1506 topology = pcmk__strkey_table(NULL, free_topology_entry);
1507 }
1508 }
1509
1510 char *
1511 stonith_level_key(xmlNode *level, enum fenced_target_by mode)
1512 {
1513 if (mode == fenced_target_by_unknown) {
1514 mode = unpack_level_kind(level);
1515 }
1516 switch (mode) {
1517 case fenced_target_by_name:
1518 return crm_element_value_copy(level, XML_ATTR_STONITH_TARGET);
1519
1520 case fenced_target_by_pattern:
1521 return crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_PATTERN);
1522
1523 case fenced_target_by_attribute:
1524 return crm_strdup_printf("%s=%s",
1525 crm_element_value(level, XML_ATTR_STONITH_TARGET_ATTRIBUTE),
1526 crm_element_value(level, XML_ATTR_STONITH_TARGET_VALUE));
1527
1528 default:
1529 return crm_strdup_printf("unknown-%s", ID(level));
1530 }
1531 }
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541 static int
1542 unpack_level_kind(xmlNode *level)
1543 {
1544 if (crm_element_value(level, XML_ATTR_STONITH_TARGET) != NULL) {
1545 return fenced_target_by_name;
1546 }
1547 if (crm_element_value(level, XML_ATTR_STONITH_TARGET_PATTERN) != NULL) {
1548 return fenced_target_by_pattern;
1549 }
1550 if (!stand_alone
1551 && (crm_element_value(level, XML_ATTR_STONITH_TARGET_ATTRIBUTE) != NULL)
1552 && (crm_element_value(level, XML_ATTR_STONITH_TARGET_VALUE) != NULL)) {
1553 return fenced_target_by_attribute;
1554 }
1555 return fenced_target_by_unknown;
1556 }
1557
1558 static stonith_key_value_t *
1559 parse_device_list(const char *devices)
1560 {
1561 int lpc = 0;
1562 int max = 0;
1563 int last = 0;
1564 stonith_key_value_t *output = NULL;
1565
1566 if (devices == NULL) {
1567 return output;
1568 }
1569
1570 max = strlen(devices);
1571 for (lpc = 0; lpc <= max; lpc++) {
1572 if (devices[lpc] == ',' || devices[lpc] == 0) {
1573 char *line = strndup(devices + last, lpc - last);
1574
1575 output = stonith_key_value_add(output, NULL, line);
1576 free(line);
1577
1578 last = lpc + 1;
1579 }
1580 }
1581
1582 return output;
1583 }
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598 void
1599 fenced_register_level(xmlNode *msg, char **desc, pcmk__action_result_t *result)
1600 {
1601 int id = 0;
1602 xmlNode *level;
1603 enum fenced_target_by mode;
1604 char *target;
1605
1606 stonith_topology_t *tp;
1607 stonith_key_value_t *dIter = NULL;
1608 stonith_key_value_t *devices = NULL;
1609
1610 CRM_CHECK(result != NULL, return);
1611
1612 if (msg == NULL) {
1613 fenced_set_protocol_error(result);
1614 return;
1615 }
1616
1617
1618
1619
1620
1621 if (pcmk__str_eq(TYPE(msg), XML_TAG_FENCING_LEVEL, pcmk__str_casei)) {
1622 level = msg;
1623 } else {
1624 level = get_xpath_object("//" XML_TAG_FENCING_LEVEL, msg, LOG_WARNING);
1625 }
1626 if (level == NULL) {
1627 fenced_set_protocol_error(result);
1628 return;
1629 }
1630
1631 mode = unpack_level_kind(level);
1632 target = stonith_level_key(level, mode);
1633 crm_element_value_int(level, XML_ATTR_STONITH_INDEX, &id);
1634
1635 if (desc) {
1636 *desc = crm_strdup_printf("%s[%d]", target, id);
1637 }
1638
1639
1640 if (mode == fenced_target_by_unknown) {
1641 crm_warn("Ignoring registration for topology level '%s' "
1642 "without valid target", crm_str(ID(level)));
1643 free(target);
1644 crm_log_xml_info(level, "Bad level");
1645 pcmk__format_result(result, CRM_EX_INVALID_PARAM, PCMK_EXEC_INVALID,
1646 "Invalid target for topology level '%s'",
1647 crm_str(ID(level)));
1648 return;
1649 }
1650
1651
1652 if ((id <= 0) || (id >= ST_LEVEL_MAX)) {
1653 crm_warn("Ignoring topology registration for %s with invalid level %d",
1654 target, id);
1655 free(target);
1656 crm_log_xml_info(level, "Bad level");
1657 pcmk__format_result(result, CRM_EX_INVALID_PARAM, PCMK_EXEC_INVALID,
1658 "Invalid level number '%s' for topology level '%s'",
1659 crm_str(crm_element_value(level,
1660 XML_ATTR_STONITH_INDEX)),
1661 crm_str(ID(level)));
1662 return;
1663 }
1664
1665
1666 tp = g_hash_table_lookup(topology, target);
1667 if (tp == NULL) {
1668 tp = calloc(1, sizeof(stonith_topology_t));
1669 if (tp == NULL) {
1670 pcmk__set_result(result, CRM_EX_ERROR, PCMK_EXEC_ERROR,
1671 strerror(ENOMEM));
1672 free(target);
1673 return;
1674 }
1675 tp->kind = mode;
1676 tp->target = target;
1677 tp->target_value = crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_VALUE);
1678 tp->target_pattern = crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_PATTERN);
1679 tp->target_attribute = crm_element_value_copy(level, XML_ATTR_STONITH_TARGET_ATTRIBUTE);
1680
1681 g_hash_table_replace(topology, tp->target, tp);
1682 crm_trace("Added %s (%d) to the topology (%d active entries)",
1683 target, (int) mode, g_hash_table_size(topology));
1684 } else {
1685 free(target);
1686 }
1687
1688 if (tp->levels[id] != NULL) {
1689 crm_info("Adding to the existing %s[%d] topology entry",
1690 tp->target, id);
1691 }
1692
1693 devices = parse_device_list(crm_element_value(level, XML_ATTR_STONITH_DEVICES));
1694 for (dIter = devices; dIter; dIter = dIter->next) {
1695 const char *device = dIter->value;
1696
1697 crm_trace("Adding device '%s' for %s[%d]", device, tp->target, id);
1698 tp->levels[id] = g_list_append(tp->levels[id], strdup(device));
1699 }
1700 stonith_key_value_freeall(devices, 1, 1);
1701
1702 {
1703 int nlevels = count_active_levels(tp);
1704
1705 crm_info("Target %s has %d active fencing level%s",
1706 tp->target, nlevels, pcmk__plural_s(nlevels));
1707 }
1708
1709 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1710 }
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724 void
1725 fenced_unregister_level(xmlNode *msg, char **desc,
1726 pcmk__action_result_t *result)
1727 {
1728 int id = -1;
1729 stonith_topology_t *tp;
1730 char *target;
1731 xmlNode *level = NULL;
1732
1733 CRM_CHECK(result != NULL, return);
1734
1735 if (msg == NULL) {
1736 fenced_set_protocol_error(result);
1737 return;
1738 }
1739
1740
1741 level = get_xpath_object("//" XML_TAG_FENCING_LEVEL, msg, LOG_WARNING);
1742 if (level == NULL) {
1743 fenced_set_protocol_error(result);
1744 return;
1745 }
1746
1747 target = stonith_level_key(level, fenced_target_by_unknown);
1748 crm_element_value_int(level, XML_ATTR_STONITH_INDEX, &id);
1749
1750
1751 if ((id < 0) || (id >= ST_LEVEL_MAX)) {
1752 crm_warn("Ignoring topology unregistration for %s with invalid level %d",
1753 target, id);
1754 free(target);
1755 crm_log_xml_info(level, "Bad level");
1756 pcmk__format_result(result, CRM_EX_INVALID_PARAM, PCMK_EXEC_INVALID,
1757 "Invalid level number '%s' for topology level '%s'",
1758 crm_str(crm_element_value(level,
1759 XML_ATTR_STONITH_INDEX)),
1760 crm_str(ID(level)));
1761 return;
1762 }
1763
1764 if (desc) {
1765 *desc = crm_strdup_printf("%s[%d]", target, id);
1766 }
1767
1768 tp = g_hash_table_lookup(topology, target);
1769 if (tp == NULL) {
1770 guint nentries = g_hash_table_size(topology);
1771
1772 crm_info("No fencing topology found for %s (%d active %s)",
1773 target, nentries,
1774 pcmk__plural_alt(nentries, "entry", "entries"));
1775
1776 } else if (id == 0 && g_hash_table_remove(topology, target)) {
1777 guint nentries = g_hash_table_size(topology);
1778
1779 crm_info("Removed all fencing topology entries related to %s "
1780 "(%d active %s remaining)", target, nentries,
1781 pcmk__plural_alt(nentries, "entry", "entries"));
1782
1783 } else if (tp->levels[id] != NULL) {
1784 guint nlevels;
1785
1786 g_list_free_full(tp->levels[id], free);
1787 tp->levels[id] = NULL;
1788
1789 nlevels = count_active_levels(tp);
1790 crm_info("Removed level %d from fencing topology for %s "
1791 "(%d active level%s remaining)",
1792 id, target, nlevels, pcmk__plural_s(nlevels));
1793 }
1794
1795 free(target);
1796 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1797 }
1798
1799 static char *
1800 list_to_string(GList *list, const char *delim, gboolean terminate_with_delim)
1801 {
1802 int max = g_list_length(list);
1803 size_t delim_len = delim?strlen(delim):0;
1804 size_t alloc_size = 1 + (max?((max-1+(terminate_with_delim?1:0))*delim_len):0);
1805 char *rv;
1806 GList *gIter;
1807
1808 for (gIter = list; gIter != NULL; gIter = gIter->next) {
1809 const char *value = (const char *) gIter->data;
1810
1811 alloc_size += strlen(value);
1812 }
1813 rv = calloc(alloc_size, sizeof(char));
1814 if (rv) {
1815 char *pos = rv;
1816 const char *lead_delim = "";
1817
1818 for (gIter = list; gIter != NULL; gIter = gIter->next) {
1819 const char *value = (const char *) gIter->data;
1820
1821 pos = &pos[sprintf(pos, "%s%s", lead_delim, value)];
1822 lead_delim = delim;
1823 }
1824 if (max && terminate_with_delim) {
1825 sprintf(pos, "%s", delim);
1826 }
1827 }
1828 return rv;
1829 }
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846 static void
1847 execute_agent_action(xmlNode *msg, pcmk__action_result_t *result)
1848 {
1849 xmlNode *dev = get_xpath_object("//" F_STONITH_DEVICE, msg, LOG_ERR);
1850 xmlNode *op = get_xpath_object("//@" F_STONITH_ACTION, msg, LOG_ERR);
1851 const char *id = crm_element_value(dev, F_STONITH_DEVICE);
1852 const char *action = crm_element_value(op, F_STONITH_ACTION);
1853 async_command_t *cmd = NULL;
1854 stonith_device_t *device = NULL;
1855
1856 if ((id == NULL) || (action == NULL)) {
1857 crm_info("Malformed API action request: device %s, action %s",
1858 (id? id : "not specified"),
1859 (action? action : "not specified"));
1860 fenced_set_protocol_error(result);
1861 return;
1862 }
1863
1864 if (pcmk__str_eq(id, STONITH_WATCHDOG_ID, pcmk__str_none)) {
1865
1866 if (stonith_watchdog_timeout_ms <= 0) {
1867 pcmk__set_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
1868 "Watchdog fence device not configured");
1869 return;
1870
1871 } else if (pcmk__str_eq(action, "list", pcmk__str_casei)) {
1872 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1873 pcmk__set_result_output(result,
1874 list_to_string(stonith_watchdog_targets,
1875 "\n", TRUE),
1876 NULL);
1877 return;
1878
1879 } else if (pcmk__str_eq(action, "monitor", pcmk__str_casei)) {
1880 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
1881 return;
1882 }
1883 }
1884
1885 device = g_hash_table_lookup(device_list, id);
1886 if (device == NULL) {
1887 crm_info("Ignoring API '%s' action request because device %s not found",
1888 action, id);
1889 pcmk__format_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
1890 "'%s' not found", id);
1891 return;
1892
1893 } else if (!device->api_registered && !strcmp(action, "monitor")) {
1894
1895 crm_info("Ignoring API '%s' action request because device %s not active",
1896 action, id);
1897 pcmk__format_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
1898 "'%s' not active", id);
1899 return;
1900 }
1901
1902 cmd = create_async_command(msg);
1903 if (cmd == NULL) {
1904 fenced_set_protocol_error(result);
1905 return;
1906 }
1907
1908 schedule_stonith_command(cmd, device);
1909 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_PENDING, NULL);
1910 }
1911
1912 static void
1913 search_devices_record_result(struct device_search_s *search, const char *device, gboolean can_fence)
1914 {
1915 search->replies_received++;
1916
1917 if (can_fence && device) {
1918 search->capable = g_list_append(search->capable, strdup(device));
1919 }
1920
1921 if (search->replies_needed == search->replies_received) {
1922
1923 guint ndevices = g_list_length(search->capable);
1924
1925 crm_debug("Search found %d device%s that can perform '%s' targeting %s",
1926 ndevices, pcmk__plural_s(ndevices),
1927 (search->action? search->action : "unknown action"),
1928 (search->host? search->host : "any node"));
1929
1930 search->callback(search->capable, search->user_data);
1931 free(search->host);
1932 free(search->action);
1933 free(search);
1934 }
1935 }
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948 static gboolean
1949 localhost_is_eligible(const stonith_device_t *device, const char *action,
1950 const char *target, gboolean allow_suicide)
1951 {
1952 gboolean localhost_is_target = pcmk__str_eq(target, stonith_our_uname,
1953 pcmk__str_casei);
1954
1955 if (device && action && device->on_target_actions
1956 && strstr(device->on_target_actions, action)) {
1957 if (!localhost_is_target) {
1958 crm_trace("Operation '%s' using %s can only be executed for "
1959 "local host, not %s", action, device->id, target);
1960 return FALSE;
1961 }
1962
1963 } else if (localhost_is_target && !allow_suicide) {
1964 crm_trace("'%s' operation does not support self-fencing", action);
1965 return FALSE;
1966 }
1967 return TRUE;
1968 }
1969
1970 static void
1971 can_fence_host_with_device(stonith_device_t * dev, struct device_search_s *search)
1972 {
1973 gboolean can = FALSE;
1974 const char *check_type = NULL;
1975 const char *host = search->host;
1976 const char *alias = NULL;
1977
1978 CRM_LOG_ASSERT(dev != NULL);
1979
1980 if (dev == NULL) {
1981 goto search_report_results;
1982 } else if (host == NULL) {
1983 can = TRUE;
1984 goto search_report_results;
1985 }
1986
1987
1988 if (pcmk__str_eq(search->action, "reboot", pcmk__str_casei)) {
1989
1990
1991
1992
1993
1994 if (!localhost_is_eligible(dev, "reboot", host, search->allow_suicide)
1995 && !localhost_is_eligible(dev, "off", host, search->allow_suicide)
1996 && !localhost_is_eligible(dev, "on", host, FALSE)) {
1997 goto search_report_results;
1998 }
1999 } else if (!localhost_is_eligible(dev, search->action, host,
2000 search->allow_suicide)) {
2001 goto search_report_results;
2002 }
2003
2004 alias = g_hash_table_lookup(dev->aliases, host);
2005 if (alias == NULL) {
2006 alias = host;
2007 }
2008
2009 check_type = target_list_type(dev);
2010
2011 if (pcmk__str_eq(check_type, PCMK__VALUE_NONE, pcmk__str_casei)) {
2012 can = TRUE;
2013
2014 } else if (pcmk__str_eq(check_type, "static-list", pcmk__str_casei)) {
2015
2016
2017
2018
2019
2020 if (pcmk__str_in_list(host, dev->targets, pcmk__str_casei)) {
2021 can = TRUE;
2022 } else if (g_hash_table_lookup(dev->params, PCMK_STONITH_HOST_MAP)
2023 && g_hash_table_lookup(dev->aliases, host)) {
2024 can = TRUE;
2025 }
2026
2027 } else if (pcmk__str_eq(check_type, "dynamic-list", pcmk__str_casei)) {
2028 time_t now = time(NULL);
2029
2030 if (dev->targets == NULL || dev->targets_age + 60 < now) {
2031 int device_timeout = get_action_timeout(dev, "list", search->per_device_timeout);
2032
2033 if (device_timeout > search->per_device_timeout) {
2034 crm_notice("Since the pcmk_list_timeout(%ds) parameter of %s is larger than stonith-timeout(%ds), timeout may occur",
2035 device_timeout, dev->id, search->per_device_timeout);
2036 }
2037
2038 crm_trace("Running '%s' to check whether %s is eligible to fence %s (%s)",
2039 check_type, dev->id, search->host, search->action);
2040
2041 schedule_internal_command(__func__, dev, "list", NULL,
2042 search->per_device_timeout, search, dynamic_list_search_cb);
2043
2044
2045 return;
2046 }
2047
2048 if (pcmk__str_in_list(alias, dev->targets, pcmk__str_casei)) {
2049 can = TRUE;
2050 }
2051
2052 } else if (pcmk__str_eq(check_type, "status", pcmk__str_casei)) {
2053 int device_timeout = get_action_timeout(dev, check_type, search->per_device_timeout);
2054
2055 if (device_timeout > search->per_device_timeout) {
2056 crm_notice("Since the pcmk_status_timeout(%ds) parameter of %s is larger than stonith-timeout(%ds), timeout may occur",
2057 device_timeout, dev->id, search->per_device_timeout);
2058 }
2059
2060 crm_trace("Running '%s' to check whether %s is eligible to fence %s (%s)",
2061 check_type, dev->id, search->host, search->action);
2062 schedule_internal_command(__func__, dev, "status", search->host,
2063 search->per_device_timeout, search, status_search_cb);
2064
2065 return;
2066 } else {
2067 crm_err("Invalid value for " PCMK_STONITH_HOST_CHECK ": %s", check_type);
2068 check_type = "Invalid " PCMK_STONITH_HOST_CHECK;
2069 }
2070
2071 if (pcmk__str_eq(host, alias, pcmk__str_casei)) {
2072 crm_notice("%s is%s eligible to fence (%s) %s: %s",
2073 dev->id, (can? "" : " not"), search->action, host,
2074 check_type);
2075 } else {
2076 crm_notice("%s is%s eligible to fence (%s) %s (aka. '%s'): %s",
2077 dev->id, (can? "" : " not"), search->action, host, alias,
2078 check_type);
2079 }
2080
2081 search_report_results:
2082 search_devices_record_result(search, dev ? dev->id : NULL, can);
2083 }
2084
2085 static void
2086 search_devices(gpointer key, gpointer value, gpointer user_data)
2087 {
2088 stonith_device_t *dev = value;
2089 struct device_search_s *search = user_data;
2090
2091 can_fence_host_with_device(dev, search);
2092 }
2093
2094 #define DEFAULT_QUERY_TIMEOUT 20
2095 static void
2096 get_capable_devices(const char *host, const char *action, int timeout, bool suicide, void *user_data,
2097 void (*callback) (GList * devices, void *user_data))
2098 {
2099 struct device_search_s *search;
2100 guint ndevices = g_hash_table_size(device_list);
2101
2102 if (ndevices == 0) {
2103 callback(NULL, user_data);
2104 return;
2105 }
2106
2107 search = calloc(1, sizeof(struct device_search_s));
2108 if (!search) {
2109 crm_crit("Cannot search for capable fence devices: %s",
2110 strerror(ENOMEM));
2111 callback(NULL, user_data);
2112 return;
2113 }
2114
2115 pcmk__str_update(&search->host, host);
2116 pcmk__str_update(&search->action, action);
2117 search->per_device_timeout = timeout;
2118 search->allow_suicide = suicide;
2119 search->callback = callback;
2120 search->user_data = user_data;
2121
2122
2123
2124
2125 search->replies_needed = ndevices;
2126
2127 crm_debug("Searching %d device%s to see which can execute '%s' targeting %s",
2128 ndevices, pcmk__plural_s(ndevices),
2129 (search->action? search->action : "unknown action"),
2130 (search->host? search->host : "any node"));
2131 g_hash_table_foreach(device_list, search_devices, search);
2132 }
2133
2134 struct st_query_data {
2135 xmlNode *reply;
2136 char *remote_peer;
2137 char *client_id;
2138 char *target;
2139 char *action;
2140 int call_options;
2141 };
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152 static void
2153 add_action_specific_attributes(xmlNode *xml, const char *action,
2154 stonith_device_t *device, const char *target)
2155 {
2156 int action_specific_timeout;
2157 int delay_max;
2158 int delay_base;
2159
2160 CRM_CHECK(xml && action && device, return);
2161
2162 if (is_action_required(action, device)) {
2163 crm_trace("Action '%s' is required using %s", action, device->id);
2164 crm_xml_add_int(xml, F_STONITH_DEVICE_REQUIRED, 1);
2165 }
2166
2167 action_specific_timeout = get_action_timeout(device, action, 0);
2168 if (action_specific_timeout) {
2169 crm_trace("Action '%s' has timeout %dms using %s",
2170 action, action_specific_timeout, device->id);
2171 crm_xml_add_int(xml, F_STONITH_ACTION_TIMEOUT, action_specific_timeout);
2172 }
2173
2174 delay_max = get_action_delay_max(device, action);
2175 if (delay_max > 0) {
2176 crm_trace("Action '%s' has maximum random delay %dms using %s",
2177 action, delay_max, device->id);
2178 crm_xml_add_int(xml, F_STONITH_DELAY_MAX, delay_max / 1000);
2179 }
2180
2181 delay_base = get_action_delay_base(device, action, target);
2182 if (delay_base > 0) {
2183 crm_xml_add_int(xml, F_STONITH_DELAY_BASE, delay_base / 1000);
2184 }
2185
2186 if ((delay_max > 0) && (delay_base == 0)) {
2187 crm_trace("Action '%s' has maximum random delay %dms using %s",
2188 action, delay_max, device->id);
2189 } else if ((delay_max == 0) && (delay_base > 0)) {
2190 crm_trace("Action '%s' has a static delay of %dms using %s",
2191 action, delay_base, device->id);
2192 } else if ((delay_max > 0) && (delay_base > 0)) {
2193 crm_trace("Action '%s' has a minimum delay of %dms and a randomly chosen "
2194 "maximum delay of %dms using %s",
2195 action, delay_base, delay_max, device->id);
2196 }
2197 }
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209 static void
2210 add_disallowed(xmlNode *xml, const char *action, stonith_device_t *device,
2211 const char *target, gboolean allow_suicide)
2212 {
2213 if (!localhost_is_eligible(device, action, target, allow_suicide)) {
2214 crm_trace("Action '%s' using %s is disallowed for local host",
2215 action, device->id);
2216 pcmk__xe_set_bool_attr(xml, F_STONITH_ACTION_DISALLOWED, true);
2217 }
2218 }
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230 static void
2231 add_action_reply(xmlNode *xml, const char *action, stonith_device_t *device,
2232 const char *target, gboolean allow_suicide)
2233 {
2234 xmlNode *child = create_xml_node(xml, F_STONITH_ACTION);
2235
2236 crm_xml_add(child, XML_ATTR_ID, action);
2237 add_action_specific_attributes(child, action, device, target);
2238 add_disallowed(child, action, device, target, allow_suicide);
2239 }
2240
2241 static void
2242 stonith_query_capable_device_cb(GList * devices, void *user_data)
2243 {
2244 struct st_query_data *query = user_data;
2245 int available_devices = 0;
2246 xmlNode *dev = NULL;
2247 xmlNode *list = NULL;
2248 GList *lpc = NULL;
2249 pcmk__client_t *client = NULL;
2250
2251 if (query->client_id != NULL) {
2252 client = pcmk__find_client_by_id(query->client_id);
2253 if ((client == NULL) && (query->remote_peer == NULL)) {
2254 crm_trace("Skipping reply to %s: no longer a client",
2255 query->client_id);
2256 goto done;
2257 }
2258 }
2259
2260
2261 list = create_xml_node(NULL, __func__);
2262 crm_xml_add(list, F_STONITH_TARGET, query->target);
2263 for (lpc = devices; lpc != NULL; lpc = lpc->next) {
2264 stonith_device_t *device = g_hash_table_lookup(device_list, lpc->data);
2265 const char *action = query->action;
2266
2267 if (!device) {
2268
2269
2270 continue;
2271 }
2272
2273 available_devices++;
2274
2275 dev = create_xml_node(list, F_STONITH_DEVICE);
2276 crm_xml_add(dev, XML_ATTR_ID, device->id);
2277 crm_xml_add(dev, "namespace", device->namespace);
2278 crm_xml_add(dev, "agent", device->agent);
2279 crm_xml_add_int(dev, F_STONITH_DEVICE_VERIFIED, device->verified);
2280
2281
2282
2283
2284 if (!pcmk_is_set(device->flags, st_device_supports_reboot)
2285 && pcmk__str_eq(query->action, "reboot", pcmk__str_casei)) {
2286 crm_trace("%s doesn't support reboot, using values for off instead",
2287 device->id);
2288 action = "off";
2289 }
2290
2291
2292 add_action_specific_attributes(dev, action, device, query->target);
2293 if (pcmk__str_eq(query->action, "reboot", pcmk__str_casei)) {
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305 add_disallowed(dev, action, device, query->target,
2306 pcmk_is_set(query->call_options, st_opt_allow_suicide));
2307 add_action_reply(dev, "off", device, query->target,
2308 pcmk_is_set(query->call_options, st_opt_allow_suicide));
2309 add_action_reply(dev, "on", device, query->target, FALSE);
2310 }
2311
2312
2313 if (query->target == NULL) {
2314 xmlNode *attrs = create_xml_node(dev, XML_TAG_ATTRS);
2315
2316 g_hash_table_foreach(device->params, hash2field, attrs);
2317 }
2318 }
2319
2320 crm_xml_add_int(list, F_STONITH_AVAILABLE_DEVICES, available_devices);
2321 if (query->target) {
2322 crm_debug("Found %d matching device%s for target '%s'",
2323 available_devices, pcmk__plural_s(available_devices),
2324 query->target);
2325 } else {
2326 crm_debug("%d device%s installed",
2327 available_devices, pcmk__plural_s(available_devices));
2328 }
2329
2330 if (list != NULL) {
2331 crm_log_xml_trace(list, "Add query results");
2332 add_message_xml(query->reply, F_STONITH_CALLDATA, list);
2333 }
2334
2335 stonith_send_reply(query->reply, query->call_options, query->remote_peer,
2336 client);
2337
2338 done:
2339 free_xml(query->reply);
2340 free(query->remote_peer);
2341 free(query->client_id);
2342 free(query->target);
2343 free(query->action);
2344 free(query);
2345 free_xml(list);
2346 g_list_free_full(devices, free);
2347 }
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359 static void
2360 log_async_result(async_command_t *cmd, const pcmk__action_result_t *result,
2361 int pid, const char *next, bool op_merged)
2362 {
2363 int log_level = LOG_ERR;
2364 int output_log_level = LOG_NEVER;
2365 guint devices_remaining = g_list_length(cmd->device_next);
2366
2367 GString *msg = g_string_sized_new(80);
2368
2369
2370 if (pcmk__result_ok(result)) {
2371 log_level = (cmd->victim == NULL)? LOG_DEBUG : LOG_NOTICE;
2372 if ((result->action_stdout != NULL)
2373 && !pcmk__str_eq(cmd->action, "metadata", pcmk__str_casei)) {
2374 output_log_level = LOG_DEBUG;
2375 }
2376 next = NULL;
2377 } else {
2378 log_level = (cmd->victim == NULL)? LOG_NOTICE : LOG_ERR;
2379 if ((result->action_stdout != NULL)
2380 && !pcmk__str_eq(cmd->action, "metadata", pcmk__str_casei)) {
2381 output_log_level = LOG_WARNING;
2382 }
2383 }
2384
2385
2386 g_string_printf(msg, "Operation '%s' ", cmd->action);
2387 if (pid != 0) {
2388 g_string_append_printf(msg, "[%d] ", pid);
2389 }
2390 if (cmd->victim != NULL) {
2391 g_string_append_printf(msg, "targeting %s ", cmd->victim);
2392 }
2393 g_string_append_printf(msg, "using %s ", cmd->device);
2394
2395
2396 if (result->execution_status == PCMK_EXEC_DONE) {
2397 g_string_append_printf(msg, "returned %d", result->exit_status);
2398 } else {
2399 g_string_append_printf(msg, "could not be executed: %s",
2400 pcmk_exec_status_str(result->execution_status));
2401 }
2402
2403
2404 if (result->exit_reason != NULL) {
2405 g_string_append_printf(msg, " (%s)", result->exit_reason);
2406 }
2407 if (next != NULL) {
2408 g_string_append_printf(msg, ", retrying with %s", next);
2409 }
2410 if (devices_remaining > 0) {
2411 g_string_append_printf(msg, " (%u device%s remaining)",
2412 (unsigned int) devices_remaining,
2413 pcmk__plural_s(devices_remaining));
2414 }
2415 g_string_append_printf(msg, " " CRM_XS " %scall %d from %s",
2416 (op_merged? "merged " : ""), cmd->id,
2417 cmd->client_name);
2418
2419
2420 do_crm_log(log_level, "%s", msg->str);
2421 g_string_free(msg, TRUE);
2422
2423
2424 if (output_log_level != LOG_NEVER) {
2425 char *prefix = crm_strdup_printf("%s[%d]", cmd->device, pid);
2426
2427 crm_log_output(output_log_level, prefix, result->action_stdout);
2428 free(prefix);
2429 }
2430 }
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441 static void
2442 send_async_reply(async_command_t *cmd, const pcmk__action_result_t *result,
2443 int pid, bool merged)
2444 {
2445 xmlNode *reply = NULL;
2446 pcmk__client_t *client = NULL;
2447
2448 CRM_CHECK((cmd != NULL) && (result != NULL), return);
2449
2450 log_async_result(cmd, result, pid, NULL, merged);
2451
2452 if (cmd->client != NULL) {
2453 client = pcmk__find_client_by_id(cmd->client);
2454 if ((client == NULL) && (cmd->origin == NULL)) {
2455 crm_trace("Skipping reply to %s: no longer a client", cmd->client);
2456 return;
2457 }
2458 }
2459
2460 reply = construct_async_reply(cmd, result);
2461 if (merged) {
2462 pcmk__xe_set_bool_attr(reply, F_STONITH_MERGED, true);
2463 }
2464
2465 if (!stand_alone && pcmk__is_fencing_action(cmd->action)
2466 && pcmk__str_eq(cmd->origin, cmd->victim, pcmk__str_casei)) {
2467
2468
2469
2470 crm_trace("Broadcast '%s' result for %s (target was also originator)",
2471 cmd->action, cmd->victim);
2472 crm_xml_add(reply, F_SUBTYPE, "broadcast");
2473 crm_xml_add(reply, F_STONITH_OPERATION, T_STONITH_NOTIFY);
2474 send_cluster_message(NULL, crm_msg_stonith_ng, reply, FALSE);
2475 } else {
2476
2477 stonith_send_reply(reply, cmd->options, cmd->origin, client);
2478 }
2479
2480 crm_log_xml_trace(reply, "Reply");
2481 free_xml(reply);
2482
2483 if (stand_alone) {
2484
2485 xmlNode *notify_data = create_xml_node(NULL, T_STONITH_NOTIFY_FENCE);
2486
2487 stonith__xe_set_result(notify_data, result);
2488 crm_xml_add(notify_data, F_STONITH_TARGET, cmd->victim);
2489 crm_xml_add(notify_data, F_STONITH_OPERATION, cmd->op);
2490 crm_xml_add(notify_data, F_STONITH_DELEGATE, "localhost");
2491 crm_xml_add(notify_data, F_STONITH_DEVICE, cmd->device);
2492 crm_xml_add(notify_data, F_STONITH_REMOTE_OP_ID, cmd->remote_op_id);
2493 crm_xml_add(notify_data, F_STONITH_ORIGIN, cmd->client);
2494
2495 fenced_send_notification(T_STONITH_NOTIFY_FENCE, result, notify_data);
2496 fenced_send_notification(T_STONITH_NOTIFY_HISTORY, NULL, NULL);
2497 }
2498 }
2499
2500 static void
2501 cancel_stonith_command(async_command_t * cmd)
2502 {
2503 stonith_device_t *device;
2504
2505 CRM_CHECK(cmd != NULL, return);
2506
2507 if (!cmd->device) {
2508 return;
2509 }
2510
2511 device = g_hash_table_lookup(device_list, cmd->device);
2512
2513 if (device) {
2514 crm_trace("Cancel scheduled '%s' action using %s",
2515 cmd->action, device->id);
2516 device->pending_ops = g_list_remove(device->pending_ops, cmd);
2517 }
2518 }
2519
2520 static void
2521 st_child_done(int pid, const pcmk__action_result_t *result, void *user_data)
2522 {
2523 stonith_device_t *device = NULL;
2524 stonith_device_t *next_device = NULL;
2525 async_command_t *cmd = user_data;
2526
2527 GList *gIter = NULL;
2528 GList *gIterNext = NULL;
2529
2530 CRM_CHECK(cmd != NULL, return);
2531
2532 cmd->active_on = NULL;
2533
2534
2535 device = g_hash_table_lookup(device_list, cmd->device);
2536 if (device) {
2537 if (!device->verified && pcmk__result_ok(result) &&
2538 (pcmk__strcase_any_of(cmd->action, "list", "monitor", "status", NULL))) {
2539
2540 device->verified = TRUE;
2541 }
2542
2543 mainloop_set_trigger(device->work);
2544 }
2545
2546 if (pcmk__result_ok(result)) {
2547 GList *iter;
2548
2549 for (iter = cmd->device_next; iter != NULL; iter = iter->next) {
2550 next_device = g_hash_table_lookup(device_list, iter->data);
2551
2552 if (next_device != NULL && is_action_required(cmd->action, next_device)) {
2553 cmd->device_next = iter->next;
2554 break;
2555 }
2556 next_device = NULL;
2557 }
2558
2559 } else if ((cmd->device_next != NULL)
2560 && !is_action_required(cmd->action, device)) {
2561
2562
2563 next_device = g_hash_table_lookup(device_list, cmd->device_next->data);
2564 cmd->device_next = cmd->device_next->next;
2565 }
2566
2567
2568 if (next_device) {
2569 log_async_result(cmd, result, pid, next_device->id, false);
2570 schedule_stonith_command(cmd, next_device);
2571
2572 cmd = NULL;
2573 goto done;
2574 }
2575
2576 send_async_reply(cmd, result, pid, false);
2577
2578 if (!pcmk__result_ok(result)) {
2579 goto done;
2580 }
2581
2582
2583
2584
2585
2586 for (gIter = cmd_list; gIter != NULL; gIter = gIterNext) {
2587 async_command_t *cmd_other = gIter->data;
2588
2589 gIterNext = gIter->next;
2590
2591 if (cmd == cmd_other) {
2592 continue;
2593 }
2594
2595
2596
2597
2598
2599
2600
2601 if (pcmk__str_eq(cmd->client, cmd_other->client, pcmk__str_casei) ||
2602 !pcmk__str_eq(cmd->victim, cmd_other->victim, pcmk__str_casei) ||
2603 !pcmk__str_eq(cmd->action, cmd_other->action, pcmk__str_casei) ||
2604 !pcmk__str_eq(cmd->device, cmd_other->device, pcmk__str_casei)) {
2605
2606 continue;
2607 }
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617 crm_notice("Merging fencing action '%s' targeting %s originating from "
2618 "client %s with identical fencing request from client %s",
2619 cmd_other->action, cmd_other->victim, cmd_other->client_name,
2620 cmd->client_name);
2621
2622 cmd_list = g_list_remove_link(cmd_list, gIter);
2623
2624 send_async_reply(cmd_other, result, pid, true);
2625 cancel_stonith_command(cmd_other);
2626
2627 free_async_command(cmd_other);
2628 g_list_free_1(gIter);
2629 }
2630
2631 done:
2632 free_async_command(cmd);
2633 }
2634
2635 static gint
2636 sort_device_priority(gconstpointer a, gconstpointer b)
2637 {
2638 const stonith_device_t *dev_a = a;
2639 const stonith_device_t *dev_b = b;
2640
2641 if (dev_a->priority > dev_b->priority) {
2642 return -1;
2643 } else if (dev_a->priority < dev_b->priority) {
2644 return 1;
2645 }
2646 return 0;
2647 }
2648
2649 static void
2650 stonith_fence_get_devices_cb(GList * devices, void *user_data)
2651 {
2652 async_command_t *cmd = user_data;
2653 stonith_device_t *device = NULL;
2654 guint ndevices = g_list_length(devices);
2655
2656 crm_info("Found %d matching device%s for target '%s'",
2657 ndevices, pcmk__plural_s(ndevices), cmd->victim);
2658
2659 if (devices != NULL) {
2660
2661 devices = g_list_sort(devices, sort_device_priority);
2662 device = g_hash_table_lookup(device_list, devices->data);
2663 }
2664
2665 if (device == NULL) {
2666 pcmk__action_result_t result = PCMK__UNKNOWN_RESULT;
2667
2668 pcmk__format_result(&result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
2669 "No device configured for target '%s'",
2670 cmd->victim);
2671 send_async_reply(cmd, &result, 0, false);
2672 pcmk__reset_result(&result);
2673 free_async_command(cmd);
2674 g_list_free_full(devices, free);
2675
2676 } else {
2677 cmd->device_list = devices;
2678 cmd->device_next = devices->next;
2679 schedule_stonith_command(cmd, device);
2680 }
2681 }
2682
2683
2684
2685
2686
2687
2688
2689
2690 static void
2691 fence_locally(xmlNode *msg, pcmk__action_result_t *result)
2692 {
2693 const char *device_id = NULL;
2694 stonith_device_t *device = NULL;
2695 async_command_t *cmd = create_async_command(msg);
2696 xmlNode *dev = get_xpath_object("//@" F_STONITH_TARGET, msg, LOG_ERR);
2697
2698 CRM_CHECK(result != NULL, return);
2699
2700 if (cmd == NULL) {
2701 fenced_set_protocol_error(result);
2702 return;
2703 }
2704
2705 device_id = crm_element_value(dev, F_STONITH_DEVICE);
2706 if (device_id != NULL) {
2707 device = g_hash_table_lookup(device_list, device_id);
2708 if (device == NULL) {
2709 crm_err("Requested device '%s' is not available", device_id);
2710 pcmk__format_result(result, CRM_EX_ERROR, PCMK_EXEC_NO_FENCE_DEVICE,
2711 "Requested device '%s' not found", device_id);
2712 return;
2713 }
2714 schedule_stonith_command(cmd, device);
2715
2716 } else {
2717 const char *host = crm_element_value(dev, F_STONITH_TARGET);
2718
2719 if (pcmk_is_set(cmd->options, st_opt_cs_nodeid)) {
2720 int nodeid = 0;
2721 crm_node_t *node = NULL;
2722
2723 pcmk__scan_min_int(host, &nodeid, 0);
2724 node = pcmk__search_known_node_cache(nodeid, NULL, CRM_GET_PEER_ANY);
2725 if (node != NULL) {
2726 host = node->uname;
2727 }
2728 }
2729
2730
2731 get_capable_devices(host, cmd->action, cmd->default_timeout,
2732 TRUE, cmd, stonith_fence_get_devices_cb);
2733 }
2734
2735 pcmk__set_result(result, CRM_EX_OK, PCMK_EXEC_PENDING, NULL);
2736 }
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752 xmlNode *
2753 fenced_construct_reply(xmlNode *request, xmlNode *data,
2754 pcmk__action_result_t *result)
2755 {
2756 xmlNode *reply = NULL;
2757
2758 reply = create_xml_node(NULL, T_STONITH_REPLY);
2759
2760 crm_xml_add(reply, "st_origin", __func__);
2761 crm_xml_add(reply, F_TYPE, T_STONITH_NG);
2762 stonith__xe_set_result(reply, result);
2763
2764 if (request == NULL) {
2765
2766
2767
2768
2769
2770
2771 crm_warn("Missing request information for client notifications for "
2772 "operation with result '%s' (initiated before we came up?)",
2773 pcmk_exec_status_str(result->execution_status));
2774
2775 } else {
2776 const char *name = NULL;
2777 const char *value = NULL;
2778
2779
2780 const char *names[] = {
2781 F_STONITH_OPERATION,
2782 F_STONITH_CALLID,
2783 F_STONITH_CLIENTID,
2784 F_STONITH_CLIENTNAME,
2785 F_STONITH_REMOTE_OP_ID,
2786 F_STONITH_CALLOPTS
2787 };
2788
2789 for (int lpc = 0; lpc < PCMK__NELEM(names); lpc++) {
2790 name = names[lpc];
2791 value = crm_element_value(request, name);
2792 crm_xml_add(reply, name, value);
2793 }
2794 if (data != NULL) {
2795 add_message_xml(reply, F_STONITH_CALLDATA, data);
2796 }
2797 }
2798 return reply;
2799 }
2800
2801
2802
2803
2804
2805
2806
2807
2808 static xmlNode *
2809 construct_async_reply(async_command_t *cmd, const pcmk__action_result_t *result)
2810 {
2811 xmlNode *reply = create_xml_node(NULL, T_STONITH_REPLY);
2812
2813 crm_xml_add(reply, "st_origin", __func__);
2814 crm_xml_add(reply, F_TYPE, T_STONITH_NG);
2815 crm_xml_add(reply, F_STONITH_OPERATION, cmd->op);
2816 crm_xml_add(reply, F_STONITH_DEVICE, cmd->device);
2817 crm_xml_add(reply, F_STONITH_REMOTE_OP_ID, cmd->remote_op_id);
2818 crm_xml_add(reply, F_STONITH_CLIENTID, cmd->client);
2819 crm_xml_add(reply, F_STONITH_CLIENTNAME, cmd->client_name);
2820 crm_xml_add(reply, F_STONITH_TARGET, cmd->victim);
2821 crm_xml_add(reply, F_STONITH_ACTION, cmd->op);
2822 crm_xml_add(reply, F_STONITH_ORIGIN, cmd->origin);
2823 crm_xml_add_int(reply, F_STONITH_CALLID, cmd->id);
2824 crm_xml_add_int(reply, F_STONITH_CALLOPTS, cmd->options);
2825
2826 stonith__xe_set_result(reply, result);
2827 return reply;
2828 }
2829
2830 bool fencing_peer_active(crm_node_t *peer)
2831 {
2832 if (peer == NULL) {
2833 return FALSE;
2834 } else if (peer->uname == NULL) {
2835 return FALSE;
2836 } else if (pcmk_is_set(peer->processes, crm_get_cluster_proc())) {
2837 return TRUE;
2838 }
2839 return FALSE;
2840 }
2841
2842 void
2843 set_fencing_completed(remote_fencing_op_t *op)
2844 {
2845 struct timespec tv;
2846
2847 qb_util_timespec_from_epoch_get(&tv);
2848 op->completed = tv.tv_sec;
2849 op->completed_nsec = tv.tv_nsec;
2850 }
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861 static const char *
2862 check_alternate_host(const char *target)
2863 {
2864 const char *alternate_host = NULL;
2865
2866 crm_trace("Checking if we (%s) can fence %s", stonith_our_uname, target);
2867 if (find_topology_for_host(target) && pcmk__str_eq(target, stonith_our_uname, pcmk__str_casei)) {
2868 GHashTableIter gIter;
2869 crm_node_t *entry = NULL;
2870
2871 g_hash_table_iter_init(&gIter, crm_peer_cache);
2872 while (g_hash_table_iter_next(&gIter, NULL, (void **)&entry)) {
2873 crm_trace("Checking for %s.%d != %s", entry->uname, entry->id, target);
2874 if (fencing_peer_active(entry)
2875 && !pcmk__str_eq(entry->uname, target, pcmk__str_casei)) {
2876 alternate_host = entry->uname;
2877 break;
2878 }
2879 }
2880 if (alternate_host == NULL) {
2881 crm_err("No alternate host available to handle request "
2882 "for self-fencing with topology");
2883 g_hash_table_iter_init(&gIter, crm_peer_cache);
2884 while (g_hash_table_iter_next(&gIter, NULL, (void **)&entry)) {
2885 crm_notice("Peer[%d] %s", entry->id, entry->uname);
2886 }
2887 }
2888 }
2889
2890 return alternate_host;
2891 }
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902 static void
2903 stonith_send_reply(xmlNode *reply, int call_options, const char *remote_peer,
2904 pcmk__client_t *client)
2905 {
2906 CRM_CHECK((reply != NULL) && ((remote_peer != NULL) || (client != NULL)),
2907 return);
2908
2909 if (remote_peer == NULL) {
2910 do_local_reply(reply, client, call_options);
2911 } else {
2912 send_cluster_message(crm_get_peer(0, remote_peer), crm_msg_stonith_ng,
2913 reply, FALSE);
2914 }
2915 }
2916
2917 static void
2918 remove_relay_op(xmlNode * request)
2919 {
2920 xmlNode *dev = get_xpath_object("//@" F_STONITH_ACTION, request, LOG_TRACE);
2921 const char *relay_op_id = NULL;
2922 const char *op_id = NULL;
2923 const char *client_name = NULL;
2924 const char *target = NULL;
2925 remote_fencing_op_t *relay_op = NULL;
2926
2927 if (dev) {
2928 target = crm_element_value(dev, F_STONITH_TARGET);
2929 }
2930
2931 relay_op_id = crm_element_value(request, F_STONITH_REMOTE_OP_ID_RELAY);
2932 op_id = crm_element_value(request, F_STONITH_REMOTE_OP_ID);
2933 client_name = crm_element_value(request, F_STONITH_CLIENTNAME);
2934
2935
2936 if (relay_op_id && target && pcmk__str_eq(target, stonith_our_uname, pcmk__str_casei)) {
2937 relay_op = g_hash_table_lookup(stonith_remote_op_list, relay_op_id);
2938
2939 if (relay_op) {
2940 GHashTableIter iter;
2941 remote_fencing_op_t *list_op = NULL;
2942 g_hash_table_iter_init(&iter, stonith_remote_op_list);
2943
2944
2945 while (g_hash_table_iter_next(&iter, NULL, (void **)&list_op)) {
2946 GList *dup_iter = NULL;
2947 if (list_op != relay_op) {
2948 for (dup_iter = list_op->duplicates; dup_iter != NULL; dup_iter = dup_iter->next) {
2949 remote_fencing_op_t *other = dup_iter->data;
2950 if (other == relay_op) {
2951 other->duplicates = g_list_remove(other->duplicates, relay_op);
2952 break;
2953 }
2954 }
2955 }
2956 }
2957 crm_debug("Deleting relay op %s ('%s' targeting %s for %s), "
2958 "replaced by op %s ('%s' targeting %s for %s)",
2959 relay_op->id, relay_op->action, relay_op->target,
2960 relay_op->client_name, op_id, relay_op->action, target,
2961 client_name);
2962
2963 g_hash_table_remove(stonith_remote_op_list, relay_op_id);
2964 }
2965 }
2966 }
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982 static inline bool
2983 is_privileged(pcmk__client_t *c, const char *op)
2984 {
2985 if ((c == NULL) || pcmk_is_set(c->flags, pcmk__client_privileged)) {
2986 return true;
2987 } else {
2988 crm_warn("Rejecting IPC request '%s' from unprivileged client %s",
2989 crm_str(op), pcmk__client_name(c));
2990 return false;
2991 }
2992 }
2993
2994
2995 static xmlNode *
2996 handle_register_request(pcmk__request_t *request)
2997 {
2998 xmlNode *reply = create_xml_node(NULL, "reply");
2999
3000 CRM_ASSERT(request->ipc_client != NULL);
3001 crm_xml_add(reply, F_STONITH_OPERATION, CRM_OP_REGISTER);
3002 crm_xml_add(reply, F_STONITH_CLIENTID, request->ipc_client->id);
3003 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3004 pcmk__set_request_flags(request, pcmk__request_reuse_options);
3005 return reply;
3006 }
3007
3008
3009 static xmlNode *
3010 handle_agent_request(pcmk__request_t *request)
3011 {
3012 execute_agent_action(request->xml, &request->result);
3013 if (request->result.execution_status == PCMK_EXEC_PENDING) {
3014 return NULL;
3015 }
3016 return fenced_construct_reply(request->xml, NULL, &request->result);
3017 }
3018
3019
3020 static xmlNode *
3021 handle_update_timeout_request(pcmk__request_t *request)
3022 {
3023 const char *call_id = crm_element_value(request->xml, F_STONITH_CALLID);
3024 const char *client_id = crm_element_value(request->xml, F_STONITH_CLIENTID);
3025 int op_timeout = 0;
3026
3027 crm_element_value_int(request->xml, F_STONITH_TIMEOUT, &op_timeout);
3028 do_stonith_async_timeout_update(client_id, call_id, op_timeout);
3029 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3030 return NULL;
3031 }
3032
3033
3034 static xmlNode *
3035 handle_query_request(pcmk__request_t *request)
3036 {
3037 int timeout = 0;
3038 xmlNode *dev = NULL;
3039 const char *action = NULL;
3040 const char *target = NULL;
3041 const char *client_id = crm_element_value(request->xml, F_STONITH_CLIENTID);
3042 struct st_query_data *query = NULL;
3043
3044 if (request->peer != NULL) {
3045
3046 create_remote_stonith_op(client_id, request->xml, TRUE);
3047 }
3048
3049
3050 remove_relay_op(request->xml);
3051
3052 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3053
3054 dev = get_xpath_object("//@" F_STONITH_ACTION, request->xml, LOG_NEVER);
3055 if (dev != NULL) {
3056 const char *device = crm_element_value(dev, F_STONITH_DEVICE);
3057
3058 if (pcmk__str_eq(device, "manual_ack", pcmk__str_casei)) {
3059 return NULL;
3060 }
3061 target = crm_element_value(dev, F_STONITH_TARGET);
3062 action = crm_element_value(dev, F_STONITH_ACTION);
3063 }
3064
3065 crm_log_xml_debug(request->xml, "Query");
3066
3067 query = calloc(1, sizeof(struct st_query_data));
3068 CRM_ASSERT(query != NULL);
3069
3070 query->reply = fenced_construct_reply(request->xml, NULL, &request->result);
3071 pcmk__str_update(&query->remote_peer, request->peer);
3072 pcmk__str_update(&query->client_id, client_id);
3073 pcmk__str_update(&query->target, target);
3074 pcmk__str_update(&query->action, action);
3075 query->call_options = request->call_options;
3076
3077 crm_element_value_int(request->xml, F_STONITH_TIMEOUT, &timeout);
3078 get_capable_devices(target, action, timeout,
3079 pcmk_is_set(query->call_options, st_opt_allow_suicide),
3080 query, stonith_query_capable_device_cb);
3081 return NULL;
3082 }
3083
3084
3085 static xmlNode *
3086 handle_notify_request(pcmk__request_t *request)
3087 {
3088 const char *flag_name = NULL;
3089
3090 CRM_ASSERT(request->ipc_client != NULL);
3091 flag_name = crm_element_value(request->xml, F_STONITH_NOTIFY_ACTIVATE);
3092 if (flag_name != NULL) {
3093 crm_debug("Enabling %s callbacks for client %s",
3094 flag_name, pcmk__request_origin(request));
3095 pcmk__set_client_flags(request->ipc_client, get_stonith_flag(flag_name));
3096 }
3097
3098 flag_name = crm_element_value(request->xml, F_STONITH_NOTIFY_DEACTIVATE);
3099 if (flag_name != NULL) {
3100 crm_debug("Disabling %s callbacks for client %s",
3101 flag_name, pcmk__request_origin(request));
3102 pcmk__clear_client_flags(request->ipc_client,
3103 get_stonith_flag(flag_name));
3104 }
3105
3106 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3107 pcmk__set_request_flags(request, pcmk__request_reuse_options);
3108
3109 return pcmk__ipc_create_ack(request->ipc_flags, "ack", CRM_EX_OK);
3110 }
3111
3112
3113 static xmlNode *
3114 handle_relay_request(pcmk__request_t *request)
3115 {
3116 xmlNode *dev = get_xpath_object("//@" F_STONITH_TARGET, request->xml,
3117 LOG_TRACE);
3118
3119 crm_notice("Received forwarded fencing request from "
3120 "%s %s to fence (%s) peer %s",
3121 pcmk__request_origin_type(request),
3122 pcmk__request_origin(request),
3123 crm_element_value(dev, F_STONITH_ACTION),
3124 crm_element_value(dev, F_STONITH_TARGET));
3125
3126 if (initiate_remote_stonith_op(NULL, request->xml, FALSE) == NULL) {
3127 fenced_set_protocol_error(&request->result);
3128 return fenced_construct_reply(request->xml, NULL, &request->result);
3129 }
3130
3131 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING, NULL);
3132 return NULL;
3133 }
3134
3135
3136 static xmlNode *
3137 handle_fence_request(pcmk__request_t *request)
3138 {
3139 if ((request->peer != NULL) || stand_alone) {
3140 fence_locally(request->xml, &request->result);
3141
3142 } else if (pcmk_is_set(request->call_options, st_opt_manual_ack)) {
3143 switch (fenced_handle_manual_confirmation(request->ipc_client,
3144 request->xml)) {
3145 case pcmk_rc_ok:
3146 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE,
3147 NULL);
3148 break;
3149 case EINPROGRESS:
3150 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING,
3151 NULL);
3152 break;
3153 default:
3154 fenced_set_protocol_error(&request->result);
3155 break;
3156 }
3157
3158 } else {
3159 const char *alternate_host = NULL;
3160 xmlNode *dev = get_xpath_object("//@" F_STONITH_TARGET, request->xml,
3161 LOG_TRACE);
3162 const char *target = crm_element_value(dev, F_STONITH_TARGET);
3163 const char *action = crm_element_value(dev, F_STONITH_ACTION);
3164 const char *device = crm_element_value(dev, F_STONITH_DEVICE);
3165
3166 if (request->ipc_client != NULL) {
3167 int tolerance = 0;
3168
3169 crm_notice("Client %s wants to fence (%s) %s using %s",
3170 pcmk__request_origin(request), action,
3171 target, (device? device : "any device"));
3172 crm_element_value_int(dev, F_STONITH_TOLERANCE, &tolerance);
3173 if (stonith_check_fence_tolerance(tolerance, target, action)) {
3174 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE,
3175 NULL);
3176 return fenced_construct_reply(request->xml, NULL,
3177 &request->result);
3178 }
3179
3180 } else {
3181 crm_notice("Peer %s wants to fence (%s) '%s' with device '%s'",
3182 request->peer, action, target,
3183 (device == NULL)? "(any)" : device);
3184 }
3185
3186 alternate_host = check_alternate_host(target);
3187
3188 if ((alternate_host != NULL) && (request->ipc_client != NULL)) {
3189 const char *client_id = NULL;
3190 remote_fencing_op_t *op = NULL;
3191
3192 crm_notice("Forwarding self-fencing request to peer %s "
3193 "due to topology", alternate_host);
3194
3195 if (request->ipc_client->id == 0) {
3196 client_id = crm_element_value(request->xml, F_STONITH_CLIENTID);
3197 } else {
3198 client_id = request->ipc_client->id;
3199 }
3200
3201
3202
3203
3204
3205 op = create_remote_stonith_op(client_id, request->xml, FALSE);
3206
3207 crm_xml_add(request->xml, F_STONITH_OPERATION, STONITH_OP_RELAY);
3208 crm_xml_add(request->xml, F_STONITH_CLIENTID,
3209 request->ipc_client->id);
3210 crm_xml_add(request->xml, F_STONITH_REMOTE_OP_ID, op->id);
3211 send_cluster_message(crm_get_peer(0, alternate_host),
3212 crm_msg_stonith_ng, request->xml, FALSE);
3213 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING,
3214 NULL);
3215
3216 } else if (initiate_remote_stonith_op(request->ipc_client, request->xml,
3217 FALSE) == NULL) {
3218 fenced_set_protocol_error(&request->result);
3219
3220 } else {
3221 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_PENDING,
3222 NULL);
3223 }
3224 }
3225
3226 if (request->result.execution_status == PCMK_EXEC_PENDING) {
3227 return NULL;
3228 }
3229 return fenced_construct_reply(request->xml, NULL, &request->result);
3230 }
3231
3232
3233 static xmlNode *
3234 handle_history_request(pcmk__request_t *request)
3235 {
3236 xmlNode *reply = NULL;
3237 xmlNode *data = NULL;
3238
3239 stonith_fence_history(request->xml, &data, request->peer,
3240 request->call_options);
3241 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3242 if (!pcmk_is_set(request->call_options, st_opt_discard_reply)) {
3243
3244
3245
3246 reply = fenced_construct_reply(request->xml, data, &request->result);
3247 }
3248 free_xml(data);
3249 return reply;
3250 }
3251
3252
3253 static xmlNode *
3254 handle_device_add_request(pcmk__request_t *request)
3255 {
3256 const char *device_id = NULL;
3257 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3258
3259 if (is_privileged(request->ipc_client, op)) {
3260 int rc = stonith_device_register(request->xml, &device_id, FALSE);
3261
3262 pcmk__set_result(&request->result,
3263 ((rc == pcmk_ok)? CRM_EX_OK : CRM_EX_ERROR),
3264 stonith__legacy2status(rc),
3265 ((rc == pcmk_ok)? NULL : pcmk_strerror(rc)));
3266 } else {
3267 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3268 PCMK_EXEC_INVALID,
3269 "Unprivileged users must register device via CIB");
3270 }
3271 fenced_send_device_notification(op, &request->result, device_id);
3272 return fenced_construct_reply(request->xml, NULL, &request->result);
3273 }
3274
3275
3276 static xmlNode *
3277 handle_device_delete_request(pcmk__request_t *request)
3278 {
3279 xmlNode *dev = get_xpath_object("//" F_STONITH_DEVICE, request->xml,
3280 LOG_ERR);
3281 const char *device_id = crm_element_value(dev, XML_ATTR_ID);
3282 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3283
3284 if (is_privileged(request->ipc_client, op)) {
3285 stonith_device_remove(device_id, false);
3286 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3287 } else {
3288 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3289 PCMK_EXEC_INVALID,
3290 "Unprivileged users must delete device via CIB");
3291 }
3292 fenced_send_device_notification(op, &request->result, device_id);
3293 return fenced_construct_reply(request->xml, NULL, &request->result);
3294 }
3295
3296
3297 static xmlNode *
3298 handle_level_add_request(pcmk__request_t *request)
3299 {
3300 char *device_id = NULL;
3301 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3302
3303 if (is_privileged(request->ipc_client, op)) {
3304 fenced_register_level(request->xml, &device_id, &request->result);
3305 } else {
3306 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3307 PCMK_EXEC_INVALID,
3308 "Unprivileged users must add level via CIB");
3309 }
3310 fenced_send_level_notification(op, &request->result, device_id);
3311 free(device_id);
3312 return fenced_construct_reply(request->xml, NULL, &request->result);
3313 }
3314
3315
3316 static xmlNode *
3317 handle_level_delete_request(pcmk__request_t *request)
3318 {
3319 char *device_id = NULL;
3320 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3321
3322 if (is_privileged(request->ipc_client, op)) {
3323 fenced_unregister_level(request->xml, &device_id, &request->result);
3324 } else {
3325 pcmk__set_result(&request->result, CRM_EX_INSUFFICIENT_PRIV,
3326 PCMK_EXEC_INVALID,
3327 "Unprivileged users must delete level via CIB");
3328 }
3329 fenced_send_level_notification(op, &request->result, device_id);
3330 free(device_id);
3331 return fenced_construct_reply(request->xml, NULL, &request->result);
3332 }
3333
3334
3335 static xmlNode *
3336 handle_cache_request(pcmk__request_t *request)
3337 {
3338 int node_id = 0;
3339 const char *name = NULL;
3340
3341 crm_element_value_int(request->xml, XML_ATTR_ID, &node_id);
3342 name = crm_element_value(request->xml, XML_ATTR_UNAME);
3343 reap_crm_member(node_id, name);
3344 pcmk__set_result(&request->result, CRM_EX_OK, PCMK_EXEC_DONE, NULL);
3345 return NULL;
3346 }
3347
3348 static xmlNode *
3349 handle_unknown_request(pcmk__request_t *request)
3350 {
3351 const char *op = crm_element_value(request->xml, F_STONITH_OPERATION);
3352
3353 crm_err("Unknown IPC request %s from %s %s",
3354 op, pcmk__request_origin_type(request),
3355 pcmk__request_origin(request));
3356 pcmk__format_result(&request->result, CRM_EX_PROTOCOL, PCMK_EXEC_INVALID,
3357 "Unknown IPC request type '%s' (bug?)", crm_str(op));
3358 return fenced_construct_reply(request->xml, NULL, &request->result);
3359 }
3360
3361 static void
3362 fenced_register_handlers(void)
3363 {
3364 pcmk__server_command_t handlers[] = {
3365 { CRM_OP_REGISTER, handle_register_request },
3366 { STONITH_OP_EXEC, handle_agent_request },
3367 { STONITH_OP_TIMEOUT_UPDATE, handle_update_timeout_request },
3368 { STONITH_OP_QUERY, handle_query_request },
3369 { T_STONITH_NOTIFY, handle_notify_request },
3370 { STONITH_OP_RELAY, handle_relay_request },
3371 { STONITH_OP_FENCE, handle_fence_request },
3372 { STONITH_OP_FENCE_HISTORY, handle_history_request },
3373 { STONITH_OP_DEVICE_ADD, handle_device_add_request },
3374 { STONITH_OP_DEVICE_DEL, handle_device_delete_request },
3375 { STONITH_OP_LEVEL_ADD, handle_level_add_request },
3376 { STONITH_OP_LEVEL_DEL, handle_level_delete_request },
3377 { CRM_OP_RM_NODE_CACHE, handle_cache_request },
3378 { NULL, handle_unknown_request },
3379 };
3380
3381 fenced_handlers = pcmk__register_handlers(handlers);
3382 }
3383
3384 void
3385 fenced_unregister_handlers(void)
3386 {
3387 if (fenced_handlers != NULL) {
3388 g_hash_table_destroy(fenced_handlers);
3389 fenced_handlers = NULL;
3390 }
3391 }
3392
3393 static void
3394 handle_request(pcmk__request_t *request)
3395 {
3396 xmlNode *reply = NULL;
3397 const char *reason = NULL;
3398
3399 if (fenced_handlers == NULL) {
3400 fenced_register_handlers();
3401 }
3402 reply = pcmk__process_request(request, fenced_handlers);
3403 if (reply != NULL) {
3404 if (pcmk_is_set(request->flags, pcmk__request_reuse_options)
3405 && (request->ipc_client != NULL)) {
3406
3407
3408
3409
3410 pcmk__ipc_send_xml(request->ipc_client, request->ipc_id, reply,
3411 request->ipc_flags);
3412 request->ipc_client->request_id = 0;
3413 } else {
3414 stonith_send_reply(reply, request->call_options,
3415 request->peer, request->ipc_client);
3416 }
3417 free_xml(reply);
3418 }
3419
3420 reason = request->result.exit_reason;
3421 crm_debug("Processed %s request from %s %s: %s%s%s%s",
3422 request->op, pcmk__request_origin_type(request),
3423 pcmk__request_origin(request),
3424 pcmk_exec_status_str(request->result.execution_status),
3425 (reason == NULL)? "" : " (",
3426 (reason == NULL)? "" : reason,
3427 (reason == NULL)? "" : ")");
3428 }
3429
3430 static void
3431 handle_reply(pcmk__client_t *client, xmlNode *request, const char *remote_peer)
3432 {
3433
3434 char *op = crm_element_value_copy(request, F_STONITH_OPERATION);
3435
3436 if (pcmk__str_eq(op, STONITH_OP_QUERY, pcmk__str_none)) {
3437 process_remote_stonith_query(request);
3438 } else if (pcmk__str_any_of(op, T_STONITH_NOTIFY, STONITH_OP_FENCE, NULL)) {
3439 fenced_process_fencing_reply(request);
3440 } else {
3441 crm_err("Ignoring unknown %s reply from %s %s",
3442 crm_str(op), ((client == NULL)? "peer" : "client"),
3443 ((client == NULL)? remote_peer : pcmk__client_name(client)));
3444 crm_log_xml_warn(request, "UnknownOp");
3445 free(op);
3446 return;
3447 }
3448 crm_debug("Processed %s reply from %s %s",
3449 op, ((client == NULL)? "peer" : "client"),
3450 ((client == NULL)? remote_peer : pcmk__client_name(client)));
3451 free(op);
3452 }
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464 void
3465 stonith_command(pcmk__client_t *client, uint32_t id, uint32_t flags,
3466 xmlNode *message, const char *remote_peer)
3467 {
3468 int call_options = st_opt_none;
3469 bool is_reply = false;
3470
3471 CRM_CHECK(message != NULL, return);
3472
3473 if (get_xpath_object("//" T_STONITH_REPLY, message, LOG_NEVER) != NULL) {
3474 is_reply = true;
3475 }
3476 crm_element_value_int(message, F_STONITH_CALLOPTS, &call_options);
3477 crm_debug("Processing %ssynchronous %s %s %u from %s %s",
3478 pcmk_is_set(call_options, st_opt_sync_call)? "" : "a",
3479 crm_element_value(message, F_STONITH_OPERATION),
3480 (is_reply? "reply" : "request"), id,
3481 ((client == NULL)? "peer" : "client"),
3482 ((client == NULL)? remote_peer : pcmk__client_name(client)));
3483
3484 if (pcmk_is_set(call_options, st_opt_sync_call)) {
3485 CRM_ASSERT(client == NULL || client->request_id == id);
3486 }
3487
3488 if (is_reply) {
3489 handle_reply(client, message, remote_peer);
3490 } else {
3491 pcmk__request_t request = {
3492 .ipc_client = client,
3493 .ipc_id = id,
3494 .ipc_flags = flags,
3495 .peer = remote_peer,
3496 .xml = message,
3497 .call_options = call_options,
3498 .result = PCMK__UNKNOWN_RESULT,
3499 };
3500
3501 request.op = crm_element_value_copy(request.xml, F_STONITH_OPERATION);
3502 CRM_CHECK(request.op != NULL, return);
3503
3504 if (pcmk_is_set(request.call_options, st_opt_sync_call)) {
3505 pcmk__set_request_flags(&request, pcmk__request_sync);
3506 }
3507
3508 handle_request(&request);
3509 pcmk__reset_request(&request);
3510 }
3511 }
![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
![[next]](../icons/right.png)
![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
![[previous]](../icons/left.png)
![[last]](../icons/n_last.png)
![[bottom]](../icons/n_bottom.png){kind=icon}