December 2015 - lvm2-commits - Fedora Mailing-Lists

by Zdenek Kabelac

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=7a4badc07fbb86... Commit: 7a4badc07fbb864be3014c14e61e8c606593437d Parent: 0688dbbc5303ee99709f202a023e7b96a515f6aa Author: Riku Voipio <riku.voipio(a)linaro.org> AuthorDate: Tue Dec 8 16:40:08 2015 +0200 Committer: Zdenek Kabelac <zkabelac(a)redhat.com> CommitterDate: Fri Dec 11 20:15:51 2015 +0100 fix static linking Static linking fails currently, as -lm and -lpthread are missing: gcc -O2 -fPIC -O2 -L../libdm -L../lib -L../libdaemon/client -static -L../libdm/ioctl \ -o dmsetup.static dmsetup.o -ldevmapper -lrt ../libdm/ioctl/libdevmapper.a(libdm-stats.o): In function `dm_stats_create_region': libdm-stats.c:(.text+0x2d69): undefined reference to `log10' libdm-stats.c:(.text+0x2d6e): undefined reference to `lround' ../libdm/ioctl/libdevmapper.a(pool.o): In function `dm_pool_create': pool.c:(.text+0x134): undefined reference to `pthread_mutex_lock' pool.c:(.text+0x14f): undefined reference to `pthread_mutex_unlock' Signed-off-by: Riku Voipio <riku.voipio(a)linaro.org> --- WHATS_NEW_DM | 1 + tools/Makefile.in | 2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM index f6e9d2a..c4d62e1 100644 --- a/WHATS_NEW_DM +++ b/WHATS_NEW_DM @@ -1,5 +1,6 @@ Version 1.02.114 - ==================================== + Better support for dmsetup static linkage. Extend validity checks on dmeventd client socket. Version 1.02.113 - 5th December 2015 diff --git a/tools/Makefile.in b/tools/Makefile.in index d6e54f0..518a21a 100644 --- a/tools/Makefile.in +++ b/tools/Makefile.in @@ -130,7 +130,7 @@ dmsetup: dmsetup.o $(top_builddir)/libdm/libdevmapper.$(LIB_SUFFIX) dmsetup.static: dmsetup.o $(interfacebuilddir)/libdevmapper.a $(CC) $(CFLAGS) $(LDFLAGS) -static -L$(interfacebuilddir) \ - -o $@ dmsetup.o -ldevmapper $(STATIC_LIBS) $(LIBS) + -o $@ dmsetup.o -ldevmapper $(M_LIBS) $(PTHREAD_LIBS) $(STATIC_LIBS) $(LIBS) all: device-mapper

8 years, 4 months

1
0
0 / 0

master - tests: fix logging

by Zdenek Kabelac

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=0688dbbc5303ee... Commit: 0688dbbc5303ee99709f202a023e7b96a515f6aa Parent: cd8e95d9337207a8f87a6f68dc9b1db7e3828bbf Author: Zdenek Kabelac <zkabelac(a)redhat.com> AuthorDate: Thu Dec 10 20:47:30 2015 +0100 Committer: Zdenek Kabelac <zkabelac(a)redhat.com> CommitterDate: Thu Dec 10 21:01:24 2015 +0100 tests: fix logging Actually file redirection must be before stderr redir. --- test/shell/mdata-strings.sh | 2 +- test/shell/thin-resize-match.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/shell/mdata-strings.sh b/test/shell/mdata-strings.sh index fda09ec..d20234b 100644 --- a/test/shell/mdata-strings.sh +++ b/test/shell/mdata-strings.sh @@ -37,7 +37,7 @@ dm_table | grep -F "$pv_ugly" created="$dev1" # when used with real udev without fallback, it will fail here pvcreate "$dev1" || created="$dev2" -pvdisplay 2>&1 | tee >err +pvdisplay 2>&1 | tee err should grep -F "$pv_ugly" err should check pv_field "$dev1" pv_name "$dev1" vgcreate $vg "$created" diff --git a/test/shell/thin-resize-match.sh b/test/shell/thin-resize-match.sh index d5481e2..4c6332d 100644 --- a/test/shell/thin-resize-match.sh +++ b/test/shell/thin-resize-match.sh @@ -34,7 +34,7 @@ check lv_field $vg/$lv1 size "2.00m" # prepare 2097152 file content seq 0 315465 > 2M md5sum 2M | cut -f 1 -d ' ' | tee MD5 -dd if=2M of="$DM_DEV_DIR/mapper/$vg-$lv1" bs=512K conv=fdatasync 2>&1 >log & +dd if=2M of="$DM_DEV_DIR/mapper/$vg-$lv1" bs=512K conv=fdatasync >log 2>&1 & #dd if=2M of="$DM_DEV_DIR/mapper/$vg-$lv1" bs=2M oflag=direct & # give it some time to fill thin-volume

8 years, 4 months

1
0
0 / 0

master - lvrename: always allow to rename pools

by Zdenek Kabelac

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=cd8e95d9337207... Commit: cd8e95d9337207a8f87a6f68dc9b1db7e3828bbf Parent: bf4b74c5eb55cdb77c8a7e7e697fb2d43b39c718 Author: Zdenek Kabelac <zkabelac(a)redhat.com> AuthorDate: Wed Dec 9 13:52:47 2015 +0100 Committer: Zdenek Kabelac <zkabelac(a)redhat.com> CommitterDate: Thu Dec 10 21:01:24 2015 +0100 lvrename: always allow to rename pools Since we mark cache-pool as 'hidden/private' while it is in-use, we may still allow user to change it's name. It should not cause any harm and user may prefer better naming for a cache-pool in use. --- lib/metadata/lv_manip.c | 10 +++++++--- 1 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c index 6a93a76..76e7895 100644 --- a/lib/metadata/lv_manip.c +++ b/lib/metadata/lv_manip.c @@ -4230,8 +4230,12 @@ int lv_rename_update(struct cmd_context *cmd, struct logical_volume *lv, struct volume_group *vg = lv->vg; struct lv_names lv_names = { .old = lv->name }; - /* rename is not allowed on sub LVs */ - if (!lv_is_visible(lv)) { + /* + * rename is not allowed on sub LVs except for pools + * (thin pool is 'visible', but cache may not) + */ + if (!lv_is_pool(lv) && + !lv_is_visible(lv)) { log_error("Cannot rename internal LV \"%s\".", lv->name); return 0; } @@ -4265,7 +4269,7 @@ int lv_rename_update(struct cmd_context *cmd, struct logical_volume *lv, if (lv_is_cow(lv)) lv = origin_from_cow(lv); - if (update_mda && !lv_update_and_reload(lv)) + if (update_mda && !lv_update_and_reload((struct logical_volume *)lv_lock_holder(lv))) return_0; return 1;

8 years, 4 months

1
0
0 / 0

master - cache: support stacked rename

by Zdenek Kabelac

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=bf4b74c5eb55cd... Commit: bf4b74c5eb55cdb77c8a7e7e697fb2d43b39c718 Parent: dcb26b5f136ad861356d5c118921a254cae2cab4 Author: Zdenek Kabelac <zkabelac(a)redhat.com> AuthorDate: Mon Dec 7 13:53:00 2015 +0100 Committer: Zdenek Kabelac <zkabelac(a)redhat.com> CommitterDate: Thu Dec 10 21:01:24 2015 +0100 cache: support stacked rename Preserve skip_pool flag when running for_each_sub_lv() so lvrename continues to work when thin-pool is using cached data LV. --- lib/metadata/lv_manip.c | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c index 2f37f5b..6a93a76 100644 --- a/lib/metadata/lv_manip.c +++ b/lib/metadata/lv_manip.c @@ -4154,7 +4154,7 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools, if (lv_is_cow(lv) && lv_is_virtual_origin(org = origin_from_cow(lv))) { if (!fn(org, data)) return_0; - if (!for_each_sub_lv(org, fn, data)) + if (!_for_each_sub_lv(org, skip_pools, fn, data)) return_0; } @@ -4162,21 +4162,21 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools, if (seg->log_lv) { if (!fn(seg->log_lv, data)) return_0; - if (!for_each_sub_lv(seg->log_lv, fn, data)) + if (!_for_each_sub_lv(seg->log_lv, skip_pools, fn, data)) return_0; } if (seg->metadata_lv) { if (!fn(seg->metadata_lv, data)) return_0; - if (!for_each_sub_lv(seg->metadata_lv, fn, data)) + if (!_for_each_sub_lv(seg->metadata_lv, skip_pools, fn, data)) return_0; } if (seg->pool_lv && !skip_pools) { if (!fn(seg->pool_lv, data)) return_0; - if (!for_each_sub_lv(seg->pool_lv, fn, data)) + if (!_for_each_sub_lv(seg->pool_lv, skip_pools, fn, data)) return_0; } @@ -4185,7 +4185,7 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools, continue; if (!fn(seg_lv(seg, s), data)) return_0; - if (!for_each_sub_lv(seg_lv(seg, s), fn, data)) + if (!_for_each_sub_lv(seg_lv(seg, s), skip_pools, fn, data)) return_0; } @@ -4198,7 +4198,7 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools, continue; if (!fn(seg_metalv(seg, s), data)) return_0; - if (!for_each_sub_lv(seg_metalv(seg, s), fn, data)) + if (!_for_each_sub_lv(seg_metalv(seg, s), skip_pools, fn, data)) return_0; } }

8 years, 4 months

1
0
0 / 0

master - lvmlockd: reconnect to lvmetad if it's restarted

by David Teigland

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=dcb26b5f136ad8... Commit: dcb26b5f136ad861356d5c118921a254cae2cab4 Parent: bdba4e7a931f1e77f9c7cf6837a6c8b33b35a099 Author: David Teigland <teigland(a)redhat.com> AuthorDate: Thu Dec 10 10:50:19 2015 -0600 Committer: David Teigland <teigland(a)redhat.com> CommitterDate: Thu Dec 10 10:50:19 2015 -0600 lvmlockd: reconnect to lvmetad if it's restarted If lvmetad is restarted after lvmlockd has connected to it, then lvmlockd should reconnect. --- daemons/lvmlockd/lvmlockd-core.c | 80 ++++++++++++++++++++++++------------- 1 files changed, 52 insertions(+), 28 deletions(-) diff --git a/daemons/lvmlockd/lvmlockd-core.c b/daemons/lvmlockd/lvmlockd-core.c index fe24e25..e495d3b 100644 --- a/daemons/lvmlockd/lvmlockd-core.c +++ b/daemons/lvmlockd/lvmlockd-core.c @@ -1020,6 +1020,43 @@ static void add_work_action(struct action *act) pthread_mutex_unlock(&worker_mutex); } +static daemon_reply send_lvmetad(const char *id, ...) +{ + daemon_reply reply; + va_list ap; + int retries = 0; + + va_start(ap, id); + + /* + * mutex is used because all threads share a single + * lvmetad connection/handle. + */ + pthread_mutex_lock(&lvmetad_mutex); +retry: + reply = daemon_send_simple_v(lvmetad_handle, id, ap); + + /* lvmetad may have been restarted */ + if ((reply.error == ECONNRESET) && (retries < 2)) { + daemon_close(lvmetad_handle); + lvmetad_connected = 0; + + lvmetad_handle = lvmetad_open(NULL); + if (lvmetad_handle.error || lvmetad_handle.socket_fd < 0) { + log_error("lvmetad_open reconnect error %d", lvmetad_handle.error); + } else { + log_debug("lvmetad reconnected"); + lvmetad_connected = 1; + } + retries++; + goto retry; + } + pthread_mutex_unlock(&lvmetad_mutex); + + va_end(ap); + return reply; +} + static int res_lock(struct lockspace *ls, struct resource *r, struct action *act, int *retry) { struct lock *lk; @@ -1246,14 +1283,12 @@ static int res_lock(struct lockspace *ls, struct resource *r, struct action *act else uuid = ls->vg_uuid; - pthread_mutex_lock(&lvmetad_mutex); - reply = daemon_send_simple(lvmetad_handle, "set_vg_info", - "token = %s", "skip", - "uuid = %s", uuid, - "name = %s", ls->vg_name, - "version = " FMTd64, (int64_t)new_version, - NULL); - pthread_mutex_unlock(&lvmetad_mutex); + reply = send_lvmetad("set_vg_info", + "token = %s", "skip", + "uuid = %s", uuid, + "name = %s", ls->vg_name, + "version = " FMTd64, (int64_t)new_version, + NULL); if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK")) log_error("set_vg_info in lvmetad failed %d", reply.error); @@ -1266,12 +1301,10 @@ static int res_lock(struct lockspace *ls, struct resource *r, struct action *act log_debug("S %s R %s res_lock set lvmetad global invalid", ls->name, r->name); - pthread_mutex_lock(&lvmetad_mutex); - reply = daemon_send_simple(lvmetad_handle, "set_global_info", - "token = %s", "skip", - "global_invalid = " FMTd64, INT64_C(1), - NULL); - pthread_mutex_unlock(&lvmetad_mutex); + reply = send_lvmetad("set_global_info", + "token = %s", "skip", + "global_invalid = " FMTd64, INT64_C(1), + NULL); if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK")) log_error("set_global_info in lvmetad failed %d", reply.error); @@ -4747,15 +4780,11 @@ static int get_lockd_vgs(struct list_head *vg_lockd) const char *lock_type; const char *lock_args; char find_str_path[PATH_MAX]; - int mutex_unlocked = 0; int rv = 0; INIT_LIST_HEAD(&update_vgs); - pthread_mutex_lock(&lvmetad_mutex); - reply = daemon_send_simple(lvmetad_handle, "vg_list", - "token = %s", "skip", - NULL); + reply = send_lvmetad("vg_list", "token = %s", "skip", NULL); if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK")) { log_error("vg_list from lvmetad failed %d", reply.error); @@ -4792,10 +4821,10 @@ static int get_lockd_vgs(struct list_head *vg_lockd) /* get vg_name and lock_type for each vg uuid entry in update_vgs */ list_for_each_entry(ls, &update_vgs, list) { - reply = daemon_send_simple(lvmetad_handle, "vg_lookup", - "token = %s", "skip", - "uuid = %s", ls->vg_uuid, - NULL); + reply = send_lvmetad("vg_lookup", + "token = %s", "skip", + "uuid = %s", ls->vg_uuid, + NULL); if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK")) { log_error("vg_lookup from lvmetad failed %d", reply.error); @@ -4884,8 +4913,6 @@ static int get_lockd_vgs(struct list_head *vg_lockd) if (rv < 0) break; } - pthread_mutex_unlock(&lvmetad_mutex); - mutex_unlocked = 1; out: /* Return lockd VG's on the vg_lockd list. */ @@ -4898,9 +4925,6 @@ out: free(ls); } - if (!mutex_unlocked) - pthread_mutex_unlock(&lvmetad_mutex); - return rv; }

8 years, 4 months

1
0
0 / 0

master - lvrename: move the lvmlockd LV lock

by David Teigland

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=bdba4e7a931f1e... Commit: bdba4e7a931f1e77f9c7cf6837a6c8b33b35a099 Parent: dcd946e95a80da1b6b2d2285d9a5f41e87cb153d Author: David Teigland <teigland(a)redhat.com> AuthorDate: Wed Dec 9 11:51:25 2015 -0600 Committer: David Teigland <teigland(a)redhat.com> CommitterDate: Wed Dec 9 11:59:49 2015 -0600 lvrename: move the lvmlockd LV lock The function it was in is used for various internal renaming of hidden LVs where a lock from lvmlockd does not apply. --- lib/metadata/lv_manip.c | 12 ------------ tools/lvrename.c | 12 ++++++++++++ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c index 2582ed5..2f37f5b 100644 --- a/lib/metadata/lv_manip.c +++ b/lib/metadata/lv_manip.c @@ -4247,18 +4247,6 @@ int lv_rename_update(struct cmd_context *cmd, struct logical_volume *lv, return 0; } - /* - * The lvmlockd LV lock is only acquired here to ensure the LV is not - * active on another host. This requests a transient LV lock. - * If the LV is active, a persistent LV lock already exists in - * lvmlockd, and the transient lock request does nothing. - * If the LV is not active, then no LV lock exists and the transient - * lock request acquires the LV lock (or fails). The transient lock - * is automatically released when the command exits. - */ - if (!lockd_lv(cmd, lv, "ex", 0)) - return_0; - if (update_mda && !archive(vg)) return_0; diff --git a/tools/lvrename.c b/tools/lvrename.c index 18b02d2..217ebdc 100644 --- a/tools/lvrename.c +++ b/tools/lvrename.c @@ -46,6 +46,18 @@ static int _lvrename_single(struct cmd_context *cmd, const char *vg_name, goto bad; } + /* + * The lvmlockd LV lock is only acquired here to ensure the LV is not + * active on another host. This requests a transient LV lock. + * If the LV is active, a persistent LV lock already exists in + * lvmlockd, and the transient lock request does nothing. + * If the LV is not active, then no LV lock exists and the transient + * lock request acquires the LV lock (or fails). The transient lock + * is automatically released when the command exits. + */ + if (!lockd_lv(cmd, lvl->lv, "ex", 0)) + goto_bad; + if (!lv_rename(cmd, lvl->lv, lp->lv_name_new)) goto_bad;

8 years, 4 months

1
0
0 / 0

master - dmeventd: Don't trust fifo with wrong attrs.

by Alasdair Kergon

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=dcd946e95a80da... Commit: dcd946e95a80da1b6b2d2285d9a5f41e87cb153d Parent: 94dab390ef68de3a56b67bce771b48445aa13d09 Author: Alasdair G Kergon <agk(a)redhat.com> AuthorDate: Tue Dec 8 01:48:17 2015 +0000 Committer: Alasdair G Kergon <agk(a)redhat.com> CommitterDate: Tue Dec 8 01:48:17 2015 +0000 dmeventd: Don't trust fifo with wrong attrs. If an existing fifo has the wrong attributes it cannot be trusted so we must unlink it and recreate it correctly. (Replaces 2c8d6f5c90d5be62b48ba2881f2a6631091dc5af: if the other end of the fifo already got opened while its mode was insecure, delaying the chmod isn't going to make any difference!) --- daemons/dmeventd/dmeventd.c | 34 +++++++++++++++++++++++++--------- 1 files changed, 25 insertions(+), 9 deletions(-) diff --git a/daemons/dmeventd/dmeventd.c b/daemons/dmeventd/dmeventd.c index b7fff9a..c093d91 100644 --- a/daemons/dmeventd/dmeventd.c +++ b/daemons/dmeventd/dmeventd.c @@ -408,7 +408,7 @@ static struct thread_status *_alloc_thread_status(const struct message_data *dat if (!(thread->device.uuid = dm_strdup(data->device_uuid))) goto_out; - /* Until real name resolved, use UUID */ + /* Until real name resolved, use UUID */ if (!(thread->device.name = dm_strdup(data->device_uuid))) goto_out; @@ -1359,6 +1359,26 @@ static int _open_fifo(const char *path) { struct stat st; int fd = -1; + + /* + * FIXME Explicitly verify the code's requirement that path is secure: + * - All parent directories owned by root without group/other write access unless sticky. + */ + + /* If path exists, only use it if it is root-owned fifo mode 0600 */ + if ((lstat(path, &st) < 0)) { + if (errno != ENOENT) { + log_sys_error("stat", path); + return -1; + } + } else if (!S_ISFIFO(st.st_mode) || st.st_uid || + (st.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO))) { + log_warn("WARNING: %s has wrong attributes: Replacing.", path); + if (unlink(path)) { + log_sys_error("unlink", path); + return -1; + } + } /* Create fifo. */ (void) dm_prepare_selinux_context(path, S_IFIFO); @@ -1382,14 +1402,10 @@ static int _open_fifo(const char *path) goto fail; } - if ((st.st_mode & 0777) != 0600) { - log_warn("WARNING: Fixing wrong permissions on %s: %s.", - path, strerror(errno)); - - if (fchmod(fd, 0600)) { - log_sys_error("fchmod", path); - goto fail; - } + if (!S_ISFIFO(st.st_mode) || st.st_uid || + (st.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO))) { + log_error("%s: fifo has incorrect attributes", path); + goto fail; } if (fcntl(fd, F_SETFD, FD_CLOEXEC)) {

8 years, 4 months

1
0
0 / 0

master - dmeventd: Extend checks on client socket.

by Alasdair Kergon

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=94dab390ef68de... Commit: 94dab390ef68de3a56b67bce771b48445aa13d09 Parent: 00bab9d9cd8581e905634658a6cda33d998b1b85 Author: Alasdair G Kergon <agk(a)redhat.com> AuthorDate: Tue Dec 8 00:54:32 2015 +0000 Committer: Alasdair G Kergon <agk(a)redhat.com> CommitterDate: Tue Dec 8 00:59:39 2015 +0000 dmeventd: Extend checks on client socket. Reinstate and extend checks removed by e1b111b02accb4145b82b8b47ce57ed93b1a7184. The code has always assumed that only root has access to the directory containing the fifos and that they are under the complete control of dmeventd code. If anything is found not to be as expected, then open() should certainly not be attempted! --- WHATS_NEW_DM | 1 + daemons/dmeventd/libdevmapper-event.c | 35 +++++++++++++++++++++++++++++++- 2 files changed, 34 insertions(+), 2 deletions(-) diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM index 9dd51aa..f6e9d2a 100644 --- a/WHATS_NEW_DM +++ b/WHATS_NEW_DM @@ -1,5 +1,6 @@ Version 1.02.114 - ==================================== + Extend validity checks on dmeventd client socket. Version 1.02.113 - 5th December 2015 ==================================== diff --git a/daemons/dmeventd/libdevmapper-event.c b/daemons/dmeventd/libdevmapper-event.c index f1441f5..b49af45 100644 --- a/daemons/dmeventd/libdevmapper-event.c +++ b/daemons/dmeventd/libdevmapper-event.c @@ -412,12 +412,41 @@ static int _start_daemon(char *dmeventd_path, struct dm_event_fifos *fifos) char default_dmeventd_path[] = DMEVENTD_PATH; char *args[] = { dmeventd_path ? : default_dmeventd_path, NULL }; + /* + * FIXME Explicitly verify the code's requirement that client_path is secure: + * - All parent directories owned by root without group/other write access unless sticky. + */ + + /* If client fifo path exists, only use it if it is root-owned fifo mode 0600 */ + if ((lstat(fifos->client_path, &statbuf) < 0)) { + if (errno == ENOENT) + /* Jump ahead if fifo does not already exist. */ + goto start_server; + else { + log_sys_error("stat", fifos->client_path); + return 0; + } + } else if (!S_ISFIFO(statbuf.st_mode)) { + log_error("%s must be a fifo.", fifos->client_path); + return 0; + } else if (statbuf.st_uid) { + log_error("%s must be owned by uid 0.", fifos->client_path); + return 0; + } else if (statbuf.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO)) { + log_error("%s must have mode 0600.", fifos->client_path); + return 0; + } + /* Anyone listening? If not, errno will be ENXIO */ fifos->client = open(fifos->client_path, O_WRONLY | O_NONBLOCK); if (fifos->client >= 0) { + /* Should never happen if all the above checks passed. */ if ((fstat(fifos->client, &statbuf) < 0) || - !S_ISFIFO(statbuf.st_mode)) { - log_error("%s is not a fifo.", fifos->client_path); + !S_ISFIFO(statbuf.st_mode) || statbuf.st_uid || + (statbuf.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO))) { + log_error("%s is no longer a secure root-owned fifo with mode 0600.", fifos->client_path); + if (close(fifos->client)) + log_sys_debug("close", fifos->client_path); return 0; } @@ -431,6 +460,7 @@ static int _start_daemon(char *dmeventd_path, struct dm_event_fifos *fifos) return 0; } +start_server: /* server is not running */ if ((args[0][0] == '/') && stat(args[0], &statbuf)) { @@ -724,6 +754,7 @@ int dm_event_get_registered_device(struct dm_event_handler *dmevh, int next) uuid = dm_task_get_uuid(dmt); + /* FIXME Distinguish errors connecting to daemon */ if (_do_event(next ? DM_EVENT_CMD_GET_NEXT_REGISTERED_DEVICE : DM_EVENT_CMD_GET_REGISTERED_DEVICE, dmevh->dmeventd_path, &msg, dmevh->dso, uuid, dmevh->mask, 0)) {

8 years, 4 months

1
0
0 / 0

v2_02_137 annotated tag has been created

by Alasdair Kergon

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=2d1f7849b5a902... Commit: 2d1f7849b5a902c7809b7ffcc1e16ef1e0138e08 Parent: 0000000000000000000000000000000000000000 Author: Alasdair G Kergon <agk(a)redhat.com> AuthorDate: 2015-12-05 15:33 +0000 Committer: Alasdair G Kergon <agk(a)redhat.com> CommitterDate: 2015-12-05 15:33 +0000 annotated tag: v2_02_137 has been created at 2d1f7849b5a902c7809b7ffcc1e16ef1e0138e08 (tag) tagging 063b353b286652d5ccc692cf636824b9b3270fe9 (commit) replaces v2_02_136 Release 2.02.137. Another development release. 49 files changed, 1263 insertions(+), 637 deletions(-) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEABECAAYFAlZjA/oACgkQIoGRwVZ+LBdEcwCfaNhyqTQ7t6dFc31yoGhJ+z1F vZ0AoLwTPSJE49GhLhIUQPGTAI6f04/x =kXAy -----END PGP SIGNATURE----- Alasdair G Kergon (5): post-release lvconvert: Improve message for raid without -m. lvconvert: Reinstate mirror to raid conversions. lvconvert: Reinstate raid merge after splitmirror. pre-release David Teigland (16): lvmetad: include both vgid and vgname in lookup request lvmcache: include system_id in vginfo cache system_id: refactor check for allowed system_id lvmcache: new function to check if VG is foreign process_each: always use list of vgnames on system process_each: resolve duplicate VG names toollib: remove unused function vg_read: look up vgid from name lvmcache: change duplicate VG name warnings to verbose vgextend: pass single vgname as process_each_vg arg lvcreate: use process_each_vg lvrename: use process_each_vg lvresize: use process_each_vg toollib: allow VG UUID to be used in place of VG name toollib: only interpret vgname arg as uuid for vgrename man lvm: add section about unique VG names Zdenek Kabelac (16): libdm: introduce dm_get_status_mirror tests: unit test for mirror status lib: pass mem pool to check_transient_status cleanup: use dm_get_status_mirror mirror: fix condition uuid: add id_read_format_try cleanup: use try_id_read_format log: use full buffer size for printf archiver: inital change toward proper logging cleanup: drop log_suppress(2) usage vgextend: reinstantiate archiving tests: check read-only backup archive libdm: add some doc for mirror status debug: correct stack tracing archiver: fix reporting for check_current_backup tests: extend test

8 years, 4 months

1
0
0 / 0

master - post-release

by Alasdair Kergon

Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=00bab9d9cd8581... Commit: 00bab9d9cd8581e905634658a6cda33d998b1b85 Parent: 063b353b286652d5ccc692cf636824b9b3270fe9 Author: Alasdair G Kergon <agk(a)redhat.com> AuthorDate: Sat Dec 5 15:36:22 2015 +0000 Committer: Alasdair G Kergon <agk(a)redhat.com> CommitterDate: Sat Dec 5 15:36:22 2015 +0000 post-release --- VERSION | 2 +- VERSION_DM | 2 +- WHATS_NEW | 3 +++ WHATS_NEW_DM | 3 +++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index a504b04..3216252 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.02.137(2)-git (2015-12-05) +2.02.138(2)-git (2015-12-05) diff --git a/VERSION_DM b/VERSION_DM index 27520ef..d28d68b 100644 --- a/VERSION_DM +++ b/VERSION_DM @@ -1 +1 @@ -1.02.113-git (2015-12-05) +1.02.114-git (2015-12-05) diff --git a/WHATS_NEW b/WHATS_NEW index 95839a2..3bc9397 100644 --- a/WHATS_NEW +++ b/WHATS_NEW @@ -1,3 +1,6 @@ +Version 2.02.138 - +==================================== + Version 2.02.137 - 5th December 2015 ==================================== Restore archiving before changing metadata in vgextend (2.02.117). diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM index 4b119af..9dd51aa 100644 --- a/WHATS_NEW_DM +++ b/WHATS_NEW_DM @@ -1,3 +1,6 @@ +Version 1.02.114 - +==================================== + Version 1.02.113 - 5th December 2015 ==================================== Mirror plugin in dmeventd uses dm_get_status_mirror().

8 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

lvm2-commits December 2015