- Issued:
- 2011-12-06
- Updated:
- 2011-12-06
RHBA-2011:1599 - Bug Fix Advisory
Synopsis
fence-agents bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated fence-agents package that fixes various bugs and adds several
enhancements is now available for Red Hat Enterprise Linux 6.
Description
Red Hat fence agents are a collection of scripts to handle remote power
management for cluster devices. They allow failed or unreachable cluster nodes
to be forcibly restarted and removed from the cluster.
The fence-agents package has been upgraded to upstream version 3.1.5, which
provides a number of bug fixes and enhancements over the previous version.
(BZ#707123)
This update also fixes the following bugs:
- Due to a change in REST API, the fence_rhevm utility incorrectly reported
status "UP" as "RUNNING". Consequently, the "fence_rhevm -o status" command
always reported "OFF". This bug has been fixed, and fence_rhevm now reports
status correctly. (BZ#731166)
- The fence_drac5 agent failed to clear its SSH sessions on exit as expected by
firmware. Consequently, the fence agent appeared to be still connected to the
device, and once the connection limit was reached, further logins to the device
were not allowed. This bug has been fixed, and fence_drac5 now clears its SSH
sessions properly. (BZ#718924)
- The "monitor" and "status" commands of the fence_ipmilan agent returned
chassis status instead of the fence device status. As a result, when a server
chassis was powered off, the fence_ipmilan agent exited with the incorrect
result code "2" when passed one of these commands. Now, fence_ipmilan returns
the correct result code "0" in the described scenario. (BZ#693428)
- When a blade server was removed from a blade chassis and was fenced via the
fence_bladecenter utility with the "--missing-as-off" option enabled, and was
scheduled with the "reboot" action, the fence failed. This bug has been fixed,
and fence_bladecenter no longer returns an error if a blade server is missing.
(BZ#708052)
- A list operation on fence_drac5 agents resulted in unexpected termination of
fence agents. A patch has been provided to address this issue, and fence_drac5
agents now work correctly in the described scenario. (BZ#718196)
- When the pyOpenSSL package was not present in the system, when an error
occurred, the fence_ilo agent terminated with a generic error message, making it
difficult to debug the problem. Now, fence_ilo reports that a dependent package
is missing in the described scenario, thus fixing this bug. (BZ#718207)
- The verbose mode of the fence_ipmilan agent exposed user passwords when the
whole command was logged by an IPMI tool. Now, the fence_ipmilan output has been
changed, and passwords remain undisclosed in the described scenario. (BZ#732372)
- During simultaneous unfencing operations performed via the fence_scsi agent,
all nodes launched their reservation commands at the same time. Consequently,
some of the commands failed. Now, fence_scsi retries to unfence a node until its
reservation command succeeds. (BZ#738384)
- A null dereference was discovered in the fence_kdump agent, when the strchr()
function returned the NULL value. With this update, the dereference has been
fixed in the code and no longer occurs. (BZ#734429)
This update adds the following enhancements:
- With this update, the new fence_vmware_soap() function has been provided to
enable fencing of VMware guests in ESX environments. (BZ#624673)
- The fence_kdump utility has been updated to integrate fencing with the kernel
dump environment. (BZ#461948)
- With this update, the RelaxNG schema generation for fence-agents has been
updated with the rha:description and rha:name attributes in its output to fence
attribute group elements. (BZ#698365)
- The fence_ipmilan agent has been updated to support the -L option of the
ipmilan daemon, thus supporting fencing with user session privileges level.
(BZ#726571)
Users of fence-agents are advised to upgrade to this updated package, which
fixes these bugs and adds these enhancements.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux High Availability for x86_64 6 x86_64
- Red Hat Enterprise Linux High Availability for x86_64 6 i386
- Red Hat Enterprise Linux Resilient Storage for x86_64 6 x86_64
- Red Hat Enterprise Linux Resilient Storage for x86_64 6 i386
- Red Hat Enterprise Linux High Availability (for RHEL Server) from RHUI 6 x86_64
- Red Hat Enterprise Linux High Availability (for RHEL Server) from RHUI 6 i386
- Red Hat Enterprise Linux Resilient Storage (for RHEL Server) from RHUI 6 x86_64
- Red Hat Enterprise Linux Resilient Storage (for RHEL Server) from RHUI 6 i386
Fixes
- BZ - 461948 - Provide a method to wait for kdump to complete from fencing
- BZ - 624673 - Rework fence_vmware fence agent to use SOAP API to connect to Virtual Center instead of VMware Perl API
- BZ - 693428 - fence_ipmilan returns incorrect status on monitor op if chassis is powered off
- BZ - 698365 - RFE: add rha:description="fence_name" attribute to fence attribute group elements
- BZ - 707123 - fence-agents rebase
- BZ - 708052 - fence_bladecenter --missing_as_off reboot action fails on missing blade
- BZ - 718196 - Dell Drac CMC is not working correctly as fence device
- BZ - 718207 - fence_ilo fails silently when pyOpenSSL is not installed
- BZ - 731166 - fence_rhevm needs to change "UP" status to "up" state as the REST-API has changed.
- BZ - 732372 - fence_ipmi exposes user password on verbose mod
- BZ - 738384 - fix scsi unfencing to allow simultaneous unfences
CVEs
(none)
References
(none)
Red Hat Enterprise Linux High Availability for x86_64 6
SRPM | |
---|---|
fence-agents-3.1.5-10.el6.src.rpm | SHA-256: 7b308b009fea5118e6bf84bbb88437cff6c9121634aafe0fdf794aa01e4886ca |
x86_64 | |
fence-agents-3.1.5-10.el6.x86_64.rpm | SHA-256: 219049d67cdfc5129f8dd9952abe102ca058e50f7546c3d89fe19789ae27fb81 |
fence-agents-debuginfo-3.1.5-10.el6.x86_64.rpm | SHA-256: ec7452692ef3669bc2cfc9202bce49bfdcbb8d5111eb6c8c4288be665a7abcd7 |
i386 | |
fence-agents-3.1.5-10.el6.i686.rpm | SHA-256: 67132fc53a20e2b09fbddbff16c07d1b5d56ece6b6dd3139496ada2eac0de43b |
fence-agents-debuginfo-3.1.5-10.el6.i686.rpm | SHA-256: 5b88c57bba197d28e6c9692687693af28577c70fb42f765b7ca7c9eada748e86 |
Red Hat Enterprise Linux Resilient Storage for x86_64 6
SRPM | |
---|---|
fence-agents-3.1.5-10.el6.src.rpm | SHA-256: 7b308b009fea5118e6bf84bbb88437cff6c9121634aafe0fdf794aa01e4886ca |
x86_64 | |
fence-agents-3.1.5-10.el6.x86_64.rpm | SHA-256: 219049d67cdfc5129f8dd9952abe102ca058e50f7546c3d89fe19789ae27fb81 |
fence-agents-debuginfo-3.1.5-10.el6.x86_64.rpm | SHA-256: ec7452692ef3669bc2cfc9202bce49bfdcbb8d5111eb6c8c4288be665a7abcd7 |
i386 | |
fence-agents-3.1.5-10.el6.i686.rpm | SHA-256: 67132fc53a20e2b09fbddbff16c07d1b5d56ece6b6dd3139496ada2eac0de43b |
fence-agents-debuginfo-3.1.5-10.el6.i686.rpm | SHA-256: 5b88c57bba197d28e6c9692687693af28577c70fb42f765b7ca7c9eada748e86 |
Red Hat Enterprise Linux High Availability (for RHEL Server) from RHUI 6
SRPM | |
---|---|
fence-agents-3.1.5-10.el6.src.rpm | SHA-256: 7b308b009fea5118e6bf84bbb88437cff6c9121634aafe0fdf794aa01e4886ca |
x86_64 | |
fence-agents-3.1.5-10.el6.x86_64.rpm | SHA-256: 219049d67cdfc5129f8dd9952abe102ca058e50f7546c3d89fe19789ae27fb81 |
fence-agents-debuginfo-3.1.5-10.el6.x86_64.rpm | SHA-256: ec7452692ef3669bc2cfc9202bce49bfdcbb8d5111eb6c8c4288be665a7abcd7 |
i386 | |
fence-agents-3.1.5-10.el6.i686.rpm | SHA-256: 67132fc53a20e2b09fbddbff16c07d1b5d56ece6b6dd3139496ada2eac0de43b |
fence-agents-debuginfo-3.1.5-10.el6.i686.rpm | SHA-256: 5b88c57bba197d28e6c9692687693af28577c70fb42f765b7ca7c9eada748e86 |
Red Hat Enterprise Linux Resilient Storage (for RHEL Server) from RHUI 6
SRPM | |
---|---|
fence-agents-3.1.5-10.el6.src.rpm | SHA-256: 7b308b009fea5118e6bf84bbb88437cff6c9121634aafe0fdf794aa01e4886ca |
x86_64 | |
fence-agents-3.1.5-10.el6.x86_64.rpm | SHA-256: 219049d67cdfc5129f8dd9952abe102ca058e50f7546c3d89fe19789ae27fb81 |
fence-agents-debuginfo-3.1.5-10.el6.x86_64.rpm | SHA-256: ec7452692ef3669bc2cfc9202bce49bfdcbb8d5111eb6c8c4288be665a7abcd7 |
i386 | |
fence-agents-3.1.5-10.el6.i686.rpm | SHA-256: 67132fc53a20e2b09fbddbff16c07d1b5d56ece6b6dd3139496ada2eac0de43b |
fence-agents-debuginfo-3.1.5-10.el6.i686.rpm | SHA-256: 5b88c57bba197d28e6c9692687693af28577c70fb42f765b7ca7c9eada748e86 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.