openSUSE-RU-2018:2793-1: moderate: Recommended update for pacemaker
openSUSE Recommended Update: Recommended update for pacemaker ______________________________________________________________________________ Announcement ID: openSUSE-RU-2018:2793-1 Rating: moderate References: #1009076 #1022807 #1028138 #1035822 #1042054 #1053463 #1054389 #1058844 #1059187 #1066710 #1069468 #1070347 #1074039 #1082883 #1090538 #950128 #980341 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that has 17 recommended fixes can now be installed. Description: This update for pacemaker provides the following fixes: - attrd: Accept connections only after CIB connection is active. - attrd,crmd: Erase attributes at attrd start-up, not first join. - attrd: Ensure node name is broadcast at start-up. - attrd: Make CIB connection function self-contained. - attrd,stonithd: More efficient regular expression parsing. - attrd: Synchronize attributes held only on own node. - attrd,tools: Avoid memory leaks from use of crm_itoa(). - cib: Broadcasts of cib changes should always pass ACLs check. (bsc#1042054) - crmd: Abort transition whenever the quorum is lost. - crmd: Ack pending operations that were cancelled due to rsc deletion. (bsc#1035822) - crmd: Assert when operation can't be created. - crmd: Write faked failures to CIB whenever possible. - crmd: Do not assert if LRM query fails. - crmd: Do not core dump if remote connection does not exist. - crmd: DC should update stonith fail count before aborting transition. - crmd: Do not abort for v2 diff LRM refresh if actions are pending. - crmd: Eliminate size restriction on node state xpath. - crmd: Hard error if remote start fails due to missing key. - crmd: Improve lrmd failure handling. - crmd,libcrmcommon,libcluster,tools: Handle PID as string properly. - crmd,liblrmd,libcrmcommon: Improve remote node disconnection logs. - crmd: Match only executed down events. - crmd: Quorum gain should always cause new transition. - crmd: Return rich error codes from get_lrm_resource(). - crmd: Scale all cib operation timeouts. - crmd: Scale timeouts with the number of remotes too. - crmd: Validate CIB diffs better. - crm_mon: Make CGI bail out on suspicious arguments. - crm_mon: Overcome crm_system_name no longer influenced with argv. - crm_resource: Ensure waiting for all messages before exiting. - crm_resource: Prevent disconnection from crmd during cleanup. - cts: Adjust pacemaker service on startup to prevent triggering StopWhenUnneeded of corosync service. - Doc: Add documentation for new pcmk_delay_base. (bsc#1074039) - extra: Correct ClusterMon metadata. - fencing: Do not print events twice when stonith_admin --verbose is used. - fencing: Fix a memory leak in stonith_admin --env. - iso8601: strftime needs a fully populated struct tm. (bsc#1058844) - libcib: Always use current values when unpacking config. - libcib: Correctly search for v2 patchset changes. - libcib: Ensure xpath result is not empty. - libcib: Get remoteness correctly from node status. - libcluster,libcrmcommon: Improve BZ2 error messages. - libcrmcluster: Improve error checking when updating node name. - libcrmcluster: Use crm_strdup_printf() instead of calloc(). - libcrmcommon: Make sure async connection callback uses negative error codes. - libcrmcommon: Avoid memory leak when the schema transform is not found. - libcrmcommon: Fix a possible infinite loop in buffer_print. - libcrmcommon: Handle schema versions properly. - libcrmcommon: Improve user lookup messages. - libcrmcommon,liblrmd: Improve remote connection messages. - libcrmcommon,liblrmd,lrmd: Improve messages for failed remote sends. - libcrmcommon,liblrmd,lrmd: Validate PCMK_remote_port. - libcrmcommon,liblrmd: Report meaningful async connection errors. - libcrmcommon: Lower watchdog messages when default. - libcrmcommon,lrmd: Use meaningful error codes when sending remote messages. - libcrmcommon: Return meaningful error codes to connection callbacks. - libcrmcommon,tools: Improve XML write error handling. - libcrmservice: Prevent an infinite loop on a bad DBus reply. - libcrmservice: Avoid memory leak on DBus error. - libcrmservice: Follow LSB standard for header block more strictly. - libcrmservice,pacemakerd: Improve privilege dropping. - libcrmservice: Parse LSB long description correctly. - libcrmservices: Avoid assert for HB resource with no parameters. - liblrmd: Make sure the operation of a remote resource returns if the setup of the key fails. (bsc#1053463) - libpe_status: Always log startup-fencing value. - libpe_status: Fix precedence of operation in meta-attributes. - libpe_status: Limit resource type check to primitives. - libpe_status: Make sure monitors are rescheduled, not reloaded. - libpe_status: Properly detect when nodes should suicide. - libpe_status: Recover after failed demote when appropriate. - libpe_status: Use correct default timeout for probes. - libpe_status: Validate no-quorum-policy=suicide correctly. - libservices: Handle systemd service reloading as OK. (bsc#1059187) - logging: Ensure blackbox gets generated on arithmetic error. - lrmd: Always use most recent remote proxy. - lrmd: Do not reject protocol 1.0 clients. (bsc#1009076) - lrmd: Prevent double free after unregistering stonith device for monitoring. (bsc#1035822) - lrmd: Tweak TLS listener messages. - pacemaker_remote: Warn if TLS key can't be read at start-up. - pacemaker.service: Recommend not to limit tasks. (bsc#1028138, bsc#1066710) - PE: Allow all resources to stop prior to probes completing. - PE: Make sure bare metal remotes are probed as now they can run resources. - PE: Correctly implement pe_order_implies_first_printed. - PE: Detailed resource information should include connection resource state. - PE: Do not re-add a node's default score for each location constraint. - PE: Ensure stop operations occur after stopped remote connections have been brought up. - PE: Ensure unrecoverable remote nodes are fenced even if no resources can run on them. - PE: Exclude resources and nodes from the symmetric_default constraint in some circumstances. - PE: Flag resources that are acting as remote nodes. - PE: Ignore optional unfencing events and report the fencing type. - PE: Improved logging of reasons for stop/restart actions. - pengine: Avoid fence loop for remote nodes. - pengine: Fix a null pointer dereference when unpacking tickets. - pengine: Detect proper clone name at startup. - pengine: Do not ignore permanent master scores at startup. - pengine: Do not keep unique instances on same node. - pengine: Schedule reload and restart in separate transition. - pengine: Handle resource migrating behind a migrating remote connection. - pengine: If ignoring failure, also ignore migration-threshold. - pengine: Improve messages when assigning resources to nodes. - pengine: Make sure calculated resource scores are consistent on different architectures. (bsc#1054389) - pengine: Fix a memory leak when writing graph to file. - pengine: Re-enable unrecoverable remote fencing. - pengine: Reset loss-policy from fence to stop if no fencing. - pengine,tools,libpe_status: Avoid unnecessary use of pe_find_current. - pengine: Use newer Pacemaker Remote terminology. - pengine: Validate more function arguments. - pengine: Fix swapped warning message arguments leading to segfault. (bsc#1090538) - PE: Only allowed nodes need to be considered when ordering resource startup after all recovery. - PE: Only re-trigger unfencing on nodes that ran operations with the old parameters. - PE: Remote connection resources are safe to require only quorum. - PE: Resources are allowed to stop before their state is known everywhere. - PE: Restore the ability to send the transition graph via the disk if it gets too big. - PE: Unfencing: Correctly detect changes to device definitions. - portability: The difference of time_t values is given by difftime(). - RA: ClusterMon: Correctly handle "update" parameter. - RA: NodeUtilization RA is now shipped by resource-agents package. (bsc#1070347) - remote: Allow cluster and remote LRM API versions to diverge. (bsc#1009076) - spec: Make sure shadow package is installed before adding user and group. - spec: Prevent overwriting existing sysconfig files by conditionally running %fillup_only. (bsc#1022807, bsc#980341) - stonith-ng: Add pcmk_delay_base as static base-delay. (bsc#1074039) - stonith-ng: Advertise pcmk_on_action via metadata. - stonith-ng: Avoid double-free of pending-ops in free_device. - stonith-ng: Make fencing-device reappear properly after reenabling. - systemd: Add TasksMax comment to pacemaker_remote unit. (bsc#1028138, bsc#1066710) - systemd unit files: Enable TasksMax=infinity. (bsc#1028138, bsc#1066710) - systemd unit files: Restore DBus dependency. - TE: Don't bump counters when action or synapse is invalid. - tools: Add version options for cibsecret. - tools: Allow crm_resource to be called without arguments. - tools: allow crm_resource to operate on anonymous clones in unknown states. - tools: Do not fail if already at the latest schema in cibadmin --upgrade. - tools: Differentiate trace log level for RAs. - tools: Do not expect reply to failed send. - tools: Ensure the crm_resource data set is initialized. - tools: Ensure that crm_resource works if no command is specified. - tools: Implement clean-up dry-run correctly. - tools: Improve crm_master and crm_standby option handling. - tools: Improve crm_resource help. (bsc#950128) - tools: Add missing break statement in attrd_updater. - tools: Re-enable crm_resource --lifetime option. (bsc#950128) - tools: Set meta_timeout env when crm_resource --force-* executes RA. - tools: Set the correct OCF_RESOURCE_INSTANCE env when crm_resource --force-* executes RA. - tools: Fix a use-after-free error in crm_diff. - tools: Warn if crm_resource --wait is called in mixed-version cluster. - Prevent notify actions from causing --wait to hang. - Install /etc/pacemaker directory for storing authkey file. (bsc#1082883) - Replace references to /var/adm/fillup-templates with new %_fillupdir macro. (bsc#1069468) This update was imported from the SUSE:SLE-12-SP3:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-1031=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): libpacemaker-devel-1.1.16-4.3.1 libpacemaker3-1.1.16-4.3.1 libpacemaker3-debuginfo-1.1.16-4.3.1 pacemaker-1.1.16-4.3.1 pacemaker-cli-1.1.16-4.3.1 pacemaker-cli-debuginfo-1.1.16-4.3.1 pacemaker-cts-1.1.16-4.3.1 pacemaker-cts-debuginfo-1.1.16-4.3.1 pacemaker-debuginfo-1.1.16-4.3.1 pacemaker-debugsource-1.1.16-4.3.1 pacemaker-remote-1.1.16-4.3.1 pacemaker-remote-debuginfo-1.1.16-4.3.1 References: https://bugzilla.suse.com/1009076 https://bugzilla.suse.com/1022807 https://bugzilla.suse.com/1028138 https://bugzilla.suse.com/1035822 https://bugzilla.suse.com/1042054 https://bugzilla.suse.com/1053463 https://bugzilla.suse.com/1054389 https://bugzilla.suse.com/1058844 https://bugzilla.suse.com/1059187 https://bugzilla.suse.com/1066710 https://bugzilla.suse.com/1069468 https://bugzilla.suse.com/1070347 https://bugzilla.suse.com/1074039 https://bugzilla.suse.com/1082883 https://bugzilla.suse.com/1090538 https://bugzilla.suse.com/950128 https://bugzilla.suse.com/980341
participants (1)
-
maintenance@opensuse.org