Add command line support for multiple audit logs Gerrits #13774 (audit: Support multiple audit interfaces and interface options) and #13775 (audit: Add cmd helper for processing audit options) added support in the audit facility for multiple audit logs. Add command line support to use multiple audit logs for daemons that use libcmd for command line processing: bosserver, buserver, butc, fileserver, volserver, ptserver, and vlserver. Update the daemons to add a call to audit_open, and where possible add a call to audit_close when shutting down the daemon. Update help message and manpage entries for -auditlog and -audit-interface Change-Id: I4356e1aa84f580897a0e788e2a2829685be891aa Reviewed-on: https://gerrit.openafs.org/13776 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
volser: preserve volume stats by default Commit dfceff1d3a66e76246537738720f411330808d64 added the -preserve-vol-stats flag to the volume server. This enabled a change in the volume server to preserve volume usage statistics during reclone and restore operations. Otherwise, volume usage counters of read-only volumes are cleared when volumes are released, making it difficult to track usage with the volume stats. Make this feature the default behavior of the volume server and provide the option -clear-vol-stats to use the old behavior if so desired. This change makes the -preserve-vol-stats the default, and keeps it as a hidden flag for sites which may already have that flag set in the BosConfig. Since this changes a default behavior of the volume server, this change is only appropriate on a major or minor release boundary, not in the middle of a stable series. Change-Id: I3706ede64b7b18a80b39ebd55f2e1824bb7dbc57 Reviewed-on: https://gerrit.openafs.org/12674 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Use rxkad_crypt for inter-volser traffic, if asked Add a -s2scrypt option to the volume server, with possible options: * never -- the existing behavior * always -- switch to using afsconf_ClientAuthSecure, which uses rxkad_crypt, for ForwardVolume calls. * inherit -- encrypt inter-server traffic if the causal client connection is encrypted. This has the effect of "inheriting" the "-encrypt" flag given to "vos release", for example. Thanks to Jeffrey Altman for pointers and to Andrew Deason for noting the existence of rxkad_GetServerInfo. [mmeffie@sinenomine.net fix assertion and style update.] Change-Id: Ia295ba3f29a8494c8250a480fb26594468d2116a Reviewed-on: https://gerrit.openafs.org/11349 Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Thomas Keiser <tkeiser@gmail.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
externalize log rotation Do not create new server log files when servers are restarted by default. External log rotation tools may be used to rotate the logs by renaming log files and then signaling server processes to reopen log files. Add the -transarc-logs option to each server to provide backward compatibility with the traditional Transarc-style logging. When -transarc-logs is given, log files are renamed to an ".old" file (overwriting the existing ".old" file) and the previous the log file is truncated. Change-Id: I2eeb67e3db32b2f75fe685b68dab1159e62061e9 Reviewed-on: https://gerrit.openafs.org/11731 Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Tested-by: BuildBot <buildbot@rampaginggeek.com>
RestrictedQuery feature Make vlserver and volserver suppport a new command line parameter, "-restricted_query admin". When this is on, the query RPCs that are not needed for normal cache manager operations are restricted to administrators listed in UserList. This is off by default. Change-Id: I2a23a4e99cabd46b19ed491a6520773731a5994e Reviewed-on: http://gerrit.openafs.org/10927 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
volserver: Remove -sleep functionality This option is completely useless since the LWP volserver was removed. Remove the code for it. Change-Id: I2257ba2ecd2ffeb9c47d21cbb516d6a0abb19b94 Reviewed-on: http://gerrit.openafs.org/10424 Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com>
doc: volserver manpage fixes - Fix synopsis formatting, so option arguments are on the same line as the option name - Add missing options -rxmaxmtu, -rxbind, -syslog, and -sleep Change-Id: I6e6f06d716e7f78be288bfebde97a3701f086924 Reviewed-on: http://gerrit.openafs.org/10394 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
volser: Add -config and -logfile options Add options to specify alternate locations for the configuration files and the log file. This will be helpful for testing. Change-Id: I4169bc1944719773155931860c6a6dd2fd672f53 Reviewed-on: http://gerrit.openafs.org/9828 Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Make ihandle sync behavior runtime-configurable The actual behavior of FDH_SYNC has changed a bit over the years, and some people want one behavior, and some want another. Make it possible to make this choice at runtime with the new -sync option, instead of making this decision by running with different patches. Note that FDH_SYNC is not a macro anymore, nor is it an inline function. While it could be a macro, it would look a bit complex, and there are some oddities with trying to use vol_io_params inside the FDH_SYNC expansion (vol_io_params is not declared for LWP, for example). And having it be an inline function causes problems with some odd linking dependencies. For example, vlib.a contains volume.o, but does not contain a definition for DFlushVolume (dir/buffer.c), which is referenced in volume.o. 'vos' uses vlib.a, but does not bring in anything that defines DFlushVolume. Currently this appears to not cause a problem because 'vos' uses nothing from volume.o, so the dependencies of volume.o don't matter. Adding an inline FDH_SYNC for platforms that don't support 'static inline' would add a dependency to volume.o (via vol_io_params), which causes an error for the lack of a DFlushVolume. Those are possibly just some problems, and may not be all. So instead, make it so we don't have to deal with that and just have a normal function. While FDH_SYNC may be called in a performance-critical section, the overhead of a real function call is nowhere near the delay of an actual fsync(), so presumably any overhead doesn't matter. Change-Id: I23620bd8ac31b9019e9d55cb46ec9f3a75f5675c Reviewed-on: http://gerrit.openafs.org/9694 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
volser: preserve stats over reclones and restores Optionally, preserve the volume usage statistics instead of clearing them during reclone and restore operations. Change-Id: I436b39b129b892912533ddeff5569b07224b075c Reviewed-on: http://gerrit.openafs.org/3312 Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com> Reviewed-by: Derrick Brashear <shadow@dementix.org> Tested-by: BuildBot <buildbot@rampaginggeek.com>
document davolserver split davolserver and volserver documentation. refer both ways between docs. Change-Id: Iac70ac8e1fb8bfcb7ebfdbed8e9d7870a2e69fee Reviewed-on: http://gerrit.openafs.org/2441 Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>