RHBA-2010:0180 - Bug Fix Advisory

Topic

Updated openais packages that fix several defects are now available for
Red Hat Enterprise Linux 5.5.

Description

The Open Application Interface Specification (OpenAIS) is an API and a set
of policies for developing applications that maintain service during
faults. The OpenAIS Standards-Based Cluster Framework is an OSI-certified
implementation of the Service Availability Forum AIS. The openais packages
contain the openais executive, openais service handlers, default
configuration files, and init script.

This update addresses the following issues:

• Resolve a segfault if the ais group doesn't exist. Note the ais group is

installed by the package but may be removed by the user later. This
resolution prints an error in that condition. (BZ#509180)

• Properly shut down service engines when the INTR signal or QUIT signal is

sent to the aisexec process. (BZ#526069)

• Resolve a race condition in the cpg service which could result in

failures during recovery of cpg services. (BZ#474400)

• A random error code was returned by saCkptCheckpointOpen if the internal

IPC operation failed. Now the proper SA_AIS_ERR_LIBRARY error code is
returned in this condition. (BZ#520164)

• An invalid assertion caused MTUs of 9000 bytes to generate a SIGABRT

signal and dump core when inside totem running heavy loads. With this
update, the assertion has been corrected (and the MTU increased to 10000
bytes). (BZ#520012)

• Resolve a problem where checkpoint iteration and discovery can happen

during synchronization of new data structures. This results in the GFS
POSIX locking feature appearing to leave leftover locks on nodes that no
longer exist. (BZ#515159)

• Resolve a stack overflow that results in a stack protector assertion.

(BZ#525280)

• Resolve a defect when calling saClmTrackStart more then one time can

trigger a segfault in library clients to the clm service. (BZ#529054)

• Resolve a defect where cpg can use a variable after it has been freed.

(BZ#540267)

• Resolve a defect where the bindnetaddr does not follow the specifications

outlined by the man pages for operation because it uses the interface's
broadcast address instead of its local address for binding. (BZ#540490)

• Resolve a defect where originating 206 messages in the recovery phase

triggers totem to block until a processor is stopped or started.
(BZ#544680)

• Resolve a defect where a buffer overflow can occur in a string buffer

used when the "debug: on" option is used in the configuration. (BZ#544682)

• Resolve a defect where an internal totem operating flag is not set

properly. (BZ#545151)

• Resolve a defect where an invalid assertion in single-node operation can

trigger an assertion. (BZ#547828)

• Resolve a defect where the IPC limit was 477k instead of 1MB as it should

be. (BZ#515590)

• Resolve a defect where IPC would indicate the outbound ipc queue was

empty when the IPC queue is fully consumed by data. (BZ#560313)

• Resolve a defect where errant code calls pthread_cond_wait in an atexit()

handler, resulting in lockup of the aisexec daemon 1% of the time on
shutdown. (BZ#566467)

All openais users should install this update, which fixes these bugs.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 474400 - groupd missing cpg confchg
• BZ - 509180 - Openais segfaults at startup when the user ais does not exist.
• BZ - 515590 - openais has limit of 477000 bytes for an IPC request.
• BZ - 519159 - gfs lock is reported on 2 out of 4 nodes in cluster.
• BZ - 520164 - saCkptCheckpointOpen ipc failure results in random error
• BZ - 525280 - Occasionally a node within a 5-node RHEL 5.3 cluster is fenced for no apparent reason resulting in a core dump of aisexec.
• BZ - 526069 - SIGQUIT doesn't shut down service engines
• BZ - 529054 - calling saClmTrackStart more then one time may result in segfault.
• BZ - 540267 - cpg can use a variable after it has been freed
• BZ - 540490 - OpenAIS and bindnetaddr doesn't work with netmasks
• BZ - 544680 - originating 206 or more messages in recovery causes totem to block
• BZ - 544682 - Two string buffers can be overflowed if enough messages are originated or not originated in RECOVERY
• BZ - 545151 - recovery protocol doesn't properly reset a variable if the token->recieved_flg is set to 0
• BZ - 547828 - There is an invalid assertion in totemsrp which can cause a sigabort.
• BZ - 566467 - aisexec still running after "service cman stop"

CVEs

(none)

References

(none)