tiago/pve-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pve-manager/debian/postinst
Fiona Ebner adcc7b2083 d/postinst: lvm config: check that --clear-needs-check-flag is set if there is a thin_check_options override 
Quoting the commit message from [0] verbatim:

thin_check v1.0.x reveals data block ref count issue that is not being
detected by previous versions, which blocks the pool from activation if
there are any leaked blocks. To reduce potential user complaints on
inactive pools after upgrading and also maintain backward compatibility
between LVM and older thin_check, we decided to adopt the 'auto-repair'
functionality in the --clear-needs-check-flag option, rather than
passing --auto-repair from lvm.conf.

[0]: eb28ab94

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Link: https://lore.proxmox.com/all/20250808140419.119992-3-f.ebner@proxmox.com
2025-08-08 16:13:15 +02:00

258 lines
9.7 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/sh
# Abort if any command returns an error value
set -e
# This script is called as the last step of the installation of the package.
# All the package's files are in place, dpkg has already done its automatic
# conffile handling, and all the packages we depend of are already fully
# installed and configured.
set_lvm_conf() {
# shellcheck disable=SC3043
local FORCE="$1"
LVM_CONF_MARKER="# added by pve-manager to avoid scanning"
if [ ! -e /etc/lvm/lvm.conf ]; then
echo "No /etc/lvm/lvm.conf found - skipping checking the global_filter."
return
fi
# keep user changes afterwards provided marker is still there..
if grep -qLF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf && test -z "$FORCE"; then
return 0 # only do these changes once
fi
export LVM_SUPPRESS_FD_WARNINGS=1
OLD_VALUE="$(lvmconfig --typeconfig diff devices/global_filter || true)"
NEW_VALUE='global_filter=["r|/dev/zd.*|","r|/dev/rbd.*|"]'
# update global_filter if:
# it is empty and there is no marker OR exactly the one we set before 8.1.4
if (! grep -qF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf && test -z "$OLD_VALUE")\
|| (echo "$OLD_VALUE" | grep -qF '="r|/dev/zd.*|"');
then
SET_FILTER=1
BACKUP=1
# print warning if global_filter is set but not our old/new default
elif test -n "$OLD_VALUE"\
&& ! echo "$OLD_VALUE" | grep -qF '="r|/dev/zd.*|"'\
&& ! echo "$OLD_VALUE" | grep -qF "$NEW_VALUE";
then
echo "non-default 'global_filter' value '$OLD_VALUE' in /etc/lvm/lvm.conf, not setting '$NEW_VALUE' automatically"
echo "consider adapting your 'global_filter' manually."
fi
# should be the default since bullseye
if lvmconfig --typeconfig full devices/scan_lvs | grep -qv 'scan_lvs=0'; then
SET_SCAN_LVS=1
BACKUP=1
fi
if test -n "$BACKUP"; then
echo "Backing up lvm.conf before setting pve-manager specific settings.."
cp -vb /etc/lvm/lvm.conf /etc/lvm/lvm.conf.bak
fi
NEW_MARKER="$LVM_CONF_MARKER ZFS zvols and Ceph rbds"
if test -n "$SET_FILTER"; then
echo "Setting 'global_filter' in /etc/lvm/lvm.conf to prevent zvols and rbds from being scanned:"
echo "$OLD_VALUE => $NEW_VALUE"
if test -n "$OLD_VALUE"; then
if grep -qLF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf; then
sed -i -e "s/$LVM_CONF_MARKER ZFS zvols/$NEW_MARKER/" /etc/lvm/lvm.conf
sed -i -e 's!^\([[:space:]]*\)\(global_filter[[:space:]]*=.*\)$!\1# \2\n\1'"$NEW_VALUE"'!' /etc/lvm/lvm.conf
else
sed -i -e 's!^\([[:space:]]*\)\(global_filter[[:space:]]*=.*\)$!\1# \2\n\1'"$NEW_MARKER"'\n\1'"$NEW_VALUE"'!' /etc/lvm/lvm.conf
fi
else
cat >> /etc/lvm/lvm.conf <<EOF
devices {
$NEW_MARKER
$NEW_VALUE
}
EOF
fi
fi
if test -n "$SET_SCAN_LVS"; then
echo "Adding scan_lvs=0 setting to /etc/lvm/lvm.conf to prevent LVs from being scanned."
# comment out existing setting
sed -i -e 's/^\([[:space:]]*scan_lvs[[:space:]]*=\)/#\1/' /etc/lvm/lvm.conf
# add new section with our setting
cat >> /etc/lvm/lvm.conf <<EOF
devices {
$LVM_CONF_MARKER LVM volumes
scan_lvs=0
}
EOF
fi
if ! lvmconfig --validate; then
echo "Invalid LVM config detected - restoring from /etc/lvm/lvm.conf.bak"
mv /etc/lvm/lvm.conf.bak /etc/lvm/lvm.conf
fi
}
update_ceph_conf() {
UNIT='ceph-crash.service'
# Don't fail in case user has "exotic" configuration where RADOS
# isn't available on all nodes for some reason
/usr/share/pve-manager/helpers/pve-init-ceph-crash || true
if systemctl -q is-enabled "$UNIT" 2> /dev/null; then
deb-systemd-invoke restart "$UNIT" || true
fi
}
migrate_apt_auth_conf() {
output=""
removed=""
match=0
while read -r l; do
if echo "$l" | grep -q "^machine enterprise.proxmox.com/debian/pve"; then
match=1
elif echo "$l" | grep -q "machine"; then
match=0
fi
if test "$match" = "1"; then
removed="$removed\n$l"
else
output="$output\n$l"
fi
done < /etc/apt/auth.conf
if test -n "$removed"; then
if test ! -e /etc/apt/auth.conf.d/pve.conf; then
echo "Migrating APT auth config for enterprise.proxmox.com to /etc/apt/auth.conf.d/pve.conf .."
echo "$removed" > /etc/apt/auth.conf.d/pve.conf
else
echo "Removing stale APT auth config from /etc/apt/auth.conf"
fi
echo "$output" > /etc/apt/auth.conf
fi
}
# Copied from dh_installtmpfiles/13.24.2
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
if [ -x "$(command -v systemd-tmpfiles)" ]; then
systemd-tmpfiles ${DPKG_ROOT:+--root="$DPKG_ROOT"} --create pve-manager.conf || true
fi
fi
case "$1" in
triggered)
# We don't print a status message here, as dpkg already said
# "Processing triggers for ...".
# test if /etc/pve is mounted; else simple exit to avoid
# error during updates
test -f /etc/pve/local/pve-ssl.pem || exit 0;
test -e /proxmox_install_mode && exit 0;
# the ExecStartPre doesn't triggers on service reload, so just in case
pvecm updatecerts --silent || true
deb-systemd-invoke reload-or-try-restart pvedaemon.service || true
deb-systemd-invoke reload-or-try-restart pvestatd.service || true
deb-systemd-invoke reload-or-try-restart pveproxy.service || true
deb-systemd-invoke reload-or-try-restart spiceproxy.service || true
deb-systemd-invoke reload-or-try-restart pvescheduler.service || true
exit 0;;
configure)
# Configure this package. If the package must prompt the user for
# information, do it here.
mkdir /etc/pve 2>/dev/null || true
if test ! -e /var/lib/pve-manager/apl-info/download.proxmox.com; then
mkdir -p /var/lib/pve-manager/apl-info
cp /usr/share/doc/pve-manager/aplinfo.dat /var/lib/pve-manager/apl-info/download.proxmox.com
pveam update || true
fi
systemctl --system daemon-reload >/dev/null || true
# same as dh_systemd_enable (code copied)
UNITS="pvedaemon.service pveproxy.service spiceproxy.service pvestatd.service pvebanner.service pvescheduler.service pve-daily-update.timer"
NO_RESTART_UNITS="pvenetcommit.service pve-guests.service pve-sdn-commit.service pve-firewall-commit.service"
for unit in ${UNITS} ${NO_RESTART_UNITS}; do
deb-systemd-helper unmask "$unit" >/dev/null || true
# was-enabled defaults to true, so new installations run enable.
if deb-systemd-helper --quiet was-enabled "$unit"; then
# Enables the unit on first installation, creates new
# symlinks on upgrades if the unit file has changed.
deb-systemd-helper enable "$unit" >/dev/null || true
else
# Update the statefile to add new symlinks (if any), which need to be
# cleaned up on purge. Also remove old symlinks.
deb-systemd-helper update-state "$unit" >/dev/null || true
fi
done
BETA_SOURCES="/etc/apt/sources.list.d/pve-test-for-beta.sources"
if test -f "$BETA_SOURCES" && dpkg --compare-versions "$2" 'lt' '9.0.1' && dpkg --compare-versions "$2" 'gt' '9.0~~'; then
printf "\nNOTE: Remove the pve-test repository, which was added during the beta phase.\nYou can (re-)add repositories on the web UI (Node -> Repositories)\n\n"
rm -v "$BETA_SOURCES" || true
fi
if test ! -e /proxmox_install_mode && test -n "$2" && dpkg --compare-versions "$2" 'lt' '8.1.4~'; then
# TODO: remove with PVE 10
# pass FORCE as we want to ensure the filter for RBDs gets added to our existing one.
set_lvm_conf 1
else
set_lvm_conf
fi
if test -n "$2" && dpkg --compare-versions "$2" 'lt' '8.1.11'; then
update_ceph_conf
fi
if test ! -e /proxmox_install_mode; then
# modeled after code generated by dh_start
for unit in ${UNITS}; do
if test -n "$2"; then
dh_action="reload-or-restart";
else
dh_action="start"
fi
if systemctl -q is-enabled "$unit"; then
deb-systemd-invoke $dh_action "$unit" || true
fi
done
fi
if test ! -e /proxmox_install_mode && test -n "$2" && dpkg --compare-versions "$2" 'lt' '7.2-11~'; then
if test -e /etc/apt/auth.conf ; then
migrate_apt_auth_conf
fi
fi
if test -n "$2" && dpkg --compare-versions "$2" 'lt' '9.0.0~15'; then
printf '\n\nNOTE: Migrating existing RRD metrics data from nodes, storages and virtual guests to new PVE format version - this can take some time!\n\n'
/usr/libexec/proxmox/proxmox-rrd-migration-tool --migrate || \
echo "migration failed, see output above for errors and try to migrate existing data manually by running '/usr/libexec/proxmox/proxmox-rrd-migration-tool --migrate'"
fi
if test -n "$2" && dpkg --compare-versions "$2" 'lt' '9.0.4'; then
if test -e /etc/lvm/lvm.conf && grep "^\s*thin_check_options" /etc/lvm/lvm.conf | grep -qv -- "--clear-needs-check-flag"; then
printf '\nNOTE: Detected override for 'thin_check_options' without '--clear-needs-check-flag' option in /etc/lvm/lvm.conf\n'
printf 'Add the option to the override or thin pools with minor issues might not automatically activate anymore!\n\n'
fi
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*) echo "$0: didn't understand being called with \`$1'" 1>&2
exit 0;;
esac
exit 0
Reference in a new issue View git blame Copy permalink