Red Hat Bugzilla – Bug 447964
fence_ipmilan does not handle punctuation in password
Last modified: 2009-09-02 07:09:24 EDT
Description of problem:
When using a password containing the '$' character, fence_ipmilan will not
connect to the IPMI node. If the ipmitool command is run with the -a option to
specify the same password interactively, it completes properly.
Passwords containing '+', '@', and '?' work correctly with fence_ipmilan.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Set a password on an IPMI node containing a '$' as well as other characters
2.Set up a cluster with a fence device of type IPMI pointed at the previous node
3.Attempt to fence the node in Luci
Node remains up
Node should turn off, and then on
Created attachment 324180 [details]
Patch to fix problem
IPMI fence agent works by spawn a /bin/sh and ipmitool. If host name/password or any other command line argument included special shell characters (like $, ", ', ...) shell will try to substitute. This is not allowed behaviour and
this patch fix it.
Release note added. If any revisions are required, please set the
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.
Cause: IPMI password with characters like $, ', ...
Consequence: User cannot use this strong passwords
Fix: Make the called command properly escaped with \, so shell will not interpret these as variables, ...
Result: User can use strong passwords.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.