Bug Fix Advisory sanlock bug fix and enhancement update

Advisory: RHBA-2013:0541-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-02-21
Last updated on: 2013-02-21
Affected Products: Red Hat Enterprise Virtualization 3


Updated sanlock packages that fix various bugs and add various enhancements
are now available for Red Hat Enterprise Virtualization.

The sanlock packages provide a shared storage lock manager. Hosts with
shared access to a block device or file can use sanlock to synchronize
their activities. VDSM and libvirt use sanlock to synchronize access to
virtual machine images.

These updated packages, originally made available for Red Hat Enterprise
Linux, also affect Red Hat Enterprise Virtualization.

The sanlock packages have been upgraded to upstream version 2.6, which
provides a number of bug fixes and enhancements over the previous version,
including the new io_timeout setting, which has been added to the lockspace
API. I/O timeouts can now be adjusted directly with sanlock. (BZ#843073)

This update fixes the following bugs:

* In certain cases, an internal sanlock race condition occurred between the
add_lockspace and rem_lockspace API. This made add_lockspace difficult to
use from applications where multiple threads could be adding the same
lockspace. With this update, it is possible for the threads to coordinate
the lockspace operations. As a result, the aforementioned error no longer
occurs. (BZ#830736)

* Prior to this update, the sanlock init script was not creating the
/var/lock/subsys/sanlock file. Consequently, the killall init script, which
uses such files to stop init services, did not terminate the sanlock
script. This bug has been fixed, and the /var/lock/subsys/sanlock file is
now properly created. (BZ#830848)

* Previously, the sanlock service ignored undefined UID and GID options,
which led to segmentation fault during the service startup. This bug has
been fixed, and the segmentation fault no longer occurs. (BZ#831906)

* Previously, the wdmd init script did not start the softdog module when no
watchdog device was loaded. Consequently, the wdmd and sanlock daemons
failed to start. The bug has been fixed, and softdog is now correctly
loaded in the described scenario. (BZ#832935)

* The sanlock inquire API was returning a lease version (lver) of "0"
instead of the real lver in the state string. Consequently, procedures like
migrate or suspend/resume failed to acquire a lease with an inquired
version. The bug has been fixed, and the correct lver number is now
returned by sanlock inquire. (BZ#840063)

* Prior to this update, the sanlock daemon acquired supplementary groups to
allow file access on NFS. Some NFS servers did not recognize these groups
and refused the file access. With this update, the sanlock daemon has been
modified to use the root helper process to kill the registered processes.

This update also adds the following enhancements:

* With this update, when the storage domain (lockspace) is unreachable, the
sanlock manager suspends affected processes instead of killing them. When
the host regains an access to lockspace, these processes are resumed.

* With this update, the sanlock package has been added to the vdsm
subchannel for supported usage in Red Hat Enterprise Virtualization. As a
result, sanlock is now being installed along with the vdsm package.

* The fence-sanlock subpackage has been added. It provides a fence agent,
that uses the sanlock and wdmd packages, along with the ability of wdmd to
run scripts as tests. (BZ#858964)

All users of sanlock are advised to upgrade to these updated packages,
which fix these bugs and add these enhancements.


Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at

Updated packages

Red Hat Enterprise Virtualization 3

File outdated by:  RHBA-2017:0740
    MD5: 92386302f6953416580243e0d654b7a6
SHA-256: 47633933859129d9865f3f44729af05fa8be2277d6a8efeadc156c11e8e283f7
File outdated by:  RHBA-2017:0740
    MD5: 2a67a3da34aaaed730ec75fe824f9ccb
SHA-256: 118ad42d84f020d4ab72771a0287425e5c7e6a0538a2a447582aae43b29fe1e6
File outdated by:  RHBA-2017:0740
    MD5: 7bd3626794b0e0cc7d051be0d742f3cc
SHA-256: b6a3bd60509bf159edf788d5073a16111c2da884a1a5f31042c02f5b06ba51aa
File outdated by:  RHBA-2017:0740
    MD5: 1b925cc6d3b64fda2313b344114d8690
SHA-256: 122ad13db7d390dbdba56ed9f2f9cb635917033cead3917da2f0571f3e5b3869
File outdated by:  RHBA-2017:0740
    MD5: fff6eafb5595c7921265c2ee94a396f5
SHA-256: da3ef9f9e1f780fce35b75b39a67a2b8f140acf620aef970dd268dde23deeef9
File outdated by:  RHBA-2017:0740
    MD5: 12addda7c583617645cc86e0df933840
SHA-256: c9859fdd2b4b72e7784c424f799372a1e0bd1ea29ecba730f369966168c932dd
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

906027 - sanlock: fixes for rhev

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/