Bug 231241

Summary: fence_xvm programs do not correctly use incorporate key data for operations
Product: Red Hat Enterprise Linux 5 Reporter: Lon Hohberger <lhh>
Component: cmanAssignee: Lon Hohberger <lhh>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 5.0CC: cfeist, cluster-maint, rmccabe
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2007-0575 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-07 16:59:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 234888    
Attachments:
Description Flags
Fixes behavior none

Description Lon Hohberger 2007-03-06 22:47:28 UTC
Description of problem:

Fence_xvm and fence_xvmd do not correctly use the contents of
/etc/cluster/fence_xvm.key.

If multiple clusters are run on the same subnet without the multicast packets
being filtered, then it is possible for the following to occur:

* If another cluster has a virtual machine with the same name, it can
inadvertently fence the virtual machine.
* Due to a previous behavioral change, fence_xvmd now returns success if it has
never heard of the domain.

Both lead to false-success scenarios where a virtual machine has not been
correctly fenced.

It may be advantageous to give the virtual machine cluster the name or ID of its
parent (host) cluster in order to prevent these behaviors from occurring when no
authentication is used.

Comment 1 Lon Hohberger 2007-03-06 22:47:28 UTC
Created attachment 149400 [details]
Fixes behavior

Comment 9 Kiersten (Kerri) Anderson 2007-04-23 16:46:39 UTC
Fixing Product Name.  Cluster Suite was merged into Red Hat Enterpise Linux for
5.0.  In addition dlm, fence and ccs were merged into the cman package, so
bugzilla should reflect package name where those utilities are located.

Comment 13 errata-xmlrpc 2007-11-07 16:59:16 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0575.html