Recommended update for pacemaker

Announcement ID:	SUSE-RU-2016:2101-1
Rating:	moderate
References:	bsc#956500 bsc#967254 bsc#967383 bsc#967775 bsc#970733 bsc#971129 bsc#972187 bsc#974108 bsc#975079 bsc#976271 bsc#976865 bsc#977201 bsc#977258 bsc#977675 bsc#977800 bsc#981489 bsc#981731 bsc#986056 bsc#986201 bsc#986265 bsc#986676 bsc#986931 bsc#987348
Affected Products:	SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise High Availability Extension 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1

An update that has 23 fixes can now be installed.

Description:

This update for pacemaker fixes the following issues:

• crm_mon: Avoid logging errors for any CIB changes that we don't care about (bsc#986931)
• crmd: When node load was reduced, crmd carries out a feasible action.
• ping: Log sensible error when /tmp is full (bsc#987348)
• crm_mon: Do not log errors for the known CIB changes that should be ignored (bsc#986931)
• libservices: include socket units when listing all systemd agents
• fencing: fence_legacy - Search capable devices by querying them through "list" action for cluster-glue stonith agents (bsc#986265)
• pengine,tools: Display pending resource state by default when it's available (bsc#986201)
• systemd: Allow unit names ending in .socket.
• crmd: mention that graceful remote shutdowns may cause connection failures (bsc#981489)
• libais,libcluster,libcrmcommon,liblrmd: don't use %z specifier
• tools: crm_resource -T option should not be hidden anymore
• PE: Correctly update the dependent actions of un-runnable clones
• attrd,ipc: Prevent possible segfault on exit (bsc#986056)
• tools: properly handle crm_resource --restart with a resource in a group
• tools: don't assume all resources restart on same node with crm_resource --restart
• tools: avoid memory leaks in crm_resource --restart
• tools: remember any existing target-role when doing crm_resource --restart
• tools: correctly count starting resources when doing crm_resource --restart
• Add logrotate to requirements of pacemaker-cli
• libcrmcommon: really ensure crm_time_t structure is fully initialized by API calls
• crmd: avoid timeout on older peers when cancelling a resource operation
• crmd: use proper resource agent name when caching metadata
• crmd: avoid memory leak when sending fencing alert
• liblrmd: avoid memory leak when closing or deleting lrmd connections
• tools: avoid memory leak when crm_mon unpacks constraints
• pengine: avoid use-after-free with location constraint + sets + templates
• pengine: better error handling when unpacking sets in location constraints
• pengine: avoid memory leak when invalid constraint involves set
• cts: avoid kill usage error if DummySD stop called when already stopped
• pengine : Correction of the record judgment of the failed information.
• crmd: clear remote node transient attributes on disconnect (bsc#981489)
• Revert "Fix: attrd: Correctly implement mass removal of a node's attributes" (bsc#981489)
• attrd: ensure remote nodes are in correct peer cache (bsc#981489)
• crmd: set remote flag when gracefully shutting down remote nodes (bsc#981489)
• crmd: Graceful proxy shutdown is now tested (bsc#981489)
• crmd: Set the shutdown transient attribute in response to LRMD_IPC_OP_SHUTDOWN_REQ from remote nodes (bsc#981489)
• PE: Honor the shutdown transient attributes for remote nodes (bsc#981489)
• pacemaker_remote: support graceful stops (bsc#981489)
• crmd: support graceful pacemaker_remote stops (bsc#981489)
• lrmd,liblrmd: add lrmd IPC operations for requesting and acknowledging shutdown (bsc#981489)
• cts: simulate pacemaker_remote failure with kill (bsc#981489)
• crmd,lrmd,liblrmd: use defined constants for lrmd IPC operations (bsc#981489)
• lrmd: make proxied IPC providers/clients opaque (bsc#981489)
• lrmd: handle shutdown a little more cleanly (bsc#981489)
• libpengine: log message when stonith disabled, not enabled
• pengine: only set unfencing constraints once
• libcrmcommon: ensure crm_time_t structure is fully initialized by API calls
• attrd: don't leak memory when returning due to malformed update request
• pengine: properly order stop actions relative to stonith
• crm_resource: don't pretend that target-role:started would prevent promotion
• crm_mon: consistently print ms resource state
• controld: use "stonith_admin -H '*' -V" (bsc#977201)
• stonith_admin: allow -H '*' to show history for all nodes (bsc#977201)
• controld: fix "[: -eq: unary operator expected" issue from PR 1022 (bsc#977201)
• controld: Prevent unwanted self-fencing if "stateful_merge_wait" state of dlm is not available (bsc#977201)
• spec: fence_pcmk only eligible for Pacemaker+CMAN
• crmd: Acknowledge cancellation operations for remote connection resources (bsc#976865)
• controld: improve DLM check with stateful_merge_wait (bsc#977201)
• attrd, libcrmcommon: validate attrd requests better
• crm_mon: Fix time formatting on x32
• resources: use OCF version tagging correctly
• libcommon: crm_procfs_pid_of() would always return last /proc entry checked
• crmd: Take start-delay into account for the timeout of the action timer (bsc#977258)
• libservices: make systemd override file world-readable to avoid log warning
• libcrmcommon: correct directory name in log message
• pengine: Correctly set the environment variable "OCF_RESKEY_CRM_meta_timeout" when "start-delay" is configured (bsc#977258)
• services: Correctly clean up service actions for non-dbus case
• RA: SysInfo - Reset the node attribute "#health_disk" to "green" when there's sufficient free disk (bsc#975079)
• pengine: Organize order of actions for slave resources in anti-colocations (bsc#977800)
• pengine: Organize order of actions for master resources in anti-colocations (bsc#977800)
• pengine: Respect asymmetrical ordering when trying to move resources (bsc#977675)
• fencing: Record the last known names of nodes to make sure fencing requested with nodeid works (bsc#974108)
• ping resource: Use fping6 for IPv6 hosts (bsc#976271)
• pengine: Consider resource failed if any of the configured monitor operations failed (bsc#972187)
• spec: make Publican docs not depend on pre-existing packages
• cib/fencing: Set status callback before connecting to cluster (bsc#974108)
• libtransition: potential memory leak if unpacking action fails
• attrd: crash on exit if initialization fails
• pengine: Suppress assert if a stateful clone is not being demoted/stopped (bsc#971129)
• PE: Correctly handle the ordering of demote actions for failed and moving containers
• libcib: Correctly determine the node type (bsc#967775)
• resources: match agents' default for globally_unique to pacemaker's
• crm_resource: Prevent segfault when --resource is not correctly supplied for --restart command

Additionally, the following bug-references have been added to the changelog:

bsc#986676, bsc#981731, bsc#970733, bsc#967383, bsc#967254, bsc#956500

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise High Availability Extension 12 SP1
  zypper in -t patch SUSE-SLE-HA-12-SP1-2016-1243=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP1
  zypper in -t patch SUSE-SLE-HA-12-SP1-2016-1243=1
• SUSE Linux Enterprise Software Development Kit 12 SP1
  zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1243=1

Package List:

• SUSE Linux Enterprise High Availability Extension 12 SP1 (s390x x86_64)
  • pacemaker-cli-1.1.13-17.2
  • pacemaker-debugsource-1.1.13-17.2
  • libpacemaker3-debuginfo-1.1.13-17.2
  • pacemaker-cts-debuginfo-1.1.13-17.2
  • libpacemaker3-1.1.13-17.2
  • pacemaker-1.1.13-17.2
  • pacemaker-cli-debuginfo-1.1.13-17.2
  • pacemaker-cts-1.1.13-17.2
  • pacemaker-remote-1.1.13-17.2
  • pacemaker-remote-debuginfo-1.1.13-17.2
  • pacemaker-debuginfo-1.1.13-17.2
• SUSE Linux Enterprise Server for SAP Applications 12 SP1 (x86_64)
  • pacemaker-cli-1.1.13-17.2
  • pacemaker-debugsource-1.1.13-17.2
  • libpacemaker3-debuginfo-1.1.13-17.2
  • pacemaker-cts-debuginfo-1.1.13-17.2
  • libpacemaker3-1.1.13-17.2
  • pacemaker-1.1.13-17.2
  • pacemaker-cli-debuginfo-1.1.13-17.2
  • pacemaker-cts-1.1.13-17.2
  • pacemaker-remote-1.1.13-17.2
  • pacemaker-remote-debuginfo-1.1.13-17.2
  • pacemaker-debuginfo-1.1.13-17.2
• SUSE Linux Enterprise Software Development Kit 12 SP1 (ppc64le s390x x86_64)
  • pacemaker-debugsource-1.1.13-17.2
  • pacemaker-cts-debuginfo-1.1.13-17.2
  • pacemaker-cts-1.1.13-17.2
  • pacemaker-debuginfo-1.1.13-17.2
  • libpacemaker-devel-1.1.13-17.2

References:

• https://bugzilla.suse.com/show_bug.cgi?id=956500
• https://bugzilla.suse.com/show_bug.cgi?id=967254
• https://bugzilla.suse.com/show_bug.cgi?id=967383
• https://bugzilla.suse.com/show_bug.cgi?id=967775
• https://bugzilla.suse.com/show_bug.cgi?id=970733
• https://bugzilla.suse.com/show_bug.cgi?id=971129
• https://bugzilla.suse.com/show_bug.cgi?id=972187
• https://bugzilla.suse.com/show_bug.cgi?id=974108
• https://bugzilla.suse.com/show_bug.cgi?id=975079
• https://bugzilla.suse.com/show_bug.cgi?id=976271
• https://bugzilla.suse.com/show_bug.cgi?id=976865
• https://bugzilla.suse.com/show_bug.cgi?id=977201
• https://bugzilla.suse.com/show_bug.cgi?id=977258
• https://bugzilla.suse.com/show_bug.cgi?id=977675
• https://bugzilla.suse.com/show_bug.cgi?id=977800
• https://bugzilla.suse.com/show_bug.cgi?id=981489
• https://bugzilla.suse.com/show_bug.cgi?id=981731
• https://bugzilla.suse.com/show_bug.cgi?id=986056
• https://bugzilla.suse.com/show_bug.cgi?id=986201
• https://bugzilla.suse.com/show_bug.cgi?id=986265
• https://bugzilla.suse.com/show_bug.cgi?id=986676
• https://bugzilla.suse.com/show_bug.cgi?id=986931
• https://bugzilla.suse.com/show_bug.cgi?id=987348