RHBA-2009:0189 - Bug Fix Advisory

Topic

Updated cman packages that fix several bugs and add enhancements are now
available.

Description

The Cluster Manager (cman) utility provides services for managing a Linux
cluster.

These updated packages fix the following bugs:

• In rare cases ccsd was unable to bind to a socket which would ccsd to

fail to startup.

• A call to dlm_ls_lockx() with LKF_VALBLK flag and a NULL sb_lvbptr would

cause dlm to crash, this has been fixed.

• groupd, fenced, and dlm_controld all had the potential to hang due to a

file descriptor being closed, this had been fixed.

• 'cman_tool nodes -a' would loop indefinitely in most cases.
• When two nodes start up in a partitioned network and have the dirty flag

set they are unable to see each other when the network comes together.

• The timeouts in the bladecenter switch fence agent have been increased to

allow for the slower response time in some bladecenters.

• qdiskd now works properly with devices that are not in /proc/partitions.
• In certain cases it was possible for GFS to start before quorum was

formed causing a failure, this has been fixed by re-ordering the cman and
qdiskd init scripts.

• When using a 2 node cluster with qdisk when the FC cable was pulled the

cluster would hang.

• qdiskd would start up even if the score was less than required and none

of the heuristics were successful.

• mkqdisk man page and usage were missing information about the '-d' option.
• fence_xvmd would not start if a default route was not set.
• qdiskd did not properly close all file descriptors before forking.
• qdiskd no longer updates cman if the quorum disk is unavailable.
• fence_apc now works properly with 24 port APC power switches.
• man pages have been updated to provide more accurate information.
• in certain cases 'unknown screen encountered' errors are displayed when

using fence_apc with ports numbers lower than 3.

• fence_ilo no longer produces an error when a device it is fencing turns

off, but fails to turn back on.

• fence_scsi gets errors in device list when using multipath arrays.
• The cman service no longer fails to start when a gfs2 filesystem is

already mounted.

• The rq mode in a lockdump no longer shows up as NL for granted locks

instead of IV (invalid).

• gfs now properly recovers a filesystem that another node has withdrawn from.
• If a fence device failed the cluster could recover, this has been fixed.
• fence_apc "Switch (optional)" param now defaults to 1.
• fence_ilo was not able to reboot an HP server with RIBCL v2.22.
• fence_wti no longer powers the outlet on or off if it is unable to get

the outlet status.

These updated packages add the following enhancements:

• Quorum disk votes are now displayed in 'cman_tool status'.
• Fence agent for VMware ESX has been added.
• ssh support has been added to the fence_drac, fence_ilo, fence_egenera

and fence_bladecenter fence agent

• Up to 8 fence devices (up from 4) are now supported in one fence method.
• fence_xvmd key files can now be reloaded without a restart.
• fence_apc is now compatible with the 3.0 APC firmware.
• Support added for the WTI RSM-8R4 power switch.
• fence_ilo now supports the ipaddr and option to match the other fence agents.
• fence agent for HMC/LPAR is now available.
• groupd can now detect if services on other nodes have failed (fenced,

dlm_controld, gfs_controld) and will fence them if they are not running.

• fence_scsi and scsi_reserve now have improved logging capabilities.
• The fence_scsi init script now is able to 'restart'.
• The fence init script will no longer attempt to join the domain if

FENCE_JOIN is set to 'no'.

• Custom xen bridge scripts can now be used by using the

NETWORK_BRIDGE_SCRIPT variable.

• Nodes with undefined fencing are now skipped.
• A new fence_tool option has been added (-m) to allow fence_tool to wait a

specified number of seconds or until all nodes have become cluster members
to join the fence_domain.

Users of cman are advised to upgrade to these updated packages, which
resolve these issues and add these enhancements.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 232492 - RFE: Feature request for ssh capabilities in fence_drac script
• BZ - 240509 - fence_bladecenter needs longer timeout
• BZ - 290231 - APC Fencing Method "Switch (optional)" param does not default to "1"
• BZ - 315741 - Groupd: service cman start fails if local gfs2 is mounted
• BZ - 318361 - cman needs to include qdisk votes in expected votes display
• BZ - 318571 - A failed fenced cannot be recovered
• BZ - 349381 - GFS: Allow fence_egenera to specify ssh login name
• BZ - 362031 - qdiskd doesn't work with block devices which are not in /proc/partitions
• BZ - 373531 - Improve logging for fence_scsi and scsi_reserve
• BZ - 396581 - fence_apc script does not work on 3.x firmware.
• BZ - 410821 - RFE: Support reloading fence_xvm{,d} key files on the fly
• BZ - 432986 - Support for WTI RSM-8R4 power/remote access combination box
• BZ - 433536 - fence_ilo uses odd parameter name for host address
• BZ - 433864 - RHEL5u1 /sbin/fence_ilo fails with 'failed to turn on'
• BZ - 435154 - RHEL5 fence_apc fails to work on 24 port fence device and success on 16 port.
• BZ - 436381 - Quorum not formed before gfs starts with one node in a "4-node + qdisk" configuration
• BZ - 437137 - Calling dlm_ls_lockx() wth LKF_VALBLK set and NULL sb_lvbptr seg faults libdlm.
• BZ - 437356 - dlm_tool prints wrong rq mode in lockdump
• BZ - 438247 - libdlm unlock_wait calls are broken
• BZ - 441323 - fence_scsi gets errors in device list with multipath arrays
• BZ - 442541 - QDisk freezes cluster when FC is disconnected
• BZ - 443664 - fence_apc_snmp: invalid status outletStatusOff
• BZ - 444529 - groupd and gfs_controld can spin at 100% cpu usage during recovery
• BZ - 446128 - gfs_controld: plock result write err 0 errno X
• BZ - 448043 - new fence agents man page needs update
• BZ - 448133 - ask for a fence script for Power server's HMC
• BZ - 450169 - gfs_controld should read plocks from either dlm or lock_dlm
• BZ - 454239 - fence_ilo can not reboot HP server with RIBCL v2.22 (ILO2)
• BZ - 454401 - cman_tool nodes -a loops indefinitely
• BZ - 455328 - fence_scsi: request for better error if node to fence doesn't exist
• BZ - 455330 - fence_scsi: service scsi_reserve restart not present.
• BZ - 455598 - FENCE_JOIN option for cman init script
• BZ - 455865 - qdiskd doesn't check the score during initialization
• BZ - 456403 - cluster will recover even if a fence device failed
• BZ - 457104 - improve upgrades to RHEL6
• BZ - 457107 - Killing node X because it has rejoined the cluster with existing state
• BZ - 459127 - fenced config option to skip nodes with undefined fencing
• BZ - 459145 - Can't use custom xen bridge script with cman
• BZ - 459678 - mkqdisk's man page and usage help missing -d option.
• BZ - 459720 - [PATCH] fence_xvmd cannot start if default route is not set
• BZ - 460054 - fence_apc fails with pexpect exception
• BZ - 460190 - new option to delay fence_tool join
• BZ - 460216 - fence_apc fail after repeating port selection
• BZ - 460645 - qdiskd isn't always closing file descriptors properly before forking
• BZ - 460909 - Two new nodes with dirty flag don't see each other
• BZ - 461301 - cman package should depend on pexpect
• BZ - 462628 - fence_scsi: clear key_list after each use
• BZ - 463238 - [Fix]: Add support for private key authentification for VmWare ESX fencing agent
• BZ - 468904 - fence_wti unable to fence node
• BZ - 470553 - Qdiskd not starting in RHEL5.3 BETA

CVEs

(none)

References

(none)