- Issued:
- 2009-09-10
- Updated:
- 2009-09-18
RHBA-2009:1435 - Bug Fix Advisory
Synopsis
cman bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated cman packages that fix a bug and add an enhancement are now available.
Description
The Cluster Manager (cman) utility provides user-level services for
managing a Linux cluster.
This update applies the following bug fix:
- in several places internally, cman assumed a transition message meant the
node in question (or the sending node) was joining the cluster rather than
just sending its current post-transition state. In some circumstances, this
could lead to cman killing the wrong nodes. With this update, cman now
checks the first_trans flag, which is set when a node first encounters
another node in the cluster. Only if first_trans is set does cman now
consider the node as joining the cluster. (BZ#518061)
Also, this update includes the following enhancement:
First, if a node was asked to remove a key (fence) for a device that it was
not registered with, the node attempted to register with that device
on-the-fly. With this update, when nodes are asked to remove a key from
devices with which they are not registered, the fencing fails.
Second, for the common case of SAN environments with multiple Logical Unit
Numbers (LUNs), the devices (LUNs) that can be unregistered must be ordered
consistently on all nodes. Consistent ordering is not guaranteed by the
Logical Volume Manager (LVM), however; device names can vary from node to
node to prevent interleaving of fence operation among devices. With this
update, the fence_scsi agent extracts the device name (pv_name) and
Universally Unique Identifier (pv_uuid) and builds a hash keyed on the UUID
(which is consistent on all nodes). This ensures devices are ordered
consistently on each node.
Consequent to these two changes, the first node to fence removes the other
node's key from the device or devices. The second node, now not registered
with the device, is not able to fence the first. This allows fence_scsi to
work in a 2-node cluster. (BZ#520823)
All cman users should install this updated package, which fixes this bug
and enables users to use fence_scsi in a 2-node environment.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 ia64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 518061 - Cman kills wrong nodes..
- BZ - 520823 - fence_scsi: support 2 node clusters
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| cman-2.0.115-1.el5_4.2.src.rpm | SHA-256: 115183a0ad3c875c1a0387df2b37beec9fc11a7299aa84ea277a6f4a95ad97de |
| x86_64 | |
| cman-2.0.115-1.el5_4.2.x86_64.rpm | SHA-256: aecb1c997f46338d675166fdc8e603abd0a7ba1bb561b0b38d93888eadbed5bf |
| cman-devel-2.0.115-1.el5_4.2.i386.rpm | SHA-256: 598978cd7376622cb7f83197e881876e3985b8c59488d873df325dd6a096e6b7 |
| cman-devel-2.0.115-1.el5_4.2.x86_64.rpm | SHA-256: aa095657a503404d50bbc802f5c9bff4c87c9dc3f8f5ecdc52f8c8175a2c3a11 |
| ia64 | |
| cman-2.0.115-1.el5_4.2.ia64.rpm | SHA-256: 5c4bfe70be8e6b5e0947263998dfee8476335de347c12f5910a41809c511b284 |
| cman-devel-2.0.115-1.el5_4.2.ia64.rpm | SHA-256: 681e23ae1c335497628f3ed896755349900ac7077ab3c89b8bd14c22e2af0a49 |
| i386 | |
| cman-2.0.115-1.el5_4.2.i386.rpm | SHA-256: c650fb1689cd8cc5d455e567a570c5a02541f83901b350aa93b934f05d715d57 |
| cman-devel-2.0.115-1.el5_4.2.i386.rpm | SHA-256: 598978cd7376622cb7f83197e881876e3985b8c59488d873df325dd6a096e6b7 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4
| SRPM | |
|---|---|
| x86_64 | |
| ia64 | |
| i386 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| cman-2.0.115-1.el5_4.2.src.rpm | SHA-256: 115183a0ad3c875c1a0387df2b37beec9fc11a7299aa84ea277a6f4a95ad97de |
| x86_64 | |
| cman-2.0.115-1.el5_4.2.x86_64.rpm | SHA-256: aecb1c997f46338d675166fdc8e603abd0a7ba1bb561b0b38d93888eadbed5bf |
| cman-devel-2.0.115-1.el5_4.2.i386.rpm | SHA-256: 598978cd7376622cb7f83197e881876e3985b8c59488d873df325dd6a096e6b7 |
| cman-devel-2.0.115-1.el5_4.2.x86_64.rpm | SHA-256: aa095657a503404d50bbc802f5c9bff4c87c9dc3f8f5ecdc52f8c8175a2c3a11 |
| i386 | |
| cman-2.0.115-1.el5_4.2.i386.rpm | SHA-256: c650fb1689cd8cc5d455e567a570c5a02541f83901b350aa93b934f05d715d57 |
| cman-devel-2.0.115-1.el5_4.2.i386.rpm | SHA-256: 598978cd7376622cb7f83197e881876e3985b8c59488d873df325dd6a096e6b7 |
Red Hat Enterprise Linux for IBM z Systems 5
| SRPM | |
|---|---|
| cman-2.0.115-1.el5_4.2.src.rpm | SHA-256: 115183a0ad3c875c1a0387df2b37beec9fc11a7299aa84ea277a6f4a95ad97de |
| s390x | |
| cman-2.0.115-1.el5_4.2.s390x.rpm | SHA-256: 0b56f3b90f99b44e6fceea96f83ac7d524201f47f1872650972c9dd98666d35b |
| cman-devel-2.0.115-1.el5_4.2.s390.rpm | SHA-256: 7b2ce5b11073f0ec6e519173b96205711bbe704202182cd11f78b11e810cbc69 |
| cman-devel-2.0.115-1.el5_4.2.s390x.rpm | SHA-256: 490e5c9db8326eab8e1e23791ccd01ff527341260c174c371708b26d06f89431 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4
| SRPM | |
|---|---|
| s390x |
Red Hat Enterprise Linux for Power, big endian 5
| SRPM | |
|---|---|
| cman-2.0.115-1.el5_4.2.src.rpm | SHA-256: 115183a0ad3c875c1a0387df2b37beec9fc11a7299aa84ea277a6f4a95ad97de |
| ppc | |
| cman-2.0.115-1.el5_4.2.ppc.rpm | SHA-256: 04cd7bb80afa017d2413142328f2b3741457db181b53e19c49ec9a4c6527f2e0 |
| cman-devel-2.0.115-1.el5_4.2.ppc.rpm | SHA-256: 1771a930ef883e947baa7440662f67e62bd90ea4dca92781a6008c9501a241d1 |
| cman-devel-2.0.115-1.el5_4.2.ppc64.rpm | SHA-256: 426567c41fc2c85019031fecbc02e4c2a70dadb3861b9f9f2f8320308b81b57e |
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4
| SRPM | |
|---|---|
| ppc |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| cman-2.0.115-1.el5_4.2.src.rpm | SHA-256: 115183a0ad3c875c1a0387df2b37beec9fc11a7299aa84ea277a6f4a95ad97de |
| x86_64 | |
| cman-2.0.115-1.el5_4.2.x86_64.rpm | SHA-256: aecb1c997f46338d675166fdc8e603abd0a7ba1bb561b0b38d93888eadbed5bf |
| cman-devel-2.0.115-1.el5_4.2.i386.rpm | SHA-256: 598978cd7376622cb7f83197e881876e3985b8c59488d873df325dd6a096e6b7 |
| cman-devel-2.0.115-1.el5_4.2.x86_64.rpm | SHA-256: aa095657a503404d50bbc802f5c9bff4c87c9dc3f8f5ecdc52f8c8175a2c3a11 |
| i386 | |
| cman-2.0.115-1.el5_4.2.i386.rpm | SHA-256: c650fb1689cd8cc5d455e567a570c5a02541f83901b350aa93b934f05d715d57 |
| cman-devel-2.0.115-1.el5_4.2.i386.rpm | SHA-256: 598978cd7376622cb7f83197e881876e3985b8c59488d873df325dd6a096e6b7 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
