Hello community,
here is the log from the commit of package ha-cluster-bootstrap for
openSUSE:Factory checked in at 2014-03-22 14:48:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ha-cluster-bootstrap (Old)
and /work/SRC/openSUSE:Factory/.ha-cluster-bootstrap.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ha-cluster-bootstrap"
Changes:
--------
---
/work/SRC/openSUSE:Factory/ha-cluster-bootstrap/ha-cluster-bootstrap.changes
2014-03-09 18:22:54.000000000 +0100
+++
/work/SRC/openSUSE:Factory/.ha-cluster-bootstrap.new/ha-cluster-bootstrap.changes
2014-03-22 18:02:38.000000000 +0100
@@ -1,0 +2,12 @@
+Fri Mar 21 06:07:40 UTC 2014 - [email protected]
+
+- Fix test for active firewall (bnc#869386)
+- Upstream version cs:2964f4e
+
+-------------------------------------------------------------------
+Wed Mar 19 09:20:37 UTC 2014 - [email protected]
+
+- Update firewall rules correctly for corosync.conf (bnc#868986)
+- Upstream version cs:85bcef5
+
+-------------------------------------------------------------------
Old:
----
sleha-bootstrap-0.4+git.1394193228.cc1daef.tar.bz2
New:
----
sleha-bootstrap-0.4+git.1395382016.2964f4e.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ha-cluster-bootstrap.spec ++++++
--- /var/tmp/diff_new_pack.gpFnpm/_old 2014-03-22 18:02:38.000000000 +0100
+++ /var/tmp/diff_new_pack.gpFnpm/_new 2014-03-22 18:02:38.000000000 +0100
@@ -18,7 +18,7 @@
Name: ha-cluster-bootstrap
-Version: 0.4+git.1394193228.cc1daef
+Version: 0.4+git.1395382016.2964f4e
Release: 0
Summary: Pacemaker HA Cluster Bootstrap Tool
License: GPL-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.gpFnpm/_old 2014-03-22 18:02:38.000000000 +0100
+++ /var/tmp/diff_new_pack.gpFnpm/_new 2014-03-22 18:02:38.000000000 +0100
@@ -4,7 +4,7 @@
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="versionformat">0.4+git.%ct.%h</param>
- <param name="revision">cc1daef</param>
+ <param name="revision">2964f4e</param>
</service>
<service name="recompress" mode="disabled">
++++++ sleha-bootstrap-0.4+git.1394193228.cc1daef.tar.bz2 ->
sleha-bootstrap-0.4+git.1395382016.2964f4e.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/sleha-bootstrap-0.4+git.1394193228.cc1daef/scripts/ha-cluster-functions
new/sleha-bootstrap-0.4+git.1395382016.2964f4e/scripts/ha-cluster-functions
--- old/sleha-bootstrap-0.4+git.1394193228.cc1daef/scripts/ha-cluster-functions
2014-03-07 12:57:20.000000000 +0100
+++ new/sleha-bootstrap-0.4+git.1395382016.2964f4e/scripts/ha-cluster-functions
2014-03-21 07:07:35.000000000 +0100
@@ -145,19 +145,11 @@
# ports for csync2, mgmtd, hawk & dlm respectively
local tcp="30865 5560 7630 21064"
- # all mcastports defined in corosync config
- local udp
- if [ -f "$COROSYNC_CONF" ]; then
- udp=$(echo $(awk -F: '/^[[:space:]]*mcastport:/ {print $2}' \
- ${COROSYNC_CONF}))
- fi
-
local -i fw_open=0
if [ -f "$SYSCONFIG_FW_CLUSTER" ]; then
local tmp_conf=${SYSCONFIG_FW_CLUSTER}.$$
sed \
-e "s/^TCP=.*/TCP=\"$tcp\"/" \
- -e "s/^UDP=.*/UDP=\"$udp\"/" \
$SYSCONFIG_FW_CLUSTER > $tmp_conf
install_tmp $tmp_conf $SYSCONFIG_FW_CLUSTER
@@ -172,16 +164,52 @@
fi
# No need to do anything else if the firewall is inactive
- rcSuSEfirewall2 status >/dev/null 2>&1 || return
+ systemctl -q is-active SuSEfirewall2 || return
+
+ # Firewall is active, either restart or complain if we couldn't tweak it
+ if [ $fw_open -eq 1 ]; then
+ status "Restarting firewall (TCP $tcp open)"
+ invoke rcSuSEfirewall2 restart \
+ || error "Failed to restart firewall"
+ else
+ warn "Firewall is active - you may need to open ports:"
+ warn " TCP $tcp"
+ fi
+}
+
+# Have to do this separately, as we need general firewall config early
+# so csync2 works, but need corosync config *after* corosync.conf has
+# been created/updated.
+init_firewall_corosync()
+{
+ # all mcastports defined in corosync config
+ local udp
+ if [ -f "$COROSYNC_CONF" ]; then
+ udp=$(echo $(awk -F: '/^[[:space:]]*mcastport:/ {print $2}' \
+ ${COROSYNC_CONF}))
+ fi
+
+ local -i fw_open=0
+ if [ -f "$SYSCONFIG_FW_CLUSTER" ]; then
+ local tmp_conf=${SYSCONFIG_FW_CLUSTER}.$$
+ sed \
+ -e "s/^UDP=.*/UDP=\"$udp\"/" \
+ $SYSCONFIG_FW_CLUSTER > $tmp_conf
+ install_tmp $tmp_conf $SYSCONFIG_FW_CLUSTER
+ fw_open=1
+ fi
+
+ # No need to do anything else if the firewall is inactive
+ systemctl -q is-active SuSEfirewall2 || return
# Firewall is active, either restart or complain if we couldn't tweak it
if [ $fw_open -eq 1 ]; then
- status "Restarting firewall (TCP $tcp and UDP ${udp:-none}
open)"
+ status "Restarting firewall (UDP ${udp:-none} open)"
invoke rcSuSEfirewall2 restart \
|| error "Failed to restart firewall"
else
warn "Firewall is active - you may need to open ports:"
- warn " TCP $tcp and UDP ${udp:-none}"
+ warn " UDP ${udp:-none}"
fi
}
@@ -201,6 +229,8 @@
systemctl -q is-active corosync.service
[ $? -eq 0 ] && error "corosync service is running!"
+ init_firewall_corosync
+
# reset password, but only if it's not already set
local ps=$(passwd -S hacluster 2>/dev/null | cut -d' ' -f2)
local pass_msg
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
