/usr/lib/stonith/plugins/external/kdumpcheck is in cluster-glue 1.0.12-5.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 | #!/bin/sh
#
# External STONITH module to check kdump.
#
# Copyright (c) 2008 NIPPON TELEGRAPH AND TELEPHONE CORPORATION
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of version 2 of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Further, this software is distributed without any warranty that it is
# free of the rightful claim of any third person regarding infringement
# or the like. Any license provided herein, whether implied or
# otherwise, applies only to this software file. Patent licenses, if
# any, provided herein do not apply to combinations of this program with
# other software, or any other product whatsoever.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307, USA.
#
SSH_COMMAND="/usr/bin/ssh -q -x -o PasswordAuthentication=no -o StrictHostKeyChecking=no -n"
#Set default user name.
USERNAME="kdumpchecker"
#Initialize identity file-path options for ssh command
IDENTITY_OPTS=""
#Rewrite the hostlist to accept "," as a delimeter for hostnames too.
hostlist=`echo ${hostlist} | tr ',' ' '`
##
# Check the parameter hostlist is set or not.
# If not, exit with 6 (ERR_CONFIGURED).
##
check_hostlist() {
if [ -z "${hostlist}" ]; then
ha_log.sh err "hostlist is empty"
exit 6 #ERR_CONFIGURED
fi
}
##
# Set kdump check user name to USERNAME.
# always return 0.
##
get_username() {
kdump_conf="/etc/kdump.conf"
if [ ! -f "${kdump_conf}" ]; then
ha_log.sh debug "${kdump_conf} doesn't exist"
return 0
fi
tmp=""
while read config_opt config_val; do
if [ "${config_opt}" = "kdump_check_user" ]; then
tmp="${config_val}"
fi
done < "${kdump_conf}"
if [ -n "${tmp}" ]; then
USERNAME="${tmp}"
fi
ha_log.sh debug "kdump check user name is ${USERNAME}."
}
##
# Check the specified or default identity file exists or not.
# If not, exit with 6 (ERR_CONFIGURED).
##
check_identity_file() {
IDENTITY_OPTS=""
if [ -n "${identity_file}" ]; then
if [ ! -f "${identity_file}" ]; then
ha_log.sh err "${identity_file} doesn't exist."
exit 6 #ERR_CONFIGURED
fi
IDENTITY_OPTS="-i ${identity_file}"
else
flg_file_exists=0
homedir=`eval echo "~${USERNAME}"`
for filename in "${homedir}/.ssh/id_rsa" \
"${homedir}/.ssh/id_dsa" \
"${homedir}/.ssh/identity"
do
if [ -f "${filename}" ]; then
flg_file_exists=1
IDENTITY_OPTS="${IDENTITY_OPTS} -i ${filename}"
fi
done
if [ ${flg_file_exists} -eq 0 ]; then
ha_log.sh err "${USERNAME}'s identity file for ssh command" \
" doesn't exist."
exit 6 #ERR_CONFIGURED
fi
fi
}
##
# Check the user to check doing kdump exists or not.
# If not, exit with 6 (ERR_CONFIGURED).
##
check_user_existence() {
# Get kdump check user name and check whether he exists or not.
grep -q "^${USERNAME}:" /etc/passwd > /dev/null 2>&1
ret=$?
if [ ${ret} != 0 ]; then
ha_log.sh err "user ${USERNAME} doesn't exist." \
"please confirm \"kdump_check_user\" setting in /etc/kdump.conf." \
"(default user name is \"kdumpchecker\")"
exit 6 #ERR_CONFIGURED
fi
}
##
# Check the target node is kdumping or not.
# arg1 : target node name.
# ret : 0 -> the target is kdumping.
# : 1 -> the target is _not_ kdumping.
# : else -> failed to check.
##
check_kdump() {
target_node="$1"
# Get kdump check user name.
get_username
check_user_existence
exec_cmd="${SSH_COMMAND} -l ${USERNAME}"
# Specify kdump check user's identity file for ssh command.
check_identity_file
exec_cmd="${exec_cmd} ${IDENTITY_OPTS}"
# Now, check the target!
# In advance, Write the following setting at the head of
# kdump_check_user's public key in authorized_keys file on target node.
# command="test -s /proc/vmcore", \
# no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty
ha_log.sh debug "execute the command [${exec_cmd} ${target_node}]."
${exec_cmd} ${target_node} > /dev/null 2>&1
ret=$?
ha_log.sh debug "the command's result is ${ret}."
#ret -> 0 : vmcore file's size is not zero. the node is kdumping.
#ret -> 1 : the node is _not_ kdumping (vmcore didn't exist or
# its size is zero). It still needs to be STONITH'ed.
#ret -> 255 : ssh command is failed.
# else : Maybe command strings in authorized_keys is wrong...
return ${ret}
}
###
#
# Main function.
#
###
case $1 in
gethosts)
check_hostlist
for hostname in ${hostlist} ; do
echo "${hostname}"
done
exit 0
;;
on)
# This plugin does only check whether a target node is kdumping or not.
exit 1
;;
reset|off)
check_hostlist
ret=1
h_target=`echo $2 | tr A-Z a-z`
for hostname in ${hostlist}
do
hostname=`echo $hostname | tr A-Z a-z`
if [ "${hostname}" != "$h_target" ]; then
continue
fi
while [ 1 ]
do
check_kdump "$2"
ret=$?
if [ ${ret} -ne 255 ]; then
exit ${ret}
fi
#255 means ssh command itself is failed.
#For example, connection failure as if network doesn't start yet
#in 2nd kernel on the target node.
#So, retry to check after a little while.
sleep 1
done
done
exit ${ret}
;;
status)
check_hostlist
for hostname in ${hostlist}
do
if ping -w1 -c1 "${hostname}" 2>&1 | grep "unknown host"
then
exit 1
fi
done
get_username
check_user_existence
check_identity_file
exit 0
;;
getconfignames)
echo "hostlist identity_file"
exit 0
;;
getinfo-devid)
echo "kdump check STONITH device"
exit 0
;;
getinfo-devname)
echo "kdump check STONITH external device"
exit 0
;;
getinfo-devdescr)
echo "ssh-based kdump checker"
echo "To check whether a target node is dumping or not."
exit 0
;;
getinfo-devurl)
echo "kdump -> http://lse.sourceforge.net/kdump/"
echo "ssh -> http://openssh.org"
exit 0
;;
getinfo-xml)
cat << SSHXML
<parameters>
<parameter name="hostlist" unique="1" required="1">
<content type="string" />
<shortdesc lang="en">
Hostlist
</shortdesc>
<longdesc lang="en">
The list of hosts that the STONITH device controls
</longdesc>
</parameter>
<parameter name="identity_file" unique="1" required="0">
<content type="string" />
<shortdesc lang="en">
Identity file's full path for kdump check user
</shortdesc>
<longdesc lang="en">
The full path of kdump check user's identity file for ssh command.
The identity in the specified file have to be restricted to execute
only the following command.
"test -s /proc/vmcore"
Default: kdump check user's default identity file path.
NOTE: You can specify kdump check user name in /etc/kdump.conf.
The parameter name is "kdump_check_user".
Default user is "kdumpchecker".
</longdesc>
</parameter>
</parameters>
SSHXML
exit 0
;;
*)
exit 1
;;
esac
|