[PATCH] CTDB recovery lock fixes and more scary example setting (bug #13790)
Amitay Isaacs
amitay at gmail.com
Thu Feb 21 04:43:51 UTC 2019
On Wed, Feb 20, 2019 at 2:42 PM Martin Schwenke via samba-technical
<samba-technical at lists.samba.org> wrote:
>
> The motivation for this patch set is that someone who works a lot with
> CTDB told me that the example setting in 4.9 isn't scary enough. It is
> too easy for an admin to simply uncomment it in the installed example
> configuration file and then struggle to understand the likely failure
> mode (i.e. nodes other than the recovery master are able to take the
> recovery lock).
>
> So, I'd like 4.10 to have a scarier default. :-)
>
> So, why is it a patch set rather than a single patch?
>
> * I really want an invalid recovery lock setting to cause a node to be
> banned. This makes the misconfiguration more obvious.
>
> * There was no test for the case where the recovery lock is explicitly
> set to use a helper (as opposed to a lock file).
>
> * The code that constructs the command-line arguments for the helper
> was awful.
>
> Please review and maybe push...
As discussed offline, let's split the fixes into 2 separate bugs.
#13790 for config changes
#13800 for recovery lock fixes (this requires additional patch for
enabling timeout in getting recovery lock)
Amitay.
More information about the samba-technical
mailing list