Security Fixes

CVE-2012-4450

A flaw was found in the way 389 Directory Server enforced ACLs after performing an LDAP modify relative distinguished name (modrdn) operation. After modrdn was used to move part of a tree, the ACLs defined on the moved (Distinguished Name) were not properly enforced until the server was restarted. This could allow LDAP users to access information that should be restricted by the defined ACLs.

Bug Fixes

BZ#742054

Previously, 389 Directory Server did not support the Simple Authentication and Security Layer (SASL) PLAIN mechanism. This mechanism has been added to the list of supported SASL mechanisms.

BZ#742381

Due to certain changes under the cn=config suffix, when an attribute value was deleted and then added back in the same modify operation, error 53 was returned. Consequently, the configuration could not be reset. This update allows delete operations to succeed if the attribute is added back in the same modify operation and reset the configuration file as expected.

BZ#757836

Previously, the logconv.pl script used a connection number equal to 0 (conn=0) as a restart point, which caused the script to return incorrect restart statistics. The underlying source code has been modified and 389 Directory Server is now configured to use connection number equal to 1 (conn=1) as the restart point.

BZ#803873

The Windows Sync feature uses the name in a search filter to perform an internal search to find an entry. Parentheses, “(” and “)” are special characters in the LDAP protocol and therefore must be escaped. However, an attempt to synchronize an entry containing parentheses in the name from an Active Directory (AD) server failed with an error. With this update, 389 Directory Server properly escapes the parentheses and synchronization now proceeds correctly as expected.

BZ#818762

When having an entry in a directory server (DS) with the same user name, group name, or both as an entry in AD and simultaneously the entry in AD was out of scope of the Windows Sync feature, the DS entry was deleted. This update adds the new winSyncMoveAction DS attribute for the Windows Sync agreement entry, which allows the user to specify the behavior of out-of-scope AD entries. The value could be set to:

• none, which means that an out-of-scope AD entry does nothing to the corresponding DS entry;
• delete, which means that an out-of-scope AD entry deletes the corresponding DS entry;
• unsync, which means that an out-of-scope AD entry is unsynchronized with the corresponding DS entry and changes made to either entry are not synchronized.

By default, the value is set to none, which fixes this bug.

BZ#830334

Due to an incorrect interpretation of an error code, a directory server considered an invalid chaining configuration setting as the disk full error and shut down unexpectedly. This bug has been fixed by using the correct error code and a directory server now no longer terminates due to an invalid chaining of a configuration setting.

BZ#830335

Previously, restoring an ldif file from a replica, which had older changes that other servers did not see yet, could lead to these updates not being replicated to other replicas. With this update, 389 Directory Server checks the Change Sequence Numbers (CSNs) and allows the older updates to be replicated. As a result, all replicas remain synchronized.

BZ#830336

When a directory server was under a heavy read and write load, and an update request was processed, the following error message or other similar DB_LOCK_DEADLOCK error messages appeared in the error log:

entryrdn-index - _entryrdn_put_data: Adding the parent link (XXX) failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

These errors are common under these circumstances and there is no need to report them in the error log. With this update, 389 Directory Server ensures that these errors are handled properly and no longer logs these messages in the error log.

BZ#830337

When a directory server was configured to use multi-master replication and the Entry USN plug-in, the delete operation was not replicated to the other masters. This update modifies the Entry USN plug-in to prevent it from changing the delete operation into a delete tombstone operation, and from removing the operation before it logs into the change log to replay to other servers. As a result, the delete operation is replicated to all servers as expected.

BZ#830338

Previously, 389 Directory Server did not refresh its Kerberos cache. Consequently, if a new Kerberos ticket was issued for a host that had already authenticated against a directory server, it would be rejected by this server until it was restarted. With this update, the Kerberos cache is flushed after an authentication failure and 389 Directory Server works as expected in the described scenario.

BZ#830343

Using the Managed Entry plug-in in conjunction with other plug-ins, such as Distributed Numeric Assignment (DNA), Member of, and Auto Member, led to problems with delete operations on entries that managed the Managed Entry plug-in. The manager entry was deleted, but the managed entry was not. The deadlock retry handling has been improved so that both entries are deleted during the same database operation.

BZ#830344

Previously, replication errors logged in the error log could contain incorrect information. With this update, the replication errors have been modified to be more useful in diagnosing and fixing problems.

BZ#830346

When audit logging in a directory server was enabled, LDAP ADD operations were ignored and were not logged. This update removes a regression in the audit log code that caused the ADD operation to be ignored, and LDAP ADD operations are now logged to the audit log as expected.

BZ#830348

389 Directory Server with a large number of replication agreements took a considerable amount of time to shut down due to a long sleep interval coded in the replication stop code. This sleep interval has been reduced to speed up the system termination.

BZ#830349

Previously, in a SASL map definition, using a compound search filter that included the “&” character failed because the “&” character was escaped. The underlying source code has been modified and searching with a filter that includes the “&” character works as expected.

BZ#830353

When 389 Directory Server used the Managed Entry plug-in or the DNA plug-in, the valgrind tool reported memory errors and leaks. With this update, a patch has been applied to prevent these problems, and memory is now used and deleted correctly.

BZ#832560

When replication was configured and a conflict occurred, under certain circumstances, an error check did not reveal this conflict, because a to-be-deleted attribute was already deleted by another master. Consequently, the conflict terminated the server. This update improves error checks to prevent replication conflicts from crashing the server.

BZ#833202

Previously, internal entries that were in the cache were freed when retrying failed transactions due to a deadlock. This behavior caused problems in a directory server and this server could terminate under a heavy update load. With this update, the cached internal entries are no longer freed and directory servers do not crash in the described scenario.

BZ#833218

Due to improper deadlock handling, the database reported an error instead of retrying the transaction. Consequently, under a heavy load, the directory server got deadlock errors when attempting to write to the database. The deadlock handling has been fixed and 389 Directory Server works as expected in such a case.

BZ#834047

Internal access control prohibited deleting newly added or modified passwords. This update allows the user to delete any password if they have the modify rights.

BZ#834054

Certain operations, other than LDAP Modify operations, can cause the 389 Directory Server to modify internal attributes. For example, a BIND operation can cause updates to password failure counters. In these cases, 389 Directory Server was updating attributes that could only be updated during an explicit LDAP Modify operation, such as the modifyTimestamp attribute. This update adds a new internal flag to skip the update of these attributes on other than Modify operations.

BZ#834056

Due to an invalid configuration setup in the Auto Memmber plug-in, the directory server became unresponsive under certain circumstances. With this update, the configuration file is validated, invalid configurations are not allowed, and the server no longer hangs.

BZ#834057

When using SNMP monitoring, 389 Directory Server terminated at startup due to multiple ldap servers listed in the ldap-agent.conf file. With this update, the buffer between ldap servers no longer resets and 389 Directory Server starts up regardless of the number of ldap servers listed in the configuration file.

BZ#834064

Previously, the dnaNextValue counter was incremented in the pre-operation stage. Consequently, if the operation failed, the counter was still incremented. This bug has been fixed and the dnaNextValue counter is not incremented if the operation fails.

BZ#834065

When a replication agreement was added without the LDAP BIND credentials, the replication process failed with a number of errors. With this update, 389 Directory Server validates the replication configuration and ensures that all needed credentials are supplied. As a result, 389 Directory Server rejects invalid replication configuration before attempting to replicate with invalid credentials.

BZ#834075

Previously, the logconv.pl script did not grab the correct search base, and as a consequence, the searching statistics were invalid. A new hash has been created to store connections and operation numbers from search operations. As a result, logconv.pl now grabs the correct search base and no longer produces incorrect statistics.

BZ#838706

When using the Referential Integrity plug-in, renaming a user DN did not rename the user's DN in the user's groups, unless that case matched exactly. With this update, case-insensitive comparisons or DN normalizations are performed, so that the member attributes are updated when the user is renamed.

BZ#840153

Previously, the Attribute Uniqueness plug-in did comparisons of un-normalized values. Consequently, using this plug-in and performing the LDAP RENAME operation on an entry containing one of the attributes which were tested for uniqueness by this plug-in caused the LDAP RENAME operation to fail with the following error:

Constraint Violation - Another entry with the same attribute value already exists.

With this update, Attribute Uniqueness ensures that comparisons are performed between values which were normalized the same way, and LDAP RENAME works as expected in this situation.

BZ#841600

When the Referential Integrity plug-in was used with a delay time greater than 0, and the LDAP RENAME operation was performed on a user entry with DN specified by one or more group entries under the scope of the Referential Integrity plug-in, the user entry DN in the group entries did not change. The underlying source code has been modified and LDAP RENAME operations work as expected in the described scenario.

BZ#842437

Previously, the DNA plug-in could leak memory in certain cases for certain MODIFY operations. This update applies a patch to fix this bug and the modifications are freed as expected with no memory leaks.

BZ#842438

To improve the performance, the entry cache size is supposed to be larger then the primary database size if possible. Previously, 389 Directory Server did not alert the user that the size of the entry cache was too small. Consequently, the user could not notice that the size of the entry cache was too small and that they should enlarge it. With this update, the configured entry cache size and the primary database size are examined, and if the entry cache is too small, a warning is logged in the error log.

BZ#842440

Previously, the Memberof plug-in code executed redundant DN normalizations and therefore slowed down the system. The underlying source code has been modified to eliminate redundant DN normalizations.

BZ#842441

Previously, the directory server could disallow changes that were made to the nsds5ReplicaStripAttrs attribute using the ldapmodify operation. Consequently, the attribute could only be set manually in the dse.ldif file when the server was shut down. With this update, the user is now able to set the nsds5ReplicaStripAttrs attribute using the ldapmodify operation.

BZ#850683

Previously, 389 Directory Server did not check attribute values for the nsds5ReplicaEnabled feature which caused this feature to be disabled. With this update, 389 Directory Server checks if the attribute value for nsds5ReplicaEnabled is valid and reports an error if it is not.

BZ#852088

When multi-master replication or database chaining was used with the TLS/SSL protocol, a server using client certificate-based authentication was unable to connect and connection errors appeared in the error log. With this update, the internal TLS/SSL and certificate setup is performed correctly and communication between servers works as expected.

BZ#852202

Previously, there was a race condition in the replication code. When two or more suppliers were attempting to update a heavily loaded consumer at the same time, the consumer could, under certain circumstances, switch to total update mode, erase the database, and abort replication with an error. The underlying source code has been modified to prevent the race condition. As a result, the connection is now protected against access from multiple threads and multiple suppliers.

BZ#852839

Due to the use of an uninitialized variable, a heavily loaded server processing multiple simultaneous delete operations could terminate unexpectedly under certain circumstances. This update provides a patch that initializes the variable properly and the directory server no longer crashes under these circumstances.

BZ#855438

Due to an incorrect attempt to send the cleanallruv task to the Windows WinSync replication agreements, the task became unresponsive. With this update, the WinSync replication agreements are ignored and the cleanallruv task no longer hangs in the described scenario.

BZ#856657

Previously, the dirsrv init script always returned 0, even when one or all the defined instances failed to start. This update applies a patch that improves the underlying source code and dirsrv no longer returns 0 if any of the defined instances failed.

BZ#858580

The schema reload task reloads schema files in the schema directory. Simultaneously, Directory server has several internal schemas which are not stored in the schema directory. These schemas were lost after the schema reload task was executed. Consequently, adding a posixAccount class failed. With this update, the internal schemas are stashed in a hash table and reloaded with external schemas. As result, adding a posixAccount is successful.

BZ#863576

When abandoning a Simple Paged Result request, 389 Directory Server tried to acquire a connection lock twice, and because the connection lock is not self reentrant, 389 Directory Server was waiting for the lock forever and stopped the server. This update provides a patch that eliminates the second lock and 389 Directory Server works as expected in the described scenario.

BZ#864594

Previously, Anonymous Resource Limits applied to the Directory Manager. However, the Directory Manager should never have any limits. With this update, Anonymous Resource Limits no longer apply to Directory Manager.

BZ#868841

Even if an entry in AD did not contain all the required attributes for the POSIX account entry, the entry was synchronized to the DS as a POSIX entry. Consequently, the synchronization failed due to a “missing attribute” error. With this update, if an entry does not have all the required attributes, the POSIX account related attributes are dropped and the entry is synchronized as an ordinary entry. As a result, the synchronization is successful.

BZ#868853

When enabling replication level logging, the Windows Sync feature prints out what version of Windows or AD it detects. Previously, if the feature detected Windows Server 2003 or later, it printed out the following message:

detected win2k3 peer

This message could be confusing for users who had a later version of Windows, such as Windows Server 2008. This update modifies the message and now the following message is printed out:

detected win2k3 or later peer

BZ#870158

When a directory server was under a heavy load, deleting entries using the Entry USN feature caused tombstone entry indexes to be processed incorrectly. Consequently, the server could become unresponsive. This update fixes 389 Directory Server to process tombstone indexes correctly, so that the server no longer hangs in this situation.

BZ#870162

Previously, the abandon request checked if the operation to abandon existed. When a search operation was already finished and an operation object had been released, a Simple Page Results request could fail due to this check. This update modifies 389 Directory Server to skip operation existence checking, so that Simple Paged Results requests are always successfully aborted.

BZ#875862

Previously, the DNA plug-in attempted to dereference a NULL pointer value for the dnaMagicRegen attribute. Consequently, if DNA was enabled with no dnamagicregen value specified in its configuration and an entry with an attribute that triggered the DNA value generation was added, the server could terminate unexpectedly. This update improves the 389 Directory Server to check for an empty dnamagicregen value before it attempts to dereference this value. As a result, 389 Directory Server no longer crashes if no dnamagicregen attribute is specified.

BZ#876694

Previously, the code to check if a new superior entry existed, returned the “No such object” error only when the operation was requested by the directory manager. Consequently, if an ordinary non-root user attempted to use the modrdn operation to move an entry to a non-existing parent, the server terminated unexpectedly. This update provides a patch that removes the operator condition so that the check returns the “No such object” error even if the requester is an ordinary user, and the modrdn operation performed to the non-existing parent successfully fails for any user.

BZ#876727

aIf a filter contained a range search, the search retrieved one ID per one idl_fetch attribute and merged it to the ID list using the idl_union() function. This process is slow, especially when the range search result size is large. With this update, 389 Directory Server switches to ALLID mode by using the nsslapd-rangelookthroughlimit switch instead of creating a complete ID list. As a result, the range search takes less time.

BZ#889083

Previously, if an entry was added or created without plug-in interference, the nsslapd-plugin-track-binddn feature filled the value of the internalModifiersname and internalCreatorsname attributes with the original bind DN instead of the name of the actual plug-in that modified or added the entry. This behavior is undesired; thus the nsslapd-plugin-track-binddn has been modified to always show the name of the actual plug-in that performed these operations.

BZ#891930

In previous versions of the 389-ds-base packages, an attempt to add a new entry to the DNA plug-in when the range of values was depleted caused the following error message to be returned:

ipa: ERROR: Operations error: Allocation of a new value for range cn=posix
ids,cn=distributed numeric assignment plugin,cn=plugins,cn=config failed!
Unable to proceed.

This message was missing all additional information in recent versions of the 389-ds-base packages. With this update, a patch is applied to provide the returned error message with additional information.

BZ#896256

Previously, an upgrade of the 389-ds-base packages affected configuration files. Consequently, custom configuration files were reverted to by default. This update provides a patch to ensure that custom changes in configuration files are preserved during the upgrade process.

Enhancements

BZ#746642

This update allows the PAM Pass-through plug-in to pass through the authentication process to different PAM stacks, based on domain membership or some property of the user entry, or both. Users now can login to Red Hat Directory Server using the credentials and account data from the correct AD server.

BZ#768084

This enhancement improves the automember plug-in to check existing entries and writes out the changes which occur if these entries are added.

BZ#782975

Previously, certain BINDs could cause only entries with the modifiersname or modifystimestamp attribute to be updated. This behavior led to unnecessary replication traffic. This enhancement introduces the new replication feature to decrease replication traffic caused by BINDs.

BZ#830331

This enhancement adds the new Disk Monitoring plug-in. When disk partitions fill up, Disk Monitoring returns a warning.

BZ#830340

Previously, two tasks were needed to be performed to clean an entire replication environment, the clean task and the release task. With this update, these tasks are incorporated in the Cleanallruv feature.

BZ#830347

Previously, the Paged Results search was allowed to perform only one request per connection. If the user used one connection, multiple Paged Results requests were not supported. This update adds support for multiple Paged Results requests.

BZ#830355

With this enhancement, obsolete elements in the Database Replica Update Vector (RUV) can be removed with the CLEANRUV operation, which removes them on a single supplier or master.

BZ#833222

This enhancement improves the memberOf plug-in to work across multiple back ends or suffixes.

BZ#834046

With this update, the Directory Server schema has been updated with the nsTLS1 attribute to make TLS/SSL configuration easier.

BZ#834049

With this update, the Directory Server schema has been updated to include the DNA plug-in attributes.

BZ#834052

This enhancement improves the Access Control feature to control the Directory Manager account.

BZ#834053

This enhancement adds the ability to execute internal modification operations without changing the operational modifiersname attribute.

BZ#834058

With this update, the logconv.pl script has been enhanced with the getopts() function.

BZ#834060

Previously, the password lockout process was triggered not when maximum the number of tries was reached, but the time after. This behavior was not consistent with other vendors' LDAP servers. This enhancement adds the new option which allows users to specify the behavior of password lockout.

BZ#834061

Previously, DS did not include the SO_KEEPALIVE settings and connections could not be closed properly. This enhancement implements the SO_KEEPALIVE settings to the DS connections.

BZ#834063

With this update, the new passwordTrackUpdateTime attribute has been added. This attribute records a timestamp when the password was last changed.

BZ#834074

This enhancement adds the new nsds5ReplicaEnabled attribute to the replication agreement. If the replication agreement is disabled, it appears to be removed, but can be easily re-enabled and resumed.

BZ#847868

Previously, the Windows Sync plug-in did not support the RFC 2307 and 2307bis types of POSIX schema which supports Windows Active Directory (AD). Under these circumstances, users had to synchronize data between AD and DS manually which could return errors. This enhancement changes the POSIX attributes to prevent these consequences.

Note

Note, that for the initial release, when adding new user and group entries to the DS, the POSIX attributes are not synchronized with AD. Adding new user and group entries to AD synchronizes to DS, and modifying attributes synchronizes both ways.

BZ#852087

This enhancement improves the Directory Server schema to allow setting up an access control for the nsslapd-readonly attribute.

Bug Fixes

BZ#799909

When the user attempted to remove a non-existing problem directory using the abrt-cli utility, abrt-cli emitted a confusing error message, such as in the following example:

# abrt-cli rm sdfsdf
'sdfsdf' does not exist
Can't connect to '/var/run/abrt/abrt.socket': Connection refused

With this update, abrt-cli has been modified to display only a message informing that such a problem directory does not exist.

BZ#808721, BZ#814594

When multiple kernel oopses occur in a short period of time, ABRT saves only the first oops because the later oopses are mostly only consequences of the first problem. However, ABRT sorted the processed oopses incorrectly so that the last oops that occurred was saved instead of the first oops. With this update, ABRT has been modified to process multiple kernel oopses in the correct order so that ABRT now saves the first oops as expected.

BZ#810309

Due to incorrect configuration, ABRT attempted to use the abrt-bodhi command, which is not available in Red Hat Enterprise Linux, while analyzing a backtrace. As a consequence, the user could see the following error message in the problem backtrace:

/bin/sh: line 6: abrt-bodhi: command not found

However, the error message had no influence on the problem reporting process. This update corrects the ABRT configuration so that the abrt-bodhi command is removed from the analyzer events and the error message no longer occurs.

BZ#811901

Previously, ABRT expected the dbus-send command to be always present on a system. However, ABRT does not depend on the related dbus package so there is no guarantee that the command is installed on the system. Therefore, when processing events that use the dbus-send command and the dbus package was not installed, ABRT emitted the following error message to the system log:

abrtd: /bin/sh: dbus-send: command not found

With this update, ABRT has been modified to verify the existence of dbus-send before attempting to call this command. The aforementioned error messages no longer occur in the system log.

BZ#813283

Previously, when running the report-gtk command with a non-existing problem directory, ABRT GUI attempted to process the problem directory. As a consequence, the terminal was flooded with GTK error messages. With this update, the ABRT GUI has been modified to no longer process non-existing problem directories. GUI now only prints a message informing that the processed directory does not exist and exits gracefully.

BZ#817051

The report tool always had to be executed from a problem directory even to perform actions which do not require the problem directory, such as adding an attachment to the existing bug report. When running from a directory that was not a problem directory, the report tool failed with the following error message:

'.' is not a problem directory

With this update, the report tool has been modified to not require a problem directory if the "-t" option is specified. The report tool can now be used to update existing bug reports without a need to run inside a problem directory.

BZ#815339, BZ#828673

Due to an error in the default libreport configuration, ABRT attempted to run the reporter-bugzilla command, which is not installed by default. This caused the following warning message to appear during problem reporting:

/bin/sh: line 4: reporter-bugzilla: command not found

However, the reporting process was not affected by this warning message. With this update, the default configuration of libreport has been corrected and reporter-bugzilla is no longer called by ABRT in the default configuration. The aforementioned warning message is no longer displayed during the reporting process.

BZ#820475

Previously, the abrt-ccpp init script did not emit any status message so that the service abrt-ccpp status command did not display any output. This update corrects the abrt-ccpp init script so that if the abrt-ccpp service is running the "abrt-ccpp hook is installed" message is displayed. If abrt-ccpp is stopped, the "abrt-ccpp hook is not installed" message appears.

BZ#826745

Certain ABRT libraries were previously built with wrong linker parameters and when running prelink on these libraries, the process returned error messages that the library contains "undefined non-weak symbols". With this update, the related makefiles have been corrected and the aforementioned errors no longer occur during prelink phase.

BZ#826924

ABRT ran the sosreport utility whenever a problem was detected. However, if the detected problem was caused by sosreport, ABRT could run sosreport in an infinite loop. Consequently, abrtd became unresponsive with extensive consumption of system resources. This update modifies ABRT to ignore consequent crashes in the same component that occur within a 20-second time period. The abrtd daemon no longer hangs if sosreport crashes.

BZ#847227

ABRT previously moved captured vmcore files from the default location in the /var/crash/ directory to the /var/spool/abrt/ directory. This affected the functioning of various tools that expected a vmcore file to be present in the /var/crash/ directory. This update modifies ABRT to use the CopyVMcore configuration option to specify whether to copy or move the core file. By default, ABRT no longer moves vmcore from the /var/crash/ directory but copies it.

BZ#847291

When disk space usage of the /var/spool/abrt/ directory reaches the specified disk space quota, ABRT finds and removes the largest problem directory. However, ABRT was previously unable to handle situations when the largest directory in /var/spool/abrt/ was not a problem directory. ABRT could not remove this directory and entered an infinite loop while searching for the largest directory to be removed. This update modifies ABRT to exclude unknown directories when determining which problem directory needs to be removed. The abrtd daemon no longer hangs in this scenario.

BZ#856960

When configured for centralized crash collection, ABRT previously printed logging credentials in plain text into the /var/log/messages log file on a dedicated system while uploading a crash report. This was a security risk, and so ABRT has been modified to no longer print the libreport-plugin-reportuploader plug-in credentials in log messages.

BZ#873815

When processing a large amount of problems, the inotify handling code could become out of sync, causing abrtd to be unable to read inotify events. Eventually, abrtd became unresponsive while trying to read an inotify event. If this happened and a Python application attempted to communicate with ABRT, abrtd and the Python application entered a deadlock situation. The daemon was busy trying to read an incoming inotify event and the Python script was waiting for a response from abrtd, which caused the application to become unresponsive as well. With this update, the ABRT exception handler sets timeout on a socket used for communication between abrtd and Python scripts, and also the inotify handling code has been modified. The abrtd daemon and Python applications no longer hang, however under heavy load, the inotify handling code can still become out of sync, which would cause abrtd to stop accepting new problems. If abrtd stops accepting new problems, it has to be restarted to work correctly again.

Enhancement

BZ#814832

The alsa-utils package has been enhanced to work better with the GNOME volume control applet and sound preferences user interface.

Bug Fix

BZ#752096

Previously, the amandad daemon, which is required for successful running of AMANDA, was located in the amanda-client package; however, this package was not required during installation of the amanda-server package. Consequently, AMANDA did not work properly. The amanda-client package has been added to the amanda-server dependencies and AMANDA works correctly now.

Bug fixes

BZ#803883

Due to a bug in the multipath output parsing code, when installing Red Hat Enterprise Linux 6 on an IBM Power system with JBOD (Joined Body Of Disks — more than one hard drive attached to the same SAS controller), Anaconda could detect these multiple hard drives as a multipath device. This in turn caused the partitioning of the hard drive to fail, causing the installation of the system to fail as well. This update fixes the parsing code and the system is installed correctly.

BZ#848741

The Anaconda installer did not wait for BIOS storage devices to initialize when booted with the ks:bd:<bios disk>:/ks.cfg command-line option. As a consequence, BIOS storage devices could not be found and the installation could fail. To fix this bug, a delay algorithm for BIOS devices has been added to the code path used when booting with ks:bd:<bios disk>:/ks.cfg. As a result, Anaconda tries to wait for BIOS devices to initialize.

BZ#828650

The file system migration from ext2 to ext3 did not work because Anaconda did not modify the /etc/fstab file with the new ext3 file system type. Consequently, after the installation, the file system was mounted as an ext2 file system. With this update, Anaconda properly sets the migrated file system type in /etc/fstab. Thus, the file system is mounted as expected after installation.

BZ#886150

When installing Red Hat Enterprise Linux 6.4 Beta using the kickstart file, which included the partition scheme, LVM incorrectly removed the dashes from Logical Volume and Volume Group names. This caused the names to be malformed. This update fixes the aforementioned function to correctly format Logical Volume and Volume Group names during the installation process.

BZ#819486

Using IPv6 to install Red Hat Enterprise Linux 6.3 (both Alpha and Beta) on a z/VM guest enabled the user to SSH to the system and proceed with the language selection screen. However, after this step, the installation stopped and the SSH session was closed. With this update, the IPv6 installation on a z/VM guest is successful on Red Hat Enterprise Linux 6.4.

BZ#824963

A kickstart installation on unsupported hardware resulted in a dialog box asking for confirmation before proceeding with the installation process. As a consequence, it was not possible to perform a kickstart installation on unsupported hardware without any user input. To fix this bug, a new unsupported_hardware kickstart command has been added, which skips the interactive dialog warning when installing a system on unsupported hardware without user input.

BZ#811197

When a /boot partition was on a RAID device, inconsistent messages were returned because it was not supported to have this partition on such a device. These varied messages were confusing. To fix this bug, the error messages have been corrected to make sense and to not duplicate each other.

BZ#834689

Kernel modules containing Microsoft paravirtualized drivers were missing in the installation environment. To fix this bug, kernel modules with Microsoft PV have been added to the installation environment. As a result, better support for Microsoft virtualization is provided.

BZ#837835

Modules with VMware PV drivers were not included in the installation environment. This update adds the modules with VMware PV drivers to provide better virtualization support.

BZ#809641

The udev device manager was not used to resolve kickstart raid --onpart disk references. As a consequence, the /dev/disk/by-id/ path could not be used properly. With this update, the udev_resolve_devspec() function is used to resolve the --onpart command option. As a result, the raid --onpart command can now use the /dev/disk/by-id/ paths as expected.

BZ#809640

The Anaconda installer did not use the udev device manager to resolve /dev/disk/by-id/ names. This meant the kickstart installation method did not work with /dev/disk/by-id/ names. To fix this bug, Anaconda is now using udev to resolve /dev/disk/by-id/ names. As a result, kickstart installations using /dev/disk/by-id/ names work as expected.

BZ#804557

When installing a system using the text mode on a machine which already had Red Hat Enterprise Linux installed on it, a traceback error occurred when the Back button was used to go back from any dialog after the time zone dialog. With this update, disks are rescanned when moving back through the upgrade dialog, thus preventing this bug.

BZ#840723

The Anaconda installer called the modprobe tool without the -b argument that enabled blacklists. Consequently, modules were not blacklisted. To fix this bug, the required argument has been added to modprobe call. As a result, modules are blacklisted as expected.

BZ#851249

The Anaconda installer appended the boot= parameter on the command line whenever the fips=1 parameter was used. With this update, Anaconda appends the boot= parameter only when the fips=1 parameter is used and /boot is on a separate partition.

BZ#828029

This update fixes a typographical error in Korean version of a warning message used to alert users of a root password that is too simple.

BZ#681224

The Anaconda installer did not verify package checksums against the checksum in the repository metadata. A package which did not match the repo metadata checksum could be installed by the Yum utility. As a consequence, an incorrect package could be installed with no errors returned. This update adds verification of the package checksum against the checksum in the repository metadata.

BZ#656315

IPv6 configuration options of the installer's text UI (user interface) were using descriptions suggesting misleading meaning. Consequently, the description could mislead the users with DHCPv6 configured to use Dynamic IPv6 configuration (DHCPv6) which used DHCPv6 exclusively without using SLAAC automatic configuration. To fix this bug, the first option (Automatic neighbor discovery) has been renamed to Automatic; it is the (SLAAC) automatic configuration with the option of using a DHCPv6 server based on RA server configuration. The second option (Dynamic IP configuration (DHCPv6)) was renamed to Automatic, DHCP only, which describes the actual configuration to be used more accurately. These descriptions are now the same as those used by Network Manager. As a result, it is now clearer that the third option (Automatic, DHCP only) is using the DHCPv6 server exclusively.

BZ#836321

The command-line interface of the fcoe-utils package in Red Hat Enterprise Linux 6.3 was changed but the installer did not adapt to this change correctly. As a consequence, FCoE initiators were not able to log in to remote storages, which could then not be used for installation. To fix this bug, the fipvlan command arguments have been fixed to use the new -f option correctly. As a result, the installer now logs in to a FCoE remote storage correctly, and can be used for installation purposes.

BZ#823690

Repositories without size data caused a divide-by-zero error. Consequently, the installation failed. With this update, repositories without size data do not cause a divide-by-zero error and the installation succeeds.

BZ#848818

Support for the --hibernation option was only added to the part command. Consequently, --hibernation did not work with the logvol command. To fix this bug, support for --hibernation has been added to the logvol command. As a result, --hibernation now works with the logvol command.

BZ#784001

The linksleep option used to be applied only for the ksdevice= boot parameter using the value link. Consequently, when the ksdevice boot parameter was supplied a value containing a device name or a MAC address, the linksleep boot parameter did not take effect. Without waiting for the link, as required by the linksleep boot parameter, the installer could fail. To fix this bug, the linksleep boot parameter has been added to code paths where the to-be-activated device is specified. As a result, the linksleep boot parameter is honored also for installation where the ksdevice boot parameter is supplied a value containing a device name or a MAC address.

BZ#747278

The Anaconda installer did not check lengths of Logical Volume Manager (LVM) Volume Group names or Logical Volume names. As a consequence, an error occurred when creating disk partitions. To fix this bug, the length of LVM Volume Group names has been truncated to 32 characters and Logical Volume names to 16 characters. As a result, the installation completes successfully.

BZ#746925

Previously, Anaconda failed to enable add-on repositories when upgrading the system. Consequently, packages from the add-on repositories were not upgraded. This update allows Anaconda to enable add-on repositories when the system is upgrading and packages from the add-on repositories are upgraded as expected.

Bug Fixes

BZ#862195

Prior to this update, the authconfig utility used old syntax for configuring the idmap mapping in the smb.conf file when started with the "--smbidmapuid" and "--smbidmapgid" command line options. Consequently, Samba 3.6 ignored the configuration. This update adapts authconfig to use the new syntax of the idmap range configuration so that Samba 3.6 can read it.

BZ#874527

Prior to this update, the authconfig utility could write an incomplete sssd.conf file when using the options "--enablesssd" or "--enablesssdauth". As a consequence, the sssd daemon did not start. With this update, authconfig no longer tries to create the sssd.conf file without complete information, and the sssd daemon can now start as expected.

Bug Fixes

BZ#585059

When the automount daemon managed a large number of mount points, unmounting all active mount points could take a longer period of time than expected. If the daemon failed to exit within 45 seconds, the autofs init script timed out and returned a false-positive shutdown failure. To resolve this problem, the init script restart behavior has been modified. If the init script repeatedly fails to stop the daemon, the script terminates the daemon by sending the SIGKILL signal, which allows autofs to be restarted correctly.

BZ#819703

The automount interface matching code was able to detect only IPv4 interfaces. As a consequence, mount points were mounted with an incorrect mount type when using IPv6. To fix this problem, the automount interface matching code has been modified to use the getifaddrs() function insted of ioctl(). The automount interface matching code now properly recognizes IPv6 interfaces and both, IPv4 and IPv6 mounts are now mounted as expected.

BZ#827024, BZ#846852, BZ#847873

Previously, automount could terminate unexpectedly with a segmentation fault when using the internal hosts map. This could happen due to a function name collision between autofs and the libtirpc library. Both utilities called a debug logging function of the same name but with a different call signature. This update applies a series of patches that fix this problem by redefining the internal debug logging function in autofs. Also, several other bugs related to the autofs RPC function have been fixed. The automount daemon no longer crashes when using the internal hosts map and the libtirpc library is installed on the system.

BZ#834641

Due to an incorrectly placed port test in the get_nfs_info() function, autofs attempted to contact the portmap service when mounting NFSv4 file systems. Consequently, if the portmap service was disabled on the server, automount failed to mount the NFSv4 file systems with the following error message:

mount(nfs): no hosts available

With this update, the port check has been moved to the correct location in the code so that automount no longer contacts the server's port mapper when mounting NFSv4 file systems. NFSv4 file systems are mounted as expected in this scenario.

BZ#836422

Previously, the autofs internal hosts map could not be refreshed until all entries in the map had been unmounted. Consequently, users could not access newly exported NFS shares and any attempt to access such shares failed with the "No such file or directory" error message. This update allows the server export list to be updated by sending a HUP signal to the automount daemon. This causes automount to request server exports so the hosts map and associated automounts can be updated. Newly exported NFS shares can now be accessed as expected.

BZ#845512

Previously, the usage message displayed by the autofs init script did not contain the "usage" command entry. This update corrects the init script so it now displays all commands that can be used with the autofs service as expected.

BZ#856296

When stopping the autofs service, autofs did not correctly handle situations where a null map entry appeared after a corresponding indirect map entry in the autofs master map. As a consequence, automount attempted to unmount a unmount a non-existing automount point and became unresponsive. This update modifies autofs to process null map entries correctly so it no longer attempts to unmount non-existing automount points. The autofs service now stops gracefully as expected.

BZ#860184

Previously, the autofs init script did not allow any commands to be run by unprivileged users. However, it is desirable to let a non-root user check the status of autofs for example for monitoring purposes. Therefore, this update modifies the autofs init script to allow unprivileged users to execute the service autofs status command.

BZ#865311

Previous versions of autofs contained several typographical errors and misleading information in the auto.master(5) man page, and autofs.sysconfig and autofs.conf configuration files. This update corrects these bugs including the description of the MOUNT_NFS_DEFAULT_PROTOCOL and MOUNT_WAIT options.

BZ#868973

When attempting to mount an NFSv4 share from an unreachable NFSv4 server, autofs did not close IPv6 UDP sockets. This could eventually lead to depletion of free file descriptors and an automount failure. This update modifies autofs to close IPv6 UDP sockets as expected, and automount no longer fails due to too many open files in the described scenario.

BZ#892846

When using autofs with LDAP, the code used to perform a base DN search allowed a race between two threads executing the same function simultaneously to occur. As a result of this race, autofs could attempt to access already freed memory and terminate unexpectedly with a segmentation fault. With this update, the code used to perform base DN searches has been moved to the function protected by a mutex, which prevents the race from occurring. The base DN searches are now performed only when refreshing settings of the map lookup modules.

Enhancements

BZ#846870

This update modifies autofs to allow configuring of separate timeout values for individual direct map entries in the autofs master map.

BZ#859947

With this update, the auto.master(5) man page has been updated to document the "-t, --timeout" option in the FORMAT options section.

BZ#866338

The auto.master(5) man page has been updated to clarify description of the "nobind" option when it is used with direct mount maps.

BZ#866396

The autofs.spec file has been modified to update build dependency of the autofs sss interface library. The library now requires the libsss_autofs package instead of sssd.

BZ#822733

This update improves debug logging of autofs. With debug logging set on, automount now reports whether it needs to read a mount map or not.

Security Fix

CVE-2012-3386

It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck".

Bug Fix

BZ#599435

Previously, the Avahi library packages required the Avahi daemon packages as a dependency. Consequently, whenever installing some of the Avahi libraries, the Avahi daemon was installed as well, which could pose a security risk in certain environments. This update removes these dependencies so that the Avahi libraries are now installed without the Avahi daemon.

BZ#728693

Prior to this update, the logwatch tool did not check the "/var/log/bacula*" file. As a consequence, the logwatch report was incomplete. This update adds all log files to the logwatch configuration file. Now, the logwatch report is complete.

BZ#728697

Prior to this update, the bacula tool itself created the "/var/spool/bacula/log" file. As a consequence, this log file used an incorrect SELinux context. This update modifies the underlying code to create the /var/spool/bacula/log file in the bacula package. Now, this log file has the correct SELinux context.

BZ#729008

Prior to this update, the bacula packages were built without the CFLAGS variable "$RPM_OPT_FLAGS". As a consequence, the debug information was not generated. This update modifies the underlying code to build the packages with CFLAGS="$RPM_OPT_FLAGS. Now, the debug information is generated as expected.

BZ#756803

Prior to this update, the perl script which generates the my.conf file contained a misprint. As a consequence, the port variable was not set correctly. This update corrects the misprint. Now, the port variable is set as expected.

BZ#802158

Prior to this update, values for the "show pool" command was obtained from the "res->res_client" item. As a consequence, the output displayed incorrect job and file retention values. This update uses the "res->res_pool" item to obtain the correct values.

BZ#862240

Prior to this update, bacula-storage-common utility wrongly removed alternatives for the bcopy function during the update. As a consequence, the Link to bcop.{mysql,sqlite,postgresql} disappeared after updating. This update modifies the underlying code to remove these links directly in storage-{mysql,sqlite,postgresql} and not in bacula-storage-common.

Bug Fixes

BZ#695656

Prior to this update, the trap handler could, under certain circumstances, lose signals during another trap initialization. This update blocks the signal while the trap string and handler are being modified. Now, the signals are no longer lost.

BZ#799958

Prior to this update, the manual page for trap in Bash did not mention that signals ignored upon entry cannot be listed later. This is now fixed and the manual page entry text is amended to "Signals ignored upon entry to the shell cannot be trapped, reset or listed".

BZ#800473

Prior to this update, the Bash shell called the trap handler within a signal handler when a SIGCHLD signal was received in job control mode and a handler for the signal was installed. This was a security risk and could cause Bash to enter a deadlock or to terminate unexpectedly with a segmentation fault due to memory corruption. With this update, the trap handler is now called outside of the signal handler, and Bash no longer enters a deadlock.

Enhancement

BZ#677439

This update enables the system-wide "/etc/bash.bash_logout" file. This allows administrators to write system-wide logout actions for all users.

Bug Fixes

BZ#767496

When persistent search was in use, the plug-in sometimes terminated unexpectedly due to an assertion failure when the "rndc reload" command was issued and the LDAP server was not reachable. With this update, the code has been improved so that connection failures and reconnects are now handled more robustly. As a result, the plug-in no longer crashes in the scenario described.

BZ#829388

Previously, some relative domain names were not expanded correctly to FQDNs. Consequently, zone transfers sometimes contained relative domain names although they should only contain FQDNs (for example, they contained "name." record instead of "name.example.com."). The plug-in has been patched, and as a result, zone transfers now contain the correct domain names.

BZ#840381

Due to a bug in bind-dyndb-ldap, the named process sometimes terminated unexpectedly when a connection to LDAP timed out. Consequently, when a connection to LDAP timed out (or failed), the named process was sometimes aborted and DNS service was unavailable. The plug-in has been fixed and as a result, the plug-in now handles situations when a connection to LDAP fails gracefully.

BZ#856269

Due to a race condition, the plug-in sometimes caused the named process to terminate unexpectedly when it received a request to reload. Consequently, the DNS service was sometimes unavailable. A patch has been applied and as a result, the race condition during reload no longer occurs.

Enhancements

BZ#733711

LDAP in Red Hat Enterprise Linux 6.4 includes support for persistent search for both zones and their resource records. Persistent search allows the bind-dyndb-ldap plug-in to be immediately informed about all changes in an LDAP database. It also decreases network bandwidth usage required by repeated polling.

BZ#829340

Previously, it was only possible to configure IPv4 forwarders in LDAP. With this update, a patch has been added to the plug-in, and as a result, the plug-in is now able to parse and use IPv6 forwarders. BIND9 syntax for "forwarders" is required.

BZ#829385

Previously, it was impossible to share one LDAP database between multiple master servers; only one master server could be used. A new bind-dyndb-ldap option "fake_mname" which allows for overriding the master server name in the SOA record has been added. With this option it is now possible to override the master server name in the SOA record so that multiple servers can act as master server for one LDAP database.

BZ#840383

When multiple named processes shared one LDAP database and dynamically updated DNS records (via DDNS), they did not update the SOA serial numbers so it was impossible to serve such zones on secondary servers correctly (that is to say, they were not updated on slave servers). With this update, the plug-in can now update SOA serial numbers automatically, if configured to do so. Refer to the new "serial_autoincrement" option in the /usr/share/doc/bind-dyndb-ldap/README file for more details.

BZ#869323

This update provides support for the per-zone disabling of forwarding. Some setups require the disabling of forwarding per-zone. For example, company servers are configured as authoritative for a non-public zone and have global forwarding turned on. When the non-public zone contains delegation for a non-public subdomain, the zone must have explicitly disabled forwarding otherwise the glue records will not be returned. As a result, a server can now return delegation glue records for private zones when global forwarding is turned on. Refer to /usr/share/doc/bind-dyndb-ldap/README for detailed information.

Bug Fixes

BZ#827282

Previously, initscript sometimes reported a spurious error message "initscript: silence spurious "named.pid: No such file or directory" due to a race condition when the DNS server (named) was stopped. This spurious error message has been suppressed and is no longer reported in this scenario.

BZ#837165

Due to a race condition in the rbtdb.c source file, the named daemon could terminate unexpectedly with the INSIST error code. This bug has been fixed in the code and the named daemon no longer crashes in the described scenario.

BZ#853806

Previously, BIND rejected "forward" and "forwarders" statements in static-stub zones. Consequently, it was impossible to forward certain queries to specified servers. With this update, BIND accepts those options for static-stub zones properly, thus fixing this bug.

Bug Fixes

BZ#773526

In order to display a non-printing character, the readelf utility adds the "0x40" string to the character. However, readelf previously did not add that string when processing multibyte characters, so that multibyte characters in the ELF headers were displayed incorrectly. With this update, the underlying code has been corrected and readelf now displays multibyte and non-ASCII characters correctly.

BZ#825736

Under certain circumstances, the linker could fail to produce the GNU_RELRO segment when building an executable requiring GNU_RELRO. As a consequence, such an executable failed upon start-up. This problem affected also the libudev library so that the udev utility did not work. With this update, the linker has been modified so that the GNU_RELRO segment is now correctly created when it is needed, and utilities such as udev now work correctly.

Bug Fixes

BZ#751373

The biosdevname utility ignored the SMBIOS version check for PCI network adapters. Consequently, PCI network adapter interfaces were renamed according to PCI slot and port numbers on systems with unsupported SMBIOS versions. With this update, the new biosdevname utility ensures that if the SMBIOS version is not supported, PCI network adapter interfaces are not renamed. As a result, PCI network adapters are named with the kernel default name in the scenario described.

BZ#804754

When using Single Root I/O Virtualization (SR-IOV) with embedded network interface devices, the biosdevname utility did not check the System Management BIOS (SMBIOS) type of the physical function for corresponding virtual functions. Consequently, biosdevname did not find SMBIOS type 41 structure for the device virtual functions and did not suggest interface names for these onboard network interfaces. With this update, biosdevname now looks up the SMBIOS type 41 structure for the device virtual functions in the corresponding physical function table. As a result, onboard network devices with virtual network interfaces are now renamed according to the biosdevname naming scheme.

BZ#815724

The biosdevname utility did not handle PCI cards with multiple ports. Consequently, only the network interface of the first port of these cards was renamed according to the biosdevname naming scheme. An upstream patch has been applied and biosdevname now handles PCI cards with multiple ports. As a result, all ports of multiple port PCI cards are now renamed according to the biosdevname naming scheme.

Enhancements

BZ#676355

The man page was missing the multicast option descriptions. This update adds that information to the man page.

BZ#690529

This enhancement adds the missing feature described in the BRCTL(8) man page, that allows the user to get the bridge information for a simple bridge using the "brctl show $BRIDGE" command.

BZ#684526

Previously, building the brltty package could fail on the ocaml's unpackaged files error. This happened only if the ocaml package was pre-installed in the build root. The "--disable-caml-bindings" option has been added in the %configure macro so that the package now builds correctly.

BZ#809326

Previously, the /usr/lib/libbrlapi.so symbolic link installed by the brlapi-devel package incorrectly pointed to ../../lib/libbrlapi.so. The link has been fixed to correctly point to ../../lib/libbrlapi.so.0.5.

Security Fix

CVE-2010-4530

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon (root, by default), by inserting a specially-crafted smart card.

Bug Fix

BZ#808115

Previously, CCID only recognized smart cards with 5V power supply. With this update, CCID also supports smart cards with different power supply.

Bug Fix

BZ#797990

Prior to this update, overlapping memory was handled incorrectly. As a consequence, newly created paths could be garbled when calling "genisoimage" with the "-graft-points" option to graft the paths at points other than the root directory. This update modifies the underlying code to generate graft paths as expected.

Bug Fixes

BZ#810016

When certmonger was set up to not attempt to obtain a new certificate and the certificate's valid remaining time crossed a configured time to live (TTL) threshold, certmonger warned of a certificate's impending not-valid-after date. Certmonger then immediately logged the warning again, and continued to do so indefinitely, causing the /var/log/messages file to fill up with warnings. This bug has been fixed and certmonger returns a warning again only when another configured TTL threshold is crossed or the service is restarted.

BZ#893611

When certmonger attempts to save a certificate to an NSS database, it necessarily opens that database for writing. Previously, if any other process, including any other certmonger tasks that could require access to that database, had the database open for writing, that database could become corrupted. This update backports changes from later versions of certmonger which change its behavior. Now, actions that could result in database modifications are only performed one at a time.

Bug Fixes

BZ#856729

When the mount.cifs utility ran out of addresses to try, it returned the "System error" error code (EX_SYSERR) to the caller service. The utility has been modified and it now correctly returns the "Mount failure" error code (EX_FAIL).

BZ#826825

Typically, "/" characters are not allowed in user names for Microsoft Windows systems, but they are common in certain types of kerberos principal names. However, mount.cifs previously allowed the use of "/" in user names, which caused attempts to mount CIFS file systems to fail. With this package, "/" characters are now allowed in user names if the "sec=krb5" or "sec=krb5i" mount options are specified, thus CIFS file systems can now be mounted as expected.

BZ#838606

Previously, the cifs-utils packages were compiled without the RELRO (read-only relocations) and PIE (Position Independent Executables) flags. Programs provided by this package could be vulnerable to various attacks based on overwriting the ELF section of a program. The "-pie" and "-fpie" options enable the building of position-independent executables, and the "-Wl","-z","relro" turns on read-only relocation support in gcc. These options are important for security purposes to guard against possible buffer overflows that lead to exploits. The cifs-utils binaries are now built with PIE and full RELRO support. The cifs-utils binary is now more secured against "return-to-text" and memory corruption attacks and also against attacks based on the program's ELF section overwriting.

Enhancements

BZ#843596

With this update, the "strictcache", "actimeo", "cache=" and "rwpidforward" mount options are now documented in the mount.cifs(8) manual page.

BZ#843612

The "getcifsacl", "setcifsacl" and "cifs.idmap" programs have been added to the package. These utilities allow users to manipulate ACLs on CIFS shares and allow the mapping of Windows security IDs to POSIX user and group IDs.

BZ#843617

With this update, the cifs.idmap helper, which allows SID to UID and SID to GID mapping, has been added to the package. Also, the manual page cifs.upcall(8) has been updated and cifs.idmap(8) has been added.

Bug Fixes

BZ#865588

Prior to this update, the dynamic library that represents the CIM provider of a cluster status was not built with all the required dependencies and therefore certain symbols could not be resolved. As a consequence, the cluster status could not be accessed via CIM. This update adds the missing dependencies to the dynamic library. Now, the cluster status is accessible as expected.

BZ#885830

Prior to this update, the size of XML-formatted cluster configuration (as in cluster.conf file) greater than 200 kB might have crashed modcluster, a program assisting the ricci daemon in handling the cluster configuration file (cluster.conf), or modclusterd, a daemon providing cluster status. This update drops this restriction and both executables no longer abort with larger configurations.

Bug Fixes

BZ#785866

With this update, a minor typographical error has been fixed in the /usr/share/cluster/cluster.rng.in.head RELAX NG schema.

BZ#803477

Previously, the fsck.gfs2 program printed irrelevant error messages when reclaiming free metadata blocks. These messages could have been incorrectly understood as file system errors. With this update, these messages are no longer displayed.

BZ#814807

The master_wins implementation of the qdiskd daemon was not sufficiently fast to hand over the master status during the ordered shutdown. Consequently, a temporary loss of quorum in the cluster could have occurred. With this update, master_wins has been modified to operate more quickly.

BZ#838047

Previously, the master_wins implementation of the qdiskd daemon did not check strictly for errors in the /etc/cluster/cluster.conf file. Consequently, with several incorrect options in cluster.conf, two quorate partitions could have been created at the same time. With this update, master_wins has been modified to perform strict error checking to avoid the creation of multiple quorate partitions.

BZ#838945

Prior to this update, an overly long cluster name in the /etc/cluster/cluster.conf file could cause a buffer overflow when running the fsck.gfs2 utility on a GFS2 file system with a corrupt super block. With this update, the cluster name is truncated appropriately when the super block is being rebuilt. Now, the buffer overflow condition no longer occurs in the described case.

BZ#839241

Under certain circumstances, the cman cluster manager did not propagate two internal values across configuration reloads. Consequently, runtime inconsistencies could occur. This bug has been fixed, and the aforementioned error no longer occurs. Also, a corner case memory leak has been fixed.

BZ#845341

Prior to this update, the fenced daemon created the /var/log/cluster/fenced.log file with world readable permissions. With this update, fenced has been modified to set more strict security permissions for its log file. Also, permissions of an existing log file are automatically corrected if necessary.

BZ#847234

Previously, an insufficient buffer length limitation did not allow long configuration lines in the /etc/cluster/cluster.conf configuration file. Consequently, a long entry in the file caused the corosync utility to terminate unexpectedly with a segmentation fault. With this update, the length limit has been extended. As a result, the segmentation fault no longer occurs in this situation.

BZ#853180

When a GFS2 file system was mounted with the lock_nolock option enabled, the cman cluster manager incorrectly checked the currently used resources. Consequently, cman failed to start. This bug has been fixed, and cman now starts successfully in the described case.

BZ#854032

In certain corner cases, triggered especially when shutting down all cluster nodes at the same time, the cluster daemons failed to quit within the cman shutdown limit (10 seconds). Consequently, the cman cluster manager declared a shutdown error. With this update, the default shutdown timeout has been increased to 30 seconds to prevent the shutdown error.

BZ#857952

Under rare circumstances, the fenced daemon polled an incorrect file descriptor from the cman cluster manager. Consequently, fenced entered a loop and the cluster became unresponsive. This bug has been fixed, and the aforementioned error no longer occurs.

BZ#861340

The fenced daemon is usually started before the messagebus (D-BUS) service, which has no harmful operational effects. Previously, this behavior was recorded as an error message in the /var/log/cluster/fenced.log file. To avoid confusion, this error message is now entered into /var/log/cluster/fenced.log only when the log level is set to debugging.

BZ#862847

Previously, the mkfs.gfs2 -t command accepted non-standard characters, like slash (/), in the lock table name. Consequently, only the first cluster node was able to mount a GFS2 file system successfully. The next node attempting to mount a GFS2 file system became unresponsive. With this update, a more strict validation of lock table names has been introduced. As a result, cluster nodes no longer hang when special characters are used in lock table.

BZ#887787

Previously, when the client using the cman API called the cman_stop_notification() function after cman was already closed, the client terminated with the SIGPIPE signal. With this update, the underlying source code has been modified to address this issue, and the MSG_NOSIGNAL message is now displayed to warn the user in the described scenario.

BZ#888053

Prior to this update, the gfs2_convert tool was unable to handle certain corner cases when converting between GFS1 and GFS2 file systems. Consequently, the converted GFS2 file system contained errors. With this update, gfs2_convert has been fixed to detect these corner cases and adjust the converted file system accordingly

Enhancements

BZ#661764

The cman cluster manager is now supported with the bonding mode options 0, 1, and 2. Prior to this update, only bonding mode 1 was supported.

BZ#738704

This update adds support for clusters utilizing the Red Hat Enterprise Virtualization Manager native shared storage between nodes.

BZ#786118

The hostname aliases from the /etc/hosts file are now accepted as cluster node names across cluster applications.

BZ#797952

A new tool, fence_check, has been added to provide a method to test the fence configuration in a non disruptive way. The tool has been designed to run via the crontab utility for regular monitoring of fence devices.

BZ#821016

This update enables passing additional command line options to the dlm_controld daemon using the /etc/sysconfig/cman file.

BZ#842370

The Distributed Lock Manager (DLM) now allows tuning of DLM hash table sizes from the /etc/sysconfig/cman file. The following parameters can be set in the /etc/sysconfig/cman file:

DLM_LKBTBL_SIZE=<size_of_table>
DLM_RSBTBL_SIZE=<size_of_table>
DLM_DIRTBL_SIZE=<size_of_table>

which, in turn, modifies the values in the following files respectively:

/sys/kernel/config/dlm/cluster/lkbtbl_size
/sys/kernel/config/dlm/cluster/rsbtbl_size
/sys/kernel/config/dlm/cluster/dirtbl_size

BZ#857299

Previously, it was not possible to modify the default TCP port (21064) of the Distributed Lock Manager (DLM). With this update, the DLM_TCP_PORT configuration parameter has been added into the /etc/sysconfig/cman file. As a result, the DLM TCP port can be manually configured.

BZ#860048

The fsck.gfs2 program now checks for formal mismatches between disk inode numbers and directory entries in the GFS2 file system.

BZ#860847

This update adds support for two and four node clusters utilizing the rgmanager daemon with the rrp_mode option enabled.

BZ#878196

This update adds support for clusters utilizing the VMware's VMDK (Virtual Machine Disk) disk image technology with the multi-writer option. This allows using VMDK-based storage with the multi-writer option for clustered file systems such as GFS2.

Bug Fix

BZ#805069

Prior to this update, the status LEDs on Wacom tablets did not correctly indicate the current mode. With this update, the LEDs now indicate which of the Touch Ring or Touch Strip modes are active.

Bug Fixes

BZ#861108

Previously, Coolkey was unable to recognize PIV-I cards. This update fixes the bug and Coolkey now allows these cards to be read and display certificate information as expected.

BZ#879563

Prior to this update, The pkcs11_listcerts and pklogin_finder utilities were unable to recognize certificates and USB tokens on smart cards after upgrading the Coolkey library. A patch has been provided to address this issue and these utilities now work as expected.

BZ#806038

Previously, the remote-viewer utility failed to utilize a plugged smart card reader when a Spice client was running. Eventually, the client could terminate unexpectedly. Now, remote-viewer recognizes the reader and offers authentication once the card is inserted and the crashes no longer occur.

BZ#884266

Previously, certain new PIV-II smart cards could not be recognized by client card readers, the ESC card manager, or the pklogin_finder utility. A patch has been provided to address this issue and PIV-II cards now work with Coolkey as expected.

Enhancement

BZ#805693

Support for Oberthur Smart Cards has been added to the Coolkey library.

Bug Fixes

BZ#802559

Previously, in the xorg-x11-proto-devel package, the definition of the _X_NONNULL macro was incompatible with C89 compilers. Consequently, C89 applications could not be built in C89 mode if the X11/Xfuncproto.h file was included. This update fixes the macro definition to be compatible with C89 mode.

BZ#804907

Prior to this update, XI2 events were not properly initialized and could contain garbage values. A patch for the libXi package, which had been setting values to garbage, has been provided to fix this bug. Now, actual events no longer contain garbage values and are initialized as expected.

BZ#871460

Previously, the spec file of the xkeyboard-config package used the %{dist} macro in the Version tag. Although the standard Red Hat Enterprise Linux build environment defines this macro, it does not need to be defined. If it was not defined, %{dist} appeared literally in the resulting RPM package's version string when the package was rebuilt. The spec file has been corrected to use the conditional %{?dist} form, which expands to an empty string if %{dist} is not defined.

Security Fix

CVE-2011-2504

It was found that the x11perfcomp utility included the current working directory in its PATH environment variable. Running x11perfcomp in an attacker-controlled directory would cause arbitrary code execution with the privileges of the user running x11perfcomp.

Bug Fixes

BZ#783068

Prior to this update, the corosync-notifyd service did not run after restarting the process. This update modifies the init script to wait for the actual exit of previously running instances of the process. Now, the corosync-notifyd service runs as expected afer restarting.

BZ#786735

Prior to this update, an incorrect node ID was sent in recovery messages when corosync entered recovery. As a consequence, the debuggung process in the source code could cause problems. This update sets the correct node ID.

BZ#786737

Prior to this update, the node spend a considerable long amount of time in the GATHER state. With this update, nodes in the in OPERATIONAL state enter the GATHER state when receiving the JoinMSG signal. Now, all nodes enter the GATHER state so nodes previously in GATHER state do no longer need to wait for token loss.

BZ#xxx

Prior to this update, the netfilter firewall blocked input and output packets. As a consequence, corosync could become suspended, failed to create memberships and the cluster could not be used. This update uses the sockpair unix dgram socket to send packets to the multicast group.

BZ#794744

Prior to this update, corosync also autogenerated the node ID when the configuration file or the cluster manager (cman) already set one. This update modifies the underlying code to recognized user-set mode IDs. Now, corosync autogenerates node IDs only when the user has not entered one.

BZ#xxx

Prior to this update, corosync sockets were bound to a PEERs IP address instead of the local IP address when the IP address was configured as peer-to-peer (netmask /32). As a consequence, corosync was unable to create memberships. This update modifies the underlying code to use the correct information about the local ip address.

BZ#824902

Prior to this update, the corosync logic always used the first IP address that was found. As a consequence, users could not use more than one IP addresss on the same network. This update modifies the logic to use the first network address if no exact match was found. Now, users can bind to the IP address they select.

BZ#827100

Prior to this update, some sockets were not bound to a concrete IP address but listened on all interfaces in UDPU mode. As a consequence, users could encounter problems when configuring the firewall. This update binds all sockets correctly.

BZ#847232

Prior to this update, configuration file names that consisted of more than 255 characters could cause corosync to abort unexpectedly. This update returns the complete item value. In case of the old ABI, corosync prints an error. Now, corosync no longer aborts with longer names.

BZ#848210

Prior to this update, the corosync-notifyd output was considerably slow and corosync memory grew when dbus output was enabled. Memory was not freed when corosync-notifyd was closed. This update modifies the corosync-notifyd event handler not to wait when there is nothing to receive and send from or to dbus. Now, corosync frees memory when the IPC client exits and corosync-notifyd produces output in speed of incoming events.

BZ#850757

Prior to this update, corosync dropped ORF tokens together with memb_join packets when using CPU timing on certain networks. As a consequence, the RRP interface could be wrongly marked as faulty. This update drops only memb_join messages.

BZ#861032

Prior to this update, the corosync.conf parser failed if the ring number was larger than the allowed maximum of 1. As a consequence, corosync could abort with a segmentation fault. This update adds a check to the corosync.conf parser. Now, an error message is printed if the ring number is larger than 1.

BZ#863940

Prior to this update, corosync stopped on multiple nodes. As a consequence, corosync could, under certain circumstances, abort with a segmentation fault. This update ensures that the corosync service no longer calls callbacks on unloaded services.

BZ#869609

Prior to this update, corosync could abort with a segmentation fault when a large number of corosync nodes were started together. This update modifies the underlying code to ensure that the NULL pointer is not dereferenced. Now, corosync no longer encounters segmentation faults when starting multiple nodes at the same time.

BZ#876908

Prior to this update, the parsercorosync-objctl command with additional parameters could cause the error "Error reloading DB 11". This update removes the reloading function and handles changes of changed objects in the configuration data base (confdb). Now, the logging level can be changed as expected.

Enhancements

BZ#770455

With this update, the corosync log includes the hostname and the porcess ID of the processes that join the cluster to allow for better troubleshooting.

BZ#123456

This update adds the manual page confdb_keys.8 to provide descriptions for corosync runtime statistics that are returned by corosync-objctl.

BZ#838743

This update adds the new trace level to filter corosync flow messages to improve debugging.

Bug Fix

BZ#876738

Previously, the cpuspeed daemon used a naive method of getting the highest available scaling frequency. Consequently, on certain platforms, cpuspeed did not set the CPU to the correct maximum limit. A patch has been provided to address this issue and cpuspeed now sets the maximum speed correctly.

BZ#642838

Prior to this update, the PCC driver used the “userspace” governor was loaded instead of the “ondemand” governor when loading. This update modifies the init script to also check the PCC driver.

BZ#738463

Prior to this update, the cpuspeed init script tried to set cpufrequency system files on a per core basis which was a deprecated procedure. This update sets thresholds globally.

BZ#616976

Prior to this update, the cpuspeed tool did not reset MIN and MAX values, when the configuration file was emptied. As a consequence, the MIN_SPEED or MAX_SPEED values were not reset as expected. This update adds conditionals in the init script to check these values. Now, the MIN_SPEED or MAX_SPEED values are reset as expected.

BZ#797055

Prior to this update, the init script did not handle the IGNORE_NICE parameter as expected. As a consequence, "-n" was added to command options when the IGNORE_NICE parameter was set. This update modifies the init script to stop adding the NICE option when using the IGNORE_NICE parameter.

Bug Fix

BZ#843093

A recent time-keeping backport to the Red Hat Enterprise Linux 6 kernel caused the crash utility to fail during initialization with the "crash: cannot resolve: xtime" error message. This update modifies crash to recognize and handle the time-keeping change in the kernel so that crash now successfully starts up as expected.

Enhancements

BZ#739094

The crash utility has been modified to support dump files in the firmware-assisted dump (fadump) format for the 64-bit PowerPC architecture.

BZ#834260

The "struct -o" option has been enhanced to accept a virtual address argument. If an address argument is entered, the structure members are prepended by their virtual address.

BZ#834276

The "bt" command has been enhanced by adding new "-s" and "[-xd]" options that allow displaying symbol names plus their offset in each frame. The default behavior is unchanged where only the symbol name is displayed. The symbol offset is expressed in the default output format, which can be overridden using the "-x" (hexadecimal) or "-d" (decimal) options.

Bug Fix

BZ#833350

Previously, the createrepo utility ignored the "umask" command for files created in the createrepo cache directory. This behavior caused problems when more than one user was updating repositories. The bug has been fixed, and multiple users can now update repositories without complications.

Enhancements

BZ#646644

It is now possible to use the "createrepo" command with both the "--split" and the "--pkglist" options simultaneously.

BZ#714094

It is now possible to remove metadata from the repodata directory using the modifyrepo program. This update also enhances updating of the existing metadata.

Bug Fixes

BZ#758367

While running ctdb on the GFS2 file system, ctdb could ban a stable node when another node was started or stopped. This bug has been fixed by the rebase and stable nodes get no longer banned in the described scenario.

BZ#821715

Previously, on the Glusterfs file system, the ctdb lock file and configuration files were shared. Consequently, the ctdbd daemon running on a node terminated unexpectedly when another node in the cluster was brought down. This bug has been fixed by the rebase and ctdbd no longer crashes in the described scenario.

BZ#866670

After removing a ctdb node, the "ctdb status" command reported the same number of nodes as before the node was removed. A patch has been provided to address this issue and "ctdb status" now returns an accurate number of nodes after a remove operation.