pvecm: updatecerts: check and report if we got a timeout

If timeout is reached, run_fork_with_timeout will warn "got timeout".
When processing triggers for pve-manager (because of ExecStartPre of
pveproxy.service invoking pvecm updatecerts) that warning can appear
in the apt output without any context (output of the forked sub
doesn't appear there). So give it some actual content using the
$got_timeout returned in wantarray list context of the
run_fork_with_timeout method.

Note that this could be seen as clash with the silent flag, but IMO
that is a bit misnamed, we mostly want to avoid outputting the info
messages from updatecerts_and_ssh, and that silent (i.e., quite) gets
convoluted with a no-error behavior seems also odd.
TBH., I actually thought about printing the "waiting for quorum" at
least once for the silent case too, but for now omitted it – lets
wait on actual feedback and then maybe restructure this completely.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/src/PVE/CLI/pvecm.pm b/src/PVE/CLI/pvecm.pm
index d1ac8f0b5934c9c28829a9dd11d6460dae250f02..0005e4b80355b6785a59a3de8d4c59e5a6c0fbe4 100755 (executable)
--- a/src/PVE/CLI/pvecm.pm
+++ b/src/PVE/CLI/pvecm.pm
@@ -577,7 +577,7 @@ __PACKAGE__->register_method ({
        # pveproxy's ExecStartPre calls this, and as we do IO (on /etc/pve) that can hang
        # (uninterruptible D state) we could fail the whole service, rendering the API guaranteed
        # inaccessible. Let's rather fail small(er) as the API could still work without this..
-       PVE::Tools::run_fork_with_timeout(30, sub {
+       my ($_res, $got_timeout) = PVE::Tools::run_fork_with_timeout(30, sub {
            PVE::Cluster::Setup::generate_local_files();
 
            for (my $i = 0; !PVE::Cluster::check_cfs_quorum(1); $i++) {
@@ -588,6 +588,14 @@ __PACKAGE__->register_method ({
            PVE::Cluster::Setup::updatecerts_and_ssh($force_new_cert, $silent);
            PVE::Cluster::prepare_observed_file_basedirs();
        });
+       if ($got_timeout) {
+           my $msg = "got timeout when trying to ensure cluster certificates and base file"
+               ." hierarchy is set up - no quorum (yet) or hung pmxcfs?\n";
+           die $msg if !$silent;
+           # this might be unexpected for the $silent case, but in our ExecStartPre use case it's
+           # really better than keeping the user completely in the dark, so maybe split/fix params
+           warn $msg;
+       }
 
        return undef;
     }});