summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* glusterd: Handle restoring of volumes created in older versions.Krishnan Parthasarathi2011-10-051-15/+28
| | | | | | | | Change-Id: Idd9cb9d05122750ac78410b8f5a080104d6c1e0a BUG: 3685 Reviewed-on: http://review.gluster.com/554 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* glusterd: Shouldn't inject COMMIT_ACC event before receiving ACC from all peers.Krishnan Parthasarathi2011-10-051-1/+3
| | | | | | | | Change-Id: I88b9935f93d9a06e46c3351c2fd37c969396bb0a BUG: 3683 Reviewed-on: http://review.gluster.com/553 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* cluster/afr: set the read child ctx only if the self-heal source is validv3.3.0qa14Raghavendra Bhat2011-10-031-4/+4
| | | | | | | | Change-Id: Ifdf0db71594ce526ad85c21103726798d9aceef4 BUG: 3639 Reviewed-on: http://review.gluster.com/556 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* core: made changes to return value of __is_root_gfid()Amar Tumballi2011-10-026-11/+13
| | | | | | | | | | | now returns 'true(1)' is gfid is root, 'false(0)' if not. earlier it was the inverse, which was bit confusing Change-Id: Id103f444ace048cbb0fccdc72c6646da06631584 BUG: 3518 Reviewed-on: http://review.gluster.com/549 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* libglusterfs/syncop: do not rely on synctask set in makecontextRaghavendra Bhat2011-10-021-1/+6
| | | | | | | | | | | | | | Across glibc implementations, interpretation of argc/argv passed to makecontext() is different. This patch does away with dependence on such arguments passed to makecontext(). Instead,synctask reference is retrieved from pthread_getspecific(). Change-Id: Ie01feaa0b7d430f8782c2f6805ccdf8026e401f4 BUG: 3636 Reviewed-on: http://review.gluster.com/547 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* statedump: do not print the inode number in the statedumpRaghavendra Bhat2011-10-0117-492/+232
| | | | | | | | | | | | | Since gfid is used to uniquely identify a inode, in the statedump printing inode number is not necessary. Its suffecient if the gfid of the inode is printed. And do not print the the inodelks, entrylks and posixlks if the lock count is 0. Change-Id: Idac115fbce3a5684a0f02f8f5f20b194df8fb27f BUG: 3476 Reviewed-on: http://review.gluster.com/530 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* glusterd: cleanup unneeded volumes after peer detachKaushal M2011-10-016-8/+147
| | | | | | | | | | | | | | | | | | | | | | | | Performs cleanup on the detached peer and in the cluster after a peer detach, and also adds a new check before starting detach. Cleanup - On the detached peer, cleanup removes the entries of those volumes on the peer that do not have all their bricks on it. This prevents these stale volumes from being added to a new cluster when peer is attached to one. In the cluster, all those volumes which have all their bricks on the detached peer are removed. Checks- Checks if all the peers in the cluster are online and connected, except the peer being detached, before starting detach. Using force will bypass this check and do detach. Change-Id: I4fef9ea3cc72ce8c4ce0a82b4ee8a1663a502061 BUG: 1926 Reviewed-on: http://review.gluster.com/431 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
* glusterd, cli: adds 'force' for 'peer detach'Kaushal M2011-10-016-6/+32
| | | | | | | | | | | Adds add a 'force' option to 'peer detach' to forcefully detach a peer from a cluster, even when the cluster contains volumes with bricks on the peer. Change-Id: I134df51c16a07345c8869b318141d427b572eba5 BUG: 3549 Reviewed-on: http://review.gluster.com/429 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
* distribute rebalance: preserve proper mode in destinationv3.3.0qa13Amar Tumballi2011-09-301-3/+11
| | | | | | | | | | | * don't set 'sticky' and 'sgid' bits to 0 without checking if the source had those bits prior to rebalance. Change-Id: Ia826cb3cfb55312cdbf00d3421f2bd06b3103ce6 BUG: 3656 Reviewed-on: http://review.gluster.com/541 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* rebalance process: propagate proper errors to userAmar Tumballi2011-09-302-9/+66
| | | | | | | | | | | | | | | | * cluster/distribute: while rebalance, differentiate between valid errors, validation check failures (may not be migrate failure), and success. * mgmt/glusterd: differentiate the errors based on errno. If a valid error has happened, mark the rebalance status as failure, and stop the rebalnace crawl. Change-Id: I2d7bd7b73d2b79bfaf892ad4364bc89830a0d5bb BUG: 3656 Reviewed-on: http://review.gluster.com/540 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* locks: dump client pid and time of blocking/granting.Krishnan Parthasarathi2011-09-306-19/+65
| | | | | | | | Change-Id: Icaa919f3009fb70f6af9b95fceaf800f3beca447 BUG: 3662 Reviewed-on: http://review.gluster.com/532 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* cluster/afr: Don't unlock sh_frame on failure in algoPranith Kumar K2011-09-302-8/+15
| | | | | | | | Change-Id: I0ef541c1f387c397c345e3f2bc9a57f1eff282a1 BUG: 3647 Reviewed-on: http://review.gluster.com/527 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* gnfs/server: allow 255-char file namesRajesh Amaravathi2011-09-301-2/+2
| | | | | | | | | | | | | * Posix requires 255 character filenames(NAME_MAX), so buffer to store a filename should be 256(+1 for terminating '\0' character). BUG: 3572 Change-Id: I9d3dbb49d96b3da946cbab97f927209d71ece620 Reviewed-on: http://review.gluster.com/531 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com> Reviewed-by: Krishna Srinivas <krishna@gluster.com>
* glusterd rebalance: allow 'status' and 'stop' from all the peersAmar Tumballi2011-09-291-1/+1
| | | | | | | | | | | * the check to see which command is issued to do the source node check had an error. Change-Id: I5cebe6e263c416d859af4f413d47c7b643815f6f BUG: 3655 Reviewed-on: http://review.gluster.com/537 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Shishir Gowda <shishirng@gluster.com>
* cluster/afr: set fd ctx on opendirPranith Kumar K2011-09-294-39/+59
| | | | | | | | Change-Id: Ica845035781f47de990e9dcfefdeb37bed99d515 BUG: 3637 Reviewed-on: http://review.gluster.com/536 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* Second round of warning suppression.Jeff Darcy2011-09-2921-47/+75
| | | | | | | | | | | | | | | | | | | | | | Used a #pragma to kill ~170 in rpcgen code. Added GF_UNUSED to deal with a few more from macros elsewhere. The remainder are function return values (mostly context and dict calls) that really should be checked. Those would be harder to fix without real understanding of the code where they occur, so they remain as reminders. (Patchset 2: deal with older gcc that doesn't handle #pragma GCC diagnostic) (Patchset 3: fix include paths in generated files) (Patchset 4: keep up with trunk, squash 9 new warnings) (Patchset 5: six more, all in AFR) Change-Id: I29760c8c81be4d7e6489312c5d0e92cc24814b7b BUG: 2550 Reviewed-on: http://review.gluster.com/378 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* mgmt/glusterd: skip shd graph generation for non-replicate volsPranith Kumar K2011-09-294-33/+62
| | | | | | | | Change-Id: I1bb83342bc0fa883ede527527ec8fd6ee470f781 BUG: 3666 Reviewed-on: http://review.gluster.com/535 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* performance/io-cache,quick-read: increase cache-size limitKaushal M2011-09-295-17/+155
| | | | | | | | | | | | | | | | Does the following: 1. Increases cache-size limit from 6GB to 32GB. 2. Prevents 'volume set'from failing when cache-size is set over the limit. Just issues a warning. 3. Performs check on cache-size by comparing with total system memory available in init () and reconfigure () methods. Change-Id: I7dd4d8c53051b89a293696abf1ee8dc237e39a20 BUG: 3495 Reviewed-on: http://review.gluster.com/409 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* glusterd: allow non-related directories with same prefixRajesh Amaravathi2011-09-293-5/+10
| | | | | | | | | | | | | | Earlier, using two directories with names like /test and /test1 failed volume creation. This patch sees that the next character is checked to be '/' to conclude that they are recursive. Eg: /test and /test2 succeed, while /test and /test/alpha does not. Change-Id: Idee1e15b7e0a0d0965d1aea910b52f1da286d64b BUG: 3645 Reviewed-on: http://review.gluster.com/511 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
* glusterd: prevent rebalance being called in volume status executionRaghavendra Bhat2011-09-291-0/+1
| | | | | | | | Change-Id: I70e7d38a5cb3f6b0033ab9cabd7dfed0c68b77b8 BUG: 3668 Reviewed-on: http://review.gluster.com/534 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* protocol/server: check for the fd being NULL and unwindRaghavendra Bhat2011-09-291-0/+8
| | | | | | | | Change-Id: I400e515431cf739fe0b2f90840359496a2b529d2 BUG: 3158 Reviewed-on: http://review.gluster.com/528 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Shishir Gowda <shishirng@gluster.com>
* cluster/afr: Handle files without gfid in self-healPranith Kumar K2011-09-299-654/+642
| | | | | | | | Change-Id: Ibcaaa9c928195939ff1e31b28b592e524e63a423 BUG: 3557 Reviewed-on: http://review.gluster.com/519 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* libglusterfs: wipe other variabes in locPranith Kumar K2011-09-291-0/+3
| | | | | | | | Change-Id: I0553bb7f64d69f5684c3d21f3809da4e9e3529c1 BUG: 3557 Reviewed-on: http://review.gluster.com/515 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* glusterd : 'volume stop' to check if other ops are in progressAmar Tumballi2011-09-281-29/+43
| | | | | | | | | | | | * handles the case of 'rebalance' in progress * inturn it will also handle the case of decommissioning in progress * also now checks if a replace-brick is in progress Change-Id: I0266483089515d16fe8167afe06a07696328a8e3 BUG: 3358 Reviewed-on: http://review.gluster.com/518 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
* glusterd rebalance: minor enhancementsAmar Tumballi2011-09-281-16/+43
| | | | | | | | | | | * honor 'stop' command as early as possible * don't send a setxattr() call if file doesn't have dht linkfile Change-Id: I159641d03cd15e5818b811ad113d298f7f0112db BUG: 3584 Reviewed-on: http://review.gluster.com/520 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Shishir Gowda <shishirng@gluster.com>
* by default make option rpc-auth.addr.namelookup off.krishna2011-09-271-4/+4
| | | | | | | | Change-Id: I11c1d55bebfc86c634cf446c50585f6c56c02665 BUG: 3345 Reviewed-on: http://review.gluster.com/204 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* cli : new volume statedump commandKaushal M2011-09-2722-85/+732
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: 1. Add a new 'volume statedump' command, that performs statedumps of all the bricks in the volume and saves them in a specified location. 2. Add new server option 'server.statedump-path'. 3. Remove multiple function definitions in glusterd.h Statedump Information: The 'volume statedump' command performs statedumps on all the bricks in a given volume. The syntax of the command is, gluster volume statedump <VOLNAME> [type]...... Types include, * all * mem * iobuf * callpool * priv * fd * inode Defaults to 'all' when no type is specified. The statedump files are created by default in /tmp directory of the server on which the bricks are present. This path can be changed by setting the 'server.statedump-path' option. The statedump files will be named as, <brick-name>.<pid of brick process>.dump Change-Id: I01c0e1a8aad490da818e086d89f292bd2ed06fd4 BUG: 1964 Reviewed-on: http://review.gluster.com/321 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* build: Solaris build fixesv3.3.0qa12Kaushik BV2011-09-279-0/+9
| | | | | | | | Change-Id: Ic47d07a199ecbc42a141e391bbc75096e270e404 BUG: 3446 Reviewed-on: http://review.gluster.com/503 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* glusterd: Should not cleanup peerinfo too soon.Krishnan Parthasarathi2011-09-272-4/+8
| | | | | | | | | | | | | | friend_remove_cbk cleans up peerinfo and the unrefs the associated rpc_clnt obj. When the cbk is run inside call_bail or saved_frames_unwind, we might end up destroying the rpc_clnt and associated saved_frames_pool while we are still using saved_frames to iterate through the frames. Change-Id: Idf7768478a6d07a87c7faeac5b70e13bcacd2641 BUG: 3511 Reviewed-on: http://review.gluster.com/510 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* storage/posix : prevent unmount of underlying fsKaushal M2011-09-272-1/+15
| | | | | | | | | | | | | posix xlator now performs opendir () on the brick directory during init (). This will prevent the underlying filesystem mounted to that directory from being unmounted. Change-Id: I02c190ab8a91abc4ab06959b36f50e0a3fa527ae BUG: 3578 Reviewed-on: http://review.gluster.com/509 Reviewed-by: Amar Tumballi <amar@gluster.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* glusterd: support for resetting single optionKaushal M2011-09-274-12/+82
| | | | | | | | | | | | | Allows resetting of only single options using 'volume reset' command. New syntax of volume reset is: 'volume reset [option] [force]'. Giving "all" as options or not specifying an option, causes all options to be reset. Change-Id: Ib9e220f326adeb1be1a774737a0b12c910012cea BUG: 2980 Reviewed-on: http://review.gluster.com/450 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* cluster/distribute: fixed a spurious inode refAmar Tumballi2011-09-271-4/+12
| | | | | | | | | | | | | | While bringing in support to open-fd migration, dht_local_init() itself started doing 'loc_copy()'. I had left one case in dht_lookup() where there is a extra loc_copy() on existing copied 'local->loc', which would cause 2 inode_refs on a given inode, and only one inode_unref() happens in dht_local_wipe(). Change-Id: Idd0375bdf9a6408db1e97e80389249ef8d802adb BUG: 3590 Reviewed-on: http://review.gluster.com/504 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Shishir Gowda <shishirng@gluster.com>
* glusterd: more checks before starting rebalanceKaushal M2011-09-271-0/+8
| | | | | | | | | | | Checks if specified volume is of a distribute type and has more than one brick before attempting to start rebalance. Change-Id: I9a3405019e7af4a7d7e162b0dc054bf9a99364e7 BUG: 3561 Reviewed-on: http://review.gluster.com/501 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* glusted: while doing add-brick, handle distribute volume separatelyAmar Tumballi2011-09-271-3/+3
| | | | | | | | | | | so the logic of different type of counts etc won't come into action, which would fail the add-brick operation. Change-Id: I5c8769d6d1c2433ffb084e5dce9c1e01678cff40 BUG: 3630 Reviewed-on: http://review.gluster.com/505 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
* rpc: fix wrong wiping of state machine's stateAnand Avati2011-09-251-1/+1
| | | | | | | | | | | | | | | The macro __socket_proto_read() is used to read one sub-header in a fragment after another. It also has to 'get out' of the state machine's switch/case construct in two situations - a) finished reading the full header b) after a partial read, (and return in the same state at next pollin) The 'reset' of the state should happen only after a full read of the header and not if there was a partial read of the header. Change-Id: I3650a83e1fae0f317cfd1b549835c72e39dc5253
* glusterd: cleanup of volinfo '*_count' definitionsv3.3.0qa11Amar Tumballi2011-09-2310-173/+245
| | | | | | | | | | | | | | | | | earlier, sub_count was having different meaning depending on the volume type. now, for replica and stripe count, one can directly access the 'replica_count' or 'stripe_count' to get the corresponding value from the volume info. 'sub_count' is preserved as is for backward compatibility. there is a new variable 'dist_leaf_count' to get info about how many bricks are present in one distribute sub volume. Change-Id: I5ea1c8f9ae08f584cca63b91ba69035c7e4350ca BUG: 3158 Reviewed-on: http://review.gluster.com/435 Reviewed-by: Krishnan Parthasarathi <kp@gluster.com> Tested-by: Gluster Build System <jenkins@build.gluster.com>
* glusterd-volgen: prevent a crash when volume type is stripe-replicateAmar Tumballi2011-09-231-1/+3
| | | | | | | | | | | when volgen tries to check for decommissioned nodes, a check for stripe replicate volume was missed Change-Id: Ie3aa97da2ec0d94fcf65f96bb4006b3fb54f59dc BUG: 3616 Reviewed-on: http://review.gluster.com/494 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
* rpc: No timeouts for lock fops.Krishnan Parthasarathi2011-09-232-3/+48
| | | | | | | | | | | | | | | | | As of today, all fops bail out after 30 mins by default. This is not desirable with lock fops since it could be 'rightfully blocked' for a really long time. But the client would assume that the lock fop has 'expired' after 30 mins and clean up its references to the locks. Later when the locks xlator decides to grant it, we are left with an orphan (stale) lock . This fix exempts lock fops from timeouts. Only on network disruptions both client and server decide to 'clean up' the locks held. Change-Id: If1d74ba21113650b976728e9b764c551a0a49e59 BUG: 3617 Reviewed-on: http://review.gluster.com/478 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* statedump: dump important details of oldgraph alsoAmar Tumballi2011-09-231-55/+130
| | | | | | | | | | * with this, it helps to find out most of the leaks in the process Change-Id: I70b476e4d63d74843d6664cfe407164f2b79b781 BUG: 3567 Reviewed-on: http://review.gluster.com/491 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* libglusterfs: Adding missing event strings for events.Krishnan Parthasarathi2011-09-231-2/+6
| | | | | | | Change-Id: Idf55abfa77712d32b27798fedcfddb65599b562b Reviewed-on: http://review.gluster.com/493 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* glusterd: Implemented cmd to trigger self-heal on a replicate volume.v3.3.0qa10Krishnan Parthasarathi2011-09-2221-42/+905
| | | | | | | | | | | | | This cmd is used in the context of proactive self-heal for replicated volumes. User invokes the following cmd when (s)he suspects that self-heal needs to be done on a particular volume, gluster volume heal <VOLNAME>. Change-Id: I3954353b53488c28b70406e261808239b44997f3 BUG: 3602 Reviewed-on: http://review.gluster.com/454 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* posix-getxattr: Honor xattr name if specifiedshishir gowda2011-09-221-4/+55
| | | | | | | | | | | | | | Currently, getxattr works like listxattr, and does not honor a call with a name (key) being specified. The fix handles such scenarios when a name is passed. If the name param is NULL, then it behaves like a listxattr. Changing key size to 4096, as 1024 might not be sufficient length for keys. Change-Id: I317b2e6372e97048e3166d91145c19c9e92e647e BUG: 3599 Reviewed-on: http://review.gluster.com/486 Reviewed-by: Amar Tumballi <amar@gluster.com> Tested-by: Gluster Build System <jenkins@build.gluster.com>
* geo-rep: disallow some special characters in url syntaxCsaba Henk2011-09-221-1/+1
| | | | | | | | | | | | | | | - space is disallowed to make rsync target unambigous for gsyncd wrapper - *, ?, [ is disallowed so that we can tell away globs from urls Nothing too bad would happen without these restrictions, but this way gluster errs out early instead of producing some mystical error further down on the way. Change-Id: Idd4e68f7d91598a7a8e30ccbc6d395da570cdf2e BUG: 3610 Reviewed-on: http://review.gluster.com/490 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* geo-rep: add support to glob patterns with "geo-rep config"Csaba Henk2011-09-223-10/+41
| | | | | | | | Change-Id: I0d54cea72e4363eab85ade774cc918081d8036e9 BUG: 3610 Reviewed-on: http://review.gluster.com/489 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* geo-rep: implement IP address based access controlCsaba Henk2011-09-2211-23/+3338
| | | | | | | | | | | | | | | | | | | - gsyncd gets allow-network tunable which is expected to hold a comma-separated list of IP network addresses - for IP addess matching, bring in ipaddr module from Google (http://code.google.com/p/ipaddr-py/, rev. trunk@225) This will let users control master's access to slave's volumes until we implement unprivileged geo-rep (delayed due to some technical issues). It's also needed for the completeness of our hardening efforts, as plain file slaves won't be able to work with an unprivileged gsyncd. Change-Id: I58431cba6592f8672e93ea89a5eef478905b00b9 BUG: 2825 Reviewed-on: http://review.gluster.com/488 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* geo-rep: gsyncd: make sure path operations do not act outside the volumeCsaba Henk2011-09-221-0/+28
| | | | | | | | Change-Id: I2da62b34aa833b9a28728fa1db23951f28b7e538 BUG: 2825 Reviewed-on: http://review.gluster.com/462 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* gsyncd: control rsync targetCsaba Henk2011-09-225-20/+258
| | | | | | | | | | | | | - require/perform rsync invocation with unprotected args (so that target is revealed to gateway program) - make use of some procfs wizardry to find gsyncd sibling and match rsync target against its working directory Change-Id: Iae1e39b0e61f22563c0f2a2e0605567e0d1902df BUG: 2825 Reviewed-on: http://review.gluster.com/461 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* gsyncd: implement restricted mode and utility dispatchCsaba Henk2011-09-222-38/+182
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With this change, the suggested way of setting up a geo-sync slave is to use an ssh key with gsyncd as a forced command (see sshd(8)), or set gsyncd as shell. This prevents the master in executing arbitrary commands on slave (a major security hole). Detailed list the changes: - All gsyncd invocations that are not done by glusterd are considered unsafe and then we operate in so-called "restricted mode" (see below) - if we are invoked on purpose (ie. it's not the case that sshd forced us to run as frontend of a remote-invoked command), we execute gsyncd.py - if invoked by sshd as frontend command, we check the remote command line and call the required utility if it's among the allowed ones (rsyncd and gsyncd) - with rsync, we check if invocation is server mode and some other sanity measures - with gsyncd, in restricted mode we enforce the usage of the glusterd provided config file, and in python, we enforce operation in server mode and some other sanity checks Impact on using geo-rep the old way: remote file slave now also requires a running glusterd (to pick up config from). Missing: we not implemented check of the rsync target path. The issue of master being able to modify arbitrary locations is planned to be mitigated by using geo-rep with an unprivileged user. Change-Id: I9b5825bfe282a9ca777429aadd554d78708f1638 BUG: 2825 Reviewed-on: http://review.gluster.com/460 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* geo-rep: rewrite gsyncd wrapper in CCsaba Henk2011-09-225-61/+153
| | | | | | | | | | | | | | | This rewrite does not change functionality; it's purpose is to prepare followup modifications which will let all slave side helper programs being dispatched to through gsyncd. The string processing that's required for that task would be too much cumbersome in shell. Change-Id: Ia7858aba5efeb5dcff16a918ea1c02253f0e49ab BUG: 2825 Reviewed-on: http://review.gluster.com/459 Reviewed-by: Amar Tumballi <amar@gluster.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
* Peer probe: Handle probe of friend with multiple hostnameshishir2011-09-221-0/+23
| | | | | | | | | | | | | | | | Currently, when a peer is probed with a different hostname already belonging to a cluster, a duplicate entry is created with uuid to set to 0. This leaves the peerinfo in a inconsistent state, and when a detach of this peer is issued, the correct entry gets removed. The fix is to identify a peer with a hostname not matching to the probed hostname and remove the incorrect entry. Change-Id: I2f6c02f505f4426871623a4a8b45a12996095098 BUG: 3200 Reviewed-on: http://review.gluster.com/456 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com>
generated by cgit (git 2.34.1) at 2024-11-19 12:21:24 +0000