RHBA-2007:0575 - Bug Fix Advisory

Topic

Updated cman packages that fix various bugs are now available.

The Cluster Manager (cman) utility provides services for managing a Linux
cluster.

Description

This update fixes various bugs:

• ccs returned incorrect answers when requesting an empty child.
• configuring heuristics with a "score" less than the "quorumd min_score"

caused qdisk to reboot the node.

• the ricci SELinux policy was unable to be set on "/etc/cluster/".
• running "ccs_tool update" while qdisk is running caused a "Failed to

receive COMM_UPDATE_COMMIT_ACK" error.

• starting the qdisk daemon on Xen domU cluster members resulted in a

"Could not determine local node ID; cannot start" error.

• fence_xvm failed to run if fence_xvm.key did not exist, and 'auth="none"'

and 'hash="none"' were not present in "/etc/cluster/cluster.conf".

• fence_xvm and the fenced daemon failed to incorporate the contents of

"/etc/cluster/fence_xvm.key". If you were running multiple clusters on the
same subnet without filtering multicast traffic, virtual machines with the
same name could result in the wrong node being fenced. Also, the "fence_xvm

• H" command returned successful results even if the domain did not exist.
• rebooting using fence_drac against a DRAC/MC with v1.3 firmware

occasionally resulted in a "failed: telnet returned: pattern match
timed-out" error.

• using fence_xvm to fence VM in a cluster caused the VM to shutdown.
• the cluster configuration failed to update when using the "ccs_tool

update" command after a node had been fenced.

• cman failed to handle short writes.
• cman failed to start if IP addresses were used as node names. IP

addresses can now be used if the "uname -n" command returns the node name.

• converting a two-node cluster to a three-node cluster did not clear the

"2node" flag.

• the xend init script caused the network to hang during start up, and

nodes were removed from the network.

• fence_ilo "Power" commands caused numerous errors. iLO2 firmware v1.30

and later are is supported.

• cman failed to start if xend was enabled and a non-xen kernel was booted.
• fence_scsi attempted to un-register all SCSI devices, causing fence_scsi

to fail when un-registering a device that did not support persistent
reservations. Devices that do not support SCSI persistent reservations
should not be used in a clustered file system.

• having many file systems mounted in a cluster group caused the

"group_tool -v" command not to display all file systems.

• the cman init script did not create core files when a daemon segfaults.
• if groupd segfaults, no log files were created.
• running "group_tool dump" only returned partial information.
• using fence_apc and an APC 7921 switch resulted in a "unrecognized menu

response" error. APC firmware v3.3.3 is now supported.

• a memory leak in fence_xvmd was fixed.
• the fence_egenera script fenced a node during a crash dump causing a

truncated crash dump file.

• starting two clusters simultaneously on a single LAN segment resulted in

identical cluster IDs, causing nodes to join the wrong cluster.

• setting the quorum disk using the disk label or device name caused the

device's vote not to count. Quorum device names can now be up to 255
characters long.

• the "group_tool dump" command did not handle partial reads or writes.

This update also adds enhancements:

• a single init script which covers the loading of modules, starting ccsd,

cman, fenced, gfs_controld, dlm_controld, fenced, and groupd.

• SAP resource agents allowing you to start, stop and monitor SAP

instances.

• the cman init script configuration is now done in "/etc/sysconfig/cman".
• an external DLM is no longer required to mount a GFS file system.
• the cman packages have been rebuilt for systems running 64 bit PowerPC

architectures, such as the Mpower 4, 5 and other PowerPC 64 bit variants.

Solution

All cman users should upgrade to these updated packages, which resolve
these issues and add these enhancements.

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 195591 - The init scripts for the cluster components are broken
• BZ - 203799 - drac-fence fails to reboot latest drac/mc firmware
• BZ - 206093 - cman doesn't handle short writes (possibly also reads) in socket IO
• BZ - 210661 - Need to check that registration exists before we attempt to unregister
• BZ - 211337 - must create core files for daemons on segfault
• BZ - 211405 - If groupd segfaults, dump the most recent log information
• BZ - 212393 - cman init script does not have /etc/sysconfig/* for configurable variables
• BZ - 212608 - cman.rpm should own /etc/cluster/
• BZ - 223240 - Wrong min-score causes erroneous 'downgrade' + reboot
• BZ - 223519 - odd output from ccs_tool update if qdiskd is in use.
• BZ - 230783 - openais doesn't receive multicast traffic during xend startup
• BZ - 230972 - Qdisk daemon unable to be started on all members in Xen cluster setup
• BZ - 231151 - fence_xvm should fall back to no hashing if fence_xvm.key is not present
• BZ - 231241 - fence_xvm programs do not correctly use incorporate key data for operations
• BZ - 232068 - ip addresses in cluster.conf do not work
• BZ - 232140 - ccs_get on /foo/child::*[1] doesn't work if foo's child is an empty tag
• BZ - 235269 - Regression in fence_ilo
• BZ - 235837 - Need ppc64 versions of all CS/GFS packages
• BZ - 238106 - fence_apc doesn't work with an APC 7921
• BZ - 238635 - cman init script doesn't work with if xend is enabled but non-xen kernel is running [5.0.z1]
• BZ - 238916 - SAP Resource Agent
• BZ - 240508 - 2node flag doesn't clear properly
• BZ - 243872 - fence_xvmd doesn't reboot VM
• BZ - 244867 - ccs_tool update fails after node fenced
• BZ - 246245 - fence_ilo does not work with iLO 2 firmware revs > 1.29
• BZ - 250152 - memory leak in fence_xvmd
• BZ - 250688 - cman_tool status shows blank cluster name and Cluster Id of 0
• BZ - 251358 - fence_egenera script should not fence node during crash dump
• BZ - 294351 - qdisk does not run on multipathed /dev/mapper devices.

CVEs

(none)

References

(none)