Bug 231246 - fence_xvm programs do not correctly use incorporate key data for operations
Summary: fence_xvm programs do not correctly use incorporate key data for operations
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Cluster Suite
Classification: Retired
Component: fence
Version: 4
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Lon Hohberger
QA Contact: Cluster QE
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-06 22:59 UTC by Lon Hohberger
Modified: 2009-04-16 19:48 UTC (History)
2 users (show)

Fixed In Version: RHBA-2007:0138
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-05-16 16:13:48 UTC
Embargoed:

Attachments (Terms of Use)
fix (1.00 KB, patch)
2007-03-06 22:59 UTC, Lon Hohberger 		no flags Details | Diff
View All

Description Lon Hohberger 2007-03-06 22:59:02 UTC 
+++ This bug was initially created as a clone of Bug #231241 +++

Description of problem:

Fence_xvm and fence_xvmd do not correctly use the contents of
/etc/cluster/fence_xvm.key.

If multiple clusters are run on the same subnet without the multicast packets
being filtered, then it is possible for the following to occur:

* If another cluster has a virtual machine with the same name, it can
inadvertently fence the virtual machine.
* Due to a previous behavioral change, fence_xvmd now returns success if it has
never heard of the domain.

Both lead to false-success scenarios where a virtual machine has not been
correctly fenced.

It may be advantageous to give the virtual machine cluster the name or ID of its
parent (host) cluster in order to prevent these behaviors from occurring when no
authentication is used.

-- Additional comment from lhh on 2007-03-06 17:47 EST --
Created an attachment (id=149400)
Fixes behavior
Comment 1 Lon Hohberger 2007-03-06 22:59:02 UTC 
Created attachment 149404 [details]
fix
Note You need to log in before you can comment on or make changes to this bug.