--- loncom/loncron 2012/02/17 22:47:39 1.95.10.1
+++ loncom/loncron 2018/11/18 22:50:46 1.114
@@ -2,7 +2,7 @@
# Housekeeping program, started by cron, loncontrol and loncron.pl
#
-# $Id: loncron,v 1.95.10.1 2012/02/17 22:47:39 raeburn Exp $
+# $Id: loncron,v 1.114 2018/11/18 22:50:46 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -32,6 +32,7 @@ use strict;
use lib '/home/httpd/lib/perl/';
use LONCAPA::Configuration;
+use LONCAPA::Checksumming;
use LONCAPA;
use Apache::lonnet;
use Apache::loncommon;
@@ -40,6 +41,9 @@ use IO::File;
use IO::Socket;
use HTML::Entities;
use Getopt::Long;
+use GDBM_File;
+use Storable qw(thaw);
+use File::ReadBackwards;
#globals
use vars qw (%perlvar %simplestatus $errors $warnings $notices $totalcount);
@@ -110,17 +114,20 @@ sub checkon_daemon {
my $result;
&log($fh,'<hr /><a name="'.$daemon.'" /><h2>'.$daemon.'</h2><h3>Log</h3><p style="white-space: pre;"><tt>');
printf("%-15s ",$daemon);
- if (-e "$perlvar{'lonDaemons'}/logs/$daemon.log"){
- open (DFH,"tail -n25 $perlvar{'lonDaemons'}/logs/$daemon.log|");
- while (my $line=<DFH>) {
- &log($fh,"$line");
- if ($line=~/INFO/) { $notices++; }
- if ($line=~/WARNING/) { $notices++; }
- if ($line=~/CRITICAL/) { $warnings++; }
- };
- close (DFH);
+ if ($fh) {
+ if (-e "$perlvar{'lonDaemons'}/logs/$daemon.log"){
+ if (open(DFH,"tail -n25 $perlvar{'lonDaemons'}/logs/$daemon.log|")) {
+ while (my $line=<DFH>) {
+ &log($fh,"$line");
+ if ($line=~/INFO/) { $notices++; }
+ if ($line=~/WARNING/) { $notices++; }
+ if ($line=~/CRITICAL/) { $warnings++; }
+ }
+ close (DFH);
+ }
+ }
+ &log($fh,"</tt></p>");
}
- &log($fh,"</tt></p>");
my $pidfile="$perlvar{'lonDaemons'}/logs/$daemon.pid";
@@ -156,14 +163,17 @@ sub checkon_daemon {
$errors++;
my $kadaemon=$daemon;
if ($kadaemon eq 'lonmemcached') { $kadaemon='memcached'; }
- &log($fh,'<br><font color="red">Killall '.$daemon.': '.
+ &log($fh,'<br /><font color="red">Killall '.$daemon.': '.
`killall $kadaemon 2>&1`.' - ');
sleep 1;
&log($fh,unlink($pidfile).' - '.
`killall -9 $kadaemon 2>&1`.
- '</font><br>');
+ '</font><br />');
+ if ($kadaemon eq 'loncnew') {
+ &clean_lonc_childpids();
+ }
&log($fh,"<h3>$daemon not running, trying to start</h3>");
-
+
if (&start_daemon($fh,$daemon,$pidfile,$args)) {
&log($fh,"<h3>$daemon at pid $daemonpid responding</h3>");
$simplestatus{$daemon}='restarted';
@@ -188,17 +198,19 @@ sub checkon_daemon {
&log($fh,"<p>Unable to start $daemon</p>");
}
}
-
- if (-e "$perlvar{'lonDaemons'}/logs/$daemon.log"){
- &log($fh,"<p><pre>");
- open (DFH,"tail -n100 $perlvar{'lonDaemons'}/logs/$daemon.log|");
- while (my $line=<DFH>) {
- &log($fh,"$line");
- if ($line=~/WARNING/) { $notices++; }
- if ($line=~/CRITICAL/) { $notices++; }
- };
- close (DFH);
- &log($fh,"</pre></p>");
+ if ($fh) {
+ if (-e "$perlvar{'lonDaemons'}/logs/$daemon.log"){
+ &log($fh,"<p><pre>");
+ if (open(DFH,"tail -n100 $perlvar{'lonDaemons'}/logs/$daemon.log|")) {
+ while (my $line=<DFH>) {
+ &log($fh,"$line");
+ if ($line=~/WARNING/) { $notices++; }
+ if ($line=~/CRITICAL/) { $notices++; }
+ }
+ close (DFH);
+ }
+ &log($fh,"</pre></p>");
+ }
}
}
@@ -270,12 +282,7 @@ sub log_machine_info {
&log($fh,"<h3>distprobe</h3>");
&log($fh,"<pre>");
- open(DSH,"$perlvar{'lonDaemons'}/distprobe |");
- while (my $line=<DSH>) {
- &log($fh,&encode_entities($line,'<>&"'));
- $psproc++;
- }
- close(DSH);
+ &log($fh,&encode_entities(&LONCAPA::distro(),'<>&"'));
&log($fh,"</pre>");
&errout($fh);
@@ -289,9 +296,11 @@ sub start_logging {
&log($fh,(<<ENDHEADERS));
-<html>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>LON Status Report $perlvar{'lonHostID'}</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body bgcolor="#AAAAAA">
<a name="top" />
@@ -302,6 +311,7 @@ sub start_logging {
<li><a href="#machine">Machine Information</a></li>
<li><a href="#tmp">Temporary Files</a></li>
<li><a href="#tokens">Session Tokens</a></li>
+<li><a href="#webdav">WebDAV Session Tokens</a></li>
<li><a href="#httpd">httpd</a></li>
<li><a href="#lonsql">lonsql</a></li>
<li><a href="#lond">lond</a></li>
@@ -332,15 +342,20 @@ ENDHEADERS
"</td><td>".$role.
"</td><td>".&Apache::lonnet::hostname($id)."</td></tr>\n");
}
- &log($fh,"</table><h3>Spare Hosts</h3><ul>");
- foreach my $type (sort(keys(%Apache::lonnet::spareid))) {
- &log($fh,"<li>$type\n<ol>");
- foreach my $id (@{ $Apache::lonnet::spareid{$type} }) {
- &log($fh,"<li>$id</li>\n");
- }
- &log($fh,"</ol>\n</li>\n");
+ &log($fh,"</table><h3>Spare Hosts</h3>");
+ if (keys(%Apache::lonnet::spareid) > 0) {
+ &log($fh,"<ul>");
+ foreach my $type (sort(keys(%Apache::lonnet::spareid))) {
+ &log($fh,"<li>$type\n<ol>");
+ foreach my $id (@{ $Apache::lonnet::spareid{$type} }) {
+ &log($fh,"<li>$id</li>\n");
+ }
+ &log($fh,"</ol>\n</li>\n");
+ }
+ &log($fh,"</ul>\n");
+ } else {
+ &log($fh,"No spare hosts specified<br />\n");
}
- &log($fh,"</ul>\n");
return $fh;
}
@@ -486,7 +501,7 @@ sub clean_lonIDs {
my $since=$now-$mtime;
if ($since>$perlvar{'lonExpire'}) {
$cleaned++;
- &log($fh,"Unlinking $fname<br>");
+ &log($fh,"Unlinking $fname<br />");
unlink("$fname");
} else {
$active++;
@@ -496,6 +511,32 @@ sub clean_lonIDs {
&log($fh,"<h3>$active open session(s)</h3>");
}
+# ------------------------------------------------ clean out webDAV Session IDs
+sub clean_webDAV_sessionIDs {
+ my ($fh)=@_;
+ if ($perlvar{'lonRole'} eq 'library') {
+ &log($fh,'<hr /><a name="webdav" /><h2>WebDAV Session Tokens</h2>');
+ my $cleaned=0;
+ my $active=0;
+ my $now = time;
+ if (-d $perlvar{'lonDAVsessDir'}) {
+ while (my $fname=<$perlvar{'lonDAVsessDir'}/*>) {
+ my @stats = stat($fname);
+ my $since=$now-$stats[9];
+ if ($since>$perlvar{'lonExpire'}) {
+ $cleaned++;
+ &log($fh,"Unlinking $fname<br />");
+ unlink("$fname");
+ } else {
+ $active++;
+ }
+ }
+ &log($fh,"<p>Cleaned up ".$cleaned." stale webDAV session token(s).</p>");
+ &log($fh,"<h3>$active open webDAV session(s)</h3>");
+ }
+ }
+}
+
# ----------------------------------------------------------- clean out sockets
sub clean_sockets {
my ($fh)=@_;
@@ -530,7 +571,7 @@ sub check_httpd_logs {
sub rotate_lonnet_logs {
my ($fh)=@_;
&log($fh,'<hr /><a name="lonnet" /><h2>lonnet</h2><h3>Temp Log</h3><pre>');
- print "checking logs\n";
+ print "Checking logs.\n";
if (-e "$perlvar{'lonDaemons'}/logs/lonnet.log"){
open (DFH,"tail -n50 $perlvar{'lonDaemons'}/logs/lonnet.log|");
while (my $line=<DFH>) {
@@ -574,7 +615,7 @@ sub rotate_other_logs {
sub test_connections {
my ($fh)=@_;
&log($fh,'<hr /><a name="connections" /><h2>Connections</h2>');
- print "testing connections\n";
+ print "Testing connections.\n";
&log($fh,"<table border='2'>");
my ($good,$bad)=(0,0);
my %hostname = &Apache::lonnet::all_hostnames();
@@ -606,29 +647,199 @@ sub test_connections {
# ------------------------------------------------------------ Delayed messages
sub check_delayed_msg {
- my ($fh)=@_;
+ my ($fh,$weightsref,$exclusionsref)=@_;
&log($fh,'<hr /><a name="delayed" /><h2>Delayed Messages</h2>');
- print "checking buffers\n";
+ print "Checking buffers.\n";
&log($fh,'<h3>Scanning Permanent Log</h3>');
my $unsend=0;
+ my $ignored=0;
- my $dfh=IO::File->new("$perlvar{'lonDaemons'}/logs/lonnet.perm.log");
- while (my $line=<$dfh>) {
- my ($time,$sdf,$dserv,$dcmd)=split(/:/,$line);
- if ($sdf eq 'F') {
- my $local=localtime($time);
- &log($fh,"<b>Failed: $time, $dserv, $dcmd</b><br>");
- $warnings++;
- }
- if ($sdf eq 'S') { $unsend--; }
- if ($sdf eq 'D') { $unsend++; }
+ my %hostname = &Apache::lonnet::all_hostnames();
+ my $numhosts = scalar(keys(%hostname));
+ my $checkbackwards = 0;
+ my $checkfrom = 0;
+ my $checkexcluded = 0;
+ my (%bymachine,%weights,%exclusions,%serverhomes);
+ if (ref($weightsref) eq 'HASH') {
+ %weights = %{$weightsref};
+ }
+ if (ref($exclusionsref) eq 'HASH') {
+ %exclusions = %{$exclusionsref};
+ if (keys(%exclusions)) {
+ $checkexcluded = 1;
+ %serverhomes = &read_serverhomeIDs();
+ }
}
- &log($fh,"<p>Total unsend messages: <b>$unsend</b></p>\n");
- if ($unsend > 0) {
- $warnings=$warnings+5*$unsend;
+#
+# For LON-CAPA 1.2.0 to 2.1.3 (release dates: 8/31/2004 and 3/31/2006) any
+# entry logged in lonnet.perm.log for completion of a delayed (critical)
+# transaction lacked the hostID for the remote node to which the command
+# to be completed was sent.
+#
+# Because of this, exclusion of items in lonnet.perm.log for nodes which are
+# no longer part of the cluster from adding to the overall "unsend" count
+# needs additional effort besides the changes made in loncron rev. 1.105.
+#
+# For "S" (completion) events logging in LON-CAPA 1.2.0 through 2.1.3 included
+# "LondTransaction=HASH(hexadecimal)->getClient() :$cmd, where the hexadecimal
+# is a memory location, and $cmd is the command sent to the remote node.
+#
+# Starting with 2.2.0 (released 8/21/2006) logging for "S" (completion) events
+# had sethost:$host_id:$cmd after LondTransaction=HASH(hexadecimal)->getClient()
+#
+# Starting with 2.4.1 (released 6/13/2007) logging for "S" replaced echoing the
+# getClient() call with the result of the Transaction->getClient() call itself
+# undef for completion of delivery of a delayed message.
+#
+# The net effect of these changes is that lonnet.perm.log is now accessed three
+# times: (a) oldest record is checked, if earlier than release date for 2.5.0
+# then (b) file is read backwards, with timestamp recorded for most recent
+# instance of logged "S" event for "update" command without "sethost:$host_id:"
+# then (c) file is read forward with records ignored which predate the timestamp
+# recorded in (b), if one was found.
+#
+# In (c), when calculating the unsend total, i.e., the difference between delayed
+# transactions ("D") and sent transactions ("S"), transactions are ignored if the
+# target node is no longer in the cluster, and also (for "update" commands), if
+# the target node is in the list of nodes excluded from the count, in the domain
+# configuration for this machine's default domain. The idea here is to remove
+# delayed "update" commands for nodes for which inbound access to port 5663,
+# is blocked, but are still part of the LON-CAPA network, (i.e., they can still
+# replicate content from other nodes).
+#
+
+ my $dfh=IO::File->new("$perlvar{'lonDaemons'}/logs/lonnet.perm.log","r");
+ if (defined($dfh)) {
+ while (my $line=<$dfh>) {
+ my ($time,$sdf,$rest)=split(/:/,$line,3);
+ if ($time < 1541185772) {
+ $checkbackwards = 1;
+ }
+ last;
+ }
+ undef $dfh;
+ }
+
+ if ($checkbackwards) {
+ if (tie *BW, 'File::ReadBackwards', "$perlvar{'lonDaemons'}/logs/lonnet.perm.log") {
+ while(my $line=<BW>) {
+ if ($line =~ /\QLondTransaction=HASH\E[^:]+:update:/) {
+ ($checkfrom) = split(/:/,$line,2);
+ last;
+ }
+ }
+ close(BW);
+ }
+ }
+ $dfh=IO::File->new("$perlvar{'lonDaemons'}/logs/lonnet.perm.log","r");
+ if (defined($dfh)) {
+ while (my $line=<$dfh>) {
+ my ($time,$sdf,$rest)=split(/:/,$line,3);
+ next unless (($sdf eq 'F') || ($sdf eq 'S') || ($sdf eq 'D'));
+ next if (($checkfrom) && ($time <= $checkfrom));
+ my ($dserv,$dcmd);
+ if ($sdf eq 'S') {
+ my ($serva,$cmda,$servb,$cmdb) = split(/:/,$rest);
+ if ($cmda eq 'sethost') {
+ chomp($cmdb);
+ $dcmd = $cmdb;
+ } else {
+ $dcmd = $cmda;
+ }
+ if (($serva =~ /^LondTransaction/) || ($serva eq '')) {
+ unless (($servb eq '') || ($servb =~ m{^/})) {
+ $dserv = $servb;
+ }
+ } else {
+ $dserv = $serva;
+ }
+ } else {
+ ($dserv,$dcmd) = split(/:/,$rest);
+ }
+ if ($sdf eq 'F') {
+ my $local=localtime($time);
+ &log($fh,"<b>Failed: $time, $dserv, $dcmd</b><br />");
+ $warnings++;
+ }
+ next if ((($dserv eq '') || ($dcmd eq '')) && ($sdf ne 'F'));
+ if ($sdf eq 'S') {
+ if ($dcmd eq 'update') {
+ if ($hostname{$dserv}) {
+ if ($exclusions{$serverhomes{$hostname{$dserv}}}) {
+ $ignored --;
+ } else {
+ $unsend --;
+ }
+ }
+ if (exists($bymachine{$dserv})) {
+ $bymachine{$dserv} --;
+ } else {
+ $bymachine{$dserv} = -1;
+ }
+ } else {
+ if ($hostname{$dserv}) {
+ $unsend --;
+ }
+ }
+ } elsif ($sdf eq 'D') {
+ if ($dcmd eq 'update') {
+ if ($hostname{$dserv}) {
+ if ($exclusions{$serverhomes{$hostname{$dserv}}}) {
+ $ignored ++;
+ } else {
+ $unsend ++;
+ }
+ }
+ if (exists($bymachine{$dserv})) {
+ $bymachine{$dserv} ++;
+ } else {
+ $bymachine{$dserv} = 1;
+ }
+ } else {
+ if ($hostname{$dserv}) {
+ $unsend ++;
+ }
+ }
+ }
+ }
+ undef $dfh;
+ my $nodest = 0;
+ my $retired = 0;
+ my %active;
+ if (keys(%bymachine)) {
+ unless ($checkexcluded) {
+ %serverhomes = &read_serverhomeIDs();
+ }
+ foreach my $key (keys(%bymachine)) {
+ if ($bymachine{$key} > 0) {
+ if ($hostname{$key}) {
+ $active{$serverhomes{$hostname{$key}}} += $bymachine{$key};
+ } else {
+ $retired ++;
+ $nodest += $bymachine{$key};
+ }
+ }
+ }
+ }
+ if (keys(%active)) {
+ &log($fh,"<p>Unsend messages by node, active (undegraded) nodes in cluster</p>\n");
+ foreach my $key (sort(keys(%active))) {
+ &log($fh,&encode_entities("$key => $active{$key}",'<>&"')."\n");
+ }
+ }
+ &log($fh,"<p>Total unsend messages: <b>$unsend</b> for ".scalar(keys(%active))." active (undegraded) nodes in cluster.</p>\n");
+ if (keys(%exclusions) > 0) {
+ &log($fh,"<p>Total incomplete updates <b>$ignored</b> for ".scalar(keys(%exclusions))." degraded nodes in cluster.</p>\n");
+ }
+ if ($retired) {
+ &log($fh,"<p>Total unsent <b>$nodest</b> for $retired nodes no longer in cluster.</p>\n");
+ }
+ if ($unsend > 0) {
+ $warnings=$warnings+$weights{'U'}*$unsend;
+ }
}
if ($unsend) { $simplestatus{'unsend'}=$unsend; }
@@ -643,8 +854,6 @@ sub check_delayed_msg {
}
&log($fh,"</pre>\n");
close (DFH);
- my %hostname = &Apache::lonnet::all_hostnames();
- my $numhosts = scalar(keys(%hostname));
# pong to all servers that have delayed messages
# this will trigger a reverse connection, which should flush the buffers
foreach my $tryserver (sort(keys(%servers))) {
@@ -658,7 +867,7 @@ sub check_delayed_msg {
};
if ($@ && $@ =~ m/TIMEOUT/) {
&log($fh,"Attempted pong to $tryserver timed out<br />");
- print "time out while contacting: $tryserver for pong\n";
+ print "Time out while contacting: $tryserver for pong.\n";
} else {
&log($fh,"Pong to $tryserver: $answer<br />");
}
@@ -669,15 +878,19 @@ sub check_delayed_msg {
}
sub finish_logging {
- my ($fh)=@_;
+ my ($fh,$weightsref)=@_;
+ my %weights;
+ if (ref($weightsref) eq 'HASH') {
+ %weights = %{$weightsref};
+ }
&log($fh,"<a name='errcount' />\n");
- $totalcount=$notices+4*$warnings+100*$errors;
+ $totalcount=($weights{'N'}*$notices)+($weights{'W'}*$warnings)+($weights{'E'}*$errors);
&errout($fh);
&log($fh,"<h1>Total Error Count: $totalcount</h1>");
my $now=time;
my $date=localtime($now);
&log($fh,"<hr />$date ($now)</body></html>\n");
- print "lon-status webpage updated\n";
+ print "lon-status webpage updated.\n";
$fh->close();
if ($errors) { $simplestatus{'errors'}=$errors; }
@@ -698,83 +911,449 @@ sub log_simplestatus {
}
sub write_loncaparevs {
- print "Retrieving LON-CAPA version information\n";
- if (open(my $fh,">$perlvar{'lonTabDir'}/loncaparevs.tab")) {
- my %hostname = &Apache::lonnet::all_hostnames();
- foreach my $id (sort(keys(%hostname))) {
- if ($id ne '') {
- my $loncaparev;
+ print "Retrieving LON-CAPA version information.\n";
+ my %hostname = &Apache::lonnet::all_hostnames();
+ my $output;
+ foreach my $id (sort(keys(%hostname))) {
+ if ($id ne '') {
+ my $loncaparev;
+ eval {
+ local $SIG{ ALRM } = sub { die "TIMEOUT" };
+ alarm(10);
+ $loncaparev =
+ &Apache::lonnet::get_server_loncaparev('',$id,1,'loncron');
+ alarm(0);
+ };
+ if ($@ && $@ =~ m/TIMEOUT/) {
+ print "Time out while contacting lonHost: $id for version.\n";
+ }
+ if ($loncaparev =~ /^[\w.\-]+$/) {
+ $output .= $id.':'.$loncaparev."\n";
+ }
+ }
+ }
+ if ($output) {
+ if (open(my $fh,">$perlvar{'lonTabDir'}/loncaparevs.tab")) {
+ print $fh $output;
+ close($fh);
+ &Apache::lonnet::load_loncaparevs();
+ }
+ }
+ return;
+}
+
+sub write_serverhomeIDs {
+ print "Retrieving LON-CAPA lonHostID information.\n";
+ my %name_to_host = &Apache::lonnet::all_names();
+ my $output;
+ foreach my $name (sort(keys(%name_to_host))) {
+ if ($name ne '') {
+ if (ref($name_to_host{$name}) eq 'ARRAY') {
+ my $serverhomeID;
eval {
local $SIG{ ALRM } = sub { die "TIMEOUT" };
alarm(10);
- $loncaparev =
- &Apache::lonnet::get_server_loncaparev('',$id,1,'loncron');
+ $serverhomeID =
+ &Apache::lonnet::get_server_homeID($name,1,'loncron');
alarm(0);
};
if ($@ && $@ =~ m/TIMEOUT/) {
- print "time out while contacting lonHost: $id for version\n";
+ print "Time out while contacting server: $name\n";
}
- if ($loncaparev =~ /^[\w.\-]+$/) {
- print $fh $id.':'.$loncaparev."\n";
+ if ($serverhomeID ne '') {
+ $output .= $name.':'.$serverhomeID."\n";
+ } else {
+ $output .= $name.':'.$name_to_host{$name}->[0]."\n";
}
}
}
- close($fh);
+ }
+ if ($output) {
+ if (open(my $fh,">$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
+ print $fh $output;
+ close($fh);
+ &Apache::lonnet::load_serverhomeIDs();
+ }
}
return;
}
-sub write_serverhomeIDs {
- print "Retrieving LON-CAPA lonHostID information\n";
- if (open(my $fh,">$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
- my %name_to_host = &Apache::lonnet::all_names();
- foreach my $name (sort(keys(%name_to_host))) {
- if ($name ne '') {
- if (ref($name_to_host{$name}) eq 'ARRAY') {
- my $serverhomeID;
- eval {
- local $SIG{ ALRM } = sub { die "TIMEOUT" };
- alarm(10);
- $serverhomeID =
- &Apache::lonnet::get_server_homeID($name,1,'loncron');
- alarm(0);
- };
- if ($@ && $@ =~ m/TIMEOUT/) {
- print "Time out while contacting server: $name\n";
+sub write_checksums {
+ my $distro = &LONCAPA::distro();
+ if ($distro) {
+ print "Retrieving file version and checksumming.\n";
+ my $numchksums = 0;
+ my ($chksumsref,$versionsref) =
+ &LONCAPA::Checksumming::get_checksums($distro,$perlvar{'lonDaemons'},
+ $perlvar{'lonLib'},
+ $perlvar{'lonIncludes'},
+ $perlvar{'lonTabDir'});
+ if (ref($chksumsref) eq 'HASH') {
+ $numchksums = scalar(keys(%{$chksumsref}));
+ }
+ print "File version retrieved and checksumming completed for $numchksums files.\n";
+ } else {
+ print "File version retrieval and checksumming skipped - could not determine Linux distro.\n";
+ }
+ return;
+}
+
+sub clean_nosslverify {
+ my ($fh) = @_;
+ my %unlinked;
+ if (-d "$perlvar{'lonSockDir'}/nosslverify") {
+ if (opendir(my $dh,"$perlvar{'lonSockDir'}/nosslverify")) {
+ while (my $fname=readdir($dh)) {
+ next if ($fname =~ /^\.+$/);
+ if (unlink("/home/httpd/sockets/nosslverify/$fname")) {
+ &log($fh,"Unlinking $fname<br />");
+ $unlinked{$fname} = 1;
+ }
+ }
+ closedir($dh);
+ }
+ }
+ &log($fh,"<p>Removed ".scalar(keys(%unlinked))." nosslverify clients</p>");
+ return %unlinked;
+}
+sub clean_lonc_childpids {
+ my $childpiddir = "$perlvar{'lonDocRoot'}/lon-status/loncchld";
+ if (-d $childpiddir) {
+ if (opendir(my $dh,$childpiddir)) {
+ while (my $fname=readdir($dh)) {
+ next if ($fname =~ /^\.+$/);
+ unlink("$childpiddir/$fname");
+ }
+ closedir($dh);
+ }
+ }
+}
+
+sub write_connection_config {
+ my ($domconf,%connectssl,%changes);
+ $domconf = &get_domain_config();
+ if (ref($domconf) eq 'HASH') {
+ if (ref($domconf->{'ssl'}) eq 'HASH') {
+ foreach my $connect ('connto','connfrom') {
+ if (ref($domconf->{'ssl'}->{$connect}) eq 'HASH') {
+ my ($sslreq,$sslnoreq,$currsetting);
+ my %contypes;
+ foreach my $type ('dom','intdom','other') {
+ $connectssl{$connect.'_'.$type} = $domconf->{'ssl'}->{$connect}->{$type};
+ }
+ }
+ }
+ }
+ if (keys(%connectssl)) {
+ my %currconf;
+ if (open(my $fh,'<',"$perlvar{'lonTabDir'}/connectionrules.tab")) {
+ while (my $line = <$fh>) {
+ chomp($line);
+ my ($name,$value) = split(/=/,$line);
+ if ($value =~ /^(?:no|yes|req)$/) {
+ if ($name =~ /^conn(to|from)_(dom|intdom|other)$/) {
+ $currconf{$name} = $value;
+ }
+ }
+ }
+ close($fh);
+ }
+ if (open(my $fh,'>',"$perlvar{'lonTabDir'}/connectionrules.tab")) {
+ my $count = 0;
+ foreach my $key (sort(keys(%connectssl))) {
+ print $fh "$key=$connectssl{$key}\n";
+ if (exists($currconf{$key})) {
+ unless ($currconf{$key} eq $connectssl{$key}) {
+ $changes{$key} = 1;
+ }
+ } else {
+ $changes{$key} = 1;
}
- if ($serverhomeID ne '') {
- print $fh $name.':'.$serverhomeID."\n";
+ $count ++;
+ }
+ close($fh);
+ print "Completed writing SSL options for lonc/lond for $count items.\n";
+ }
+ } else {
+ print "Writing of SSL options skipped - no connection rules in domain configuration.\n";
+ }
+ } else {
+ print "Retrieval of SSL options for lonc/lond skipped - no configuration data available for domain.\n";
+ }
+ return %changes;
+}
+
+sub get_domain_config {
+ my ($dom,$primlibserv,$isprimary,$url,%confhash);
+ $dom = $perlvar{'lonDefDomain'};
+ $primlibserv = &Apache::lonnet::domain($dom,'primary');
+ if ($primlibserv eq $perlvar{'lonHostID'}) {
+ $isprimary = 1;
+ } elsif ($primlibserv ne '') {
+ my $protocol = $Apache::lonnet::protocol{$primlibserv};
+ my $hostname = &Apache::lonnet::hostname($primlibserv);
+ unless ($protocol eq 'https') {
+ $protocol = 'http';
+ }
+ $url = $protocol.'://'.$hostname.'/cgi-bin/listdomconfig.pl';
+ }
+ if ($isprimary) {
+ my $lonusersdir = $perlvar{'lonUsersDir'};
+ my $fname = $lonusersdir.'/'.$dom.'/configuration.db';
+ if (-e $fname) {
+ my $dbref=&LONCAPA::locking_hash_tie($fname,&GDBM_READER());
+ if (ref($dbref) eq 'HASH') {
+ foreach my $key (sort(keys(%{$dbref}))) {
+ my $value = $dbref->{$key};
+ if ($value =~ s/^__FROZEN__//) {
+ $value = thaw(&LONCAPA::unescape($value));
} else {
- print $fh $name.':'.$name_to_host{$name}->[0]."\n";
+ $value = &LONCAPA::unescape($value);
+ }
+ $confhash{$key} = $value;
+ }
+ &LONCAPA::locking_hash_untie($dbref);
+ }
+ }
+ } else {
+ if (open(PIPE,"wget --no-check-certificate '$url?primary=$primlibserv&format=raw' |")) {
+ my $config = '';
+ while (<PIPE>) {
+ $config .= $_;
+ }
+ close(PIPE);
+ if ($config) {
+ my @pairs=split(/\&/,$config);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/=/,$item,2);
+ my $what = &LONCAPA::unescape($key);
+ if ($value =~ s/^__FROZEN__//) {
+ $value = thaw(&LONCAPA::unescape($value));
+ } else {
+ $value = &LONCAPA::unescape($value);
+ }
+ $confhash{$what}=$value;
+ }
+ }
+ }
+ }
+ return \%confhash;
+}
+
+sub write_hosttypes {
+ my %intdom = &Apache::lonnet::all_host_intdom();
+ my %hostdom = &Apache::lonnet::all_host_domain();
+ my $dom = $hostdom{$perlvar{'lonHostID'}};
+ my $internetdom = $intdom{$perlvar{'lonHostID'}};
+ my %changes;
+ if (($dom ne '') && ($internetdom ne '')) {
+ if (keys(%hostdom)) {
+ my %currhosttypes;
+ if (open(my $fh,'<',"$perlvar{'lonTabDir'}/hosttypes.tab")) {
+ while (my $line = <$fh>) {
+ chomp($line);
+ my ($name,$value) = split(/:/,$line);
+ if (($name ne '') && ($value =~ /^(dom|intdom|other)$/)) {
+ $currhosttypes{$name} = $value;
+ }
+ }
+ close($fh);
+ }
+ if (open(my $fh,'>',"$perlvar{'lonTabDir'}/hosttypes.tab")) {
+ my $count = 0;
+ foreach my $lonid (sort(keys(%hostdom))) {
+ my $type = 'other';
+ if ($hostdom{$lonid} eq $dom) {
+ $type = 'dom';
+ } elsif ($intdom{$lonid} eq $internetdom) {
+ $type = 'intdom';
+ }
+ print $fh "$lonid:$type\n";
+ if (exists($currhosttypes{$lonid})) {
+ if ($type ne $currhosttypes{$lonid}) {
+ $changes{$lonid} = 1;
+ }
+ } else {
+ $changes{$lonid} = 1;
+ }
+ $count ++;
+ }
+ close($fh);
+ print "Completed writing host type data for $count hosts.\n";
+ }
+ } else {
+ print "Writing of host types skipped - no hosts found.\n";
+ }
+ } else {
+ print "Writing of host types skipped - could not determine this host's LON-CAPA domain or 'internet' domain.\n";
+ }
+ return %changes;
+}
+
+sub update_revocation_list {
+ my ($result,$changed) = &Apache::lonnet::fetch_crl_pemfile();
+ if ($result eq 'ok') {
+ print "Certificate Revocation List (from CA) updated.\n";
+ } else {
+ print "Certificate Revocation List from (CA) not updated.\n";
+ }
+ return $changed;
+}
+
+sub reset_nosslverify_pids {
+ my ($fh,%sslrem) = @_;
+ &checkon_daemon($fh,'lond',40000,'USR2');
+ my $loncpidfile="$perlvar{'lonDaemons'}/logs/lonc.pid";
+ my $loncppid;
+ if ((-e $loncpidfile) && (open(my $pfh,'<',$loncpidfile))) {
+ $loncppid=<$pfh>;
+ chomp($loncppid);
+ close($pfh);
+ if ($loncppid =~ /^\d+$/) {
+ my %pids_by_host;
+ my $docdir = $perlvar{'lonDocRoot'};
+ if (-d "$docdir/lon-status/loncchld") {
+ if (opendir(my $dh,"$docdir/lon-status/loncchld")) {
+ while (my $file = readdir($dh)) {
+ next if ($file =~ /^\./);
+ if (open(my $fh,'<',"$docdir/lon-status/loncchld/$file")) {
+ my $record = <$fh>;
+ chomp($record);
+ close($fh);
+ my ($remotehost,$authmode) = split(/:/,$record);
+ $pids_by_host{$remotehost}{$authmode}{$file} = 1;
+ }
+ }
+ closedir($dh);
+ if (keys(%pids_by_host)) {
+ foreach my $host (keys(%pids_by_host)) {
+ if ($sslrem{$host}) {
+ if (ref($pids_by_host{$host}) eq 'HASH') {
+ if (ref($pids_by_host{$host}{'insecure'}) eq 'HASH') {
+ if (keys(%{$pids_by_host{$host}{'insecure'}})) {
+ foreach my $pid (keys(%{$pids_by_host{$host}{'insecure'}})) {
+ if (open(PIPE,"ps -o ppid= -p $pid |")) {
+ my $ppid = <PIPE>;
+ chomp($ppid);
+ close(PIPE);
+ $ppid =~ s/(^\s+|\s+$)//g;
+ if (($ppid == $loncppid) && (kill 0 => $pid)) {
+ kill QUIT => $pid;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
}
}
}
}
- close($fh);
}
return;
}
+sub get_permcount_settings {
+ my ($domconf) = @_;
+ my ($defaults,$names) = &Apache::loncommon::lon_status_items();
+ my (%weights,$threshold,$sysmail,$reportstatus,%exclusions);
+ foreach my $type ('E','W','N','U') {
+ $weights{$type} = $defaults->{$type};
+ }
+ $threshold = $defaults->{'threshold'};
+ $sysmail = $defaults->{'sysmail'};
+ $reportstatus = 1;
+ if (ref($domconf) eq 'HASH') {
+ if (ref($domconf->{'contacts'}) eq 'HASH') {
+ if ($domconf->{'contacts'}{'reportstatus'} == 0) {
+ $reportstatus = 0;
+ }
+ if (ref($domconf->{'contacts'}{'lonstatus'}) eq 'HASH') {
+ if (ref($domconf->{'contacts'}{'lonstatus'}{weights}) eq 'HASH') {
+ foreach my $type ('E','W','N','U') {
+ if (exists($domconf->{'contacts'}{'lonstatus'}{weights}{$type})) {
+ $weights{$type} = $domconf->{'contacts'}{'lonstatus'}{weights}{$type};
+ }
+ }
+ }
+ if (ref($domconf->{'contacts'}{'lonstatus'}{'excluded'}) eq 'ARRAY') {
+ my @excluded = @{$domconf->{'contacts'}{'lonstatus'}{'excluded'}};
+ if (@excluded) {
+ map { $exclusions{$_} = 1; } @excluded;
+ }
+ }
+ if (exists($domconf->{'contacts'}{'lonstatus'}{'threshold'})) {
+ $threshold = $domconf->{'contacts'}{'lonstatus'}{'threshold'};
+ }
+ if (exists($domconf->{'contacts'}{'lonstatus'}{'sysmail'})) {
+ $sysmail = $domconf->{'contacts'}{'lonstatus'}{'sysmail'};
+ }
+ }
+ }
+ }
+ return ($threshold,$sysmail,$reportstatus,\%weights,\%exclusions);
+}
+
+sub read_serverhomeIDs {
+ my %server;
+ if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {
+ if (open(my $fh,'<',"$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
+ while (<$fh>) {
+ my($host,$id) = split(/:/);
+ chomp($id);
+ $server{$host} = $id;
+ }
+ close($fh);
+ }
+ }
+ return %server;
+}
+
sub send_mail {
- print "sending mail\n";
+ my ($sysmail,$reportstatus) = @_;
my $defdom = $perlvar{'lonDefDomain'};
my $origmail = $perlvar{'lonAdmEMail'};
my $emailto = &Apache::loncommon::build_recipient_list(undef,
'lonstatusmail',$defdom,$origmail);
- if ($totalcount>2500) {
+ if (($totalcount>$sysmail) && ($reportstatus)) {
$emailto.=",$perlvar{'lonSysEMail'}";
}
- my $subj="LON: $perlvar{'lonHostID'} E:$errors W:$warnings N:$notices";
-
- my $result=system("metasend -b -S 4000000 -t $emailto -s '$subj' -f $statusdir/index.html -m text/html >& /dev/null");
- if ($result != 0) {
- $result=system("mail -s '$subj' $emailto < $statusdir/index.html");
+ my $from;
+ my $hostname=`/bin/hostname`;
+ chop($hostname);
+ $hostname=~s/[^\w\.]//g;
+ if ($hostname) {
+ $from = 'www@'.$hostname;
+ }
+ my $subj="LON: $perlvar{'lonHostID'} E:$errors W:$warnings N:$notices";
+ my $loncronmail = "To: $emailto\n".
+ "From: $from\n".
+ "Subject: ".$subj."\n".
+ "Content-type: text/html\; charset=UTF-8\n".
+ "MIME-Version: 1.0\n\n";
+ if (open(my $fh,"<$statusdir/index.html")) {
+ while (<$fh>) {
+ $loncronmail .= $_;
+ }
+ close($fh);
+ } else {
+ $loncronmail .= "Failed to read from http://$hostname/lon-status/index.html\n";
+ }
+ $loncronmail .= "\n\n";
+ if (open(my $mailh, "|/usr/lib/sendmail -oi -t -odb")) {
+ print $mailh $loncronmail;
+ close($mailh);
+ print "Sending mail.\n";
+ } else {
+ print "Sending mail failed.\n";
}
}
sub usage {
print(<<USAGE);
-loncron - housekeeping program that checks up on various parts of Lon-CAPA
+loncron - housekeeping program that checks up on various parts of LON-CAPA
Options:
--help Display
@@ -812,8 +1391,6 @@ sub main () {
undef $perlvarref;
delete $perlvar{'lonReceipt'}; # remove since sensitive and not needed
delete $perlvar{'lonSqlAccess'}; # remove since sensitive and not needed
- delete $perlvar{'reCAPTCHA_PRIVATE'}; # remove since sensitive and not needed
- delete $perlvar{'reCAPTCHA_PUBLIC'}; # remove since sensitive and not needed
chdir($perlvar{'lonDaemons'});
# --------------------------------------- Make sure that LON-CAPA is configured
# I only test for one thing here (lonHostID). This is just a safeguard.
@@ -824,26 +1401,40 @@ sub main () {
chop $hostname;
$hostname=~s/[^\w\.]//g; # make sure is safe to pass through shell
my $subj="LON: Unconfigured machine $hostname";
- system("echo 'Unconfigured machine $hostname.' |\
- mailto $emailto -s '$subj' > /dev/null");
+ system("echo 'Unconfigured machine $hostname.' |".
+ " mail -s '$subj' $emailto > /dev/null");
exit 1;
}
# ----------------------------- Make sure this process is running from user=www
my $wwwid=getpwnam('www');
if ($wwwid!=$<) {
- print("User ID mismatch. This program must be run as user 'www'\n");
+ print("User ID mismatch. This program must be run as user 'www'.\n");
my $emailto="$perlvar{'lonAdmEMail'},$perlvar{'lonSysEMail'}";
my $subj="LON: $perlvar{'lonHostID'} User ID mismatch";
- system("echo 'User ID mismatch. loncron must be run as user www.' |\
- mailto $emailto -s '$subj' > /dev/null");
+ system("echo 'User ID mismatch. loncron must be run as user www.' |".
+ " mail -s '$subj' $emailto > /dev/null");
exit 1;
}
# -------------------------------------------- Force reload of host information
- &Apache::lonnet::load_hosts_tab(1);
- &Apache::lonnet::load_domain_tab(1);
- &Apache::lonnet::get_iphost(1);
+ my $nomemcache;
+ if ($justcheckdaemons) {
+ $nomemcache=1;
+ my $memcachepidfile="$perlvar{'lonDaemons'}/logs/memcached.pid";
+ my $memcachepid;
+ if (-e $memcachepidfile) {
+ my $memfh=IO::File->new($memcachepidfile);
+ $memcachepid=<$memfh>;
+ chomp($memcachepid);
+ if ($memcachepid =~ /^\d+$/ && kill 0 => $memcachepid) {
+ undef($nomemcache);
+ }
+ }
+ }
+ &Apache::lonnet::load_hosts_tab(1,$nomemcache);
+ &Apache::lonnet::load_domain_tab(1,$nomemcache);
+ &Apache::lonnet::get_iphost(1,$nomemcache);
# ----------------------------------------- Force firewall update for lond port
@@ -880,6 +1471,7 @@ sub main () {
&log_machine_info($fh);
&clean_tmp($fh);
&clean_lonIDs($fh);
+ &clean_webDAV_sessionIDs($fh);
&check_httpd_logs($fh);
&rotate_lonnet_logs($fh);
&rotate_other_logs($fh);
@@ -895,6 +1487,10 @@ sub main () {
&checkon_daemon($fh,'lonr',40000);
}
if ($justreload) {
+ &clean_nosslverify($fh);
+ &write_connection_config();
+ &write_hosttypes();
+ &update_revocation_list();
&checkon_daemon($fh,'lond',40000,'USR2');
&checkon_daemon($fh,'lonc',40000,'USR2');
}
@@ -902,23 +1498,28 @@ sub main () {
&test_connections($fh);
}
if (!$justcheckdaemons && !$justcheckconnections && !$justreload) {
- &check_delayed_msg($fh);
- &finish_logging($fh);
- &log_simplestatus();
+ my $domconf = &get_domain_config();
+ my ($threshold,$sysmail,$reportstatus,$weightsref,$exclusionsref) =
+ &get_permcount_settings($domconf);
+ &check_delayed_msg($fh,$weightsref,$exclusionsref);
&write_loncaparevs();
&write_serverhomeIDs();
-
- if ($totalcount>200 && !$noemail) { &send_mail(); }
+ &write_checksums();
+ my %sslrem = &clean_nosslverify($fh);
+ my %conchgs = &write_connection_config();
+ my %hosttypechgs = &write_hosttypes();
+ my $hadcrlchg = &update_revocation_list();
+ if ((keys(%conchgs) > 0) || (keys(%hosttypechgs) > 0) ||
+ $hadcrlchg || (keys(%sslrem) > 0)) {
+ &checkon_daemon($fh,'lond',40000,'USR2');
+ &reset_nosslverify_pids($fh,%sslrem);
+ }
+ &finish_logging($fh,$weightsref);
+ &log_simplestatus();
+ if ($totalcount>$threshold && !$noemail) { &send_mail($sysmail,$reportstatus); }
}
}
&main();
1;
-
-
-
-
-
-
-