glusterd/geo-rep: Allow gverify.sh and S56glusterd-geo-rep-create-post.sh

to operate for non-root privileged slave volume

Mounting the slave-volume on local node, to perform disk checks
in order to allow gverify.sh to operate for non-root privileged
slave volume

Allowing the hook script S56glusterd-geo-rep-create-post.sh
to operate for non-root privileged slave volume

Modified peer_add_secret_pub.in to accept username as argument
and add the pem keys to the users's_home_dir/.ssh/authorized_keys

Wrote set_geo_rep_pem_keys.sh which accepts username as argument
and copies the pem keys from the user's home directory to
$GLUSTERD_WORKING_DIR/geo-replication/ and then copies the keys
to other nodes in the cluster and add them to the respective
authorized keys. The script takes as argument the user name and
assumes that the user will be present in all the nodes in the
cluster. It is not needed for root.

To summarize:
For a privileged slave user, execute the following on master node as super user:
gluster system:: execute gsec_create
gluster volume geo-replication <master_vol> [root@]<slave_ip>::<slave_vol> create push_pem

For a non-privileged slave user execute the following on master node as super user:
gluster system:: execute gsec_create
gluster volume geo-replication <master_vol> <slave_user>@<slave_ip>::<slave_vol> create push_pem
then on the slave node execute the following as super user:
/usr/local/libexec/glusterfs/set_geo_rep_pem_keys.sh <slave_user>

BUG: 1077452
Change-Id: I88020968aa5b13a2c2ab86b1d6661b60071f6f5e
Signed-off-by: Avra Sengupta <asengupt@redhat.com>
Reviewed-on: http://review.gluster.org/7744
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Venky Shankar <vshankar@redhat.com>
Tested-by: Venky Shankar <vshankar@redhat.com>

1 files changed, 37 insertions, 32 deletions

diff --git a/geo-replication/src/gverify.sh b/geo-replication/src/gverify.sh
index e9c9b28837d..c986f78a7ea 100755
--- a/geo-replication/src/gverify.sh
+++ b/geo-replication/src/gverify.sh
@@ -49,29 +49,13 @@ echo $cmd_line;
 
 function cmd_slave()
 {
-    VOL=$1;
     local cmd_line;
     cmd_line=$(cat <<EOF
 function do_verify() {
-v=\$1;
-d=\$(mktemp -d 2>/dev/null);
-glusterfs -s localhost --xlator-option="*dht.lookup-unhashed=off" --volfile-id \$v -l $slave_log_file \$d;
-i=\$(stat -c "%i" \$d);
-if [[ "\$i" -ne "1" ]]; then
-echo 0:0;
-exit 1;
-fi;
-cd \$d;
-disk_size=\$(df -B1 \$d | tail -1 | awk "{print \\\$2}");
-used_size=\$(df -B1 \$d | tail -1 | awk "{print \\\$3}");
-no_of_files=\$(find  \$d -maxdepth 0 -empty);
-umount -l \$d;
-rmdir \$d;
 ver=\$(gluster --version | head -1 | cut -f2 -d " ");
-echo \$disk_size:\$used_size:\$ver:\$no_of_files;
+echo \$ver;
 };
-cd /tmp;
-[ x$VOL != x ] && do_verify $VOL;
+source /etc/profile && do_verify;
 EOF
 );
 
@@ -89,37 +73,58 @@ function master_stats()
 
 function slave_stats()
 {
-    SLAVEHOST=$1;
-    SLAVEVOL=$2;
+    SLAVEUSER=$1;
+    SLAVEHOST=$2;
+    SLAVEVOL=$3;
     local cmd_line;
-    cmd_line=$(cmd_slave $SLAVEVOL);
-    SSHM $SLAVEHOST bash -c "'$cmd_line'";
+    local ver;
+    local status;
+
+    d=$(mktemp -d 2>/dev/null);
+    glusterfs --xlator-option="*dht.lookup-unhashed=off" --volfile-server $SLAVEHOST --volfile-id $SLAVEVOL -l $slave_log_file \$d;
+    mount -t glusterfs $SLAVEHOST:$SLAVEVOL $d
+    i=$(stat -c "%i" $d);
+    if [[ "$i" -ne "1" ]]; then
+        echo 0:0;
+        exit 1;
+    fi;
+    cd $d;
+    disk_size=$(df -B1 $d | tail -1 | awk "{print \$2}");
+    used_size=$(df -B1 $d | tail -1 | awk "{print \$3}");
+    no_of_files=$(find  $d -maxdepth 0 -empty);
+    umount -l $d;
+    rmdir $d;
+
+    cmd_line=$(cmd_slave);
+    ver=`SSHM $SLAVEUSER@$SLAVEHOST bash -c "'$cmd_line'"`;
+    status=$disk_size:$used_size:$ver:$no_of_files;
+    echo $status
 }
 
 
 function main()
 {
-    log_file=$4
+    log_file=$5
     > $log_file
 
     # Use FORCE_BLOCKER flag in the error message to differentiate
     # between the errors which the force command should bypass
 
-    ping -w 5 $2;
+    ping -w 5 $3;
     if [ $? -ne 0 ]; then
-        echo "FORCE_BLOCKER|$2 not reachable." > $log_file
+        echo "FORCE_BLOCKER|$3 not reachable." > $log_file
         exit 1;
     fi;
 
-    ssh -oNumberOfPasswordPrompts=0 $2 "echo Testing_Passwordless_SSH";
+    ssh -oNumberOfPasswordPrompts=0 $2@$3 "echo Testing_Passwordless_SSH";
     if [ $? -ne 0 ]; then
-        echo "FORCE_BLOCKER|Passwordless ssh login has not been setup with $2." > $log_file
+        echo "FORCE_BLOCKER|Passwordless ssh login has not been setup with $3 for user $2." > $log_file
         exit 1;
     fi;
 
     ERRORS=0;
     master_data=$(master_stats $1);
-    slave_data=$(slave_stats $2 $3);
+    slave_data=$(slave_stats $2 $3 $4);
     master_disk_size=$(echo $master_data | cut -f1 -d':');
     slave_disk_size=$(echo $slave_data | cut -f1 -d':');
     master_used_size=$(echo $master_data | cut -f2 -d':');
@@ -129,7 +134,7 @@ function main()
     slave_no_of_files=$(echo $slave_data | cut -f4 -d':');
 
     if [[ "x$master_disk_size" = "x" || "x$master_version" = "x" || "$master_disk_size" -eq "0" ]]; then
-	echo "FORCE_BLOCKER|Unable to fetch master volume details. Please check the master cluster and master volume." > $log_file;
+        echo "FORCE_BLOCKER|Unable to fetch master volume details. Please check the master cluster and master volume." > $log_file;
 	exit 1;
     fi;
 
@@ -157,13 +162,13 @@ function main()
     fi
 
     if [ -z $slave_no_of_files ]; then
-        echo "$2::$3 is not empty. Please delete existing files in $2::$3 and retry, or use force to continue without deleting the existing files." >> $log_file;
+        echo "$3::$4 is not empty. Please delete existing files in $3::$4 and retry, or use force to continue without deleting the existing files." >> $log_file;
         ERRORS=$(($ERRORS + 1));
     fi;
 
     if [[ $master_version > $slave_version ]]; then
-	echo "Gluster version mismatch between master and slave." >> $log_file;
-	ERRORS=$(($ERRORS + 1));
+        echo "Gluster version mismatch between master and slave." >> $log_file;
+        ERRORS=$(($ERRORS + 1));
     fi;
 
     exit $ERRORS;