Bug 1075691 - Fence-agent (ssh) fails on login if identity file was used
Summary: Fence-agent (ssh) fails on login if identity file was used
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: cman
Version: 5.11
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Marek Grac
QA Contact: Cluster QE
URL:
Whiteboard:
Depends On: 1073947
Blocks: 1075683
TreeView+ depends on / blocked
 
Reported: 2014-03-12 15:27 UTC by Marek Grac
Modified: 2014-09-16 00:28 UTC (History)
6 users (show)

Fixed In Version: cman-2.0.115-123.el5
Doc Type: Bug Fix
Doc Text:
Prior to this update, fence agents that connected using the SSH protocol failed on login if an identity file was used as the method of authentication. The bug has been fixed and these fence agents now successfully authenticate through an identity file.
Clone Of: 1073947
Environment:
Last Closed: 2014-09-16 00:28:07 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Proposed patch (1.19 KB, patch)
2014-03-14 16:33 UTC, Marek Grac 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1211 0 normal SHIPPED_LIVE cman bug fix and enhancement update 2014-09-16 04:16:24 UTC

Comment 2 Marek Grac 2014-03-14 16:33:05 UTC 
Created attachment 874516 [details]
Proposed patch
Comment 3 Marek Grac 2014-03-19 14:01:43 UTC 
Unit test:

before applying patch:
[root@virt-135 ~]# fence_apc -a node -l username -k /etc/passwd -o status -x -n 1
Traceback (most recent call last):
  File "/sbin/fence_apc", line 289, in ?
    main()
  File "/sbin/fence_apc", line 259, in main
    conn = fence_login(options)
  File "/usr/lib/fence/fencing.py", line 925, in fence_login
    result = conn.log_expect(options, [ options["-c"], "Are you sure you want to continue connecting (yes/no)?", "Enter passphrase for key '"+options["-k"]+"':" ], int(options["-y"]))
  File "/usr/lib/fence/fencing.py", line 406, in log_expect
    result = self.expect(pattern, timeout)
  File "/usr/lib/python2.4/site-packages/pexpect.py", line 1310, in expect
    compiled_pattern_list = self.compile_pattern_list(pattern)
  File "/usr/lib/python2.4/site-packages/pexpect.py", line 1229, in compile_pattern_list
    raise TypeError ('Argument must be one of StringTypes, EOF, TIMEOUT, SRE_Pattern, or a list of those type. %s' % str(type(p)))
TypeError: Argument must be one of StringTypes, EOF, TIMEOUT, SRE_Pattern, or a list of those type. <type 'list'>

after applying patch:
fence_apc -a node -l username -k /etc/passwd -o status -x -n 1
Unable to connect/login to fencing device
Comment 5 michal novacek 2014-04-15 12:07:11 UTC 
I have verified that the identity file can be used with fence agent in cman-2.0.115-124.el5 using the steps decribed in comment #3.

# rpm -q cman
cman-2.0.115-124.el5
# fence_apc -a node -l username -k /etc/passwd -o status -x -n 1
Unable to connect/login to fencing device
Comment 7 errata-xmlrpc 2014-09-16 00:28:07 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1211.html
Note You need to log in before you can comment on or make changes to this bug.