Synopsis

cman bug fix update

Type/Severity

Bug Fix Advisory

Topic

Updated cman packages that fix various bugs are now available.

The Cluster Manager (cman) utility provides services for managing a Linux
cluster.

Description

This update fixes various bugs:

• ccs returned incorrect answers when requesting an empty child.
  
• configuring heuristics with a "score" less than the "quorumd min_score"
  caused qdisk to reboot the node.
  
• the ricci SELinux policy was unable to be set on "/etc/cluster/".
  
• running "ccs_tool update" while qdisk is running caused a "Failed to
  receive COMM_UPDATE_COMMIT_ACK" error.
  
• starting the qdisk daemon on Xen domU cluster members resulted in a
  "Could not determine local node ID; cannot start" error.
  
• fence_xvm failed to run if fence_xvm.key did not exist, and 'auth="none"'
  and 'hash="none"' were not present in "/etc/cluster/cluster.conf".
  
• fence_xvm and the fenced daemon failed to incorporate the contents of
  "/etc/cluster/fence_xvm.key". If you were running multiple clusters on the
  same subnet without filtering multicast traffic, virtual machines with the
  same name could result in the wrong node being fenced. Also, the "fence_xvm
  
• H" command returned successful results even if the domain did not exist.
  
• rebooting using fence_drac against a DRAC/MC with v1.3 firmware
  occasionally resulted in a "failed: telnet returned: pattern match
  timed-out" error.
  
• using fence_xvm to fence VM in a cluster caused the VM to shutdown.
  
• the cluster configuration failed to update when using the "ccs_tool
  update" command after a node had been fenced.
  
• cman failed to handle short writes.
  
• cman failed to start if IP addresses were used as node names. IP
  addresses can now be used if the "uname -n" command returns the node name.
  
• converting a two-node cluster to a three-node cluster did not clear the
  "2node" flag.
  
• the xend init script caused the network to hang during start up, and
  nodes were removed from the network.
  
• fence_ilo "Power" commands caused numerous errors. iLO2 firmware v1.30
  and later are is supported.
  
• cman failed to start if xend was enabled and a non-xen kernel was booted.
  
• fence_scsi attempted to un-register all SCSI devices, causing fence_scsi
  to fail when un-registering a device that did not support persistent
  reservations. Devices that do not support SCSI persistent reservations
  should not be used in a clustered file system.
  
• having many file systems mounted in a cluster group caused the
  "group_tool -v" command not to display all file systems.
  
• the cman init script did not create core files when a daemon segfaults.
  
• if groupd segfaults, no log files were created.
  
• running "group_tool dump" only returned partial information.
  
• using fence_apc and an APC 7921 switch resulted in a "unrecognized menu
  response" error. APC firmware v3.3.3 is now supported.
  
• a memory leak in fence_xvmd was fixed.
  
• the fence_egenera script fenced a node during a crash dump causing a
  truncated crash dump file.
  
• starting two clusters simultaneously on a single LAN segment resulted in
  identical cluster IDs, causing nodes to join the wrong cluster.
  
• setting the quorum disk using the disk label or device name caused the
  device's vote not to count. Quorum device names can now be up to 255
  characters long.
  
• the "group_tool dump" command did not handle partial reads or writes.
  

This update also adds enhancements:

• a single init script which covers the loading of modules, starting ccsd,
  cman, fenced, gfs_controld, dlm_controld, fenced, and groupd.
  
• SAP resource agents allowing you to start, stop and monitor SAP
  instances.
  
• the cman init script configuration is now done in "/etc/sysconfig/cman".
  
• an external DLM is no longer required to mount a GFS file system.
  
• the cman packages have been rebuilt for systems running 64 bit PowerPC
  architectures, such as the Mpower 4, 5 and other PowerPC 64 bit variants.

Solution

All cman users should upgrade to these updated packages, which resolve
these issues and add these enhancements.

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 195591 - The init scripts for the cluster components are broken
• BZ - 203799 - drac-fence fails to reboot latest drac/mc firmware
• BZ - 206093 - cman doesn't handle short writes (possibly also reads) in socket IO
• BZ - 210661 - Need to check that registration exists before we attempt to unregister
• BZ - 211337 - must create core files for daemons on segfault
• BZ - 211405 - If groupd segfaults, dump the most recent log information
• BZ - 212393 - cman init script does not have /etc/sysconfig/* for configurable variables
• BZ - 212608 - cman.rpm should own /etc/cluster/
• BZ - 223240 - Wrong min-score causes erroneous 'downgrade' + reboot
• BZ - 223519 - odd output from ccs_tool update if qdiskd is in use.
• BZ - 230783 - openais doesn't receive multicast traffic during xend startup
• BZ - 230972 - Qdisk daemon unable to be started on all members in Xen cluster setup
• BZ - 231151 - fence_xvm should fall back to no hashing if fence_xvm.key is not present
• BZ - 231241 - fence_xvm programs do not correctly use incorporate key data for operations
• BZ - 232068 - ip addresses in cluster.conf do not work
• BZ - 232140 - ccs_get on /foo/child::*[1] doesn't work if foo's child is an empty tag
• BZ - 235269 - Regression in fence_ilo
• BZ - 235837 - Need ppc64 versions of all CS/GFS packages
• BZ - 238106 - fence_apc doesn't work with an APC 7921
• BZ - 238635 - cman init script doesn't work with if xend is enabled but non-xen kernel is running [5.0.z1]
• BZ - 238916 - SAP Resource Agent
• BZ - 240508 - 2node flag doesn't clear properly
• BZ - 243872 - fence_xvmd doesn't reboot VM
• BZ - 244867 - ccs_tool update fails after node fenced
• BZ - 246245 - fence_ilo does not work with iLO 2 firmware revs > 1.29
• BZ - 250152 - memory leak in fence_xvmd
• BZ - 250688 - cman_tool status shows blank cluster name and Cluster Id of 0
• BZ - 251358 - fence_egenera script should not fence node during crash dump
• BZ - 294351 - qdisk does not run on multipathed /dev/mapper devices.

CVEs

(none)

References

(none)

Red Hat Enterprise Linux Server 5

SRPM
cman-2.0.73-1.el5.src.rpm	SHA-256: 934a97826dffce7deedb471fd89297013c38852f9dcb6ad766d9334d2af6d01c
x86_64
cman-2.0.73-1.el5.x86_64.rpm	SHA-256: bbe2170a0e00822b4a2cf1aa98d9b4a70c2f6c124e2d1dc44d9bb6f37ad29719
cman-devel-2.0.73-1.el5.i386.rpm	SHA-256: 2cba511d33b8e09e14977272c24aeaaed63c334d0730b586e2c839c8708aad41
cman-devel-2.0.73-1.el5.x86_64.rpm	SHA-256: a21c8c8019aa1fecd371f8f34c1de8f7d98f1033c1460f675dc0676b5224d74a
ia64
cman-2.0.73-1.el5.ia64.rpm	SHA-256: d1ffd8ae914544e947959b068815e346bf7ec73fdd3413cfc579dc89b022e1c2
cman-devel-2.0.73-1.el5.ia64.rpm	SHA-256: 37e88511bce99fc2881de3e31ad836e7267834f6f354c1d8dab2377447e8b37f
i386
cman-2.0.73-1.el5.i386.rpm	SHA-256: cfe78de7c78159a20d20e9aa0624da9e3c2d478ae9c1a2842d2a79b746bc926c
cman-devel-2.0.73-1.el5.i386.rpm	SHA-256: 2cba511d33b8e09e14977272c24aeaaed63c334d0730b586e2c839c8708aad41

Red Hat Enterprise Linux Workstation 5

SRPM
cman-2.0.73-1.el5.src.rpm	SHA-256: 934a97826dffce7deedb471fd89297013c38852f9dcb6ad766d9334d2af6d01c
x86_64
cman-2.0.73-1.el5.x86_64.rpm	SHA-256: bbe2170a0e00822b4a2cf1aa98d9b4a70c2f6c124e2d1dc44d9bb6f37ad29719
cman-devel-2.0.73-1.el5.i386.rpm	SHA-256: 2cba511d33b8e09e14977272c24aeaaed63c334d0730b586e2c839c8708aad41
cman-devel-2.0.73-1.el5.x86_64.rpm	SHA-256: a21c8c8019aa1fecd371f8f34c1de8f7d98f1033c1460f675dc0676b5224d74a
i386
cman-2.0.73-1.el5.i386.rpm	SHA-256: cfe78de7c78159a20d20e9aa0624da9e3c2d478ae9c1a2842d2a79b746bc926c
cman-devel-2.0.73-1.el5.i386.rpm	SHA-256: 2cba511d33b8e09e14977272c24aeaaed63c334d0730b586e2c839c8708aad41

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
cman-2.0.73-1.el5.src.rpm	SHA-256: 934a97826dffce7deedb471fd89297013c38852f9dcb6ad766d9334d2af6d01c
s390x
cman-2.0.73-1.el5.s390x.rpm	SHA-256: 550e5ad6cc58b5220d201694837b45adba94a526067e88aafc37757719995770
cman-devel-2.0.73-1.el5.s390.rpm	SHA-256: 3ee72c1bbb65d08c1253f7589eb3eb375eb821e2e160c8c61221193388d7e9db
cman-devel-2.0.73-1.el5.s390x.rpm	SHA-256: 682378d05273b911dbf1ebfaa2ac9829842602ef5239d63ee13cf97cf73a3115

Red Hat Enterprise Linux for Power, big endian 5

SRPM
cman-2.0.73-1.el5.src.rpm	SHA-256: 934a97826dffce7deedb471fd89297013c38852f9dcb6ad766d9334d2af6d01c
ppc
cman-2.0.73-1.el5.ppc.rpm	SHA-256: 67c77ebdf77dfd755fd29cef653632ad7abaf2c2ca48c0df82183a62494a4592
cman-devel-2.0.73-1.el5.ppc.rpm	SHA-256: 7c3e5123042520686ef847f3e64efe66009f5e0162302ee20f05c744badb22b0
cman-devel-2.0.73-1.el5.ppc64.rpm	SHA-256: 0534cc1774a657707400b7ef9dd2c5ecdb705b8313b0f1db03a7852eac44a837

Red Hat Enterprise Linux Server from RHUI 5

SRPM
cman-2.0.73-1.el5.src.rpm	SHA-256: 934a97826dffce7deedb471fd89297013c38852f9dcb6ad766d9334d2af6d01c
x86_64
cman-2.0.73-1.el5.x86_64.rpm	SHA-256: bbe2170a0e00822b4a2cf1aa98d9b4a70c2f6c124e2d1dc44d9bb6f37ad29719
cman-devel-2.0.73-1.el5.i386.rpm	SHA-256: 2cba511d33b8e09e14977272c24aeaaed63c334d0730b586e2c839c8708aad41
cman-devel-2.0.73-1.el5.x86_64.rpm	SHA-256: a21c8c8019aa1fecd371f8f34c1de8f7d98f1033c1460f675dc0676b5224d74a
i386
cman-2.0.73-1.el5.i386.rpm	SHA-256: cfe78de7c78159a20d20e9aa0624da9e3c2d478ae9c1a2842d2a79b746bc926c
cman-devel-2.0.73-1.el5.i386.rpm	SHA-256: 2cba511d33b8e09e14977272c24aeaaed63c334d0730b586e2c839c8708aad41