RHBA-2009:0245 - Bug Fix Advisory

Topic

An updated initscripts package that fixes several bugs is now available.

Description

The initscripts package contains system scripts to boot your system, change
runlevels, activate and deactivate most network interfaces, and shut the
system down cleanly.

Bug fixes:

• problems on IBM System z architectures that run the IBM z/VM hypervisor,

with regards to attaching and detaching IBM eServer zSeries HiperSockets
devices, have been resolved. Previously, "ifcfg-[interface]" scripts could
only assemble the network interface if the device emitted a kernel udev
event on the read channel (a read channel had to be specified). Now, any
channel (read, write, or data) emitting a kernel udev event results in
"ccw_init" finding the correct "ifcfg-[interface]" file, causing the
interface to be created. Note: due to kernel and driver issues, interfaces
may not always be resassembled when detaching and then reattaching devices.

• combinations of encrypted and non-encrypted RAID devices may have caused

a "Failed to setup dm-crypt key mapping." error after entering the LUKS
passphrase. This issue was caused by the wrong device being treated as the
device to be mounted, such as a single disk in a RAID instead of the RAID
device itself. In this update, the correct device is mounted.

• it was not possible to resume after suspend-to-disk when using an

encrypted (LUKS) swap partition. The swap partition was not recreated. Now,
a password encrypted swap partition can be used to suspend-to-disk.

• on IBM System z architectures, problems in the udev rules for handling

CCW devices and the "ccw_init" script resulted in high memory usage and CPU
time during start-up. This update resolves these problems, as well as
restricting "ccw_init" to network devices.

• network file systems in "/etc/fstab" that use the "_netdev" option are

not mounted by init scripts until the network is brought up, and the netfs
init script has run. The udev backlog may not have been completely
processed by the time the netfs script runs, resulting in such network
file systems failing to mount. In this update, "/sbin/udevsettle

• -timeout=30" has been added to the netfs init script, allowing the netfs

script to become in sync with udev.

• in network scripts, "logger" was not called with the full path. This may

have caused problems if another executable (which may be a different tool)
named "logger" was in a path ($PATH). In this update, the full path,
"/usr/bin/logger", is used in network scripts.

• having a read-only NFS-mounted root file system caused several scripts to

fail, and unnecessary time outs. This update resolves these issues, and
prevents "/etc/mtab" being written to.

• when using bonding, upon network restart, slave interfaces that are

already part of a bonded interface were not reassigned to the master,
causing the interface to fail. This issue caused loss of network
connectivity after running "service network start" or "start_udev" while
the network was already started. Errors such as "Interface eth[x] is
already enslaved!" may have been logged. The "ifcfg-[interface]" scripts
have been modified to resolve this issue.

• encrypted logical volumes (LUKS) were not mounted during boot. This

prevented systems from booting correctly, dropping back to a prompt to
enter the root password for maintenance. Now, encrypted logical volumes are
mounted during boot.

• the initscripts package (version 8.45.19) in RHBA-2008:0443 used a new

syntax for "arp_ip_target", which broke existing configurations. In this
update, the old and new syntax for "arp_ip_target" are correctly handled.

• when using an encrypted swap partition, the "/etc/init.d/halt" script

cleared the partition in a way that is normal for unencrypted swap
partitions, losing the information that the partition was encrypted. On
newly-installed systems, the first boot was successful, but subsequent
reboots failed: the partition was unable to be unlocked.

Users are advised to upgrade to this updated package, which resolves these
issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 433702 - nfs read-only root errors
• BZ - 447928 - logger path in network init scripts
• BZ - 452866 - netfs does not synchronise with udev
• BZ - 459044 - Hipersocket real devices attach/detach in z/VM doesn't recover with write and data device
• BZ - 466115 - Encrypted logical volumes aren't mounted during boot
• BZ - 467954 - initscripts upgrade from 8.45.17 to 8.45.19 breaks arp_ip_target
• BZ - 469823 - Encrypted swap on LVM disappears after 2nd reboot
• BZ - 470027 - Combination of encrypted and non-encrypted RAID devices not working

CVEs

(none)

References

(none)