samba - Nov 2020 - CTDB DBDIR Options? Errors

Running into problems configuring different locations for the volatile and
other database directories. Can someone provide a quick sanity check on
what I'm doing below? Thank you.

Given

[database]

   volatile database directory = /var/cache/dbdir/volatile

   persistent database directory = /var/cache/dbdir/persistent

   state database directory = /var/cache/dbdir/state

And given,

[root at use1-samba-server-c25-use1-01 ec2-user]# ls -al /var/cache/dbdir/

total 32

drwxr-xr-x.  6 root root  4096 Nov  4 13:30 .

drwxr-xr-x. 12 root root   145 Nov  4 13:16 ..

drwx------.  2 root root 16384 Nov  4 13:16 lost+found

drwxr-xr-x.  2 root root  4096 Nov  4 13:30 persistent

drwxr-xr-x.  2 root root  4096 Nov  4 13:30 state

drwxr-xr-x.  2 root root  4096 Nov  4 13:30 volatile

Why would we get,

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: volatile
database directory "/var/cache/dbdir/volatile" does not exist

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: conf:
validation for option "volatile database directory" failed

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
persistent database directory "/var/cache/dbdir/persistent" does not
exist

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: conf:
validation for option "persistent database directory" failed

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: state
database directory "/var/cache/dbdir/state" does not exist

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: conf:
validation for option "state database directory" failed

Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: Failed
to load configuration file /etc/ctdb/ctdb.conf

-- 

BOB BUCK
SENIOR PLATFORM SOFTWARE ENGINEER

SKIDMORE, OWINGS & MERRILL
7 WORLD TRADE CENTER
250 GREENWICH STREET
NEW YORK, NY 10007
T  (212) 298-9624
ROBERT.BUCK at SOM.COM

This turns out to be an SELinux issue. Does anyone know the proper commands
to restorecon or otherwise to set the SELinux policy for
persistent/volatile database files moved to a different directory?

Martin or Amitay?

On Wed, Nov 4, 2020 at 9:02 AM Robert Buck <robert.buck at som.com> wrote:
> Running into problems configuring different locations for the volatile and
> other database directories. Can someone provide a quick sanity check on
> what I'm doing below? Thank you.
>
> Given
>
> [database]
>
>    volatile database directory = /var/cache/dbdir/volatile
>
>    persistent database directory = /var/cache/dbdir/persistent
>
>    state database directory = /var/cache/dbdir/state
>
> And given,
>
> [root at use1-samba-server-c25-use1-01 ec2-user]# ls -al /var/cache/dbdir/
>
> total 32
>
> drwxr-xr-x.  6 root root  4096 Nov  4 13:30 .
>
> drwxr-xr-x. 12 root root   145 Nov  4 13:16 ..
>
> drwx------.  2 root root 16384 Nov  4 13:16 lost+found
>
> drwxr-xr-x.  2 root root  4096 Nov  4 13:30 persistent
>
> drwxr-xr-x.  2 root root  4096 Nov  4 13:30 state
>
> drwxr-xr-x.  2 root root  4096 Nov  4 13:30 volatile
>
> Why would we get,
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
> volatile database directory "/var/cache/dbdir/volatile" does not
exist
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: conf:
> validation for option "volatile database directory" failed
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
> persistent database directory "/var/cache/dbdir/persistent" does
not exist
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: conf:
> validation for option "persistent database directory" failed
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: state
> database directory "/var/cache/dbdir/state" does not exist
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: conf:
> validation for option "state database directory" failed
>
> Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]: Failed
> to load configuration file /etc/ctdb/ctdb.conf
>
> --
>
> BOB BUCK
> SENIOR PLATFORM SOFTWARE ENGINEER
>
> SKIDMORE, OWINGS & MERRILL
> 7 WORLD TRADE CENTER
> 250 GREENWICH STREET
> NEW YORK, NY 10007
> T  (212) 298-9624
> ROBERT.BUCK at SOM.COM
>

-- 

BOB BUCK
SENIOR PLATFORM SOFTWARE ENGINEER

SKIDMORE, OWINGS & MERRILL
7 WORLD TRADE CENTER
250 GREENWICH STREET
NEW YORK, NY 10007
T  (212) 298-9624
ROBERT.BUCK at SOM.COM

Hi Bob,

[CC: Amitay, who is better at SeLinux]

On Wed, 4 Nov 2020 09:33:10 -0500, Robert Buck via samba
<samba at lists.samba.org> wrote:
> This turns out to be an SELinux issue. Does anyone know the proper commands
> to restorecon or otherwise to set the SELinux policy for
> persistent/volatile database files moved to a different directory?
I'm not sure if you're asking a question generic enough for these
answers...

The security contexts in question probably depend on the
distribution.

If you run

  ls -Z <olddir>

where <olddir> is the default location for the given database
directory, then you'll find out the context and can use

  chcon <context> <newdir>

to set it.

You also should just be able to do

  chcon --reference=<olddir> <newdir>

I hope that's not too generic...  :-)

peace & happiness,
martin
> On Wed, Nov 4, 2020 at 9:02 AM Robert Buck <robert.buck at som.com>
wrote:
> 
> > Running into problems configuring different locations for the volatile
and
> > other database directories. Can someone provide a quick sanity check
on
> > what I'm doing below? Thank you.
> >
> > Given
> >
> > [database]
> >
> >    volatile database directory = /var/cache/dbdir/volatile
> >
> >    persistent database directory = /var/cache/dbdir/persistent
> >
> >    state database directory = /var/cache/dbdir/state
> >
> > And given,
> >
> > [root at use1-samba-server-c25-use1-01 ec2-user]# ls -al
/var/cache/dbdir/
> >
> > total 32
> >
> > drwxr-xr-x.  6 root root  4096 Nov  4 13:30 .
> >
> > drwxr-xr-x. 12 root root   145 Nov  4 13:16 ..
> >
> > drwx------.  2 root root 16384 Nov  4 13:16 lost+found
> >
> > drwxr-xr-x.  2 root root  4096 Nov  4 13:30 persistent
> >
> > drwxr-xr-x.  2 root root  4096 Nov  4 13:30 state
> >
> > drwxr-xr-x.  2 root root  4096 Nov  4 13:30 volatile
> >
> > Why would we get,
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
> > volatile database directory "/var/cache/dbdir/volatile" does
not exist
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
conf:
> > validation for option "volatile database directory" failed
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
> > persistent database directory "/var/cache/dbdir/persistent"
does not exist
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
conf:
> > validation for option "persistent database directory" failed
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
state
> > database directory "/var/cache/dbdir/state" does not exist
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
conf:
> > validation for option "state database directory" failed
> >
> > Nov 04 13:58:49 use1-samba-server-c25-use1-01 ctdbd_wrapper[6558]:
Failed
> > to load configuration file /etc/ctdb/ctdb.conf