Currently "mdadm -As" will process the entries in the config
file in order. If any array is a component or member of a preceding
array, that array will not be assembled.
So if there are any failures during assembly, retry those arrays,
and look until everything is assembled, or nothing more can
be assembled.
Signed-off-by: NeilBrown <neilb@suse.de>
Now that we don't "mdadm --takeover" until /var/run is writable
there is no need to continually try to create files in there.
So only create these files at startup and fail if they cannot be
made. This means that to start an array with externally managed
metadata, either /var/run or ALT_RUN (e.g. /lib/init/rw) must be
writable. To 'takeover' from a previous mdmon instance, /var/run
must be writable.
This means we don't need to worry about SIGHUP (which was once used to
tell us it was time to create .pid) and SIGALRM.
Signed-off-by: NeilBrown <neilb@suse.de>
Monitoring /proc/mounts and creating a .pid file as soon as /var/run
is writable is racy. Most distros clean all non-directories from
/var/run early in boot and if mdmon races with this it could
lose the files as soon as they are created.
Instead require that "mdmon --takeover" be run after /var is writable.
Signed-off-by: NeilBrown <neilb@suse.de>
Using switch-root and then creating files in /var/run once
that location is writable is racing as most distro clean out
/var/run shortly after it is mounted.
This can cause the .pid and .sock files to be deleted shortly
after they are created.
This option doesn't seem to be used at all any, and the alternative
of communicating the pid etc in some preserved directory and then
restarting mdmon once all is settled seems simpler.
So remove the code for supporting switchroot and update man page
accordingly.
Signed-off-by: NeilBrown <neilb@suse.de>
/var/run probably doesn't persist from early boot.
So if necessary, store in in /lib/init/rw or somewhere else
that does persist.
Signed-off-by: NeilBrown <neilb@suse.de>
devname2mdmon() can be used just as easily and doing so saves us from
some duplicate code.
Also tidy up some related logic.
Signed-off-by: NeilBrown <neilb@suse.de>
Creating /var/run in mdmon is really not justifiable.
If /var/run doesn't exist, then it is either deliberate and it should
be left that way to make sure the mapfile gets created in /dev, or
it is a configuration error and not our problem to fix.
Signed-off-by: NeilBrown <neilb@suse.de>
The change to get mdmon to re-exec itself from the switchroot
filesystem broken switchroot in various ways. This fixes it.
If the switchroot path is not '/', mdmon will find the pid and
socket for the monitor, chroot to the new root, and exec mdmon
passing the pid in argv[2] and the socket in stdin.
If the switchroot path is actually a number, mdmon will not chroot,
but will kill that pid before taking over the array.
Signed-off-by: NeilBrown <neilb@suse.de>
After we SIGTERM the monitor we need to wait for it to finish up.
Rather than the complexity of waiting for every md array to be clean,
we can simply read from the sock connected to the monitor.
When the monitor dies, we will get EOF. Before then we will block.
Signed-off-by: NeilBrown <neilb@suse.de>
It is redundant as each place that it is used, it can only
have one possible value.
Also change the related arg to mdmon() to have a more meaningful
name.
And make mdmon() static.
Signed-off-by: NeilBrown <neilb@suse.de>
1.x metadata allows a device to be a member of the array while it
is still recoverying. So it is a working member, but is not
completely in-sync.
mdadm/assemble does not understand this distinction and assumes that a
work member is fully in-sync for the purpose of determining if there
are enough in-sync devices for the array to be functional.
So collect the 'recovery_start' value from the metadata and use it in
assemble when determining how useful a given device is.
Reported-by: Mikael Abrahamsson <swmike@swm.pp.se>
Signed-off-by: NeilBrown <neilb@suse.de>
Suggesting that if your boot loaded doesn't support v1.x, then use
--metadata=1.0
doesn't make a lot of sense.
Also, '/', isn't really important, it is /boot that matters.
Hopefully people who have /boot on '/' realise that /boot is
on '/' ....
Signed-off-by: NeilBrown <neilb@suse.de>
Most operations require root access. Rather than ensure we generate
the right error message when something fails because we aren't root,
check early.
Note that "--examine" does not necessarily require root, so test
for that first.
Resolves-Debian-bug: 396570
Signed-off-by: NeilBrown <neilb@suse.de>
Fix compile warning when size_t is not a long.
Acked-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Luca Berra <bluca@vodka.it>
Signed-off-by: NeilBrown <neilb@suse.de>
mdadm should not wait indefinitely when it trys to reset
superblock on device which is busy (cannot be opened).
Acked-by: Andre Noll <maan@systemlinux.org>
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: NeilBrown <neilb@suse.de>
The current locking uses lockf, and is completely broken.
When you hold a lockf lock, any close of any fd on that file will
release the lock. So map_read() call which is made as soon as we get
the lock, will immediately drop the lock.
So change to flock locking which isn't so badly designed.
Signed-off-by: NeilBrown <neilb@suse.de>
We already have a call to 'enough' in Detail which is the check for
"do we have enough devices". We just need to calculate the required
data a bit earlier, then use the same 'enough' call to possibly
print FAILED.
This is motivated by Debian bug 495755.
The other request in that bug is not practical.
It would be very nice if output of `mdadm' is more clear in case of a
broken array.
Currently the only hint you get from `mdadm' that your array is broken
is this:
# mdadm -A /dev/md0 /dev/sdc1 /dev/sdd1 /dev/sde1 /dev/sdf1
mdadm: /dev/md0 assembled from 1 drive and 3 spares - not enough to start the
array.
It could say something like `Your array is broken, you can't use it anymore'
It is not valid to report that array as 'broken' if the user hasn't
listed all the devices, which could be the case here.
Resolves-Debian-Bug: 495755
Signed-off-by: NeilBrown <neilb@suse.de>
If a bitmap exists on an array, then current kernels cannot grow
that array.
So when we try to grow an array, test for EBUSY and if a bitmap is
present, report that the bitmap needs to be removed.
Resolves-Debian-Bug: 534571
Signed-off-by: NeilBrown <neilb@suse.de>
Once load_super has succeeded, it should continue to succeed. However
devices can disappear etc so it is prudent to always check the return
status of load_super.
Signed-off-by: NeilBrown <neilb@suse.de>
These were never supposed to be released, and due
to a type issue they cause compile problems on
some architectures.
Resolves-Debian-Bug: 567167
Signed-off-by: NeilBrown <neilb@suse.de>
This allows a person to testing using loopback devices that don't
support serial number queries.
Signed-off-by: Doug Ledford <dledford@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
>>
>> When I assemble an array I tend to have checked the devices before
>> hand; it would not be difficult to make the final pass a zeroing pass
>> if I knew I could vastly speed up post-assembly performance. As I
>> stated, it's merely a lack of clarity in the documentation.
>
> If you would like to create a patch against the man page, I would be happy to
> accept it.
>
> NeilBrown
Signed-off-by: NeilBrown <neilb@suse.de>
Unlike native md checkpointing some data about the geometry and type of
the migration process is coded into curr_migr_unit. Provide logic to
convert between md/{resync_start|recovery_start} and imsm/curr_migr_unit.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Minimal changes needed to permit reassembling partially recovered
external metadata arrays. The biggest logical change is that
->container_content() can now surface partially rebuilt members rather
than omitting them from the disk list.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Replace occurrences of ~0ULL to make it clear we are talking about maximal
resync/recovery position.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
We don't need to sprinkle reads of this attribute all over the place,
just once at the entry of read_and_act(). Also, the mdinfo structure
for the array already has a 'resync_start' member, so just reuse that.
Finally, rename get_resync_start() to read_resync_start to make it
consistent with the other sysfs accessors in monitor.c.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
When printing the migration state there is no need to print "migrating".
The fact that the state is non-idle should be enough indication.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
disk_list_get() can return NULL if:
1/ A formerly missing disk is re-added
2/ The original array has not been rebuilt, so the family number of the
missing disk still matches
3/ The metadata record of the in-sync disks are read before the missing
disk
This will result in the missing disk not adding its own serial number to
the disk_list, only its truncated value will be present.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
When associating a spare take on the target's metadata version number to
satisfy future compare_super checks.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Factor out the orom checking bits to validate_geometry_imsm_orom() and
share it between validate_geometry_imsm_volume() and the entry path to
reserve_space().
Signed-off-by: Dan Williams <dan.j.williams@intel.com>