- Issued:
- 2014-10-13
- Updated:
- 2014-10-13
RHBA-2014:1562 - fence-agents bug fix update
Synopsis
fence-agents bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated fence-agents packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
Description
Red Hat fence agents are a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.
This update fixes the following bugs:
-
Previously, timeout options could not be entered to the fence_brocade agent. In addition, issued commands were not persistent, which could lead to problems if fencing hardware was rebooted. Also, when invalid password was entered, the fence agent was terminated as a stale process without any error message being reported to the user. This update provides a new implementation of fence agents that solves the aforementioned bugs. (BZ#641632, BZ#642232, BZ#841556, BZ#1114528)
-
Previously, users of the fence_ilo agent were not able to enter password that contained the quotation mark character ("). This update allows users to enter any character in the password as expected. (BZ#990537)
-
If the user name to log in to the fence_vmware_soap device does not have the correct privileges set, a python exception is thrown. Prior to this update, the fence_vmware_soap agent terminated the exception when the user did not have privileges for required operations. With this update, the user is informed by an error message that these privileges are not sufficient. (BZ#1018263)
-
Previously, fence agents could use key-based authentication over SSH even if the user wanted to use password authentication. As a consequence, the user was unable to log in. This update ensures that proper authentication is used, and the user can now log in using password authentication. (BZ#1048842)
-
Previously, using the fence_scsi_check.pl watchdog script failed to induce soft or clean reboot. But when Global File System 2 (GFS2) or other file systems were used, unmounting file systems could be blocked. This update provides a new fence_scsi_check_reboot.pl script, which ensures hard reboot, and problems with unmounting no longer occur. (BZ#1050022)
-
Prior to this update, the fence_vmware_soap fencing agent did not support the "--delay" option, which is indispensable for avoiding fence races. This update adds the "--delay" option, which delays start of fence agents for a given amount of seconds, and thus prevents fence races from occurring. (BZ#1051159)
-
Previously, the fence_apc utility was hard-coded with SSH1 connectivity. As a consequence, fence_apc was unable to connect to power distribution units that required SSH2 connectivity. This update introduces the "--ssh-options" option, which makes it possible to specify SSH connectivity options in fence_apc. Thus, all fencing agents that support SSH can now be adjusted to meet the SSH requirements of the fencing device. (BZ#1069618)
-
Previously, the fence_rsb agent was unable to work with certain versions of firmware. As a consequence, fence_rsb failed after an outlet powered off. However, fence_rsb kept on issuing the command to power the outlet back on. With this update, new firmware versions are supported, and fence_rsb succeeds in turning off and on the outlet. (BZ#1110428)
-
Prior to this update, fence agents that connected using the SSH protocol failed on login if an identity file was used as the method of authentication. The bug has been fixed, and these fence agents now successfully authenticate through an identity file. (BZ#1075683)
Users of fence-agents are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- fence-agents-3.1.5-48.el6.i686.rpm
- fence-agents-3.1.5-48.el6.x86_64.rpm
- fence-agents-debuginfo-3.1.5-48.el6.x86_64.rpm
- fence-agents-debuginfo-3.1.5-48.el6.i686.rpm
- fence-agents-3.1.5-48.el6.src.rpm
Fixes
- This content is not included.BZ - 917675
- This content is not included.BZ - 990537
- This content is not included.BZ - 1048842
- This content is not included.BZ - 1069618
- This content is not included.BZ - 1075683
- This content is not included.BZ - 1079291
- This content is not included.BZ - 1114528
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.