History log of /freebsd/sbin/hastd/secondary.c (Results 51 – 75 of 98)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# aa27d9ef 21-May-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Recognize HIO_FLUSH requests.

MFC after: 1 week


# c02f1527 14-May-2011 Attilio Rao <attilio@FreeBSD.org>

MFC


# 0cddb12f 14-May-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Currently we are unable to use capsicum for the primary worker process,
because we need to do ioctl(2)s, which are not permitted in the capability
mode. What we do now is to chroot(2) to /var/empty,

Currently we are unable to use capsicum for the primary worker process,
because we need to do ioctl(2)s, which are not permitted in the capability
mode. What we do now is to chroot(2) to /var/empty, which restricts access
to file system name space and we drop privileges to hast user and hast
group.

This still allows to access to other name spaces, like list of processes,
network and sysvipc.

To address that, use jail(2) instead of chroot(2). Using jail(2) will restrict
access to process table, network (we use ip-less jails) and sysvipc (if
security.jail.sysvipc_allowed is turned off). This provides much better
separation.

MFC after: 1 week

show more ...


# 06cbf549 19-Apr-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Scenario:
- We have two nodes connected and synchronized (local counters on both sides
are 0).
- We take secondary down and recreate it.
- Primary connects to it and starts synchronization (but loc

Scenario:
- We have two nodes connected and synchronized (local counters on both sides
are 0).
- We take secondary down and recreate it.
- Primary connects to it and starts synchronization (but local counters are
still 0).
- We switch the roles.
- Synchronization restarts but data is synchronized now from new primary
(because local counters are 0) that doesn't have new data yet.

This fix this issue we bump local counter on primary when we discover that
connected secondary was recreated and has no data yet.

Reported by: trociny
Discussed with: trociny
Tested by: trociny
MFC after: 1 week

show more ...


# 02dfe972 02-Apr-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Declare directions for sockets between primary and secondary.
In HAST we use two sockets - one for only sending the data and one for only
receiving the data.

MFC after: 1 month


# 54987cac 25-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Add mapsize to the header just before sending the packet.
Before it could change later and we were sending invalid mapsize.
Some time ago I added optimization where when nodes are connected for the
f

Add mapsize to the header just before sending the packet.
Before it could change later and we were sending invalid mapsize.
Some time ago I added optimization where when nodes are connected for the
first time and there were no writes to them yet, there is no initial full
synchronization. This bug prevented it from working.

MFC after: 1 week

show more ...


# 643080b7 25-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Use role2str() when setting process title.

MFC after: 1 week


# 640b7ee6 23-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Don't create socketpair for connection forwarding between parent and secondary.
Secondary doesn't need to connect anywhere.

MFC after: 1 week


# cd72d521 22-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

White space cleanups.

MFC after: 1 week


# 4d8dc3b8 21-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

When dropping privileges prefer capsicum over chroot+setgid+setuid.
We can use capsicum for secondary worker processes and hastctl.
When working as primary we drop privileges using chroot+setgid+setu

When dropping privileges prefer capsicum over chroot+setgid+setuid.
We can use capsicum for secondary worker processes and hastctl.
When working as primary we drop privileges using chroot+setgid+setuid
still as we need to send ioctl(2)s to ggate device, for which capsicum
doesn't allow (yet).

X-MFC after: capsicum is merged to stable/8

show more ...


# 756cb154 21-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Fix typo.

MFC after: 1 week


# e208a185 21-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Be pedantic and free nvout before exiting.

MFC after: 1 week


# 38ea70ca 21-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Detect situation where resource internal identifier differs.
This means that both nodes have separately managed resources that don't
have the same data.

MFC after: 1 week


# 0b626a28 21-Mar-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

In hast.conf we define the other node's address in 'remote' variable.
This way we know how to connect to secondary node when we are primary.
The same variable is used by the secondary node - it only

In hast.conf we define the other node's address in 'remote' variable.
This way we know how to connect to secondary node when we are primary.
The same variable is used by the secondary node - it only accepts
connections from the address stored in 'remote' variable.
In cluster configurations it is common that each node has its individual
IP address and there is one addtional shared IP address which is assigned
to primary node. It seems it is possible that if the shared IP address is
from the same network as the individual IP address it might be choosen by
the kernel as a source address for connection with the secondary node.
Such connection will be rejected by secondary, as it doesn't come from
primary node individual IP.

Add 'source' variable that allows to specify source IP address we want to
bind to before connecting to the secondary node.

MFC after: 1 week

show more ...


# 8d7dcf14 17-Mar-2011 Mikolaj Golub <trociny@FreeBSD.org>

For secondary, set 2 * HAST_KEEPALIVE seconds timeout for incoming
connection so the worker will exit if it does not receive packets from
the primary during this interval.

Reported by: Christian Vog

For secondary, set 2 * HAST_KEEPALIVE seconds timeout for incoming
connection so the worker will exit if it does not receive packets from
the primary during this interval.

Reported by: Christian Vogt <Christian.Vogt@haw-hamburg.de>
Tested by: Christian Vogt <Christian.Vogt@haw-hamburg.de>
Approved by: pjd (mentor)
MFC after: 1 week

show more ...


# bc7a916a 11-Mar-2011 Mikolaj Golub <trociny@FreeBSD.org>

Make workers inherit debug level from the main process.

Approved by: pjd (mentor)
MFC after: 1 week


Revision tags: release/7.4.0_cvs, release/8.2.0_cvs, release/7.4.0, release/8.2.0
# 32ecf620 03-Feb-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Setup another socketpair between parent and child, so that primary sandboxed
worker can ask the main privileged process to connect in worker's behalf
and then we can migrate descriptor using this soc

Setup another socketpair between parent and child, so that primary sandboxed
worker can ask the main privileged process to connect in worker's behalf
and then we can migrate descriptor using this socketpair to worker.
This is not really needed now, but will be needed once we start to use
capsicum for sandboxing.

MFC after: 1 week

show more ...


# f4c96f94 03-Feb-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Let the caller log info about successful privilege drop.
We don't want to log this in hastctl.

MFC after: 1 week


# 2ec483c5 31-Jan-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

- Use pjdlog for assertions and aborts as this will log assert/abort message
to syslog if we run in background.
- Asserts in proto.c that method we want to call is implemented and remove
dummy me

- Use pjdlog for assertions and aborts as this will log assert/abort message
to syslog if we run in background.
- Asserts in proto.c that method we want to call is implemented and remove
dummy methods from protocols implementation that are only there to abort
the program with nice message.

MFC after: 1 week

show more ...


# 6d7967de 28-Jan-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Drop privileges in worker processes.

Accepting connections and handshaking in secondary is still done before
dropping privileges. It should be implemented by only accepting connections in
privileged

Drop privileges in worker processes.

Accepting connections and handshaking in secondary is still done before
dropping privileges. It should be implemented by only accepting connections in
privileged main process and passing connection descriptors to the worker, but
is not implemented yet.

MFC after: 1 week

show more ...


# f463896e 28-Jan-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Use newly added descriptors_assert() function to ensure only expected
descriptors are open.

MFC after: 1 week


# da1783ea 28-Jan-2011 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Close all unneeded descriptors after fork(2).

MFC after: 1 week


# 51297f7d 25-Oct-2010 Dimitry Andric <dim@FreeBSD.org>

Sync: merge r214221 through r214352 from ^/head.


# ce837469 24-Oct-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Before this change on first connect between primary and secondary we
initialize all the data. This is huge waste of time and resources if
there were no writes yet, as there is no real data to synchro

Before this change on first connect between primary and secondary we
initialize all the data. This is huge waste of time and resources if
there were no writes yet, as there is no real data to synchronize.

Optimize this by sending "virgin" argument to secondary, which gives it a hint
that synchronization is not needed.

In the common case (where noth nodes are configured at the same time) instead
of synchronizing everything, we don't synchronize at all.

MFC after: 1 week

show more ...


# 1f39b279 24-Oct-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org>

Simplify code a bit.

MFC after: 3 days


1234