SUSE-RU-2021:2547-1: moderate: Recommended update for fence-agents
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Wed Jul 28 13:17:00 UTC 2021
SUSE Recommended Update: Recommended update for fence-agents
______________________________________________________________________________
Announcement ID: SUSE-RU-2021:2547-1
Rating: moderate
References: #1182701 #1185058 SLE-17998 SLE-18182
Affected Products:
SUSE Linux Enterprise Module for SUSE Manager Server 4.2
SUSE Linux Enterprise High Availability 15-SP3
______________________________________________________________________________
An update that has two recommended fixes and contains two
features can now be installed.
Description:
This update for fence-agents fixes the following issues:
- Corrections to support Azure SDK greater than 15 - including backward
compatibility (bsc#1185058)
- Fixed an issue when libvirt breaks the connection in every 30 seconds.
- ECO: Update fence-agents. (jsc#SLE-18182)
- Add upstream PR to aws-vpc-move-ip and apply required resource and fence
agent patches. (jsc#SLE-17998)
- Fixed an issue when fence-agent does not restart the node properly.
(bsc#1182701)
- Major rework of the original agent:
* fence_gce: default method moved back to powercycle (#389)
* fence_gce: make serviceaccount work with new libraries
* fence_virt*: simple_auth: use %zu for sizeof to avoid failing verbose
builds on some archs
* configure: dont fail when --with-agents contains virt
* fence_mpath: watchdog retries support
* fencing: add multi plug support for reboot-action
* fence_redfish: add missing diag logic
* fencing: fix issue with hardcoded help text length for metadata
* fencing: add stonith_status_sleep parameter for sleep between status
calls during a STONITH action
* fence_aws: add filter parameter to be able to limit which nodes are
listed
* virt: fix a bunch of coverity scan errors in ip_lookup
* virt: make sure to provide an empty default to strncpy
* virt: make sure buffers are big enough for 0 byte end string
* virt: increase buffer size to avoid overruns
* virt: check return code in virt-sockets
* virt: fix plugin (minor) memory leak and plug in load race
* virt: attempt to open file directly and avoid race condition
* virt: fix different coverity scan errors in common/tcp
* virt: cleanup deadcode in client/vsock
* virt: cleanup deadcode in client/tcp
* virt: fix potential buffer overrun
* virt: fix mcast coverity scan errors
* virt: drop pm-fence plugin
* virt: drop libvirt-qmf plugin
* virt: drop null plugin
* virt: drop fence_virtd non-modular build
* virt: fix plugin installation regression on upgrades
* fence_virt: metadata fixes, implement manpage generation and
metadata/delay/rng checks
* virt: make sure variable is initialized
* zvm: reformat fence_zvm to avoid gcc warnings
* virt: drop -Werror to avoid unnecessary failures
* virt: disable -Wunused for yy generated files
* virt: disable fence-virt on bsd variants
* virt: merge spec files
* build: fix more gcc warnings
* build: remove unused / obsoleted options
* build: fix some annoying warnings at ./autogen.sh time
* virt: move all virt CFLAGS/LDFLAGS in the right location
* virt: fix unused gcc warnings and re-enable all build warnings
* virt: fix write-strings gcc warnings
* virt: fix pointer-arith gcc warnings
* virt: fix declaration-after-statement gcc warnings
* virt: fix build with -Wmissing-prototypes
* build: don´t override clean target
* virt: plug fence_virt into the build
* virt: allow fence_virt build to be optional
* virt: drop support for LSB init script
* virt: collect docs in one location
* virt: remove unnecessary files and move build macros in place
* Ignore fence-virt man pages
* Move fence_virt to the correct location
* spec: use python3 path for newer releases
* spec: undo autosetup change that breaks builds w/git commit hashes
* Ignore unknown options on stdin
* fence_gce: support google-auth and oauthlib and fallback to deprecated
libs when not available
* spec: add aliyun subpackage and fence_mpath_check* to mpath subpackage
* fence_gce: Adds cloud-platform scope for bare metal API and optional
proxy flags (#382)
* fence_virt: Fix minor typo in metadata
* fence_gce: update module reqs for SLES 15 (#383)
* Add fence_ipmilanplus as fence_ipmilan wrapper always enabling lanplus
* fence_redfish: Add diag action
* fence_vbox: updated metadata file
* fence_vbox: do not flood host account with vboxmanage calls
* fence_aws/fence_gce: allow building without cloud libs
* fence_gce: default to onoff
* fence_lpar: Make --managed a required option
* fence_zvmip: fix shell-timeout when using new disable-timeout parameter
* Adds service account authentication to GCE fence agent
* spec: dont build -all subpackage as noarch
* fence_virt: add plug parameter that obsoletes old port parameter
* Try to detect directory for initscripts configuration
* Accept SIGTERM while waiting for initialization.
* Add man pages to fence_virtd service file.
* Fix spelling error in fence_virt.conf.5
* build: fix BRs for suse distros
* build: remove ExclusiveArch
* build: removed gcc-c++ BR
* build: add spec-file and rpm build targets
* build: cleanup/improvements to reworked build system
* [build] rework build system to use automake/libtool
* fence_virtd: Fix segfault in vl_get when no domains are found
* fence_virt: fix core dump
* build: harden and make it possible to build with -fPIE
* fence_virt: dont report success for incorrect parameters
* fence_virt: mcast: config: Warn when provided mcast addr is not used
* fence_virtd: Return control to main loop on select interruption
* fence-virtd: Add missing vsock makefile bits
* fence-virt: Add vsock support
* fence_virtd: Fix transposed arguments in startup message
* fence_virt: Rename challenge functions
* fence_virtd: Cleanup: remove unused configuration options
* fence_virt: Remove remaining references to checkpoints
* fence_virt: Remove remaining references to checkpoints
* fence-virt: Format string cleanup
* fence_virtd: Implment hostlist for the cpg backend
* fence_virt: Fix logic error in fence_xvm
* fence_virtd: Cleanup config module
* fence_virtd: cpg: Fail initialization if no hypervisor connections
* fence_virtd: Make the libvirt backend survive libvirtd restarts
* fence_virtd: Allow the cpg backend to survive libvirt failures
* fence_virtd: cpg: Fix typo
* fence-virtd: Add cpg-virt backend plugin
* fence_virtd: Remove checkpoint, replace it with a CPG only plugin
* fence-virt: Bump version
* fence_virtd: Add better debugging messages for the TCP listner
* fence_virtd: Fix potential unlocked pthread_cond_timedwait()
* fence-virtd: Cleanup small memory leak
* fence_virtd: Fix select logic in listener plugins
* Factor out common libvirt code so that it can be reused by multiple
backends
* Document the fence_virtd -p command line flag
* fence_virtd: Log an error when startup fails
* Retry writes in the TCP, mcast, and serial listener plugins while
sending a response to clients, if the write fails or is incomplete.
* Make the packet authentication code more resilient in the face of
transient failures.
* Disable the libvirt-qmf backend by default
* Bump the versions of the libvirt and checkpoint plugins
* fence-virtd: Enable TCP listener plugin by default
* fence-virtd: Cleanup documentation of the TCP listener
* fence_xvm/fence_virt: Add support for the validate-all status op
* fence-virt: Add list-status command to man page and metadata
* fence-virt: Cleanup numeric argument parsing
* fence-virt: Log message to syslog in addition to stdout/stderr
* fence-virt: Permit explicitly setting delay to 0
* fence-virt: Add 'list-status' operation for compat with other agents
* Allow fence_virtd to run as non-root
* Remove delay from the status, monitor and list functions
* Resolves serveral problems in checkpoint plugin, making it functional.
* daemon_init: Removed PID check and update
* fence_virtd: drop legacy SysVStartPriority from service unit
* fence-virt: client: Do not truncate VM domains in list output
* client: fix "delay" parameter checking (copy-paste)
* fence-virt: Fix broken restrictions on the port ranges
* Clarify debug message
* fence-virtd: Use perror only if the last system call returns an error.
* fence-virtd: Fix printing wrong system call in perror
* fence-virtd: Allow multiple hypervisors for the libvirt backend
* fence-virt: Don't overrwrite saved errno
* fence-virt: Fix small memory leak in the config module
* fence-virt: Fix mismatched sizeof in memset call
* fence-virt: Send complete hostlist info
* fence-virt: Clarify the path option in serial mode
* Bump version
* fence-virt: Bump version
* fence_virtd: Fix broken systemd service file
* fence_virt/fence_xvm: Print status when invoked with -o status
* fence-virt: Fix for missed libvirtd events
* fence-virt: Fail properly if unable to bind the listener socket
* client: dump all arguments structure in debug mode
* Drop executable flag for man pages (finally)
* Honor implicit "ip_family=auto" in fence_xvm w/IPv6 mult.addr.
* Fix using bad struct item for auth algorithm
* Drop executable flag for man pages
* use bswap_X() instead of b_swapX()
* fence_virtd: Fix memcpy size params in the TCP plugin
* Revert "fence-virt: Fix possible descriptor leak"
* fence_virtd: Return success if a domain exists but is already off.
* fence-virt: Add back missing tcp_listener.h file
* fence-virt: Fix a few fd leaks
* fence-virt: Fix free of uninitialized variable
* fence-virt: Fix possible null pointer dereference
* fence-virt: Fix memory leak
* fence-virt: Fix fd leak when finding local addresses
* fence-virt: Fix possible descriptor leak
* fence-virt: Fix possible fd leak
* fence-virt: Fix null pointer deref
* fence-virt: Explicitly set delay to 0
* fence-virt: Fix return with lock held
* fence_virt: Fix typo in fence_virt(8) man page
* fence_virt: Return failure for nonexistent domains
* Improve fence_virt.conf man page description of 'hash'
* Add a TCP listener plugin for use with viosproxy
* In serial mode, return failure if the other end closes the connection
before we see SERIAL_MAGIC in the reply or timeout.
* Stop linking against unnecessary QPid libs.
* Update libvirt-qmf plugin and docs
* Fix crash when we fail to read key file.
* Fix erroneous man page XML
* Add 'interface' directive to example.conf
* Add old wait_for_backend directive handling & docs
* Return proper error if we can't set up our socket.
* Fix startup in systemd environments
* Add systemd unit file and generation
* Don't override user's pick for backend server module
* Use libvirt as default in shipped config
* Clean up compiler warnings
* Fix serial domain handling
* Fix monolithic build
* Clean up build and comments.
* Add missing pm_fence source code
* Disable CMAN / checkpoint build by default
* Rename libvirt-qpid -> libvirt-qmf
* Fix static analysis errors
* Reword assignment to appease static analyzers
* Handle return value from virDomainGetInfo
* Fix bad sizeof()
* Make listen() retry
* Add map_check on 'status' action
* Update README
* Don't reference out-of-scope temporary
* Ensure we don't try to strdup() or atoi() on NULL
* Add libvirt-qmf support to the libvirt-qpid plugin
* Convert libvirt-qpid plugin to QMFv2
* Fix incorrect return value on hash mismatch
* Fix error getting status from libvirt-qpid plugin
* Make fence-virt requests endian clean
* Fix input parsing to allow domain again
* Provide 'domain' in metadata output for compatibility
* High: Fix UUID lookups in checkpoint backend
* Curtail 'list' operation requests
* Fix man page references: fence_virtd.conf -> fence_virt.conf
* Add 'list' operation for plugins; fix missing getopt line
* Fix build with newer versions of qpid
* Make configure.in actually disable plugins
* Rename parameters to match other fencing agents
* Fix fence_xvm man page to point to the right location
* client: Clarify license in serial.c
* Return 2 for 'off' like other fencing agents
* Reset flags before returning from connect_nb
* Use nonblocking connect to vmchannel sockets
* More parity with other fencing agents' parameters
* Fix memory leaks found with valgrind
* Add basic daemon functions
* Fix bug in path pruning support for serial plugin
* Fix libvirt-qpid bugs found while testing
* Fix segfault caused by invalid map pointer assignment
* Fix another compiler warning
* Fix build warnings in client/serial.c
* Add 'monitor' as an alias for 'status'
* Add serial listener to configuration utility
* Make serial/vmchannel module enabled by default
* Add missing 'metadata' option to help text
* Add missing static_map.h
* Add metadata support to fence_xvm/fence_virt
* Allow IPs to be members of groups
* Allow use of static mappings w/ mcast listener
* Make 'path' be a directory
* Remove useless debug printfs
* Enable VM Channel support in serial plugin
* Pass source VM UUID (if known) to backend
* Mirror libvirt-qpid's settings in libvirt-qpid plugin
* libvirt-qpid: clean up global variable
* Enable a configurable host/port on libvirt-qpid plugin
* Minor config utility cleanups
* Remove unnecessary name_mode from multicast plugin
* Add prototypes and clean up build warnings
* Use seqno in serial requests
* Minor debugging message cleanup
* Fix build error due to improper value
* Static map support and permissions reporting
* Sync up on SERIAL_MAGIC while waiting for a response
* Don't build serial vmchannel module by default
* Initial checkin of serial server-side support
* Fix fence_virt.conf man page name
* Add Fedora init script
* Compiler warning cleanups in virt-serial.c
* Add wait-for-backend mode
* Fix up help text for clients
* Minor XML cleanups, add missing free() call
* add missing module_path to fence_virtd.conf.5
* Add capabilities to virt-serial
* Note that serial support is experimental
* Add a serial.so build target
* Add vmchannel serial event interface
* Split fence_virt vs. fence_xvm args
* Add static map functions.
* Fix build warning due to missing #include
* Fix multiple query code
* Better config query & multiple value/tag support
* Add simple configuration mode
* Allow setting config values to NULL to clear them
* Clean up example config file
* Sort plugins by type when printing them
* Revert "Sort plugins by type when printing them"
* Sort plugins by type when printing them
* Clean up some configuration plugin information
* add empty line between names
* Make libvirt to automatically use uuid or names
* Improve error reporting
* Fix build for hostlist functionality
* Hostlist functionality for libvirt, libvirt-qpid
* Work around broken nspr headers
* Fix installation target for man pages
* Add man page build infrastructure
* Make fence_xvm compatibility mode enabled by default
* Fix libvirt / mcast support for name_mode
* Fix agent option parsing
* Fix dlsym mapping of C++ module
* Make uuids work with libvirt-qpid
* Fix uninitialized variable causing false returns
* Add 'help' to fence_virtd
* Fix libvirt-qpid build
* Fix libvirt-qpid build
* Add libvirt-qpid build target
* Initial checking of libvirt-qpid plugin
* Fix build on i686
* Make symlink/compatibilty mode disabled by default
* Add simple tarball / release script
* Use immediate resolution of symbols
* Example config tweaks
* Use sysconfdir for /etc/fence_virt.conf
* Fix package name and install locations
* Add 'maintainer-clean' target
* Fix build errors on Fedora
* Add missing header file
* Ignore automake error
* Make the build script actually build
* Make cluster mode plugin work
* Add basic cpg stuff for later
* Enable 'on' operation for libvirt backend
* Clean up modular build
* Minor build cleanups
* Yet more build fixes
* More build cleanups
* Build cleanups
* Initial port to autoconf
* Add checkpoint.c stub functions
* Add sequence numbers to requests for tracking
* Include missing include
* Call generic history functions
* Make history functions generic
* Make debugging work from modules again
* Revert "Fix build issue breaking debug printing from modules"
* Fix build issue breaking debug printing from modules
* Fix libvirt backend; VALIDATE was wrong
* Cleanups, add daemon support
* Add simple 'null' skeleton backend plugin
* Make all plugins dynamically loaded.
* Fix error message
* Remove dummy serial prototypes
* Remove modules in 'make clean'
* Make listeners plugins.
* Move name_mode to fence_virtd block
* Add name_mode to example.conf
* Move VM naming scheme to top level of config
* Enable UUID use in libvirt.c
* Move options.c to client directory
* Drop duplicate fencing requests
* Don't require specifying an interface in fence_virt.conf
* Fix empty node parsing
* Actually use the default port by default
* Don't overwrite config files
* Install modules, too.
* Add temporary 'make install' target
* Make a default configuration file
* Make mcast work with UUIDs
* Add checkpoint.so to the build
* Fix missing carriage returns on debug prints
* Add architecture overview description
* Make serial_init match mcast_init.
* Make multicast use config file
* Integrate config file processing
* Create server-side plugin architecture
* Make libvirt a built-in plugin
* Fix header in serial.c.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2021-2547=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2021-2547=1
Package List:
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64):
fence-agents-4.9.0+git.1624456340.8d746be9-3.5.1
fence-agents-debuginfo-4.9.0+git.1624456340.8d746be9-3.5.1
fence-agents-debugsource-4.9.0+git.1624456340.8d746be9-3.5.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
fence-agents-4.9.0+git.1624456340.8d746be9-3.5.1
fence-agents-debuginfo-4.9.0+git.1624456340.8d746be9-3.5.1
fence-agents-debugsource-4.9.0+git.1624456340.8d746be9-3.5.1
fence-agents-devel-4.9.0+git.1624456340.8d746be9-3.5.1
References:
https://bugzilla.suse.com/1182701
https://bugzilla.suse.com/1185058
More information about the sle-updates
mailing list