SUSE-RU-2018:2585-1: moderate: Recommended update for pacemaker

sle-updates at sle-updates at
Fri Aug 31 13:07:55 MDT 2018

   SUSE Recommended Update: Recommended update for pacemaker

Announcement ID:    SUSE-RU-2018:2585-1
Rating:             moderate
References:         #1009076 #1011240 #1015264 #1015842 #1022807 
                    #1024037 #1028138 #1035822 #1042054 #1042374 
                    #1053463 #1054389 #1058844 #1059187 #1066710 
                    #1069468 #1074039 #1082883 #888726 #950128 
Affected Products:
                    SUSE Linux Enterprise High Availability 12-SP2

   An update that has 21 recommended fixes can now be


   This update for pacemaker provides the following fixes:

   - alert: Set SNMP_PERSISTENT_DIR directory for the snmp-trap tool.
   - attrd: Accept connections only after CIB connection is active.
   - attrd: Be consistent about attr/host logging.
   - attrd: Broadcast local overrides of sync'ed attributes.
   - attrd,crmd: Erase attributes at attrd start-up, not first join.
   - attrd: Ensure node name is broadcast at start-up.
   - attrd: Make CIB connection function self-contained.
   - attrd,stonithd: Make the regular expression parsing more efficient.
   - attrd: Synchronize attributes held only on own node.
   - attrd,tools: Avoid memory leaks from the use of crm_itoa().
   - cib: Broadcasts of cib changes should always pass ACLs check.
   - cib: Improve re-sync handling.
   - cib: Improve the warning message when legacy diff fails.
   - cib,libcrmcommon,lrmd: Improve the handling of IP addresses in messages.
   - crmd: Abort transition whenever the quorum is lost.
   - crmd: Ack pending operations that were cancelled due to rsc deletion.
   - crmd: Allow clearing all stonith fail counts.
   - crmd: Assert when an operation can't be created.
   - crmd: Write faked failures to CIB whenever possible.
   - crmd: Do not assert if the LRM query fails.
   - crmd: Fix a core dump if the remote connection does not exist.
   - crmd: Avoid DC sending offer to itself twice.
   - crmd: Fix a memory leak when the node state is unknown.
   - crmd: Fix a use-after-free error when disconnecting from CIB.
   - crmd: Be more resilient when checking an LRM command's "from".
   - crmd: Change of the log level and addition of uuid.
   - crmd: Check for too many stonith failures only when aborting for that
   - crmd: Clean up throttle memory on exit.
   - crmd: Clear failures only for the requested node.
   - crmd: Consider target when checking for stonith failures.
   - crmd: DC should update stonith fail count before aborting transition.
   - crmd: Do not abandon fencing after a "no devices" failure.
   - crmd: Do not abort for v2 diff LRM refresh if actions pending.
   - crmd: Fix a problem that was destroying election structure twice.
   - crmd: Do not fence old DC if it is shutting down as soon-to-be DC joins.
   - crmd: Do not restart transition if no fence devices.
   - crmd: Remove size restriction on node state xpath.
   - crmd: Forget stonith failures when forgetting node.
   - crmd: Hard error if remote start fails due to missing key.
   - crmd: Improve lrmd failure handling.
   - crmd: Increase severity when fencing did not happen. (bsc#1011240)
   - crmd,libcrmcommon,libcluster,tools: Handle PID as string properly.
   - crmd,libcrmcommon: Update throttle when CPUs are hot-plugged.
   - crmd: Log transition ID when aborting.
   - crmd: Match only executed down events.
   - crmd: Quorum gain should always cause new transition.
   - crmd: Remove I/O load checks.
   - crmd: Return rich error codes from get_lrm_resource().
   - crmd: Scale all cib operation timeouts.
   - crmd: Scale timeouts with the number of remotes too.
   - crmd: Skip restart at (not above) stonith-max-attempts.
   - crmd: Track stonith fail counts on all nodes.
   - crmd: Update cache status for guest node whose host is fenced.
   - crmd: Validate CIB diffs better.
   - crm_mon: Canonical casing of Content-Type CGI header field.
   - crm_mon: Exit child with error if execl should return.
   - crm_mon: Make CGI bail out on suspicious arguments.
   - crm_mon: Overcome crm_system_name no longer influenced with argv.
   - crm_mon: Protect against non-standard or failing asctime.
   - crm_resource: Ensure we wait for all messages before exiting.
   - crm_resource: Prevent disconnection from crmd during cleanup.
   - crm_resource: See what cleanup would have done for a saved configuration.
   - cts: Operate pacemaker service on startup to prevent triggering
     StopWhenUnneeded of corosync service.
   - cts: Update corosync fail patterns.
   - dbus: Prevent lrmd from hanging on DBus calls. (bsc#1015264)
   - doc: Add documentation for new pcmk_delay_base. (bsc#1074039)
   - extra: Correct ClusterMon metadata.
   - fencing: Do not print event twice with stonith_admin --verbose.
   - fencing: Ignore empty 'action' parameter in fence devices.
   - fencing: Fix a memory leak in stonith_admin --env.
   - iso8601: strftime needs fully populated struct tm. (bsc#1058844)
   - libcib: Always use current values when unpacking config.
   - libcib: Fix a memory leak in query_node_uuid().
   - libcib: Fix a use-after-free when deleting CIB connection.
   - libcib: Correctly search for v2 patchset changes.
   - libcluster,libcrmcommon: Improve BZ2 error messages.
   - libcrmcluster: Improve error checking when updating node name.
   - libcrmcommon: Assert if an operation key can't be generated.
   - libcrmcommon: Async connection callback must get negative error codes.
   - libcrmcommon: Avoid evicting IPC client if messages spike briefly.
   - libcrmcommon: Fix a memory leak when the schema transform is not found.
   - libcrmcommon: Correctly compare XML comments to prevent crmd from
     getting into an infinite election loop. (bsc#1024037)
   - libcrmcommon: Correctly delete XML comments according to their
     positions. (bsc#1024037)
   - libcrmcommon: Do not delay next flush by more than 5 seconds.
   - libcrmcommon: Ensure filename is not NULL before opening it.
   - libcrmcommon: Filter attributes with '#' from XML fields.
   - libcrmcommon: Fix possible infinite loop in buffer_print.
   - libcrmcommon: Handle schema versions properly.
   - libcrmcommon,liblrmd,lrmd: Validate PCMK_remote_port.
   - libcrmcommon,lrmd: Use meaningful error codes in remote messages and
     connection callbacks.
   - libcrmcommon,pengine,tools: Pass local node name to resource agents.
   - libcrmcommon,tools: Improve XML write error handling.
   - libcrmservice: Prevent an infinite loop on a bad DBus reply.
   - libcrmservice: Fix a memory leak on DBus errors.
   - libcrmservice: Follow LSB standard for header block more strictly.
   - libcrmservice: List systemd unit files, not only active units.
   - libcrmservice,pacemakerd: Improve privilege dropping.
   - libcrmservice: Parse LSB long description correctly.
   - libcrmservices: Fix an assertion for HB resource with no parameters.
   - libfencing,fencing: Properly remap "action" in configuration.
   - liblrmd: Add a function to create resource info structure.
   - liblrmd: Make sure the operation of a remote resource returns if setup
     of the key fails. (bsc#1053463)
   - libpengine: Do not double score when adding first allowed node.
   - libpe_status: Fix precedence of operation in meta-attributes.
   - libpe_status: Limit resource type check to primitives.
   - libpe_status: Make sure monitors are rescheduled, not reloaded.
   - libpe_status: Properly detect when nodes should suicide.
   - libpe_status: Recover after failed demote when appropriate.
   - libpe_status: Use correct default timeout for probes.
   - libpe_status: Validate no-quorum-policy=suicide correctly.
   - libservices: Bring DBus code closer to current standards. (bsc#1015264)
   - libservices: Dynamically allocate operation key.
   - libservices: Ensure completed operations are not on blocked operations
   - libservices: Ensure recurring actions table is created before using.
   - libservices: Handle in-flight case first when cancelling an operation.
   - libservices: Prevent use-after-free when freeing an operation.
   - libservices: Properly cancel in-flight systemd/upstart op.
   - libservices: Properly detect in-flight systemd/upstart ops when kicking.
   - libservices: Properly watch writable DBus handles.
   - libservices (sync): Ensure no zombie is left behind.
   - libservices(sync): Partially prevent killing foreign process.
   - libservices: Treat systemd service reloading as OK (bsc#1059187)
   - logging: Ensure blackbox gets generated on arithmetic error.
   - lrmd: Always use most recent remote proxy.
   - lrmd: Don't reject protocol 1.0 clients. (bsc#1009076)
   - lrmd: Ensure verbosity options are handled after crm_log_init()
   - lrmd: Have pacemaker-remote reap zombies if it is running as pid 1.
   - lrmd: Prevent double free after unregistering stonith device for
     monitoring. (bsc#1035822)
   - lrmd: Tweak TLS listener messages.
   - mcp: Correct the differences in access permission setting.
   - mcp,pacemaker_remote: Order after time-sync.
   - pacemaker_remoted: Allow compilation with glib older 2.36.
   - pacemaker-remote: Fix pacemaker_remoted shutdown while unmanaged.
   - pacemaker_remote: Warn if TLS key can't be read at start-up.
   - pacemaker.service: Recommend not to limit tasks (bsc#1028138,
   - PE: Allow all resources to stop prior to probes completing.
   - PE: Assume resources on remote nodes do not need to be restarted until
     absolutely necessary.
   - PE: Bare metal remotes can run resources now and must be probed.
   - PE: Correctly compare a pointer with NULL instead of FALSE.
   - PE: Correctly implement pe_order_implies_first_printed.
   - PE: Detailed resource information should include connection resource
   - PE: Do not re-add a node's default score for each location constraint.
   - PE: Ensure remote nodes are fenced when the connection cannot be
   - PE: Ensure stop operations occur after stopped remote connections have
     been brought up.
   - PE: Ensure unrecoverable remote nodes are fenced even if no resources
     can run on them.
   - PE: Exclude resources and nodes from the symmetric_default constraint in
     some circumstances.
   - PE: Fence unrecoverable remote nodes with no resources.
   - PE: Flag resources that are acting as remote nodes.
   - PE: Ignore optional unfencing events and report the fencing type.
   - PE: Improved fencing logging.
   - PE: Improved logging of reasons for stop/restart actions.
   - PE: Improve logging of node fencing and shutdown.
   - PE: Only allowed nodes need to be considered when ordering resource
     startup after all recovery.
   - PE: Only retrigger unfencing on nodes that ran operations with the old
   - PE: Partially restore 62ed004 to ensure remote connections are available
     before attempting resource recovery.
   - PE: Preferred nodes are only accepted if their scores are equal to the
     otherwise best candidate.
   - PE: Remote connection resources are safe to require only quorum.
   - PE: Resources are allowed to stop before their state is known everywhere.
   - PE: Restore the ability to send the transition graph via disk if it gets
     too big.
   - PE: Unfencing: Correctly detect changes to device definitions.
   - pengine: Avoid fence loop for remote nodes.
   - pengine: Avoid use-of-NULL when unpacking tickets.
   - pengine: Consider guest node unclean if its host is unclean.
   - pengine: Create a pseudo-fence for guest node recovery.
   - pengine: Detect proper clone name at startup.
   - pengine: Do not ignore permanent master scores at startup.
   - pengine: Do not keep unique instances on same node.
   - pengine: Do not schedule reload and restart in same transition.
   - pengine: Guest node fencing doesn't require stonith enabled.
   - pengine: Handle resource migrating behind a migrating remote connection.
   - pengine: Have guest-node connection-resources probed.
   - pengine: If ignoring failure, also ignore migration-threshold.
   - pengine: Improve detection of invalid constraints.
   - pengine: Improve messages when assigning resources to nodes.
   - pengine,libpengine: Avoid potential use of NULL variables.
   - pengine,libpe_status: Don't clear same fail-count twice.
   - pengine,libpe_status: Make failcount clearing messages more helpful.
   - pengine,libpe_status: Revisit fencing messages.
   - pengine: Make checks a little safer.
   - pengine: Make sure calculated resource scores are consistent on
     different architectures (bsc#1054389)
   - pengine: Fix a memory leak when writing graph to file.
   - pengine: Re-enable unrecoverable remote fencing.
   - pengine: Reset loss-policy from fence to stop if no fencing.
   - pengine,tools,libpe_status: Avoid unnecessary use of pe_find_current.
   - pengine: Use unique ids for meta-attributes of guest-connection.
   - pengine: Unmanaged guest-container puts guest in maintenance.
   - pengine: Use newer Pacemaker Remote terminology.
   - pengine: Validate more function arguments.
   - RA: ClusterMon - Correctly handle "update" parameter.
   - RA: NodeUtilization - Use xl if available. (bsc#1015842)
   - remote: Allow cluster and remote LRM API versions to diverge.
   - rng: Create resources-2.7.rng to update template class validation.
   - spec: Add gcc to BuildRequires.
   - spec: cts brings an RA that needs python-systemd.
   - spec: Make sure shadow package is installed before adding user and group.
   - spec: Prevent overwriting existing sysconfig files by conditionally
     running %fillup_only. (bsc#1022807, bsc#980341)
   - stonith: Check for missing params in new device and dup.
   - stonith-ng: Add pcmk_delay_base as static base-delay. (bsc#1074039)
   - stonith-ng: Advertise pcmk_on_action via metadata.
   - stonith-ng: Avoid double-free of pending-ops in free_device.
   - stonith-ng: Make fencing-device reappear properly after re-enabling.
   - stonith-ng: Trigger on constraints added to cib. (bsc#1042374)
   - systemd: Add TasksMax comment to pacemaker_remote unit. (bsc#1028138,
   - systemd unit files: Add dependency on resource-agents-deps.
   - systemd unit files: Enable TasksMax=infinity. (bsc#1028138, bsc#1066710)
   - systemd unit files: Restore DBus dependency.
   - TE: Don't bump counters when action or synapse is invalid.
   - tools: Add version options for cibsecret.
   - tools: Allow crm_resource to be called without arguments.
   - Tools: allow crm_resource to operate on anonymous clones in unknown
   - tools: Do not fail if already at the latest schema for cibadmin
   - tools: Avoid using deprecated options.
   - tools: Check sscanf return value when parsing failed op list.
   - tools: crm_attribute should prefer node name from environment.
   - tools: crm_resource should free result if re-running function returns
   - tools: crm_resource should set OCF_RESKEY_crm_feature_set.
   - tools: Don't expect reply to failed send.
   - tools: Ensure crm_resource data set is initialized.
   - tools: Ensure crm_resource works if no command is specified.
   - tools: Implement clean-up dry-run correctly.
   - tools: Implement crm_failcount command-line options correctly.
   - tools: Improve crm_master and crm_standby option handling.
   - tools: Improve crm_resource help. (bsc#950128)
   - tools: Properly ignore version with crm_diff --no-version. (bsc#888726)
   - tools: Re-enable crm_resource --lifetime option. (bsc#950128)
   - tools: Set meta_timeout env when crm_resource --force-* executes RA.
   - tools: Set the correct OCF_RESOURCE_INSTANCE env when crm_resource
     --force-* executes RA.
   - tools: Support crm_failcount -q as advertised.
   - tools: Warn if crm_resource --wait called in mixed-version cluster.
   - Prevent notify actions from causing --wait to hang.
   - Fix log showing the node status so that it is easily distinguishable
     from other logs.
   - Improve recovery when demote fails with OCF_NOT_RUNNING.
   - Install /etc/pacemaker directory for storing authkey file. (bsc#1082883)
   - Replace references to /var/adm/fillup-templates with new %_fillupdir
     macro. (bsc#1069468)

Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise High Availability 12-SP2:

      zypper in -t patch SUSE-SLE-HA-12-SP2-2018-1820=1

Package List:

   - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):



More information about the sle-updates mailing list