From faf3b1542fd27b3ad32ac7b362ef39d8cb0b05ff Mon Sep 17 00:00:00 2001 From: Ronnie Sahlberg Date: Thu, 17 Feb 2011 13:14:41 +1100 Subject: [PATCH] Dont allow client processes to attach to databases while we are still in recovery mode. The exception is the local recovery daemon which needs to be able to attach (==create) any missing databases during recovery. This process requires the use of the attach control. --- include/ctdb_private.h | 2 +- server/ctdb_control.c | 4 ++-- server/ctdb_ltdb_server.c | 20 ++++++++++++++++++-- 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/include/ctdb_private.h b/include/ctdb_private.h index 4dcf9a5b..5a1c15b1 100644 --- a/include/ctdb_private.h +++ b/include/ctdb_private.h @@ -799,7 +799,7 @@ int ctdb_daemon_send_control(struct ctdb_context *ctdb, uint32_t destnode, void *private_data); int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, - TDB_DATA *outdata, uint64_t tdb_flags, bool persistent); + TDB_DATA *outdata, uint64_t tdb_flags, bool persistent, uint32_t client_id); int ctdb_daemon_set_call(struct ctdb_context *ctdb, uint32_t db_id, ctdb_fn_t fn, int id); diff --git a/server/ctdb_control.c b/server/ctdb_control.c index 90900c94..488b3e99 100644 --- a/server/ctdb_control.c +++ b/server/ctdb_control.c @@ -221,10 +221,10 @@ static int32_t ctdb_control_dispatch(struct ctdb_context *ctdb, } case CTDB_CONTROL_DB_ATTACH: - return ctdb_control_db_attach(ctdb, indata, outdata, srvid, false); + return ctdb_control_db_attach(ctdb, indata, outdata, srvid, false, client_id); case CTDB_CONTROL_DB_ATTACH_PERSISTENT: - return ctdb_control_db_attach(ctdb, indata, outdata, srvid, true); + return ctdb_control_db_attach(ctdb, indata, outdata, srvid, true, client_id); case CTDB_CONTROL_SET_CALL: { struct ctdb_control_set_call *sc = diff --git a/server/ctdb_ltdb_server.c b/server/ctdb_ltdb_server.c index ba2a9cb4..8340c37f 100644 --- a/server/ctdb_ltdb_server.c +++ b/server/ctdb_ltdb_server.c @@ -750,11 +750,27 @@ again: */ int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, TDB_DATA *outdata, uint64_t tdb_flags, - bool persistent) + bool persistent, uint32_t client_id) { const char *db_name = (const char *)indata.dptr; struct ctdb_db_context *db; - struct ctdb_node *node = ctdb->nodes[ctdb->pnn]; + struct ctdb_node *node; + + /* dont allow any local clients to attach while we are in recovery mode + * except for the recovery daemon. + * allow all attach from the network since these are always from remote + * recovery daemons. + */ + if (ctdb->recovery_mode == CTDB_RECOVERY_ACTIVE && client_id != 0) { + struct ctdb_client *client = ctdb_reqid_find(ctdb, client_id, struct ctdb_client); + + if (client != NULL && client->pid != ctdb->recoverd_pid) { + DEBUG(DEBUG_ERR,("DB Attach to database %s refused for client with pid:%d since node is in recovery mode.\n", db_name, client->pid)); + return -1; + } + } + + node = ctdb->nodes[ctdb->pnn]; /* the client can optionally pass additional tdb flags, but we only allow a subset of those on the database in ctdb. Note -- 2.34.1