master - fix static linking
by Zdenek Kabelac
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=7a4badc07fbb86...
Commit: 7a4badc07fbb864be3014c14e61e8c606593437d
Parent: 0688dbbc5303ee99709f202a023e7b96a515f6aa
Author: Riku Voipio <riku.voipio(a)linaro.org>
AuthorDate: Tue Dec 8 16:40:08 2015 +0200
Committer: Zdenek Kabelac <zkabelac(a)redhat.com>
CommitterDate: Fri Dec 11 20:15:51 2015 +0100
fix static linking
Static linking fails currently, as -lm and -lpthread are missing:
gcc -O2 -fPIC -O2 -L../libdm -L../lib -L../libdaemon/client -static
-L../libdm/ioctl \
-o dmsetup.static dmsetup.o -ldevmapper -lrt
../libdm/ioctl/libdevmapper.a(libdm-stats.o): In function
`dm_stats_create_region':
libdm-stats.c:(.text+0x2d69): undefined reference to `log10'
libdm-stats.c:(.text+0x2d6e): undefined reference to `lround'
../libdm/ioctl/libdevmapper.a(pool.o): In function `dm_pool_create':
pool.c:(.text+0x134): undefined reference to `pthread_mutex_lock'
pool.c:(.text+0x14f): undefined reference to `pthread_mutex_unlock'
Signed-off-by: Riku Voipio <riku.voipio(a)linaro.org>
---
WHATS_NEW_DM | 1 +
tools/Makefile.in | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index f6e9d2a..c4d62e1 100644
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,5 +1,6 @@
Version 1.02.114 -
====================================
+ Better support for dmsetup static linkage.
Extend validity checks on dmeventd client socket.
Version 1.02.113 - 5th December 2015
diff --git a/tools/Makefile.in b/tools/Makefile.in
index d6e54f0..518a21a 100644
--- a/tools/Makefile.in
+++ b/tools/Makefile.in
@@ -130,7 +130,7 @@ dmsetup: dmsetup.o $(top_builddir)/libdm/libdevmapper.$(LIB_SUFFIX)
dmsetup.static: dmsetup.o $(interfacebuilddir)/libdevmapper.a
$(CC) $(CFLAGS) $(LDFLAGS) -static -L$(interfacebuilddir) \
- -o $@ dmsetup.o -ldevmapper $(STATIC_LIBS) $(LIBS)
+ -o $@ dmsetup.o -ldevmapper $(M_LIBS) $(PTHREAD_LIBS) $(STATIC_LIBS) $(LIBS)
all: device-mapper
8 years, 4 months
master - tests: fix logging
by Zdenek Kabelac
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=0688dbbc5303ee...
Commit: 0688dbbc5303ee99709f202a023e7b96a515f6aa
Parent: cd8e95d9337207a8f87a6f68dc9b1db7e3828bbf
Author: Zdenek Kabelac <zkabelac(a)redhat.com>
AuthorDate: Thu Dec 10 20:47:30 2015 +0100
Committer: Zdenek Kabelac <zkabelac(a)redhat.com>
CommitterDate: Thu Dec 10 21:01:24 2015 +0100
tests: fix logging
Actually file redirection must be before stderr redir.
---
test/shell/mdata-strings.sh | 2 +-
test/shell/thin-resize-match.sh | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/test/shell/mdata-strings.sh b/test/shell/mdata-strings.sh
index fda09ec..d20234b 100644
--- a/test/shell/mdata-strings.sh
+++ b/test/shell/mdata-strings.sh
@@ -37,7 +37,7 @@ dm_table | grep -F "$pv_ugly"
created="$dev1"
# when used with real udev without fallback, it will fail here
pvcreate "$dev1" || created="$dev2"
-pvdisplay 2>&1 | tee >err
+pvdisplay 2>&1 | tee err
should grep -F "$pv_ugly" err
should check pv_field "$dev1" pv_name "$dev1"
vgcreate $vg "$created"
diff --git a/test/shell/thin-resize-match.sh b/test/shell/thin-resize-match.sh
index d5481e2..4c6332d 100644
--- a/test/shell/thin-resize-match.sh
+++ b/test/shell/thin-resize-match.sh
@@ -34,7 +34,7 @@ check lv_field $vg/$lv1 size "2.00m"
# prepare 2097152 file content
seq 0 315465 > 2M
md5sum 2M | cut -f 1 -d ' ' | tee MD5
-dd if=2M of="$DM_DEV_DIR/mapper/$vg-$lv1" bs=512K conv=fdatasync 2>&1 >log &
+dd if=2M of="$DM_DEV_DIR/mapper/$vg-$lv1" bs=512K conv=fdatasync >log 2>&1 &
#dd if=2M of="$DM_DEV_DIR/mapper/$vg-$lv1" bs=2M oflag=direct &
# give it some time to fill thin-volume
8 years, 4 months
master - lvrename: always allow to rename pools
by Zdenek Kabelac
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=cd8e95d9337207...
Commit: cd8e95d9337207a8f87a6f68dc9b1db7e3828bbf
Parent: bf4b74c5eb55cdb77c8a7e7e697fb2d43b39c718
Author: Zdenek Kabelac <zkabelac(a)redhat.com>
AuthorDate: Wed Dec 9 13:52:47 2015 +0100
Committer: Zdenek Kabelac <zkabelac(a)redhat.com>
CommitterDate: Thu Dec 10 21:01:24 2015 +0100
lvrename: always allow to rename pools
Since we mark cache-pool as 'hidden/private' while it is in-use,
we may still allow user to change it's name.
It should not cause any harm and user may prefer better naming
for a cache-pool in use.
---
lib/metadata/lv_manip.c | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c
index 6a93a76..76e7895 100644
--- a/lib/metadata/lv_manip.c
+++ b/lib/metadata/lv_manip.c
@@ -4230,8 +4230,12 @@ int lv_rename_update(struct cmd_context *cmd, struct logical_volume *lv,
struct volume_group *vg = lv->vg;
struct lv_names lv_names = { .old = lv->name };
- /* rename is not allowed on sub LVs */
- if (!lv_is_visible(lv)) {
+ /*
+ * rename is not allowed on sub LVs except for pools
+ * (thin pool is 'visible', but cache may not)
+ */
+ if (!lv_is_pool(lv) &&
+ !lv_is_visible(lv)) {
log_error("Cannot rename internal LV \"%s\".", lv->name);
return 0;
}
@@ -4265,7 +4269,7 @@ int lv_rename_update(struct cmd_context *cmd, struct logical_volume *lv,
if (lv_is_cow(lv))
lv = origin_from_cow(lv);
- if (update_mda && !lv_update_and_reload(lv))
+ if (update_mda && !lv_update_and_reload((struct logical_volume *)lv_lock_holder(lv)))
return_0;
return 1;
8 years, 4 months
master - cache: support stacked rename
by Zdenek Kabelac
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=bf4b74c5eb55cd...
Commit: bf4b74c5eb55cdb77c8a7e7e697fb2d43b39c718
Parent: dcb26b5f136ad861356d5c118921a254cae2cab4
Author: Zdenek Kabelac <zkabelac(a)redhat.com>
AuthorDate: Mon Dec 7 13:53:00 2015 +0100
Committer: Zdenek Kabelac <zkabelac(a)redhat.com>
CommitterDate: Thu Dec 10 21:01:24 2015 +0100
cache: support stacked rename
Preserve skip_pool flag when running for_each_sub_lv() so
lvrename continues to work when thin-pool is using cached
data LV.
---
lib/metadata/lv_manip.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c
index 2f37f5b..6a93a76 100644
--- a/lib/metadata/lv_manip.c
+++ b/lib/metadata/lv_manip.c
@@ -4154,7 +4154,7 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools,
if (lv_is_cow(lv) && lv_is_virtual_origin(org = origin_from_cow(lv))) {
if (!fn(org, data))
return_0;
- if (!for_each_sub_lv(org, fn, data))
+ if (!_for_each_sub_lv(org, skip_pools, fn, data))
return_0;
}
@@ -4162,21 +4162,21 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools,
if (seg->log_lv) {
if (!fn(seg->log_lv, data))
return_0;
- if (!for_each_sub_lv(seg->log_lv, fn, data))
+ if (!_for_each_sub_lv(seg->log_lv, skip_pools, fn, data))
return_0;
}
if (seg->metadata_lv) {
if (!fn(seg->metadata_lv, data))
return_0;
- if (!for_each_sub_lv(seg->metadata_lv, fn, data))
+ if (!_for_each_sub_lv(seg->metadata_lv, skip_pools, fn, data))
return_0;
}
if (seg->pool_lv && !skip_pools) {
if (!fn(seg->pool_lv, data))
return_0;
- if (!for_each_sub_lv(seg->pool_lv, fn, data))
+ if (!_for_each_sub_lv(seg->pool_lv, skip_pools, fn, data))
return_0;
}
@@ -4185,7 +4185,7 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools,
continue;
if (!fn(seg_lv(seg, s), data))
return_0;
- if (!for_each_sub_lv(seg_lv(seg, s), fn, data))
+ if (!_for_each_sub_lv(seg_lv(seg, s), skip_pools, fn, data))
return_0;
}
@@ -4198,7 +4198,7 @@ static int _for_each_sub_lv(struct logical_volume *lv, int skip_pools,
continue;
if (!fn(seg_metalv(seg, s), data))
return_0;
- if (!for_each_sub_lv(seg_metalv(seg, s), fn, data))
+ if (!_for_each_sub_lv(seg_metalv(seg, s), skip_pools, fn, data))
return_0;
}
}
8 years, 4 months
master - lvmlockd: reconnect to lvmetad if it's restarted
by David Teigland
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=dcb26b5f136ad8...
Commit: dcb26b5f136ad861356d5c118921a254cae2cab4
Parent: bdba4e7a931f1e77f9c7cf6837a6c8b33b35a099
Author: David Teigland <teigland(a)redhat.com>
AuthorDate: Thu Dec 10 10:50:19 2015 -0600
Committer: David Teigland <teigland(a)redhat.com>
CommitterDate: Thu Dec 10 10:50:19 2015 -0600
lvmlockd: reconnect to lvmetad if it's restarted
If lvmetad is restarted after lvmlockd has connected
to it, then lvmlockd should reconnect.
---
daemons/lvmlockd/lvmlockd-core.c | 80 ++++++++++++++++++++++++-------------
1 files changed, 52 insertions(+), 28 deletions(-)
diff --git a/daemons/lvmlockd/lvmlockd-core.c b/daemons/lvmlockd/lvmlockd-core.c
index fe24e25..e495d3b 100644
--- a/daemons/lvmlockd/lvmlockd-core.c
+++ b/daemons/lvmlockd/lvmlockd-core.c
@@ -1020,6 +1020,43 @@ static void add_work_action(struct action *act)
pthread_mutex_unlock(&worker_mutex);
}
+static daemon_reply send_lvmetad(const char *id, ...)
+{
+ daemon_reply reply;
+ va_list ap;
+ int retries = 0;
+
+ va_start(ap, id);
+
+ /*
+ * mutex is used because all threads share a single
+ * lvmetad connection/handle.
+ */
+ pthread_mutex_lock(&lvmetad_mutex);
+retry:
+ reply = daemon_send_simple_v(lvmetad_handle, id, ap);
+
+ /* lvmetad may have been restarted */
+ if ((reply.error == ECONNRESET) && (retries < 2)) {
+ daemon_close(lvmetad_handle);
+ lvmetad_connected = 0;
+
+ lvmetad_handle = lvmetad_open(NULL);
+ if (lvmetad_handle.error || lvmetad_handle.socket_fd < 0) {
+ log_error("lvmetad_open reconnect error %d", lvmetad_handle.error);
+ } else {
+ log_debug("lvmetad reconnected");
+ lvmetad_connected = 1;
+ }
+ retries++;
+ goto retry;
+ }
+ pthread_mutex_unlock(&lvmetad_mutex);
+
+ va_end(ap);
+ return reply;
+}
+
static int res_lock(struct lockspace *ls, struct resource *r, struct action *act, int *retry)
{
struct lock *lk;
@@ -1246,14 +1283,12 @@ static int res_lock(struct lockspace *ls, struct resource *r, struct action *act
else
uuid = ls->vg_uuid;
- pthread_mutex_lock(&lvmetad_mutex);
- reply = daemon_send_simple(lvmetad_handle, "set_vg_info",
- "token = %s", "skip",
- "uuid = %s", uuid,
- "name = %s", ls->vg_name,
- "version = " FMTd64, (int64_t)new_version,
- NULL);
- pthread_mutex_unlock(&lvmetad_mutex);
+ reply = send_lvmetad("set_vg_info",
+ "token = %s", "skip",
+ "uuid = %s", uuid,
+ "name = %s", ls->vg_name,
+ "version = " FMTd64, (int64_t)new_version,
+ NULL);
if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK"))
log_error("set_vg_info in lvmetad failed %d", reply.error);
@@ -1266,12 +1301,10 @@ static int res_lock(struct lockspace *ls, struct resource *r, struct action *act
log_debug("S %s R %s res_lock set lvmetad global invalid",
ls->name, r->name);
- pthread_mutex_lock(&lvmetad_mutex);
- reply = daemon_send_simple(lvmetad_handle, "set_global_info",
- "token = %s", "skip",
- "global_invalid = " FMTd64, INT64_C(1),
- NULL);
- pthread_mutex_unlock(&lvmetad_mutex);
+ reply = send_lvmetad("set_global_info",
+ "token = %s", "skip",
+ "global_invalid = " FMTd64, INT64_C(1),
+ NULL);
if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK"))
log_error("set_global_info in lvmetad failed %d", reply.error);
@@ -4747,15 +4780,11 @@ static int get_lockd_vgs(struct list_head *vg_lockd)
const char *lock_type;
const char *lock_args;
char find_str_path[PATH_MAX];
- int mutex_unlocked = 0;
int rv = 0;
INIT_LIST_HEAD(&update_vgs);
- pthread_mutex_lock(&lvmetad_mutex);
- reply = daemon_send_simple(lvmetad_handle, "vg_list",
- "token = %s", "skip",
- NULL);
+ reply = send_lvmetad("vg_list", "token = %s", "skip", NULL);
if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK")) {
log_error("vg_list from lvmetad failed %d", reply.error);
@@ -4792,10 +4821,10 @@ static int get_lockd_vgs(struct list_head *vg_lockd)
/* get vg_name and lock_type for each vg uuid entry in update_vgs */
list_for_each_entry(ls, &update_vgs, list) {
- reply = daemon_send_simple(lvmetad_handle, "vg_lookup",
- "token = %s", "skip",
- "uuid = %s", ls->vg_uuid,
- NULL);
+ reply = send_lvmetad("vg_lookup",
+ "token = %s", "skip",
+ "uuid = %s", ls->vg_uuid,
+ NULL);
if (reply.error || strcmp(daemon_reply_str(reply, "response", ""), "OK")) {
log_error("vg_lookup from lvmetad failed %d", reply.error);
@@ -4884,8 +4913,6 @@ static int get_lockd_vgs(struct list_head *vg_lockd)
if (rv < 0)
break;
}
- pthread_mutex_unlock(&lvmetad_mutex);
- mutex_unlocked = 1;
out:
/* Return lockd VG's on the vg_lockd list. */
@@ -4898,9 +4925,6 @@ out:
free(ls);
}
- if (!mutex_unlocked)
- pthread_mutex_unlock(&lvmetad_mutex);
-
return rv;
}
8 years, 4 months
master - lvrename: move the lvmlockd LV lock
by David Teigland
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=bdba4e7a931f1e...
Commit: bdba4e7a931f1e77f9c7cf6837a6c8b33b35a099
Parent: dcd946e95a80da1b6b2d2285d9a5f41e87cb153d
Author: David Teigland <teigland(a)redhat.com>
AuthorDate: Wed Dec 9 11:51:25 2015 -0600
Committer: David Teigland <teigland(a)redhat.com>
CommitterDate: Wed Dec 9 11:59:49 2015 -0600
lvrename: move the lvmlockd LV lock
The function it was in is used for various
internal renaming of hidden LVs where a lock
from lvmlockd does not apply.
---
lib/metadata/lv_manip.c | 12 ------------
tools/lvrename.c | 12 ++++++++++++
2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/lib/metadata/lv_manip.c b/lib/metadata/lv_manip.c
index 2582ed5..2f37f5b 100644
--- a/lib/metadata/lv_manip.c
+++ b/lib/metadata/lv_manip.c
@@ -4247,18 +4247,6 @@ int lv_rename_update(struct cmd_context *cmd, struct logical_volume *lv,
return 0;
}
- /*
- * The lvmlockd LV lock is only acquired here to ensure the LV is not
- * active on another host. This requests a transient LV lock.
- * If the LV is active, a persistent LV lock already exists in
- * lvmlockd, and the transient lock request does nothing.
- * If the LV is not active, then no LV lock exists and the transient
- * lock request acquires the LV lock (or fails). The transient lock
- * is automatically released when the command exits.
- */
- if (!lockd_lv(cmd, lv, "ex", 0))
- return_0;
-
if (update_mda && !archive(vg))
return_0;
diff --git a/tools/lvrename.c b/tools/lvrename.c
index 18b02d2..217ebdc 100644
--- a/tools/lvrename.c
+++ b/tools/lvrename.c
@@ -46,6 +46,18 @@ static int _lvrename_single(struct cmd_context *cmd, const char *vg_name,
goto bad;
}
+ /*
+ * The lvmlockd LV lock is only acquired here to ensure the LV is not
+ * active on another host. This requests a transient LV lock.
+ * If the LV is active, a persistent LV lock already exists in
+ * lvmlockd, and the transient lock request does nothing.
+ * If the LV is not active, then no LV lock exists and the transient
+ * lock request acquires the LV lock (or fails). The transient lock
+ * is automatically released when the command exits.
+ */
+ if (!lockd_lv(cmd, lvl->lv, "ex", 0))
+ goto_bad;
+
if (!lv_rename(cmd, lvl->lv, lp->lv_name_new))
goto_bad;
8 years, 4 months
master - dmeventd: Don't trust fifo with wrong attrs.
by Alasdair Kergon
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=dcd946e95a80da...
Commit: dcd946e95a80da1b6b2d2285d9a5f41e87cb153d
Parent: 94dab390ef68de3a56b67bce771b48445aa13d09
Author: Alasdair G Kergon <agk(a)redhat.com>
AuthorDate: Tue Dec 8 01:48:17 2015 +0000
Committer: Alasdair G Kergon <agk(a)redhat.com>
CommitterDate: Tue Dec 8 01:48:17 2015 +0000
dmeventd: Don't trust fifo with wrong attrs.
If an existing fifo has the wrong attributes it cannot be trusted
so we must unlink it and recreate it correctly.
(Replaces 2c8d6f5c90d5be62b48ba2881f2a6631091dc5af: if the other end of
the fifo already got opened while its mode was insecure, delaying the
chmod isn't going to make any difference!)
---
daemons/dmeventd/dmeventd.c | 34 +++++++++++++++++++++++++---------
1 files changed, 25 insertions(+), 9 deletions(-)
diff --git a/daemons/dmeventd/dmeventd.c b/daemons/dmeventd/dmeventd.c
index b7fff9a..c093d91 100644
--- a/daemons/dmeventd/dmeventd.c
+++ b/daemons/dmeventd/dmeventd.c
@@ -408,7 +408,7 @@ static struct thread_status *_alloc_thread_status(const struct message_data *dat
if (!(thread->device.uuid = dm_strdup(data->device_uuid)))
goto_out;
- /* Until real name resolved, use UUID */
+ /* Until real name resolved, use UUID */
if (!(thread->device.name = dm_strdup(data->device_uuid)))
goto_out;
@@ -1359,6 +1359,26 @@ static int _open_fifo(const char *path)
{
struct stat st;
int fd = -1;
+
+ /*
+ * FIXME Explicitly verify the code's requirement that path is secure:
+ * - All parent directories owned by root without group/other write access unless sticky.
+ */
+
+ /* If path exists, only use it if it is root-owned fifo mode 0600 */
+ if ((lstat(path, &st) < 0)) {
+ if (errno != ENOENT) {
+ log_sys_error("stat", path);
+ return -1;
+ }
+ } else if (!S_ISFIFO(st.st_mode) || st.st_uid ||
+ (st.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO))) {
+ log_warn("WARNING: %s has wrong attributes: Replacing.", path);
+ if (unlink(path)) {
+ log_sys_error("unlink", path);
+ return -1;
+ }
+ }
/* Create fifo. */
(void) dm_prepare_selinux_context(path, S_IFIFO);
@@ -1382,14 +1402,10 @@ static int _open_fifo(const char *path)
goto fail;
}
- if ((st.st_mode & 0777) != 0600) {
- log_warn("WARNING: Fixing wrong permissions on %s: %s.",
- path, strerror(errno));
-
- if (fchmod(fd, 0600)) {
- log_sys_error("fchmod", path);
- goto fail;
- }
+ if (!S_ISFIFO(st.st_mode) || st.st_uid ||
+ (st.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO))) {
+ log_error("%s: fifo has incorrect attributes", path);
+ goto fail;
}
if (fcntl(fd, F_SETFD, FD_CLOEXEC)) {
8 years, 4 months
master - dmeventd: Extend checks on client socket.
by Alasdair Kergon
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=94dab390ef68de...
Commit: 94dab390ef68de3a56b67bce771b48445aa13d09
Parent: 00bab9d9cd8581e905634658a6cda33d998b1b85
Author: Alasdair G Kergon <agk(a)redhat.com>
AuthorDate: Tue Dec 8 00:54:32 2015 +0000
Committer: Alasdair G Kergon <agk(a)redhat.com>
CommitterDate: Tue Dec 8 00:59:39 2015 +0000
dmeventd: Extend checks on client socket.
Reinstate and extend checks removed by e1b111b02accb4145b82b8b47ce57ed93b1a7184.
The code has always assumed that only root has access to the directory
containing the fifos and that they are under the complete control of
dmeventd code. If anything is found not to be as expected, then open()
should certainly not be attempted!
---
WHATS_NEW_DM | 1 +
daemons/dmeventd/libdevmapper-event.c | 35 +++++++++++++++++++++++++++++++-
2 files changed, 34 insertions(+), 2 deletions(-)
diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index 9dd51aa..f6e9d2a 100644
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,5 +1,6 @@
Version 1.02.114 -
====================================
+ Extend validity checks on dmeventd client socket.
Version 1.02.113 - 5th December 2015
====================================
diff --git a/daemons/dmeventd/libdevmapper-event.c b/daemons/dmeventd/libdevmapper-event.c
index f1441f5..b49af45 100644
--- a/daemons/dmeventd/libdevmapper-event.c
+++ b/daemons/dmeventd/libdevmapper-event.c
@@ -412,12 +412,41 @@ static int _start_daemon(char *dmeventd_path, struct dm_event_fifos *fifos)
char default_dmeventd_path[] = DMEVENTD_PATH;
char *args[] = { dmeventd_path ? : default_dmeventd_path, NULL };
+ /*
+ * FIXME Explicitly verify the code's requirement that client_path is secure:
+ * - All parent directories owned by root without group/other write access unless sticky.
+ */
+
+ /* If client fifo path exists, only use it if it is root-owned fifo mode 0600 */
+ if ((lstat(fifos->client_path, &statbuf) < 0)) {
+ if (errno == ENOENT)
+ /* Jump ahead if fifo does not already exist. */
+ goto start_server;
+ else {
+ log_sys_error("stat", fifos->client_path);
+ return 0;
+ }
+ } else if (!S_ISFIFO(statbuf.st_mode)) {
+ log_error("%s must be a fifo.", fifos->client_path);
+ return 0;
+ } else if (statbuf.st_uid) {
+ log_error("%s must be owned by uid 0.", fifos->client_path);
+ return 0;
+ } else if (statbuf.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO)) {
+ log_error("%s must have mode 0600.", fifos->client_path);
+ return 0;
+ }
+
/* Anyone listening? If not, errno will be ENXIO */
fifos->client = open(fifos->client_path, O_WRONLY | O_NONBLOCK);
if (fifos->client >= 0) {
+ /* Should never happen if all the above checks passed. */
if ((fstat(fifos->client, &statbuf) < 0) ||
- !S_ISFIFO(statbuf.st_mode)) {
- log_error("%s is not a fifo.", fifos->client_path);
+ !S_ISFIFO(statbuf.st_mode) || statbuf.st_uid ||
+ (statbuf.st_mode & (S_IEXEC | S_IRWXG | S_IRWXO))) {
+ log_error("%s is no longer a secure root-owned fifo with mode 0600.", fifos->client_path);
+ if (close(fifos->client))
+ log_sys_debug("close", fifos->client_path);
return 0;
}
@@ -431,6 +460,7 @@ static int _start_daemon(char *dmeventd_path, struct dm_event_fifos *fifos)
return 0;
}
+start_server:
/* server is not running */
if ((args[0][0] == '/') && stat(args[0], &statbuf)) {
@@ -724,6 +754,7 @@ int dm_event_get_registered_device(struct dm_event_handler *dmevh, int next)
uuid = dm_task_get_uuid(dmt);
+ /* FIXME Distinguish errors connecting to daemon */
if (_do_event(next ? DM_EVENT_CMD_GET_NEXT_REGISTERED_DEVICE :
DM_EVENT_CMD_GET_REGISTERED_DEVICE, dmevh->dmeventd_path,
&msg, dmevh->dso, uuid, dmevh->mask, 0)) {
8 years, 4 months
v2_02_137 annotated tag has been created
by Alasdair Kergon
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=2d1f7849b5a902...
Commit: 2d1f7849b5a902c7809b7ffcc1e16ef1e0138e08
Parent: 0000000000000000000000000000000000000000
Author: Alasdair G Kergon <agk(a)redhat.com>
AuthorDate: 2015-12-05 15:33 +0000
Committer: Alasdair G Kergon <agk(a)redhat.com>
CommitterDate: 2015-12-05 15:33 +0000
annotated tag: v2_02_137 has been created
at 2d1f7849b5a902c7809b7ffcc1e16ef1e0138e08 (tag)
tagging 063b353b286652d5ccc692cf636824b9b3270fe9 (commit)
replaces v2_02_136
Release 2.02.137.
Another development release.
49 files changed, 1263 insertions(+), 637 deletions(-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEABECAAYFAlZjA/oACgkQIoGRwVZ+LBdEcwCfaNhyqTQ7t6dFc31yoGhJ+z1F
vZ0AoLwTPSJE49GhLhIUQPGTAI6f04/x
=kXAy
-----END PGP SIGNATURE-----
Alasdair G Kergon (5):
post-release
lvconvert: Improve message for raid without -m.
lvconvert: Reinstate mirror to raid conversions.
lvconvert: Reinstate raid merge after splitmirror.
pre-release
David Teigland (16):
lvmetad: include both vgid and vgname in lookup request
lvmcache: include system_id in vginfo cache
system_id: refactor check for allowed system_id
lvmcache: new function to check if VG is foreign
process_each: always use list of vgnames on system
process_each: resolve duplicate VG names
toollib: remove unused function
vg_read: look up vgid from name
lvmcache: change duplicate VG name warnings to verbose
vgextend: pass single vgname as process_each_vg arg
lvcreate: use process_each_vg
lvrename: use process_each_vg
lvresize: use process_each_vg
toollib: allow VG UUID to be used in place of VG name
toollib: only interpret vgname arg as uuid for vgrename
man lvm: add section about unique VG names
Zdenek Kabelac (16):
libdm: introduce dm_get_status_mirror
tests: unit test for mirror status
lib: pass mem pool to check_transient_status
cleanup: use dm_get_status_mirror
mirror: fix condition
uuid: add id_read_format_try
cleanup: use try_id_read_format
log: use full buffer size for printf
archiver: inital change toward proper logging
cleanup: drop log_suppress(2) usage
vgextend: reinstantiate archiving
tests: check read-only backup archive
libdm: add some doc for mirror status
debug: correct stack tracing
archiver: fix reporting for check_current_backup
tests: extend test
8 years, 4 months
master - post-release
by Alasdair Kergon
Gitweb: http://git.fedorahosted.org/git/?p=lvm2.git;a=commitdiff;h=00bab9d9cd8581...
Commit: 00bab9d9cd8581e905634658a6cda33d998b1b85
Parent: 063b353b286652d5ccc692cf636824b9b3270fe9
Author: Alasdair G Kergon <agk(a)redhat.com>
AuthorDate: Sat Dec 5 15:36:22 2015 +0000
Committer: Alasdair G Kergon <agk(a)redhat.com>
CommitterDate: Sat Dec 5 15:36:22 2015 +0000
post-release
---
VERSION | 2 +-
VERSION_DM | 2 +-
WHATS_NEW | 3 +++
WHATS_NEW_DM | 3 +++
4 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/VERSION b/VERSION
index a504b04..3216252 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.02.137(2)-git (2015-12-05)
+2.02.138(2)-git (2015-12-05)
diff --git a/VERSION_DM b/VERSION_DM
index 27520ef..d28d68b 100644
--- a/VERSION_DM
+++ b/VERSION_DM
@@ -1 +1 @@
-1.02.113-git (2015-12-05)
+1.02.114-git (2015-12-05)
diff --git a/WHATS_NEW b/WHATS_NEW
index 95839a2..3bc9397 100644
--- a/WHATS_NEW
+++ b/WHATS_NEW
@@ -1,3 +1,6 @@
+Version 2.02.138 -
+====================================
+
Version 2.02.137 - 5th December 2015
====================================
Restore archiving before changing metadata in vgextend (2.02.117).
diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index 4b119af..9dd51aa 100644
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,3 +1,6 @@
+Version 1.02.114 -
+====================================
+
Version 1.02.113 - 5th December 2015
====================================
Mirror plugin in dmeventd uses dm_get_status_mirror().
8 years, 4 months