1 # Hey Emacs, this is a -*- shell-script -*- !!!
3 # utility functions for ctdb event scripts
5 if [ -z "$CTDB_BASE" ] ; then
6 echo 'CTDB_BASE unset in CTDB functions file'
11 # CTDB_VARDIR is used elsewhere
12 # shellcheck disable=SC2034
13 CTDB_VARDIR="/usr/local/var/lib/ctdb"
14 ctdb_rundir="/usr/local/var/run/ctdb"
16 CTDB="${CTDB:-/usr/local/bin/ctdb}"
18 # Only (and always) override these variables in test code
20 if [ -z "$CTDB_SCRIPT_VARDIR" ] ; then
21 CTDB_SCRIPT_VARDIR="/usr/local/var/lib/ctdb/state"
24 if [ -z "$CTDB_SYS_ETCDIR" ] ; then
25 CTDB_SYS_ETCDIR="/etc"
28 if [ -z "$CTDB_HELPER_BINDIR" ] ; then
29 CTDB_HELPER_BINDIR="/usr/local/libexec/ctdb"
32 #######################################
33 # pull in a system config file, if any
35 rewrite_ctdb_options ()
39 _opts_defaults="mode=700"
40 # Get any extra options specified after colon
41 if [ "$CTDB_DBDIR" = "tmpfs" ] ; then
44 _opts="${CTDB_DBDIR#tmpfs:}"
46 # It is OK to repeat mount options - last value wins.
47 # CTDB_DBDIR_TMPFS_OPTIONS is used by ctdbd_wrapper
48 # shellcheck disable=SC2034
49 CTDB_DBDIR_TMPFS_OPTIONS="${_opts_defaults}${_opts:+,}${_opts}"
51 CTDB_DBDIR="${ctdb_rundir}/CTDB_DBDIR"
54 # shellcheck disable=SC2034
55 CTDB_DBDIR_TMPFS_OPTIONS=""
62 foo="${service_config:-${service_name}}"
63 if [ -n "$foo" ] ; then
69 if [ "$1" != "ctdb" ] ; then
77 if [ -f "${CTDB_SYS_ETCDIR}/sysconfig/$1" ]; then
78 . "${CTDB_SYS_ETCDIR}/sysconfig/$1"
79 elif [ -f "${CTDB_SYS_ETCDIR}/default/$1" ]; then
80 . "${CTDB_SYS_ETCDIR}/default/$1"
81 elif [ -f "${CTDB_BASE}/sysconfig/$1" ]; then
82 . "${CTDB_BASE}/sysconfig/$1"
85 if [ "$1" = "ctdb" ] ; then
86 _config="${CTDBD_CONF:-${CTDB_BASE}/ctdbd.conf}"
87 if [ -r "$_config" ] ; then
98 ##############################################################
100 # CTDB_SCRIPT_DEBUGLEVEL can be overwritten by setting it in a
101 # configuration file.
104 if [ "${CTDB_SCRIPT_DEBUGLEVEL:-2}" -ge 4 ] ; then
105 # If there are arguments then echo them. Otherwise expect to
106 # use stdin, which allows us to pass lots of debug using a
108 if [ -n "$1" ] ; then
111 sed -e 's@^@DEBUG: @'
114 if [ -z "$1" ] ; then
129 # Log given message or stdin to either syslog or a CTDB log file
130 # $1 is the tag passed to logger if syslog is in use.
135 case "$CTDB_LOGGING" in
137 if [ -n "$CTDB_LOGGING" ] ; then
138 _file="${CTDB_LOGGING#file:}"
140 _file="/usr/local/var/log/log.ctdb"
143 if [ -n "$*" ] ; then
151 # Handle all syslog:* variants here too. There's no tool to do
152 # the lossy things, so just use logger.
153 logger -t "ctdbd: ${_tag}" "$*"
158 # When things are run in the background in an eventscript then logging
159 # output might get lost. This is the "solution". :-)
160 background_with_logging ()
163 "$@" 2>&1 </dev/null |
164 script_log "${script_name}&"
170 ##############################################################
171 # check number of args for different events
177 echo "ERROR: must supply interface, IP and maskbits"
183 echo "ERROR: must supply old interface, new interface, IP and maskbits"
190 ##############################################################
191 # determine on what type of system (init style) we are running
194 # only do detection if not already set:
195 [ -z "$CTDB_INIT_STYLE" ] || return
197 if [ -x /sbin/startproc ]; then
198 CTDB_INIT_STYLE="suse"
199 elif [ -x /sbin/start-stop-daemon ]; then
200 CTDB_INIT_STYLE="debian"
202 CTDB_INIT_STYLE="redhat"
206 ######################################################
207 # simulate /sbin/service on platforms that don't have it
208 # _service() makes it easier to hook the service() function for
215 # do nothing, when no service was specified
216 [ -z "$_service_name" ] && return
218 if [ -x /sbin/service ]; then
219 $_nice /sbin/service "$_service_name" "$_op"
220 elif [ -x /usr/sbin/service ]; then
221 $_nice /usr/sbin/service "$_service_name" "$_op"
222 elif [ -x /bin/systemctl ]; then
223 $_nice /bin/systemctl "$_op" "$_service_name"
224 elif [ -x "${CTDB_SYS_ETCDIR}/init.d/${_service_name}" ]; then
225 $_nice "${CTDB_SYS_ETCDIR}/init.d/${_service_name}" "$_op"
226 elif [ -x "${CTDB_SYS_ETCDIR}/rc.d/init.d/${_service_name}" ]; then
227 $_nice "${CTDB_SYS_ETCDIR}/rc.d/init.d/${_service_name}" "$_op"
237 ######################################################
238 # simulate /sbin/service (niced) on platforms that don't have it
245 ######################################################
246 # Cached retrieval of PNN from local node. This never changes so why
247 # open a client connection to the server each time this is needed?
250 _pnn_file="${CTDB_SCRIPT_VARDIR}/my-pnn"
251 if [ ! -f "$_pnn_file" ] ; then
252 $CTDB pnn | sed -e 's@.*:@@' >"$_pnn_file"
258 # Cached retrieval of private IP address from local node. This never
260 ctdb_get_ip_address ()
262 _ip_addr_file="${CTDB_SCRIPT_VARDIR}/my-ip-address"
263 if [ ! -f "$_ip_addr_file" ] ; then
264 $CTDB -X nodestatus |
265 awk -F '|' 'NR == 2 { print $3 }' >"$_ip_addr_file"
268 # ip_address is used by caller
269 # shellcheck disable=SC2034
273 ######################################################
274 # wrapper around /proc/ settings to allow them to be hooked
276 # 1st arg is relative path under /proc/, 2nd arg is value to set
279 echo "$2" >"/proc/$1"
284 if [ -w "/proc/$1" ] ; then
289 ######################################################
290 # wrapper around getting file contents from /proc/ to allow
291 # this to be hooked for testing
292 # 1st arg is relative path under /proc/
298 ######################################################
299 # Print up to $_max kernel stack traces for processes named $_program
300 program_stack_traces ()
306 for _pid in $(pidof "$_prog") ; do
307 [ "$_count" -le "$_max" ] || break
309 # Do this first to avoid racing with process exit
310 _stack=$(get_proc "${_pid}/stack" 2>/dev/null)
311 if [ -n "$_stack" ] ; then
312 echo "Stack trace for ${_prog}[${_pid}]:"
314 _count=$((_count + 1))
319 ######################################################
320 # Ensure $service_name is set
321 assert_service_name ()
323 [ -n "$service_name" ] || die "INTERNAL ERROR: \$service_name not set"
326 ######################################################
327 # check a set of directories is available
328 # return 1 on a missing directory
329 # directories are read from stdin
330 ######################################################
331 ctdb_check_directories_probe()
333 while IFS="" read d ; do
339 [ -d "${d}/." ] || return 1
344 ######################################################
345 # check a set of directories is available
346 # directories are read from stdin
347 ######################################################
348 ctdb_check_directories()
350 ctdb_check_directories_probe || {
351 echo "ERROR: $service_name directory \"$d\" not available"
356 ######################################################
357 # check a set of tcp ports
358 # usage: ctdb_check_tcp_ports <ports...>
359 ######################################################
361 # This flag file is created when a service is initially started. It
362 # is deleted the first time TCP port checks for that service succeed.
363 # Until then ctdb_check_tcp_ports() prints a more subtle "error"
364 # message if a port check fails.
365 _ctdb_check_tcp_common ()
368 _d="${CTDB_SCRIPT_VARDIR}/failcount"
369 _ctdb_service_started_file="${_d}/${service_name}.started"
372 ctdb_check_tcp_init ()
374 _ctdb_check_tcp_common
375 mkdir -p "${_ctdb_service_started_file%/*}" # dirname
376 touch "$_ctdb_service_started_file"
379 # Check whether something is listening on all of the given TCP ports
380 # using the "ctdb checktcpport" command.
381 ctdb_check_tcp_ports()
383 if [ -z "$1" ] ; then
384 echo "INTERNAL ERROR: ctdb_check_tcp_ports - no ports specified"
388 for _p ; do # process each function argument (port)
389 _cmd="$CTDB checktcpport $_p"
394 _ctdb_check_tcp_common
395 if [ ! -f "$_ctdb_service_started_file" ] ; then
396 echo "ERROR: $service_name tcp port $_p is not responding"
397 debug "\"ctdb checktcpport $_p\" was able to bind to port"
399 echo "INFO: $service_name tcp port $_p is not responding"
405 # Couldn't bind, something already listening, next port...
409 echo "ERROR: unexpected error running \"ctdb checktcpport\""
411 $CTDB checktcpport (exited with $_ret) with output:
418 # All ports listening
419 _ctdb_check_tcp_common
420 rm -f "$_ctdb_service_started_file"
424 ######################################################
425 # check a unix socket
426 # usage: ctdb_check_unix_socket SERVICE_NAME <socket_path>
427 ######################################################
428 ctdb_check_unix_socket() {
430 [ -z "$socket_path" ] && return
432 if ! netstat --unix -a -n | grep -q "^unix.*LISTEN.*${socket_path}$"; then
433 echo "ERROR: $service_name socket $socket_path not found"
438 ######################################################
439 # check a command returns zero status
440 # usage: ctdb_check_command <command>
441 ######################################################
442 ctdb_check_command ()
444 _out=$("$@" 2>&1) || {
445 echo "ERROR: $* returned error"
451 ################################################
452 # kill off any TCP connections with the given IP
453 ################################################
454 kill_tcp_connections ()
460 if [ "$3" = "oneway" ] ; then
464 get_tcp_connections_for_ip "$_ip" | {
469 while read _dst _src; do
470 _destport="${_dst##*:}"
473 # we only do one-way killtcp for CIFS
474 139|445) __oneway=true ;;
477 echo "Killing TCP connection $_src $_dst"
478 _connections="${_connections}${_nl}${_src} ${_dst}"
479 if ! $__oneway ; then
480 _connections="${_connections}${_nl}${_dst} ${_src}"
483 _killcount=$((_killcount + 1))
486 if [ $_killcount -eq 0 ] ; then
490 echo "$_connections" | \
491 "${CTDB_HELPER_BINDIR}/ctdb_killtcp" "$_iface" || {
492 echo "Failed to kill TCP connections"
496 _remaining=$(get_tcp_connections_for_ip "$_ip" | wc -l)
498 if [ "$_remaining" -eq 0 ] ; then
499 echo "Killed $_killcount TCP connections to released IP $_ip"
503 _t="${_remaining}/${_killcount}"
504 echo "Failed to kill TCP connections for IP $_ip (${_t} remaining)"
508 ##################################################################
509 # kill off the local end for any TCP connections with the given IP
510 ##################################################################
511 kill_tcp_connections_local_only ()
513 kill_tcp_connections "$@" "oneway"
516 ##################################################################
517 # tickle any TCP connections with the given IP
518 ##################################################################
519 tickle_tcp_connections ()
523 get_tcp_connections_for_ip "$_ip" |
527 while read dest src; do
528 echo "Tickle TCP connection $src $dest"
529 $CTDB tickle "$src" "$dest" >/dev/null 2>&1 || _failed=true
530 echo "Tickle TCP connection $dest $src"
531 $CTDB tickle "$dest" "$src" >/dev/null 2>&1 || _failed=true
535 echo "Failed to send tickle control"
540 get_tcp_connections_for_ip ()
544 ss -tn state established "src [$_ip]" | awk 'NR > 1 {print $3, $4}'
547 ########################################################
555 # Ensure interface is up
556 ip link set "$_iface" up || \
557 die "Failed to bringup interface $_iface"
559 # Only need to define broadcast for IPv4
565 # Intentionally unquoted multi-word value here
566 # shellcheck disable=SC2086
567 ip addr add "$_ip/$_maskbits" $_bcast dev "$_iface" || {
568 echo "Failed to add $_ip/$_maskbits on dev $_iface"
572 # Wait 5 seconds for IPv6 addresses to stop being tentative...
573 if [ -z "$_bcast" ] ; then
574 for _x in $(seq 1 10) ; do
575 ip addr show to "${_ip}/128" | grep -q "tentative" || break
579 # If the address was a duplicate then it won't be on the
580 # interface so flag an error.
581 _t=$(ip addr show to "${_ip}/128")
584 echo "Failed to add $_ip/$_maskbits on dev $_iface"
587 *tentative*|*dadfailed*)
588 echo "Failed to add $_ip/$_maskbits on dev $_iface"
589 ip addr del "$_ip/$_maskbits" dev "$_iface"
596 delete_ip_from_iface()
602 # This could be set globally for all interfaces but it is probably
603 # better to avoid surprises, so limit it the interfaces where CTDB
604 # has public IP addresses. There isn't anywhere else convenient
605 # to do this so just set it each time. This is much cheaper than
606 # remembering and re-adding secondaries.
607 set_proc "sys/net/ipv4/conf/${_iface}/promote_secondaries" 1
609 ip addr del "$_ip/$_maskbits" dev "$_iface" || {
610 echo "Failed to del $_ip on dev $_iface"
615 # If the given IP is hosted then print 2 items: maskbits and iface
624 ip addr show to "${_addr}/${_bits}" 2>/dev/null | \
625 awk 'NR == 1 { iface = $2; sub(":$", "", iface) ;
626 sub("@.*", "", iface) }
627 $1 ~ /inet/ { mask = $2; sub(".*/", "", mask);
633 _addr="${1%/*}" # Remove optional maskbits
635 # Intentional word splitting here
636 # shellcheck disable=SC2046
637 set -- $(ip_maskbits_iface "$_addr")
638 if [ -n "$1" ] ; then
641 echo "Removing public address $_addr/$_maskbits from device $_iface"
642 delete_ip_from_iface "$_iface" "$_addr" "$_maskbits" >/dev/null 2>&1
646 drop_all_public_ips ()
648 # _x is intentionally ignored
649 # shellcheck disable=SC2034
650 while read _ip _x ; do
652 done <"${CTDB_PUBLIC_ADDRESSES:-/dev/null}"
657 set_proc_maybe sys/net/ipv4/route/flush 1
658 set_proc_maybe sys/net/ipv6/route/flush 1
661 ########################################################
662 # Interface monitoring
664 # If the interface is a virtual one (e.g. VLAN) then get the
665 # underlying interface
666 interface_get_real ()
668 # Output of "ip link show <iface>"
671 # Extract the full interface description to see if it is a VLAN
672 _t=$(echo "$_iface_info" |
673 awk 'NR == 1 { iface = $2; sub(":$", "", iface) ;
677 # VLAN: use the underlying interface, after the '@'
681 # Not a regular VLAN. For backward compatibility, assume
682 # there is some other sort of VLAN that doesn't have the
683 # '@' in the output and only use what is before a '.'. If
684 # there is no '.' then this will be the whole interface
690 # Check whether an interface is operational
695 _iface_info=$(ip link show "$_iface" 2>&1) || {
696 echo "ERROR: Monitored interface ${_iface} does not exist"
701 # If the interface is a virtual one (e.g. VLAN) then get the
702 # underlying interface.
703 _realiface=$(interface_get_real "$_iface_info")
705 if _bi=$(get_proc "net/bonding/${_realiface}" 2>/dev/null) ; then
706 # This is a bond: various monitoring strategies
707 echo "$_bi" | grep -q 'Currently Active Slave: None' && {
708 echo "ERROR: No active slaves for bond device ${_realiface}"
711 echo "$_bi" | grep -q '^MII Status: up' || {
712 echo "ERROR: public network interface ${_realiface} is down"
715 echo "$_bi" | grep -q '^Bonding Mode: IEEE 802.3ad Dynamic link aggregation' && {
716 # This works around a bug in the driver where the
717 # overall bond status can be up but none of the actual
718 # physical interfaces have a link.
719 echo "$_bi" | grep 'MII Status:' | tail -n +2 | grep -q '^MII Status: up' || {
720 echo "ERROR: No active slaves for 802.ad bond device ${_realiface}"
730 # loopback is always working
734 # we don't know how to test ib links
738 ethtool "$_iface" | grep -q 'Link detected: yes' || {
739 # On some systems, this is not successful when a
740 # cable is plugged but the interface has not been
741 # brought up previously. Bring the interface up
743 ip link set "$_iface" up
744 ethtool "$_iface" | grep -q 'Link detected: yes' || {
745 echo "ERROR: No link on the public network interface ${_iface}"
755 ########################################################
757 _ctdb_counter_common () {
758 _service_name="${1:-${service_name:-${script_name}}}"
759 _counter_file="${CTDB_SCRIPT_VARDIR}/failcount/${_service_name}"
760 mkdir -p "${_counter_file%/*}" # dirname
762 # Some code passes an argument
763 # shellcheck disable=SC2120
764 ctdb_counter_init () {
765 _ctdb_counter_common "$1"
769 ctdb_counter_incr () {
770 _ctdb_counter_common "$1"
773 echo -n 1 >> "$_counter_file"
775 ctdb_counter_get () {
776 _ctdb_counter_common "$1"
778 stat -c "%s" "$_counter_file" 2>/dev/null || echo 0
781 ########################################################
783 ctdb_setup_service_state_dir ()
785 _s="${1:-${service_name}}"
787 _service_state_dir="${CTDB_SCRIPT_VARDIR}/service_state/${_s}"
788 mkdir -p "$_service_state_dir" ||
789 die "Error creating state dir \"${_service_state_dir}\""
791 echo "$_service_state_dir"
794 ########################################################
795 # Managed status history, for auto-start/stop
797 _ctdb_managed_common ()
799 _ctdb_managed_file="${CTDB_SCRIPT_VARDIR}/managed_history/${service_name}"
802 ctdb_service_managed ()
805 mkdir -p "${_ctdb_managed_file%/*}" # dirname
806 touch "$_ctdb_managed_file"
809 ctdb_service_unmanaged ()
812 rm -f "$_ctdb_managed_file"
815 is_ctdb_previously_managed_service ()
818 [ -f "$_ctdb_managed_file" ]
821 ##################################################################
822 # Reconfigure a service on demand
824 _ctdb_service_reconfigure_common ()
826 _d="${CTDB_SCRIPT_VARDIR}/service_status/${service_name}"
828 _ctdb_service_reconfigure_flag="$_d/reconfigure"
831 ctdb_service_needs_reconfigure ()
833 _ctdb_service_reconfigure_common
834 [ -e "$_ctdb_service_reconfigure_flag" ]
837 ctdb_service_set_reconfigure ()
839 _ctdb_service_reconfigure_common
840 >"$_ctdb_service_reconfigure_flag"
843 ctdb_service_unset_reconfigure ()
845 _ctdb_service_reconfigure_common
846 rm -f "$_ctdb_service_reconfigure_flag"
849 ctdb_service_reconfigure ()
851 echo "Reconfiguring service \"${service_name}\"..."
852 ctdb_service_unset_reconfigure
853 service_reconfigure || return $?
854 # Intentionally have this use $service_name as default
855 # shellcheck disable=SC2119
859 # Default service_reconfigure() function does nothing.
860 service_reconfigure ()
865 ctdb_reconfigure_take_lock ()
867 _ctdb_service_reconfigure_common
868 _lock="${_d}/reconfigure_lock"
869 mkdir -p "${_lock%/*}" # dirname
874 # This is overkill but will work if we need to extend this to
875 # allow certain events to run multiple times in parallel
876 # (e.g. takeip) and write multiple PIDs to the file.
878 if [ -n "$_locker_event" ] ; then
880 if [ -n "$_pid" -a "$_pid" != $$ ] && \
881 kill -0 "$_pid" 2>/dev/null ; then
887 printf "%s\n%s\n" "$event_name" $$ >"$_lock"
892 ctdb_reconfigure_release_lock ()
894 _ctdb_service_reconfigure_common
895 _lock="${_d}/reconfigure_lock"
900 ctdb_replay_monitor_status ()
902 echo "Replaying previous status for this script due to reconfigure..."
903 # Leading separator ('|') is missing in some versions...
904 _out=$($CTDB scriptstatus -X | grep -E "^\|?monitor\|${script_name}\|")
905 # Output looks like this:
906 # |monitor|60.nfs|1|ERROR|1314764004.030861|1314764004.035514|foo bar|
907 # This is the cheapest way of getting fields in the middle.
908 # Intentional word splitting here
909 # shellcheck disable=SC2046,2086
910 set -- $(IFS="|" ; echo $_out)
913 # The error output field can include colons so we'll try to
914 # preserve them. The weak checking at the beginning tries to make
915 # this work for both broken (no leading '|') and fixed output.
917 _err_out="${_out#*monitor|${script_name}|*|*|*|*|}"
919 OK) : ;; # Do nothing special.
921 # Recast this as an error, since we can't exit with the
922 # correct negative number.
924 _err_out="[Replay of TIMEDOUT scriptstatus - note incorrect return code.] ${_err_out}"
927 # Recast this as an OK, since we can't exit with the
928 # correct negative number.
930 _err_out="[Replay of DISABLED scriptstatus - note incorrect return code.] ${_err_out}"
932 *) : ;; # Must be ERROR, do nothing special.
934 if [ -n "$_err_out" ] ; then
940 ctdb_service_check_reconfigure ()
944 # We only care about some events in this function. For others we
946 case "$event_name" in
947 monitor|ipreallocated|reconfigure) : ;;
951 if ctdb_reconfigure_take_lock ; then
952 # No events covered by this function are running, so proceed
954 case "$event_name" in
956 (ctdb_service_reconfigure)
960 if ctdb_service_needs_reconfigure ; then
961 ctdb_service_reconfigure
966 ctdb_reconfigure_release_lock
968 # Somebody else is running an event we don't want to collide
969 # with. We proceed with caution.
970 case "$event_name" in
972 # Tell whoever called us to retry.
976 # Defer any scheduled reconfigure and just run the
977 # rest of the ipreallocated event, as per the
978 # eventscript. There's an assumption here that the
979 # event doesn't depend on any scheduled reconfigure.
980 # This is true in the current code.
984 # There is most likely a reconfigure in progress so
985 # the service is possibly unstable. As above, we
986 # defer any scheduled reconfigured. We also replay
987 # the previous monitor status since that's the best
988 # information we have.
989 ctdb_replay_monitor_status
995 ##################################################################
996 # Does CTDB manage this service? - and associated auto-start/stop
998 ctdb_compat_managed_service ()
1000 if [ "$1" = "yes" -a "$2" = "$service_name" ] ; then
1001 CTDB_MANAGED_SERVICES="$CTDB_MANAGED_SERVICES $2"
1005 is_ctdb_managed_service ()
1009 # $t is used just for readability and to allow better accurate
1010 # matching via leading/trailing spaces
1011 t=" $CTDB_MANAGED_SERVICES "
1013 # Return 0 if "<space>$service_name<space>" appears in $t
1014 if [ "${t#* ${service_name} }" != "${t}" ] ; then
1018 # If above didn't match then update $CTDB_MANAGED_SERVICES for
1019 # backward compatibility and try again.
1020 ctdb_compat_managed_service "$CTDB_MANAGES_VSFTPD" "vsftpd"
1021 ctdb_compat_managed_service "$CTDB_MANAGES_SAMBA" "samba"
1022 ctdb_compat_managed_service "$CTDB_MANAGES_WINBIND" "winbind"
1023 ctdb_compat_managed_service "$CTDB_MANAGES_HTTPD" "apache2"
1024 ctdb_compat_managed_service "$CTDB_MANAGES_HTTPD" "httpd"
1025 ctdb_compat_managed_service "$CTDB_MANAGES_ISCSI" "iscsi"
1026 ctdb_compat_managed_service "$CTDB_MANAGES_CLAMD" "clamd"
1027 ctdb_compat_managed_service "$CTDB_MANAGES_NFS" "nfs"
1029 t=" $CTDB_MANAGED_SERVICES "
1031 # Return 0 if "<space>$service_name<space>" appears in $t
1032 [ "${t#* ${service_name} }" != "${t}" ]
1035 ctdb_start_stop_service ()
1039 # Allow service-start/service-stop pseudo-events to start/stop
1040 # services when we're not auto-starting/stopping and we're not
1042 case "$event_name" in
1044 if is_ctdb_managed_service ; then
1045 die 'service-start event not permitted when service is managed'
1047 if [ "$CTDB_SERVICE_AUTOSTARTSTOP" = "yes" ] ; then
1048 die 'service-start event not permitted with CTDB_SERVICE_AUTOSTARTSTOP=yes'
1054 if is_ctdb_managed_service ; then
1055 die 'service-stop event not permitted when service is managed'
1057 if [ "$CTDB_SERVICE_AUTOSTARTSTOP" = "yes" ] ; then
1058 die 'service-stop event not permitted with CTDB_SERVICE_AUTOSTARTSTOP=yes'
1065 # Do nothing unless configured to...
1066 [ "$CTDB_SERVICE_AUTOSTARTSTOP" = "yes" ] || return 0
1068 [ "$event_name" = "monitor" ] || return 0
1070 if is_ctdb_managed_service ; then
1071 if ! is_ctdb_previously_managed_service ; then
1072 echo "Starting service \"$service_name\" - now managed"
1073 background_with_logging ctdb_service_start
1077 if is_ctdb_previously_managed_service ; then
1078 echo "Stopping service \"$service_name\" - no longer managed"
1079 background_with_logging ctdb_service_stop
1085 ctdb_service_start ()
1087 # The service is marked managed if we've ever tried to start it.
1088 ctdb_service_managed
1090 service_start || return $?
1092 # Intentionally have this use $service_name as default
1093 # shellcheck disable=SC2119
1098 ctdb_service_stop ()
1100 ctdb_service_unmanaged
1104 # Default service_start() and service_stop() functions.
1106 # These may be overridden in an eventscript.
1109 service "$service_name" start
1114 service "$service_name" stop
1117 ##################################################################
1119 # This exists only for backward compatibility with 3rd party scripts
1121 ctdb_standard_event_handler ()
1128 _family="$1" ; shift
1129 if [ "$_family" = "inet6" ] ; then
1130 _iptables_cmd="ip6tables"
1132 _iptables_cmd="iptables"
1135 # iptables doesn't like being re-entered, so flock-wrap it.
1136 flock -w 30 "${CTDB_SCRIPT_VARDIR}/iptables.flock" "$_iptables_cmd" "$@"
1139 # AIX (and perhaps others?) doesn't have mktemp
1140 if ! type mktemp >/dev/null 2>&1 ; then
1144 if [ "$1" = "-d" ] ; then
1148 _d="${TMPDIR:-/tmp}"
1149 _hex10=$(dd if=/dev/urandom count=20 2>/dev/null | \
1151 sed -e 's@\(..........\).*@\1@')
1152 _t="${_d}/tmp.${_hex10}"
1165 ######################################################################
1166 # NFS callout handling
1172 if [ -z "$CTDB_NFS_CALLOUT" ] ; then
1173 CTDB_NFS_CALLOUT="${CTDB_BASE}/nfs-linux-kernel-callout"
1175 # Always export, for statd callout
1176 export CTDB_NFS_CALLOUT
1178 # If the callout wants to use this then it must create it
1179 export CTDB_NFS_CALLOUT_STATE_DIR="${_state_dir}/callout-state"
1181 # Export, if set, for use by clustered NFS callouts
1182 if [ -n "$CTDB_NFS_STATE_FS_TYPE" ] ; then
1183 export CTDB_NFS_STATE_FS_TYPE
1185 if [ -n "$CTDB_NFS_STATE_MNT" ] ; then
1186 export CTDB_NFS_STATE_MNT
1189 nfs_callout_cache="${_state_dir}/nfs_callout_cache"
1190 nfs_callout_cache_callout="${nfs_callout_cache}/CTDB_NFS_CALLOUT"
1191 nfs_callout_cache_ops="${nfs_callout_cache}/ops"
1194 nfs_callout_register ()
1196 mkdir -p "$nfs_callout_cache_ops"
1197 rm -f "$nfs_callout_cache_ops"/*
1199 echo "$CTDB_NFS_CALLOUT" >"$nfs_callout_cache_callout"
1201 _t=$(eval "$CTDB_NFS_CALLOUT" "register")
1202 if [ -n "$_t" ] ; then
1204 while IFS="" read _op ; do
1205 touch "${nfs_callout_cache_ops}/${_op}"
1208 touch "${nfs_callout_cache_ops}/ALL"
1214 # Re-run registration if $CTDB_NFS_CALLOUT has changed
1216 if [ -r "$nfs_callout_cache_callout" ] ; then
1217 read _prev <"$nfs_callout_cache_callout"
1219 if [ "$CTDB_NFS_CALLOUT" != "$_prev" ] ; then
1220 nfs_callout_register
1223 # Run the operation if it is registered...
1224 if [ -e "${nfs_callout_cache_ops}/${1}" ] || \
1225 [ -e "${nfs_callout_cache_ops}/ALL" ]; then
1226 eval "$CTDB_NFS_CALLOUT" "$@"
1230 ########################################################
1232 ########################################################
1238 tickledir="${CTDB_SCRIPT_VARDIR}/tickles"
1239 mkdir -p "$tickledir"
1241 # What public IPs do I hold?
1242 _pnn=$(ctdb_get_pnn)
1243 _ips=$($CTDB -X ip | awk -F'|' -v pnn="$_pnn" '$3 == pnn {print $2}')
1245 # IPs and port as ss filters
1247 for _ip in $_ips ; do
1248 _ip_filter="${_ip_filter}${_ip_filter:+ || }src [${_ip}]"
1250 _port_filter="sport == :${_port}"
1252 # Record connections to our public IPs in a temporary file.
1253 # This temporary file is in CTDB's private state directory and
1254 # $$ is used to avoid a very rare race involving CTDB's script
1255 # debugging. No security issue, nothing to see here...
1256 _my_connections="${tickledir}/${_port}.connections.$$"
1257 # Parentheses are needed around the filters for precedence but
1258 # the parentheses can't be empty!
1259 ss -tn state established \
1260 "${_ip_filter:+( ${_ip_filter} )}" \
1261 "${_port_filter:+( ${_port_filter} )}" |
1262 awk 'NR > 1 {print $4, $3}' |
1263 sort >"$_my_connections"
1265 # Record our current tickles in a temporary file
1266 _my_tickles="${tickledir}/${_port}.tickles.$$"
1267 for _i in $_ips ; do
1268 $CTDB -X gettickles "$_i" "$_port" |
1269 awk -F'|' 'NR > 1 { printf "%s:%s %s:%s\n", $2, $3, $4, $5 }'
1271 sort >"$_my_tickles"
1273 # Add tickles for connections that we haven't already got tickles for
1274 comm -23 "$_my_connections" "$_my_tickles" |
1275 while read _src _dst ; do
1276 $CTDB addtickle "$_src" "$_dst"
1279 # Remove tickles for connections that are no longer there
1280 comm -13 "$_my_connections" "$_my_tickles" |
1281 while read _src _dst ; do
1282 $CTDB deltickle "$_src" "$_dst"
1285 rm -f "$_my_connections" "$_my_tickles"
1287 # Remove stale files from killed scripts
1288 find "$tickledir" -type f -mmin +10 | xargs -r rm
1291 ########################################################
1292 # load a site local config file
1293 ########################################################
1295 [ -n "$CTDB_RC_LOCAL" -a -x "$CTDB_RC_LOCAL" ] && {
1299 [ -x "${CTDB_BASE}/rc.local" ] && {
1300 . "${CTDB_BASE}/rc.local"
1303 [ -d "${CTDB_BASE}/rc.local.d" ] && {
1304 for i in "${CTDB_BASE}/rc.local.d"/* ; do
1305 [ -x "$i" ] && . "$i"
1309 script_name="${0##*/}" # basename