mirror of
https://github.com/samba-team/samba.git
synced 2025-01-26 10:04:02 +03:00
bd0befa529
The recovery start/end times used in the checks at the top of verify_local_ip_allocation() are set by the START_RECOVERY and END_RECOVERY controls. A couple of takeover runs escape the checks because they were added later and are not surrounded by these controls. Recovery and IP allocation need to be untangled from each other, so recovery-related events should not be relied on for IP allocation. This means the solution is not to add these where they are "missing". The concern that the checks are addressing is to avoid local IP verification when IP addresses are in a state of flux. Takeover runs on non-master nodes are already disabled while a takeover run is in progress, so local IP verification is already skipped in that case. The other case is the master node, which will be busy with the takeover run, rather than running main_loop(). The other issue is races. verify_local_ip_allocation() takes a non-zero amount of time to fetch IP addresses from the local CTDB daemon and during this time a recovery or takeover run can start, but a takeover run can still be triggered. The current tests do not stop this. Apart from all of this, with most reasonable public IP address configurations, an extra takeover run will be a no-op so is not a cause for concern. It is safe to drop these checks. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>