/usr/share/pcsd/config.rb is in pcs 0.9.149-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 | require 'json'
require 'orderedhash'
require 'cluster.rb'
require 'permissions.rb'
class PCSConfig
CURRENT_FORMAT = 2
attr_accessor :clusters, :permissions_local, :format_version, :data_version
def initialize(cfg_text)
@format_version = 0
@data_version = 0
@clusters = []
@permissions_local = Permissions::PermissionsSet.new([])
input_clusters = []
input_permissions = {}
begin
json = JSON.parse(cfg_text)
if not(json.is_a?(Hash) and json.key?("format_version"))
@format_version = 1
else
@format_version = json["format_version"]
end
if @format_version > CURRENT_FORMAT
$logger.warn(
"pcs_settings file format version is #{@format_version}" +
", newest fully supported version is #{CURRENT_FORMAT}"
)
end
if @format_version >= 2
@data_version = json["data_version"] || 0
input_clusters = json["clusters"] || []
input_permissions = json['permissions'] || {}
elsif @format_version == 1
input_clusters = json
# backward compatibility code start
# Old pcsd without permission support was using format_version == 1.
# All members of 'haclient' group had unrestricted access.
# We give them access to most functions except reading tokens and keys,
# they also won't be able to add and remove nodes because of that.
input_permissions = {
'local_cluster' => [
{
'type' => Permissions::TYPE_GROUP,
'name' => ADMIN_GROUP,
'allow' => [
Permissions::READ,
Permissions::WRITE,
Permissions::GRANT,
]
},
],
}
# backward compatibility code end
else
$logger.error("Unable to parse pcs_settings file")
end
rescue => e
$logger.error("Unable to parse pcs_settings file: #{e}")
end
input_clusters.each {|c|
@clusters << Cluster.new(c["name"], c["nodes"])
}
if input_permissions.key?('local_cluster')
perm_list = []
input_permissions['local_cluster'].each { |perm|
perm_list << Permissions::EntityPermissions.new(
perm['type'], perm['name'], perm['allow']
)
}
@permissions_local = Permissions::PermissionsSet.new(perm_list)
end
end
def update_cluster(cluster_name, node_list)
if node_list.length == 0
@clusters.delete_if{|c|c.name == cluster_name}
$logger.info("Removing cluster from pcs_settings: #{cluster_name}")
return
end
@clusters.each {|c|
if c.name == cluster_name
c.nodes = node_list
break
end
}
end
def text()
out_hash = OrderedHash.new
out_hash['format_version'] = CURRENT_FORMAT
out_hash['data_version'] = @data_version
out_hash['clusters'] = []
out_hash['permissions'] = OrderedHash.new
out_hash['permissions']['local_cluster'] = []
@clusters.each { |c|
c_hash = OrderedHash.new
c_hash['name'] = c.name
c_hash['nodes'] = c.nodes.uniq.sort
out_hash['clusters'] << c_hash
}
out_hash['permissions']['local_cluster'] = @permissions_local.to_hash()
return JSON.pretty_generate(out_hash)
end
def remove_cluster(cluster_name)
@clusters.delete_if { |c| c.name == cluster_name }
end
def is_cluster_name_in_use(cname)
@clusters.each {|c|
if c.name == cname
return true
end
}
return false
end
def is_node_in_use(nodename)
@clusters.each {|c|
c.nodes.each {|n|
return true if n == nodename
}
}
return false
end
def get_nodes(clustername)
@clusters.each {|c|
if c.name == clustername
return c.nodes
end
}
return nil
end
def cluster_nodes_equal?(cluster_name, nodes)
my_nodes = get_nodes(cluster_name) || []
nodes = nodes || []
return my_nodes.sort.uniq == nodes.sort.uniq
end
end
class PCSTokens
CURRENT_FORMAT = 2
attr_accessor :tokens, :format_version, :data_version
def initialize(cfg_text)
@format_version = 0
@data_version = 0
@tokens = {}
begin
json = JSON.parse(cfg_text)
if not(json.is_a?(Hash) and json.key?('format_version') and json.key?('tokens'))
@format_version = 1
else
@format_version = json['format_version']
end
if @format_version > CURRENT_FORMAT
$logger.warn(
"tokens file format version is #{@format_version}" +
", newest fully supported version is #{CURRENT_FORMAT}"
)
end
if @format_version >= 2
@data_version = json['data_version'] || 0
@tokens = json['tokens'] || {}
elsif @format_version == 1
@tokens = json
else
$logger.error('Unable to parse tokens file')
end
rescue => e
$logger.error("Unable to parse tokens file: #{e}")
end
end
def text()
tokens_hash = OrderedHash.new
@tokens.keys.sort.each { |key| tokens_hash[key] = @tokens[key] }
out_hash = OrderedHash.new
out_hash['format_version'] = CURRENT_FORMAT
out_hash['data_version'] = @data_version
out_hash['tokens'] = tokens_hash
return JSON.pretty_generate(out_hash)
end
end
|