This file is indexed.

/usr/lib/drbd/stonith_admin-fence-peer.sh is in drbd-utils 8.9.6-1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/bin/sh
#
# DRBD fence-peer handler for Pacemaker 1.1 clusters
# (via stonith-ng).
#
# Requires that the cluster is running with STONITH
# enabled, and has configured and functional STONITH
# agents.
#
# Also requires that the DRBD disk fencing policy
# is at least "resource-only", but "resource-and-stonith"
# is more likely to be useful as most people will
# use this in dual-Primary configurations.
#
# Returns 7 on on success (DRBD fence-peer exit code
# for "yes, I've managed to fence this node").
# Returns 1 on any error (undefined generic error code,
# causes DRBD devices with the "resource-and-stonith"
# fencing policy to remain suspended).

log() {
  local msg
  msg="$1"
  logger -i -t "`basename $0`" -s "$msg"
}

die() { log "$*"; exit 1; }

die_unless_all_minors_up_to_date()
{
	set -- $DRBD_MINOR
	local n_minors=$#

	[ $n_minors != 0 ] ||
		die "Resource minor numbers unknown! Unable to proceed."

	# and build a "grep extended regex"
	local _OLDIFS=$IFS
	IFS="|"
	local minor_regex="^ *($*): cs:"
	IFS=$_OLDIFS

	# grep -c -Ee '^ *(m|i|n|o|r|s): cs:.* ds:UpToDate' /proc/drbd
	local proc_drbd=$(cat /proc/drbd)
	local minors_of_resource=$(echo "$proc_drbd" | grep -E -e "$minor_regex")
	local n_up_to_date=$(echo "$minors_of_resource" | grep -c -e "ds:UpToDate")

	log "n_minors: $n_minors; n_up_to_date: $n_up_to_date"
	[ "$n_up_to_date" = "$n_minors" ] ||
		die "$DRBD_RESOURCE(minor $DRBD_MINOR): some minor is not UpToDate, will not fence peer."
}

[ -n "$DRBD_PEERS" ] || die "DRBD_PEERS is empty or unset, cannot continue."
die_unless_all_minors_up_to_date

for p in $DRBD_PEERS; do
  stonith_admin --tolerance 5s --tag drbd --fence $p
  rc=$?
  if [ $rc -eq 0 ]; then
    log "stonith_admin successfully fenced peer $p."
  else
    die "Failed to fence peer $p. stonith_admin returned $rc."
  fi
done

exit 7