Bug 679502

Summary: Conga sets wrong value into cluster.conf, blocking fence_device to work properly.
Product: Red Hat Enterprise Linux 6 Reporter: Thiago Sobral <tsobral>
Component: fence-agentsAssignee: Marek Grac <mgrac>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: high Docs Contact:
Priority: high    
Version: 6.0CC: bbrock, clasohm, cluster-maint, djansa, edamato, jwest, kanderso, rmccabe, ssaha, tsobral
Target Milestone: rc   
Target Release: ---   
Hardware: noarch   
OS: Linux   
Whiteboard:
Fixed In Version: fence-agents-3.0.12-20.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Red Hat Enterprise Linux Server release 6.0 (Santiago) x86_64
Last Closed: 2011-05-19 14:17:01 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
Fence-agents fix none

Description Thiago Sobral 2011-02-22 18:30:45 UTC 
Description of problem:

Luci sets a wrong value into 'secure' parameter, inside <fencedevice> section. The correct value to be set is "secure=1" and Luci set "secure=On" instead. If you change this value within a text editor, the fence works without problems into iDrac6. 

This parameter has to be set to use the iDrac6 with SSH.


Version-Release number of selected component (if applicable):

luci-0.22.2-14.el6_0.1.x86_64

How reproducible:

Install luci and config your fence_device to use the iDrac6 through the web interface.

Steps to Reproduce:
1. Install luci-0.22.2-14.el6_0.1.x86_64
2. Access the Luci web address
3. Configure the fence_device within iDrac6.
  
Actual results:

The parameter 'secure' into <fencedevice> has the value 'On'.
secure=On

Expected results:

The parameter 'secure' into <fencedevice> has the value '1'.
secure=1

Additional info:

If the fence script is executed, it works without problem:

fence_drac5 -c admin1 -a 192.168.0.13 -l user -m 1 -p pAssWOrd1 -x

but if the fence_node command is issued, then the error occurs:

fence_node -vv node1
fence node1 dev 0.0 agent fence_drac5 result: error from agent
agent args: nodename=node1 agent=fence_drac5 cmd_prompt=admin1 ipaddr=192.168.0.13 login=user module_name=1 passwd=pAssWOrd1 secure=on
fence node1 failed  

System Information

Red Hat Enterprise Linux Server release 6.0 (Santiago)
kernel-2.6.32-71.14.1.el6.x86_64 #1 SMP
Manufacturer: Dell Inc.
Product Name: PowerEdge R710
Comment 3 Lon Hohberger 2011-02-28 20:50:57 UTC 
Created attachment 481446 [details]
Fence-agents fix

This can also be fixed or worked around in the fence-agents package, as demonstrated by this patch.  I have tested this patch on my WTI VMR (with its telnet access shut off).

Without this patch, it fails if you supply "secure=on" or "secure=true".
Comment 5 Brian Brock 2011-04-19 17:58:19 UTC 
verified in fence-agents-3.0.12-23.el6

fence_node -vv <nodename> with secure="on" or secure="true" in cluster.conf executes successfully.

luci writes cluster.conf to contain secure="on" as a parameter to <fencedevice/>
Comment 6 errata-xmlrpc 2011-05-19 14:17:01 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0745.html