Issued:
2009-09-10
Updated:
2009-09-18

RHBA-2009:1435 - cman bug fix update

Synopsis

cman bug fix update

Type/Severity

Bug Fix Advisory

Topic

Updated cman packages that fix a bug and add an enhancement are now available.

Description

The Cluster Manager (cman) utility provides user-level services for managing a Linux cluster.

This update applies the following bug fix:

  • in several places internally, cman assumed a transition message meant the node in question (or the sending node) was joining the cluster rather than just sending its current post-transition state. In some circumstances, this could lead to cman killing the wrong nodes. With this update, cman now checks the first_trans flag, which is set when a node first encounters another node in the cluster. Only if first_trans is set does cman now consider the node as joining the cluster. (BZ#518061)

Also, this update includes the following enhancement:

First, if a node was asked to remove a key (fence) for a device that it was not registered with, the node attempted to register with that device on-the-fly. With this update, when nodes are asked to remove a key from devices with which they are not registered, the fencing fails.

Second, for the common case of SAN environments with multiple Logical Unit Numbers (LUNs), the devices (LUNs) that can be unregistered must be ordered consistently on all nodes. Consistent ordering is not guaranteed by the Logical Volume Manager (LVM), however; device names can vary from node to node to prevent interleaving of fence operation among devices. With this update, the fence_scsi agent extracts the device name (pv_name) and Universally Unique Identifier (pv_uuid) and builds a hash keyed on the UUID (which is consistent on all nodes). This ensures devices are ordered consistently on each node.

Consequent to these two changes, the first node to fence removes the other node's key from the device or devices. The second node, now not registered with the device, is not able to fence the first. This allows fence_scsi to work in a 2-node cluster. (BZ#520823)

All cman users should install this updated package, which fixes this bug and enables users to use fence_scsi in a 2-node environment.

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for x86_64 - Extended Update Support5.4x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support5.4ia64
Red Hat Enterprise Linux for x86_64 - Extended Update Support5.4i386
Red Hat Enterprise Linux for Power, big endian5ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support5.4ppc
Red Hat Enterprise Linux for IBM z Systems5s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support5.4s390x
Red Hat Enterprise Linux Workstation5x86_64
Red Hat Enterprise Linux Workstation5i386
Red Hat Enterprise Linux Server5x86_64
Red Hat Enterprise Linux Server5ia64
Red Hat Enterprise Linux Server5i386
Red Hat Enterprise Linux Server from RHUI5x86_64
Red Hat Enterprise Linux Server from RHUI5i386

Updated Packages

  • cman-2.0.115-1.el5_4.2.ppc.rpm
  • cman-devel-2.0.115-1.el5_4.2.x86_64.rpm
  • cman-devel-2.0.115-1.el5_4.2.ppc64.rpm
  • cman-2.0.115-1.el5_4.2.s390x.rpm
  • cman-devel-2.0.115-1.el5_4.2.s390.rpm
  • cman-devel-2.0.115-1.el5_4.2.ia64.rpm
  • cman-2.0.115-1.el5_4.2.ia64.rpm
  • cman-2.0.115-1.el5_4.2.i386.rpm
  • cman-devel-2.0.115-1.el5_4.2.s390x.rpm
  • cman-2.0.115-1.el5_4.2.src.rpm
  • cman-devel-2.0.115-1.el5_4.2.i386.rpm
  • cman-2.0.115-1.el5_4.2.x86_64.rpm
  • cman-devel-2.0.115-1.el5_4.2.ppc.rpm

Fixes

CVEs

(none)

References

(none)

Additional information