X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;f=lustre%2Ftests%2Fsanity-gss.sh;h=541eeac1f1753e34d4f249e3d7c8542d6ec88de4;hb=864fc9daac267819f5e3bdebef6cdac4c6325626;hp=c4d0562efac3884f594f1b6fc2ad1bc4efe427f4;hpb=017a292f2c6cf47e98e0bf376eb0f7a001d673d2;p=fs%2Flustre-release.git diff --git a/lustre/tests/sanity-gss.sh b/lustre/tests/sanity-gss.sh old mode 100644 new mode 100755 index c4d0562..541eeac --- a/lustre/tests/sanity-gss.sh +++ b/lustre/tests/sanity-gss.sh @@ -1,5 +1,4 @@ #!/bin/bash -# vim:expandtab:shiftwidth=4:softtabstop=4:tabstop=4: # # Run select tests by setting ONLY, or as arguments to the script. # Skip specific tests by setting EXCEPT. @@ -12,29 +11,17 @@ ONLY=${ONLY:-"$*"} ALWAYS_EXCEPT=${ALWAYS_EXCEPT:-"$SANITY_GSS_EXCEPT"} # UPDATE THE COMMENT ABOVE WITH BUG NUMBERS WHEN CHANGING ALWAYS_EXCEPT! -# Tests that fail on uml -CPU=`awk '/model/ {print $4}' /proc/cpuinfo` -[ "$CPU" = "UML" ] && EXCEPT="$EXCEPT" - -case `uname -r` in -2.6*) FSTYPE=${FSTYPE:-ldiskfs}; ALWAYS_EXCEPT="$ALWAYS_EXCEPT " ;; -*) error "unsupported kernel (gss only works with 2.6.x)" ;; -esac - SRCDIR=`dirname $0` -export PATH=$PWD/$SRCDIR:$SRCDIR:$SRCDIR/../utils:$SRCDIR/../utils/gss:$PATH:/sbin -export NAME=${NAME:-local} -SAVE_PWD=$PWD -CLEANUP=${CLEANUP:-""} -SETUP=${SETUP:-""} +export MULTIOP=${MULTIOP:-multiop} LUSTRE=${LUSTRE:-`dirname $0`/..} . $LUSTRE/tests/test-framework.sh init_test_env $@ . ${CONFIG:=$LUSTRE/tests/cfg/$NAME.sh} +init_logging -remote_mds_nodsh && skip "remote MDS with nodsh" && exit 0 +require_dsh_mds || exit 0 [ "$SLOW" = "no" ] && EXCEPT_SLOW="100 101" @@ -47,35 +34,10 @@ unset SEC # # global variables of this sanity # -KRB5_CCACHE_DIR=/tmp -KRB5_CRED=$KRB5_CCACHE_DIR/krb5cc_$RUNAS_ID -KRB5_CRED_SAVE=$KRB5_CCACHE_DIR/krb5cc.sanity.save -CLICOUNT=2 -cnt_mdt2ost=0 -cnt_mdt2mdt=0 -cnt_cli2ost=0 -cnt_cli2mdt=0 -cnt_all2ost=0 -cnt_all2mdt=0 -cnt_all2all=0 DBENCH_PID=0 -PROC_CLI="srpc_info" # set manually GSS=true -GSS_KRB5=true - -prepare_krb5_creds() { - echo prepare krb5 cred - rm -f $KRB5_CRED_SAVE - echo RUNAS=$RUNAS - $RUNAS krb5_login.sh || exit 1 - [ -f $KRB5_CRED ] || exit 2 - echo CRED=$KRB5_CRED - cp $KRB5_CRED $KRB5_CRED_SAVE -} - -prepare_krb5_creds # we want double mount MOUNT_2=${MOUNT_2:-"yes"} @@ -87,258 +49,6 @@ check_runas_id $RUNAS_ID $RUNAS_ID $RUNAS build_test_filter -combination() -{ - local M=$1 - local N=$2 - local R=1 - - if [ $M -lt $N ]; then - R=0 - else - N=$((N + 1)) - while [ $N -le $M ]; do - R=$((R * N)) - N=$((N + 1)) - done - fi - - echo $R - return 0 -} - -calc_connection_cnt() { - # MDT->MDT = 2 * C(M, 2) - # MDT->OST = M * O - # CLI->OST = C * O - # CLI->MDT = C * M - comb_m2=$(combination $MDSCOUNT 2) - - cnt_mdt2mdt=$((comb_m2 * 2)) - cnt_mdt2ost=$((MDSCOUNT * OSTCOUNT)) - cnt_cli2ost=$((CLICOUNT * OSTCOUNT)) - cnt_cli2mdt=$((CLICOUNT * MDSCOUNT)) - cnt_all2ost=$((cnt_mdt2ost + cnt_cli2ost)) - cnt_all2mdt=$((cnt_mdt2mdt + cnt_cli2mdt)) - cnt_all2all=$((cnt_mdt2ost + cnt_mdt2mdt + cnt_cli2ost + cnt_cli2mdt)) -} - -set_rule() -{ - local tgt=$1 - local net=$2 - local dir=$3 - local flavor=$4 - local cmd="$tgt.srpc.flavor" - - if [ $net == "any" ]; then - net="default" - fi - cmd="$cmd.$net" - - if [ $dir != "any" ]; then - cmd="$cmd.$dir" - fi - - cmd="$cmd=$flavor" - log "Setting sptlrpc rule: $cmd" - do_facet mgs "$LCTL conf_param $cmd" -} - -count_flvr() -{ - local output=$1 - local flavor=$2 - local count=0 - - rpc_flvr=`echo $flavor | awk -F - '{ print $1 }'` - bulkspec=`echo $flavor | awk -F - '{ print $2 }'` - - count=`echo "$output" | grep "rpc flavor" | grep $rpc_flvr | wc -l` - - if [ "x$bulkspec" != "x" ]; then - algs=`echo $bulkspec | awk -F : '{ print $2 }'` - - if [ "x$algs" != "x" ]; then - bulk_count=`echo "$output" | grep "bulk flavor" | grep $algs | wc -l` - else - bulk=`echo $bulkspec | awk -F : '{ print $1 }'` - if [ $bulk == "bulkn" ]; then - bulk_count=`echo "$output" | grep "bulk flavor" \ - | grep "null/null" | wc -l` - elif [ $bulk == "bulki" ]; then - bulk_count=`echo "$output" | grep "bulk flavor" \ - | grep "/null" | grep -v "null/" | wc -l` - else - bulk_count=`echo "$output" | grep "bulk flavor" \ - | grep -v "/null" | grep -v "null/" | wc -l` - fi - fi - - [ $bulk_count -lt $count ] && count=$bulk_count - fi - - echo $count -} - -flvr_cnt_cli2mdt() -{ - local flavor=$1 - - output=`do_facet client lctl get_param -n mdc.*-MDT*-mdc-*.$PROC_CLI 2>/dev/null` - count_flvr "$output" $flavor -} - -flvr_cnt_cli2ost() -{ - local flavor=$1 - - output=`do_facet client lctl get_param -n osc.*OST*-osc-[^M][^D][^T]*.$PROC_CLI 2>/dev/null` - count_flvr "$output" $flavor -} - -flvr_cnt_mdt2mdt() -{ - local flavor=$1 - local cnt=0 - - if [ $MDSCOUNT -le 1 ]; then - echo 0 - return - fi - - for num in `seq $MDSCOUNT`; do - output=`do_facet mds$num lctl get_param -n mdc.*-MDT*-mdc[0-9]*.$PROC_CLI 2>/dev/null` - tmpcnt=`count_flvr "$output" $flavor` - cnt=$((cnt + tmpcnt)) - done - echo $cnt; -} - -flvr_cnt_mdt2ost() -{ - local flavor=$1 - local cnt=0 - - for num in `seq $MDSCOUNT`; do - output=`do_facet mds$num lctl get_param -n osc.*OST*-osc-MDT*.$PROC_CLI 2>/dev/null` - tmpcnt=`count_flvr "$output" $flavor` - cnt=$((cnt + tmpcnt)) - done - echo $cnt; -} - -flvr_cnt_mgc2mgs() -{ - local flavor=$1 - - output=`do_facet client lctl get_param -n mgc.*.$PROC_CLI 2>/dev/null` - count_flvr "$output" $flavor -} - -do_check_flavor() -{ - local dir=$1 # from to - local flavor=$2 # flavor expected - local res=0 - - if [ $dir == "cli2mdt" ]; then - res=`flvr_cnt_cli2mdt $flavor` - elif [ $dir == "cli2ost" ]; then - res=`flvr_cnt_cli2ost $flavor` - elif [ $dir == "mdt2mdt" ]; then - res=`flvr_cnt_mdt2mdt $flavor` - elif [ $dir == "mdt2ost" ]; then - res=`flvr_cnt_mdt2ost $flavor` - elif [ $dir == "all2ost" ]; then - res1=`flvr_cnt_mdt2ost $flavor` - res2=`flvr_cnt_cli2ost $flavor` - res=$((res1 + res2)) - elif [ $dir == "all2mdt" ]; then - res1=`flvr_cnt_mdt2mdt $flavor` - res2=`flvr_cnt_cli2mdt $flavor` - res=$((res1 + res2)) - elif [ $dir == "all2all" ]; then - res1=`flvr_cnt_mdt2ost $flavor` - res2=`flvr_cnt_cli2ost $flavor` - res3=`flvr_cnt_mdt2mdt $flavor` - res4=`flvr_cnt_cli2mdt $flavor` - res=$((res1 + res2 + res3 + res4)) - fi - - echo $res -} - -wait_flavor() -{ - local dir=$1 # from to - local flavor=$2 # flavor expected - local expect=$3 # number expected - local res=0 - - for ((i=0;i<20;i++)); do - echo -n "checking..." - res=$(do_check_flavor $dir $flavor) - if [ $res -eq $expect ]; then - echo "found $res $flavor connections of $dir, OK" - return 0 - else - echo "found $res $flavor connections of $dir, not ready ($expect)" - sleep 4 - fi - done - - echo "Error checking $flavor of $dir: expect $expect, actual $res" - return 1 -} - -restore_to_default_flavor() -{ - local proc="mgs.MGS.live.$FSNAME" - - echo "restoring to default flavor..." - - nrule=`do_facet mgs lctl get_param -n $proc 2>/dev/null | grep ".srpc.flavor." | wc -l` - - # remove all existing rules if any - if [ $nrule -ne 0 ]; then - echo "$nrule existing rules" - for rule in `do_facet mgs lctl get_param -n $proc 2>/dev/null | grep ".srpc.flavor."`; do - echo "remove rule: $rule" - spec=`echo $rule | awk -F = '{print $1}'` - do_facet mgs "$LCTL conf_param $spec=" - done - fi - - # verify no rules left - nrule=`do_facet mgs lctl get_param -n $proc 2>/dev/null | grep ".srpc.flavor." | wc -l` - [ $nrule -ne 0 ] && error "still $nrule rules left" - - # wait for default flavor to be applied - # currently default flavor for all connections are 'null' - wait_flavor all2all null $cnt_all2all - echo "now at default flavor settings" -} - -set_flavor_all() -{ - local flavor=$1 - - echo "setting all flavor to $flavor" - - res=$(do_check_flavor all2all $flavor) - if [ $res -eq $cnt_all2all ]; then - echo "already have total $res $flavor connections" - return - fi - - echo "found $res $flavor out of total $cnt_all2all connections" - restore_to_default_flavor - - set_rule $FSNAME any any $flavor - wait_flavor all2all $flavor $cnt_all2all -} - start_dbench() { NPROC=`cat /proc/cpuinfo 2>/dev/null | grep ^processor | wc -l` @@ -389,84 +99,22 @@ stop_dbench() sync || true } -restore_krb5_cred() { - cp $KRB5_CRED_SAVE $KRB5_CRED - chown $RUNAS_ID:$RUNAS_ID $KRB5_CRED - chmod 0600 $KRB5_CRED -} - -check_multiple_gss_daemons() { - local facet=$1 - local gssd=$2 - local gssd_name=`basename $gssd` - - for ((i=0;i<10;i++)); do - do_facet $facet "$gssd -v &" - done - - # wait daemons entering "stable" status - sleep 5 - - num=`do_facet $facet ps -o cmd -C $gssd_name | grep $gssd_name | wc -l` - echo "$num instance(s) of $gssd_name are running" - - if [ $num -ne 1 ]; then - error "$gssd_name not unique" - fi -} - calc_connection_cnt umask 077 -test_0() { - local my_facet=mds - - echo "bring up gss daemons..." - start_gss_daemons - - echo "check with someone already running..." - check_multiple_gss_daemons $my_facet $LSVCGSSD - if $GSS_PIPEFS; then - check_multiple_gss_daemons $my_facet $LGSSD - fi - - echo "check with someone run & finished..." - do_facet $my_facet killall -q -2 lgssd lsvcgssd || true - sleep 5 # wait fully exit - check_multiple_gss_daemons $my_facet $LSVCGSSD - if $GSS_PIPEFS; then - check_multiple_gss_daemons $my_facet $LGSSD - fi - - echo "check refresh..." - do_facet $my_facet killall -q -2 lgssd lsvcgssd || true - sleep 5 # wait fully exit - do_facet $my_facet ipcrm -S 0x3b92d473 - check_multiple_gss_daemons $my_facet $LSVCGSSD - if $GSS_PIPEFS; then - do_facet $my_facet ipcrm -S 0x3a92d473 - check_multiple_gss_daemons $my_facet $LGSSD - fi -} -run_test 0 "start multiple gss daemons" - -set_flavor_all krb5p +set_flavor_all gssnull test_1() { - local file=$DIR/$tfile + local file=$DIR/$tfile - chmod 0777 $DIR || error "chmod $DIR failed" - # access w/o cred - $RUNAS kdestroy - $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" - $RUNAS touch $file && error "unexpected success" - - # access w/ cred - restore_krb5_cred - $RUNAS touch $file || error "should not fail" - [ -f $file ] || error "$file not found" + chmod 0777 $DIR || error "chmod $DIR failed" + # access w/o context + $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" + $RUNAS touch $DIR + $RUNAS touch $file || error "should not fail" + [ -f $file ] || error "$file not found" } -run_test 1 "access with or without krb5 credential" +run_test 1 "create file" test_2() { local file1=$DIR/$tfile-1 @@ -477,15 +125,9 @@ test_2() { $RUNAS touch $file1 || error "can't touch $file1" [ -f $file1 ] || error "$file1 not found" - # cleanup all cred/ctx and touch - $RUNAS kdestroy - $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" - $RUNAS touch $file2 && error "unexpected success" - - # restore and touch - restore_krb5_cred - $RUNAS touch $file2 || error "should not fail" - [ -f $file2 ] || error "$file2 not found" + # cleanup all cred/ctx and touch + $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" + $RUNAS touch $file2 && error "unexpected success" } run_test 2 "lfs flushctx" @@ -500,7 +142,7 @@ test_3() { $RUNAS cat $file > /dev/null || error "$RUNAS_ID cat error" # start multiop - $RUNAS multiop $file o_r & + $RUNAS $MULTIOP $file o_r & OPPID=$! # wait multiop finish its open() sleep 1 @@ -508,97 +150,15 @@ test_3() { # cleanup all cred/ctx and check # metadata check should fail, but file data check should success # because we always use root credential to OSTs - $RUNAS kdestroy $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" echo "destroied credentials/contexs for $RUNAS_ID" $RUNAS $CHECKSTAT -p 0666 $file && error "checkstat succeed" kill -s 10 $OPPID wait $OPPID || error "read file data failed" echo "read file data OK" - - # restore and check again - restore_krb5_cred - echo "restored credentials for $RUNAS_ID" - $RUNAS $CHECKSTAT -p 0666 $file || error "$RUNAS_ID checkstat (2) error" - echo "$RUNAS_ID checkstat OK" - $CHECKSTAT -p 0666 $file || error "$UID checkstat (2) error" - echo "$UID checkstat OK" - $RUNAS cat $file > /dev/null || error "$RUNAS_ID cat (2) error" - echo "$RUNAS_ID read file data OK" } run_test 3 "local cache under DLM lock" -test_4() { - local file1=$DIR/$tfile-1 - local file2=$DIR/$tfile-2 - - ! $GSS_PIPEFS && skip "pipefs not used" && return - - chmod 0777 $DIR || error "chmod $DIR failed" - # current access should be ok - $RUNAS touch $file1 || error "can't touch $file1" - [ -f $file1 ] || error "$file1 not found" - - # stop lgssd - send_sigint client lgssd - sleep 5 - check_gss_daemon_facet client lgssd && error "lgssd still running" - - # flush context, and touch - $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" - $RUNAS touch $file2 & - TOUCHPID=$! - echo "waiting touch pid $TOUCHPID" - wait $TOUCHPID && error "touch should fail" - - # restart lgssd - do_facet client "$LGSSD -v" - sleep 5 - check_gss_daemon_facet client lgssd - - # touch new should succeed - $RUNAS touch $file2 || error "can't touch $file2" - [ -f $file2 ] || error "$file2 not found" -} -run_test 4 "lgssd dead, operations should wait timeout and fail" - -test_5() { - local file1=$DIR/$tfile-1 - local file2=$DIR/$tfile-2 - local wait_time=$((TIMEOUT + TIMEOUT / 2)) - - chmod 0777 $DIR || error "chmod $DIR failed" - # current access should be ok - $RUNAS touch $file1 || error "can't touch $file1" - [ -f $file1 ] || error "$file1 not found" - - # stop lsvcgssd - send_sigint mds lsvcgssd - sleep 5 - check_gss_daemon_facet mds lsvcgssd && error "lsvcgssd still running" - - # flush context, and touch - $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" - $RUNAS touch $file2 & - TOUCHPID=$! - - # wait certain time - echo "waiting $wait_time seconds for touch pid $TOUCHPID" - sleep $wait_time - num=`ps --no-headers -p $TOUCHPID | wc -l` - [ $num -eq 1 ] || error "touch already ended ($num)" - echo "process $TOUCHPID still hanging there... OK" - - # restart lsvcgssd, expect touch suceed - echo "restart lsvcgssd and recovering" - do_facet mds "$LSVCGSSD -v" - sleep 5 - check_gss_daemon_facet mds lsvcgssd - wait $TOUCHPID || error "touch fail" - [ -f $file2 ] || error "$file2 not found" -} -run_test 5 "lsvcgssd dead, operations lead to recovery" - test_6() { local nfile=10 @@ -613,59 +173,65 @@ test_6() { run_test 6 "test basic DLM callback works" test_7() { - local tdir=$DIR/d7 - local num_osts - - # - # for open(), client only reserve space for default stripe count lovea, - # and server may return larger lovea in reply (because of larger stripe - # count), client need call enlarge_reqbuf() and save the replied lovea - # in request for future possible replay. - # - # Note: current script does NOT guarantee enlarge_reqbuf() will be in - # the path, however it does work in local test which has 2 OSTs and - # default stripe count is 1. - # - num_osts=`$LFS getstripe $MOUNT | egrep "^[0-9]*:.*ACTIVE" | wc -l` - echo "found $num_osts active OSTs" - [ $num_osts -lt 2 ] && echo "skipping $TESTNAME (must have >= 2 OSTs)" && return - - mkdir $tdir || error - $LFS setstripe -c $num_osts $tdir || error - - echo "creating..." - for ((i=0;i<20;i++)); do - dd if=/dev/zero of=$tdir/f$i bs=4k count=16 2>/dev/null - done - echo "reading..." - for ((i=0;i<20;i++)); do - dd if=$tdir/f$i of=/dev/null bs=4k count=16 2>/dev/null - done - rm -rf $tdir + local tdir=$DIR/d7 + local num_osts + + # for open(), client only reserve space for default stripe count lovea, + # and server may return larger lovea in reply (because of larger stripe + # count), client need call enlarge_reqbuf() and save the replied lovea + # in request for future possible replay. + # + # Note: current script does NOT guarantee enlarge_reqbuf() will be in + # the path, however it does work in local test which has 2 OSTs and + # default stripe count is 1. + num_osts=$($LFS getstripe $MOUNT | egrep "^[0-9]*:.*ACTIVE" | wc -l) + echo "found $num_osts active OSTs" + [ $num_osts -lt 2 ] && + echo "skipping $TESTNAME (must have >= 2 OSTs)" && return + + mkdir $tdir || error "mkdir $tdir failed" + $LFS setstripe -c $num_osts $tdir || error "setstripe -c $num_osts" + + echo "creating..." + for ((i = 0; i < 20; i++)); do + dd if=/dev/zero of=$tdir/f$i bs=4k count=16 2>/dev/null + done + echo "reading..." + for ((i = 0; i < 20; i++)); do + dd if=$tdir/f$i of=/dev/null bs=4k count=16 2>/dev/null + done + rm -rf $tdir } run_test 7 "exercise enlarge_reqbuf()" test_8() { - local ATHISTORY=$(do_facet mds "find /sys/ -name at_history") - local ATOLDBASE=$(do_facet mds "cat $ATHISTORY") - do_facet mds "echo 8 >> $ATHISTORY" + local ATHISTORY=$(do_facet $SINGLEMDS "find /sys/ -name at_history") + local ATOLDBASE=$(do_facet $SINGLEMDS "cat $ATHISTORY") + local REQ_DELAY + do_facet $SINGLEMDS "echo 8 >> $ATHISTORY" + + mkdir -p $DIR/d8 + chmod a+w $DIR/d8 $LCTL dk > /dev/null debugsave sysctl -w lnet.debug="+other" - mkdir -p $DIR/d8 - chmod a+w $DIR/d8 - - REQ_DELAY=`lctl get_param -n mdc.${FSNAME}-MDT0000-mdc-*.timeouts | - awk '/portal 12/ {print $5}' | tail -1` + # wait for the at estimation come down, this is faster + while [ true ]; do + REQ_DELAY=`lctl get_param -n mdc.${FSNAME}-MDT0000-mdc-*.timeouts | + awk '/portal 12/ {print $5}' | tail -1` + [ $REQ_DELAY -le 5 ] && break + echo "current AT estimation is $REQ_DELAY, wait a little bit" + sleep 8 + done REQ_DELAY=$((${REQ_DELAY} + ${REQ_DELAY} / 4 + 5)) # sleep sometime in ctx handle - do_facet mds lctl set_param fail_val=$REQ_DELAY + do_facet $SINGLEMDS lctl set_param fail_val=$REQ_DELAY #define OBD_FAIL_SEC_CTX_HDL_PAUSE 0x1204 - do_facet mds lctl set_param fail_loc=0x1204 + do_facet $SINGLEMDS lctl set_param fail_loc=0x1204 $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT" @@ -673,13 +239,13 @@ test_8() TOUCHPID=$! echo "waiting for touch (pid $TOUCHPID) to finish..." sleep 2 # give it a chance to really trigger context init rpc - do_facet mds sysctl -w lustre.fail_loc=0 + do_facet $SINGLEMDS $LCTL set_param fail_loc=0 wait $TOUCHPID || error "touch should have succeeded" $LCTL dk | grep "Early reply #" || error "No early reply" debugrestore - do_facet mds "echo $ATOLDBASE >> $ATHISTORY" || true + do_facet $SINGLEMDS "echo $ATOLDBASE >> $ATHISTORY" || true } run_test 8 "Early reply sent for slow gss context negotiation" @@ -696,8 +262,8 @@ test_90() { fi restore_to_default_flavor - set_rule $FSNAME any any krb5p - wait_flavor all2all krb5p $cnt_all2all + set_rule $FSNAME any any gssnull + wait_flavor all2all gssnull start_dbench @@ -727,7 +293,7 @@ test_99() { echo "original general rules: $nrule_old" for ((i = $nrule_old; i < $max; i++)); do - set_rule $FSNAME elan$i any krb5n || error "set rule $i" + set_rule $FSNAME elan$i any gssnull || error "set rule $i" done for ((i = $nrule_old; i < $max; i++)); do set_rule $FSNAME elan$i any || error "remove rule $i" @@ -738,26 +304,6 @@ test_99() { if [ $nrule_new != $nrule_old ]; then error "general rule: $nrule_new != $nrule_old" fi - - # - # target-specific rules - # - nrule_old=`do_facet mgs lctl get_param -n mgs.MGS.live.$FSNAME 2>/dev/null \ - | grep "$FSNAME-MDT0000.srpc.flavor." | wc -l` - echo "original target rules: $nrule_old" - - for ((i = $nrule_old; i < $max; i++)); do - set_rule $FSNAME-MDT0000 elan$i any krb5i || error "set rule $i" - done - for ((i = $nrule_old; i < $max; i++)); do - set_rule $FSNAME-MDT0000 elan$i any || error "remove rule $i" - done - - nrule_new=`do_facet mgs lctl get_param -n mgs.MGS.live.$FSNAME 2>/dev/null \ - | grep "$FSNAME-MDT0000.srpc.flavor." | wc -l` - if [ $nrule_new != $nrule_old ]; then - error "general rule: $nrule_new != $nrule_old" - fi } run_test 99 "set large number of sptlrpc rules" @@ -772,96 +318,86 @@ error_dbench() } test_100() { - # started from default flavors - restore_to_default_flavor - - # running dbench background - start_dbench - - # - # all: null -> krb5n -> krb5a -> krb5i -> krb5p -> plain - # - set_rule $FSNAME any any krb5n - wait_flavor all2all krb5n $cnt_all2all || error_dbench "1" - check_dbench - - set_rule $FSNAME any any krb5a - wait_flavor all2all krb5a $cnt_all2all || error_dbench "2" - check_dbench - - set_rule $FSNAME any any krb5i - wait_flavor all2all krb5i $cnt_all2all || error_dbench "3" - check_dbench - - set_rule $FSNAME any any krb5p - wait_flavor all2all krb5p $cnt_all2all || error_dbench "4" - check_dbench - - set_rule $FSNAME any any plain - wait_flavor all2all plain $cnt_all2all || error_dbench "5" - check_dbench - - # - # M - M: krb5a - # C - M: krb5i - # M - O: krb5p - # C - O: krb5n - # - set_rule $FSNAME any mdt2mdt krb5a - wait_flavor mdt2mdt krb5a $cnt_mdt2mdt || error_dbench "6" - check_dbench - - set_rule $FSNAME any cli2mdt krb5i - wait_flavor cli2mdt krb5i $cnt_cli2mdt || error_dbench "7" - check_dbench - - set_rule $FSNAME any mdt2ost krb5p - wait_flavor mdt2ost krb5p $cnt_mdt2ost || error_dbench "8" - check_dbench - - set_rule $FSNAME any cli2ost krb5n - wait_flavor cli2ost krb5n $cnt_cli2ost || error_dbench "9" - check_dbench - - # - # * - MDT0: krb5p - # * - OST0: krb5i - # - # nothing should be changed because they are override by above dir rules - # - set_rule $FSNAME-MDT0000 any any krb5p - set_rule $FSNAME-OST0000 any any krb5i - wait_flavor mdt2mdt krb5a $cnt_mdt2mdt || error_dbench "10" - wait_flavor cli2mdt krb5i $cnt_cli2mdt || error_dbench "11" - check_dbench - wait_flavor mdt2ost krb5p $cnt_mdt2ost || error_dbench "12" - wait_flavor cli2ost krb5n $cnt_cli2ost || error_dbench "13" - - # - # delete all dir-specific rules - # - set_rule $FSNAME any mdt2mdt - set_rule $FSNAME any cli2mdt - set_rule $FSNAME any mdt2ost - set_rule $FSNAME any cli2ost - wait_flavor mdt2mdt krb5p $((MDSCOUNT - 1)) || error_dbench "14" - wait_flavor cli2mdt krb5p $CLICOUNT || error_dbench "15" - check_dbench - wait_flavor mdt2ost krb5i $MDSCOUNT || error_dbench "16" - wait_flavor cli2ost krb5i $CLICOUNT || error_dbench "17" - check_dbench - - # - # remove: - # * - MDT0: krb5p - # * - OST0: krb5i - # - set_rule $FSNAME-MDT0000 any any - set_rule $FSNAME-OST0000 any any || error_dbench "18" - wait_flavor all2all plain $cnt_all2all || error_dbench "19" - check_dbench - - stop_dbench + # started from default flavors + restore_to_default_flavor + + # running dbench background + start_dbench + + # + # all: null -> gssnull -> plain + # + set_rule $FSNAME any any gssnull + wait_flavor all2all gssnull || error_dbench "1" + check_dbench + + set_rule $FSNAME any any plain + wait_flavor all2all plain || error_dbench "2" + check_dbench + + # + # M - M: gssnull + # C - M: gssnull + # M - O: gssnull + # C - O: gssnull + # + set_rule $FSNAME any mdt2mdt gssnull + wait_flavor mdt2mdt gssnull || error_dbench "3" + check_dbench + + set_rule $FSNAME any cli2mdt gssnull + wait_flavor cli2mdt gssnull || error_dbench "4" + check_dbench + + set_rule $FSNAME any mdt2ost gssnull + wait_flavor mdt2ost gssnull || error_dbench "5" + check_dbench + + set_rule $FSNAME any cli2ost gssnull + wait_flavor cli2ost gssnull || error_dbench "6" + check_dbench + + # + # * - MDT0: plain + # * - OST0: plain + # + # nothing should be changed because they are override by above dir rules + # + set_rule $FSNAME-MDT0000 any any plain + set_rule $FSNAME-OST0000 any any plain + wait_flavor mdt2mdt gssnull || error_dbench "7" + wait_flavor cli2mdt gssnull || error_dbench "8" + check_dbench + wait_flavor mdt2ost gssnull || error_dbench "9" + wait_flavor cli2ost gssnull || error_dbench "10" + + # + # delete all dir-specific rules + # + set_rule $FSNAME any mdt2mdt + set_rule $FSNAME any cli2mdt + set_rule $FSNAME any mdt2ost + set_rule $FSNAME any cli2ost + wait_flavor mdt2mdt gssnull $((MDSCOUNT - 1)) || error_dbench "11" + wait_flavor cli2mdt gssnull $(get_clients_mount_count) || + error_dbench "12" + check_dbench + wait_flavor mdt2ost gssnull $MDSCOUNT || error_dbench "13" + wait_flavor cli2ost gssnull $(get_clients_mount_count) || + error_dbench "14" + check_dbench + + # + # remove: + # * - MDT0: gssnull + # * - OST0: gssnull + # + set_rule $FSNAME-MDT0000 any any + set_rule $FSNAME-OST0000 any any || error_dbench "15" + wait_flavor all2all plain || error_dbench "16" + check_dbench + + stop_dbench } run_test 100 "change security flavor on the fly under load" @@ -882,7 +418,7 @@ switch_sec_test() log ">>>>>>>>>>>>>>> Testing $flavor0 -> $flavor1 <<<<<<<<<<<<<<<<<<<" set_rule $FSNAME any cli2mdt $flavor0 - wait_flavor cli2mdt $flavor0 $cnt_cli2mdt + wait_flavor cli2mdt $flavor0 rm -f $filename || error "remove old $filename failed" #MDS_REINT = 36 @@ -890,13 +426,13 @@ switch_sec_test() do_facet $SINGLEMDS lctl set_param fail_val=36 do_facet $SINGLEMDS lctl set_param fail_loc=0x513 log "starting multiop" - multiop $filename m & + $MULTIOP $filename m & multiop_pid=$! echo "multiop pid=$multiop_pid" sleep 1 set_rule $FSNAME any cli2mdt $flavor1 - wait_flavor cli2mdt $flavor1 $cnt_cli2mdt + wait_flavor cli2mdt $flavor1 num=`ps --no-headers -p $multiop_pid 2>/dev/null | wc -l` [ $num -eq 1 ] || error "multiop($multiop_pid) already ended ($num)" @@ -909,19 +445,15 @@ switch_sec_test() test_101() { - # started from default flavors - restore_to_default_flavor + # started from default flavors + restore_to_default_flavor - switch_sec_test null plain - switch_sec_test plain krb5n - switch_sec_test krb5n krb5a - switch_sec_test krb5a krb5i - switch_sec_test krb5i krb5p - switch_sec_test krb5p null - switch_sec_test null krb5p - switch_sec_test krb5p krb5i - switch_sec_test krb5i plain - switch_sec_test plain krb5p + switch_sec_test null plain + switch_sec_test plain gssnull + switch_sec_test gssnull null + switch_sec_test null gssnull + switch_sec_test gssnull plain + switch_sec_test plain gssnull } run_test 101 "switch ctx/sec for resending request" @@ -942,32 +474,29 @@ test_102() { # run dbench background start_dbench - echo "Testing null->krb5n->krb5a->krb5i->krb5p->plain->null" - set_rule $FSNAME any any krb5n - set_rule $FSNAME any any krb5a - set_rule $FSNAME any any krb5i - set_rule $FSNAME any any krb5p - set_rule $FSNAME any any plain - set_rule $FSNAME any any null + echo "Testing null->gssnull->plain->null" + set_rule $FSNAME any any gssnull + set_rule $FSNAME any any plain + set_rule $FSNAME any any null check_dbench - wait_flavor all2all null $cnt_all2all || error_dbench "1" + wait_flavor all2all null || error_dbench "1" check_dbench echo "waiting for 15s and check again" sleep 15 check_dbench - echo "Testing null->krb5i->null->krb5i->null..." - for ((i=0; i<10; i++)); do - set_rule $FSNAME any any krb5i - set_rule $FSNAME any any null - done - set_rule $FSNAME any any krb5i + echo "Testing null->gssnull->null->gssnull->null..." + for ((i=0; i<10; i++)); do + set_rule $FSNAME any any gssnull + set_rule $FSNAME any any null + done + set_rule $FSNAME any any gssnull - check_dbench - wait_flavor all2all krb5i $cnt_all2all || error_dbench "2" - check_dbench + check_dbench + wait_flavor all2all gssnull || error_dbench "2" + check_dbench echo "waiting for 15s and check again" sleep 15 @@ -996,9 +525,9 @@ test_150() { # mount client with conflict flavor - should fail save_opts=$MOUNTOPT - MOUNTOPT="$MOUNTOPT,mgssec=krb5p" - zconf_mount_clients $clients $MOUNT && \ - error "mount with conflict flavor should have failed" + MOUNTOPT="$MOUNTOPT,mgssec=gssnull" + zconf_mount_clients $clients $MOUNT && + error "mount with conflict flavor should have failed" MOUNTOPT=$save_opts # mount client with same flavor - should succeed @@ -1016,10 +545,10 @@ test_150() { run_test 150 "secure mgs connection: client flavor setting" test_151() { - local save_opts + local save_opts - # set mgs only accept krb5p - set_rule _mgs any any krb5p + # set mgs only accept gssnull + set_rule _mgs any any gssnull # umount everything, modules still loaded stopall @@ -1037,14 +566,15 @@ test_151() { # mount with designated flavor should succeed save_opts=$MDS_MOUNT_OPTS - MDS_MOUNT_OPTS="$MDS_MOUNT_OPTS,mgssec=krb5p" - start mds1 $DEVNAME $MDS_MOUNT_OPTS || error "mount with designated flavor should have succeeded" - MDS_MOUNT_OPTS=$save_opts + MDS_MOUNT_OPTS="$MDS_MOUNT_OPTS,mgssec=gssnull" + start mds1 $DEVNAME $MDS_MOUNT_OPTS || + error "mount with designated flavor should have succeeded" + MDS_MOUNT_OPTS=$save_opts - stop mds1 -f + stop mds1 -f } run_test 151 "secure mgs connection: server flavor control" -equals_msg `basename $0`: test complete, cleaning up +complete $SECONDS check_and_cleanup_lustre -[ -f "$TESTSUITELOG" ] && cat $TESTSUITELOG && grep -q FAIL $TESTSUITELOG && exit 1 || true +exit_status