Description of problem: When using a password containing the '$' character, fence_ipmilan will not connect to the IPMI node. If the ipmitool command is run with the -a option to specify the same password interactively, it completes properly. Passwords containing '+', '@', and '?' work correctly with fence_ipmilan. Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1.Set a password on an IPMI node containing a '$' as well as other characters 2.Set up a cluster with a fence device of type IPMI pointed at the previous node 3.Attempt to fence the node in Luci Actual results: Node remains up Expected results: Node should turn off, and then on Additional info:
Created attachment 324180 [details] Patch to fix problem IPMI fence agent works by spawn a /bin/sh and ipmitool. If host name/password or any other command line argument included special shell characters (like $, ", ', ...) shell will try to substitute. This is not allowed behaviour and this patch fix it.
Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: IPMI password with characters like $, ', ... Consequence: User cannot use this strong passwords Fix: Make the called command properly escaped with \, so shell will not interpret these as variables, ... Result: User can use strong passwords.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-1341.html