Qdevice: Handle /var/run on tmpfs

Signed-off-by: Jan Friesse <jfriesse@redhat.com>

conf/Makefile.am

@@ -70,4 +70,4 @@ dbusdir			= $(sysconfdir)/dbus-1/system.d
 dbus_DATA		= corosync-signals.conf
 endif
 
-SUBDIRS = logrotate
+SUBDIRS = logrotate tmpfiles.d

conf/tmpfiles.d/Makefile.am

@@ -0,0 +1,42 @@
+# Copyright (c) 2016 Red Hat, Inc.
+#
+# Authors:Jan Friesse (jfriesse@redhat.com)
+#
+# This software licensed under BSD license, the text of which follows:
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# - Redistributions of source code must retain the above copyright notice,
+#   this list of conditions and the following disclaimer.
+# - Redistributions in binary form must reproduce the above copyright notice,
+#   this list of conditions and the following disclaimer in the documentation
+#   and/or other materials provided with the distribution.
+# - Neither the name of the MontaVista Software, Inc. nor the names of its
+#   contributors may be used to endorse or promote products derived from this
+#   software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+# THE POSSIBILITY OF SUCH DAMAGE.
+
+MAINTAINERCLEANFILES    = Makefile.in
+
+EXTRA_DIST		= corosync-qnetd.conf
+
+tmpfilesdirdir		= ${TMPFILESDIR}
+tmpfilesdir_DATA	=
+
+if BUILD_QNETD
+if INSTALL_SYSTEMD
+tmpfilesdir_DATA	+= corosync-qnetd.conf
+endif
+endif

conf/tmpfiles.d/corosync-qnetd.conf

@@ -0,0 +1 @@
+d /var/run/corosync-qnetd 0770 root root -

configure.ac

@@ -204,7 +204,8 @@ AC_CONFIG_FILES([Makefile
 		 conf/Makefile
 		 qdevices/Makefile
 		 Doxyfile
-		 conf/logrotate/Makefile])
+		 conf/logrotate/Makefile
+		 conf/tmpfiles.d/Makefile])
 
 ### Local business
 
@@ -393,6 +394,11 @@ AC_ARG_WITH([logrotatedir],
 	[ LOGROTATEDIR="$withval" ],
 	[ LOGROTATEDIR="$sysconfdir/logrotate.d" ])
 
+AC_ARG_WITH([tmpfilesdir],
+	[  --with-tmpfilesdir=DIR   : path to tmpfiles.d configuration files directory. ],
+	[ TMPFILESDIR="$withval" ],
+	[ TMPFILESDIR="/lib/tmpfiles.d" ])
+
 AC_ARG_ENABLE([snmp],
 	[  --enable-snmp                   : SNMP protocol support ],
 	[ default="no" ])
@@ -707,6 +713,7 @@ INITWRAPPERSDIR=$(eval echo ${INITWRAPPERSDIR})
 AC_SUBST([INITWRAPPERSDIR])
 AC_SUBST([LOGDIR])
 AC_SUBST([LOGROTATEDIR])
+AC_SUBST([TMPFILESDIR])
 
 AC_SUBST([SOMAJOR])
 AC_SUBST([SOMINOR])
@@ -749,6 +756,7 @@ AC_MSG_RESULT([  System init.d directory  = ${INITDDIR}])
 AC_MSG_RESULT([  System systemd directory = ${SYSTEMDDIR}])
 AC_MSG_RESULT([  System upstart directory = ${UPSTARTDIR}])
 AC_MSG_RESULT([  System init wraps dir    = ${INITWRAPPERSDIR}])
+AC_MSG_RESULT([  System tmpfiles.d        = ${TMPFILESDIR}])
 AC_MSG_RESULT([  Log directory            = ${LOGDIR}])
 AC_MSG_RESULT([  Log rotate directory     = ${LOGROTATEDIR}])
 AC_MSG_RESULT([  corosync config dir      = ${COROSYSCONFDIR}])

corosync.spec.in

@@ -126,7 +126,8 @@ export rdmacm_LIBS=-lrdmacm \
 %endif
 	--with-initddir=%{_initrddir} \
 	--with-systemddir=%{_unitdir} \
-	--with-upstartdir=%{_sysconfdir}/init
+	--with-upstartdir=%{_sysconfdir}/init \
+	--with-tmpfilesdir=%{_tmpfilesdir}
 
 make %{_smp_mflags}
 
@@ -167,6 +168,8 @@ install -m 644 init/corosync-qnetd.sysconfig.example \
 %if %{with systemd}
 sed -i -e 's/^#User=/User=/' \
    %{buildroot}%{_unitdir}/corosync-qnetd.service
+sed -i -e 's/root/coroqnetd/g' \
+   %{buildroot}%{_tmpfilesdir}/corosync-qnetd.conf
 %else
 sed -i -e 's/^COROSYNC_QNETD_RUNAS=""$/COROSYNC_QNETD_RUNAS="coroqnetd"/' \
    %{buildroot}%{_sysconfdir}/sysconfig/corosync-qnetd
@@ -424,7 +427,7 @@ fi
 %else
 %{_initrddir}/corosync-qdevice
 %endif
-
+%{_mandir}/man8/corosync-qdevice-tool.8*
 %endif
 
 # optional qnetd
@@ -489,10 +492,12 @@ fi
 %{_unitdir}/corosync-qnetd.service
 %dir %{_datadir}/corosync
 %{_datadir}/corosync/corosync-qnetd
+%{_tmpfilesdir}/corosync-qnetd.conf
 %else
 %{_initrddir}/corosync-qnetd
 %endif
-
+%{_mandir}/man8/corosync-qnetd-tool.8*
+%{_mandir}/man8/corosync-qnetd-certutil.8*
 %endif
 
 %changelog

init/corosync-qdevice.in

@@ -90,7 +90,10 @@ start()
 	# to avoid to clean it up on every boot.
 	# they also assume that init scripts will create
 	# required subdirectories for proper operations
-	mkdir -p @LOCALSTATEDIR@/run
+	if [ ! -d "@LOCALSTATEDIR@/run/corosync-qdevice" ];then
+		mkdir -p "@LOCALSTATEDIR@/run/corosync-qdevice"
+		chmod 0770 "@LOCALSTATEDIR@/run/corosync-qdevice"
+	fi
 
 	if status $prog > /dev/null 2>&1; then
 		success

init/corosync-qnetd.in

@@ -90,7 +90,13 @@ start()
 	# to avoid to clean it up on every boot.
 	# they also assume that init scripts will create
 	# required subdirectories for proper operations
-	mkdir -p @LOCALSTATEDIR@/run
+	if [ ! -d "@LOCALSTATEDIR@/run/corosync-qnetd" ];then
+		mkdir -p "@LOCALSTATEDIR@/run/corosync-qnetd"
+		chmod 0770 "@LOCALSTATEDIR@/run/corosync-qnetd"
+		if [ ! -z "$COROSYNC_QNETD_RUNAS" ];then
+			chown "$COROSYNC_QNETD_RUNAS:$COROSYNC_QNETD_RUNAS" "@LOCALSTATEDIR@/run/corosync-qnetd"
+		fi
+	fi
 
 	if status $prog > /dev/null 2>&1; then
 		success

man/Makefile.am

@@ -147,6 +147,10 @@ dist_man_MANS		+= corosync-qnetd-tool.8 \
                            corosync-qnetd-certutil.8
 endif
 
+if BUILD_QDEVICES
+dist_man_MANS		+= corosync-qdevice-tool.8
+endif
+
 HTML_DOCS 		= $(dist_man_MANS:%=%.html) $(man_MANS:%=%.html)
 
 # developer man page generation

qdevices/corosync-qdevice-net-certutil.sh

@@ -94,7 +94,7 @@ create_new_noise_file() {
         (ps -elf; date; w) | sha1sum | (read sha_sum rest; echo $sha_sum) > "$noise_file"
 
         chown root:root "$noise_file"
-        chmod 660 "$noise_file"
+        chmod 0660 "$noise_file"
     else
         echo "Using existing noise file $noise_file"
     fi
@@ -106,7 +106,7 @@ get_serial_no() {
     if ! [ -f "$SERIAL_NO_FILE" ];then
         echo "100" > $SERIAL_NO_FILE
         chown root:root "$DB_DIR"
-        chmod 660 "$SERIAL_NO_FILE"
+        chmod 0660 "$SERIAL_NO_FILE"
     fi
     serial_no=`cat $SERIAL_NO_FILE`
     serial_no=$((serial_no+1))
@@ -125,16 +125,16 @@ init_node_ca() {
         echo "Creating $DB_DIR"
         mkdir -p "$DB_DIR"
         chown root:root "$DB_DIR"
-        chmod 770 "$DB_DIR"
+        chmod 0770 "$DB_DIR"
     fi
 
     echo "Creating new key and cert db"
     echo -n "" > "$PWD_FILE"
     chown root:root "$PWD_FILE"
-    chmod 660 "$PWD_FILE"
+    chmod 0660 "$PWD_FILE"
     certutil -N -d "$DB_DIR" -f "$PWD_FILE"
     chown root:root "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
-    chmod 660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
+    chmod 0660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
 
     create_new_noise_file "$NOISE_FILE"
 

qdevices/corosync-qnetd-certutil.sh

@@ -50,7 +50,7 @@ CA_EXPORT_FILE="$DB_DIR/qnetd-cacert.crt"
 CRT_FILE_BASE="" # Generated from cluster name
 
 usage() {
-    echo "$0: [-i|-s] [-c certificate]"
+    echo "$0: [-i|-s] [-c certificate] [-n cluster_name]"
     echo
     echo " -i                  Initialize QNetd CA and generate server certificate"
     echo " -s                  Sign cluster certificate (needs cluster certificate)"
@@ -75,7 +75,7 @@ create_new_noise_file() {
         (ps -elf; date; w) | sha1sum | (read sha_sum rest; echo $sha_sum) > "$noise_file"
 
         chown_ref_cfgdir "$noise_file"
-        chmod 660 "$noise_file"
+        chmod 0660 "$noise_file"
     else
         echo "Using existing noise file $noise_file"
     fi
@@ -87,7 +87,7 @@ get_serial_no() {
     if ! [ -f "$SERIAL_NO_FILE" ];then
         echo "100" > $SERIAL_NO_FILE
         chown_ref_cfgdir "$SERIAL_NO_FILE"
-        chmod 660 "$SERIAL_NO_FILE"
+        chmod 0660 "$SERIAL_NO_FILE"
     fi
     serial_no=`cat $SERIAL_NO_FILE`
     serial_no=$((serial_no+1))
@@ -106,17 +106,17 @@ init_qnetd_ca() {
         echo "Creating $DB_DIR"
         mkdir -p "$DB_DIR"
         chown_ref_cfgdir "$DB_DIR"
-        chmod 770 "$DB_DIR"
+        chmod 0770 "$DB_DIR"
     fi
 
     echo "Creating new key and cert db"
     echo -n "" > "$PWD_FILE"
     chown_ref_cfgdir "$PWD_FILE"
-    chmod 660 "$PWD_FILE"
+    chmod 0660 "$PWD_FILE"
 
     certutil -N -d "$DB_DIR" -f "$PWD_FILE"
     chown_ref_cfgdir "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
-    chmod 660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
+    chmod 0660 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
 
     create_new_noise_file "$NOISE_FILE"