import CS fence-agents-4.10.0-62.el9
This commit is contained in:
parent
a445eb62fb
commit
384ed4c009
@ -1,4 +1,4 @@
|
||||
3297473a9d57e93ff378eab173990c1b64673c01 SOURCES/Jinja2-3.0.2.tar.gz
|
||||
a9db54d91b53f76f546afa1414dd015c0574ebeb SOURCES/Jinja2-3.1.3.tar.gz
|
||||
e1b766b2b1601fde67b3b19ed2f13b9746bb1cca SOURCES/MarkupSafe-2.0.1.tar.gz
|
||||
e1fb5dc6f95a85e7d1f93c6701b331201e8b5479 SOURCES/PyJWT-2.1.0-py3-none-any.whl
|
||||
53fc16036940089ceadd4127381e40fd6106a7ed SOURCES/PyYAML-5.1.tar.gz
|
||||
@ -19,8 +19,7 @@ e20df6c9635f1db9a3c891b9239b4319d88b1747 SOURCES/azure_mgmt_core-1.2.2-py2.py3-n
|
||||
6ef53a76455b377b02b4774c32a04e241cdb24eb SOURCES/botocore-2.0.0dev123.zip
|
||||
c953dcd6e69587e5b182d77255ed836172fea70a SOURCES/cachetools-4.2.2-py3-none-any.whl
|
||||
0d12f48faa727f0979e9ad5c4c80dfa32b73caff SOURCES/cachetools-4.2.4.tar.gz
|
||||
b13e22d55867e2ca5f92e5289cfdc21ba6e343aa SOURCES/certifi-2021.10.8.tar.gz
|
||||
2fcaa39108a9c99700c6f3f4198fcaa47b8ed707 SOURCES/certifi-2021.5.30-py2.py3-none-any.whl
|
||||
ec7e8dd8ef95edfdb83a1ea040b8b88507b47615 SOURCES/certifi-2023.7.22.tar.gz
|
||||
17953cc85717e0f4501dbc7b5fb8e75d67dcdcd3 SOURCES/cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl
|
||||
96faab7de7e9a71b37f22adb64daf2898e967e3e SOURCES/chardet-3.0.4-py2.py3-none-any.whl
|
||||
e9eb83c71c09b3c8249bd7d6d2619b65fff03874 SOURCES/chardet-4.0.0-py2.py3-none-any.whl
|
||||
@ -62,7 +61,7 @@ e0fa19f8fda46a1fa2253477499b116b33f67175 SOURCES/pyasn1-0.4.8.tar.gz
|
||||
43b89feb6864fe359aae89120627165219de313b SOURCES/pyasn1-modules-0.2.8.tar.gz
|
||||
d77aa46abbcaccc4054a0777a191e427c785c65a SOURCES/pyasn1_modules-0.2.8-py2.py3-none-any.whl
|
||||
a0df3ebc552b551f8e99a05cf0a29ce30bef62ee SOURCES/pycparser-2.20-py2.py3-none-any.whl
|
||||
df33feb2a14904c0461b5dcc3ca31f910206e7bd SOURCES/pycryptodome-3.10.1-cp35-abi3-manylinux2010_x86_64.whl
|
||||
c55d177e9484d974c95078d4ae945f89ba2c7251 SOURCES/pycryptodome-3.20.0.tar.gz
|
||||
c8307f47e3b75a2d02af72982a2dfefa3f56e407 SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
|
||||
6082312a090f5be5e796e0854294da0738ec0379 SOURCES/pyparsing-3.0.1.tar.gz
|
||||
24213006f983ada342ed86ea516028fdbb1ac66f SOURCES/pyroute2-0.6.4.tar.gz
|
||||
@ -95,8 +94,7 @@ a4f02fddae697614e356cadfddb6241cc7737f38 SOURCES/setuptools_scm-6.3.2.tar.gz
|
||||
47a980b20875d1a1714e921552b5bb0eda190f37 SOURCES/suds_community-0.8.5-py3-none-any.whl
|
||||
b42b7960047441db7dc021cc20e14279bd836f8d SOURCES/tomli-1.0.1.tar.gz
|
||||
83be56610e5f824bb05ff7a5618d6d4df9b6cc08 SOURCES/uritemplate-3.0.1-py2.py3-none-any.whl
|
||||
206b17697417cbf5fc55f1e39c7ceb2197fe3e63 SOURCES/urllib3-1.26.6-py2.py3-none-any.whl
|
||||
eb35c3fd8b0867ae988a15917d6b80e8bdf60222 SOURCES/urllib3-1.26.7.tar.gz
|
||||
84e2852d8da1655373f7ce5e7d5d3e256b62b4e4 SOURCES/urllib3-1.26.18.tar.gz
|
||||
7126323614cada181bc8b06436e80ef372ff8656 SOURCES/wcwidth-0.1.9-py2.py3-none-any.whl
|
||||
540f083782c584989c1a0f69ffd69ba7aae07db6 SOURCES/websocket-client-1.2.1.tar.gz
|
||||
b6c48d8714e043524be7a869d1db0adcd8441cd4 SOURCES/wheel-0.37.0-py2.py3-none-any.whl
|
||||
|
10
.gitignore
vendored
10
.gitignore
vendored
@ -1,4 +1,4 @@
|
||||
SOURCES/Jinja2-3.0.2.tar.gz
|
||||
SOURCES/Jinja2-3.1.3.tar.gz
|
||||
SOURCES/MarkupSafe-2.0.1.tar.gz
|
||||
SOURCES/PyJWT-2.1.0-py3-none-any.whl
|
||||
SOURCES/PyYAML-5.1.tar.gz
|
||||
@ -19,8 +19,7 @@ SOURCES/botocore-1.20.102-py2.py3-none-any.whl
|
||||
SOURCES/botocore-2.0.0dev123.zip
|
||||
SOURCES/cachetools-4.2.2-py3-none-any.whl
|
||||
SOURCES/cachetools-4.2.4.tar.gz
|
||||
SOURCES/certifi-2021.10.8.tar.gz
|
||||
SOURCES/certifi-2021.5.30-py2.py3-none-any.whl
|
||||
SOURCES/certifi-2023.7.22.tar.gz
|
||||
SOURCES/cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl
|
||||
SOURCES/chardet-3.0.4-py2.py3-none-any.whl
|
||||
SOURCES/chardet-4.0.0-py2.py3-none-any.whl
|
||||
@ -62,7 +61,7 @@ SOURCES/pyasn1-0.4.8.tar.gz
|
||||
SOURCES/pyasn1-modules-0.2.8.tar.gz
|
||||
SOURCES/pyasn1_modules-0.2.8-py2.py3-none-any.whl
|
||||
SOURCES/pycparser-2.20-py2.py3-none-any.whl
|
||||
SOURCES/pycryptodome-3.10.1-cp35-abi3-manylinux2010_x86_64.whl
|
||||
SOURCES/pycryptodome-3.20.0.tar.gz
|
||||
SOURCES/pyparsing-2.4.7-py2.py3-none-any.whl
|
||||
SOURCES/pyparsing-3.0.1.tar.gz
|
||||
SOURCES/pyroute2-0.6.4.tar.gz
|
||||
@ -95,8 +94,7 @@ SOURCES/six-1.16.0.tar.gz
|
||||
SOURCES/suds_community-0.8.5-py3-none-any.whl
|
||||
SOURCES/tomli-1.0.1.tar.gz
|
||||
SOURCES/uritemplate-3.0.1-py2.py3-none-any.whl
|
||||
SOURCES/urllib3-1.26.6-py2.py3-none-any.whl
|
||||
SOURCES/urllib3-1.26.7.tar.gz
|
||||
SOURCES/urllib3-1.26.18.tar.gz
|
||||
SOURCES/wcwidth-0.1.9-py2.py3-none-any.whl
|
||||
SOURCES/websocket-client-1.2.1.tar.gz
|
||||
SOURCES/wheel-0.37.0-py2.py3-none-any.whl
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,35 @@
|
||||
From 639732ddca765b2f147ef0c0a896968e3304ca49 Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Mon, 23 Oct 2023 09:28:55 +0200
|
||||
Subject: [PATCH] fence_cisco_mds: undo metadata change, as it is an I/O agent
|
||||
|
||||
---
|
||||
agents/cisco_mds/fence_cisco_mds.py | 2 +-
|
||||
tests/data/metadata/fence_cisco_mds.xml | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/agents/cisco_mds/fence_cisco_mds.py b/agents/cisco_mds/fence_cisco_mds.py
|
||||
index 04cd1f842..fbb876a94 100644
|
||||
--- a/agents/cisco_mds/fence_cisco_mds.py
|
||||
+++ b/agents/cisco_mds/fence_cisco_mds.py
|
||||
@@ -77,7 +77,7 @@ def main():
|
||||
|
||||
docs = {}
|
||||
docs["shortdesc"] = "Fence agent for Cisco MDS"
|
||||
- docs["longdesc"] = "fence_cisco_mds is a Power Fencing agent \
|
||||
+ docs["longdesc"] = "fence_cisco_mds is an I/O Fencing agent \
|
||||
which can be used with any Cisco MDS 9000 series with SNMP enabled device."
|
||||
docs["vendorurl"] = "http://www.cisco.com"
|
||||
show_docs(options, docs)
|
||||
diff --git a/tests/data/metadata/fence_cisco_mds.xml b/tests/data/metadata/fence_cisco_mds.xml
|
||||
index 2105ecccc..829c9dcbe 100644
|
||||
--- a/tests/data/metadata/fence_cisco_mds.xml
|
||||
+++ b/tests/data/metadata/fence_cisco_mds.xml
|
||||
@@ -1,6 +1,6 @@
|
||||
<?xml version="1.0" ?>
|
||||
<resource-agent name="fence_cisco_mds" shortdesc="Fence agent for Cisco MDS" >
|
||||
-<longdesc>fence_cisco_mds is a Power Fencing agent which can be used with any Cisco MDS 9000 series with SNMP enabled device.</longdesc>
|
||||
+<longdesc>fence_cisco_mds is an I/O Fencing agent which can be used with any Cisco MDS 9000 series with SNMP enabled device.</longdesc>
|
||||
<vendor-url>http://www.cisco.com</vendor-url>
|
||||
<parameters>
|
||||
<parameter name="action" unique="0" required="1">
|
159
SOURCES/RHEL-14344-fence_zvmip-1-document-user-permissions.patch
Normal file
159
SOURCES/RHEL-14344-fence_zvmip-1-document-user-permissions.patch
Normal file
@ -0,0 +1,159 @@
|
||||
From dcb8ddd13c3dfad02e00c07f283251e0c2a60c46 Mon Sep 17 00:00:00 2001
|
||||
From: Reid Wahl <nrwahl@protonmail.com>
|
||||
Date: Mon, 16 Aug 2021 17:44:13 -0700
|
||||
Subject: [PATCH] fence_zvmip: Update longdesc to document all required
|
||||
functions
|
||||
|
||||
In RHBZ#1935641, IBM explained that the requesting user needs
|
||||
authorization for more functions than what is currently documented.
|
||||
|
||||
They said:
|
||||
"""
|
||||
What we found is that you need rights from three different NICKS:
|
||||
SERVER_MANAGEMENT, IMAGE_CHARACTERISTICS and IMAGE_OPERATIONS.
|
||||
You won't be able to give a user all three NICKS.
|
||||
Therefore, you have to create a new NICK with all capabilities from all
|
||||
three NICKS together and then assign the new NICK to the USER
|
||||
"ZCLUSTER".
|
||||
Even better is to just use the needed Subset with a new NICK.
|
||||
We found five commands which are used in the fencing code and on the
|
||||
z/VM Log which should be enough for fencing to work.
|
||||
|
||||
We suggest creating following files:
|
||||
|
||||
File VSMWORK1 NAMELIST:
|
||||
```
|
||||
:nick.ZVM_FENCE
|
||||
:list.
|
||||
IMAGE_ACTIVATE
|
||||
IMAGE_DEACTIVATE
|
||||
IMAGE_STATUS_QUERY
|
||||
CHECK_AUTHENTICATION
|
||||
IMAGE_NAME_QUERY_DM
|
||||
```
|
||||
|
||||
File VSMWORK1 AUTHLIST:
|
||||
```
|
||||
ZCLUSTER ALL ZVM_FENCE
|
||||
```
|
||||
|
||||
For details, we suggest adding a link to the current z/VM docu:
|
||||
- NAMELIST: https://www.ibm.com/support/knowledgecenter/de/SSB27U_7.2.0/com.ibm.zvm.v720.dmse6/namelst.htm
|
||||
- AUTHLIST: https://www.ibm.com/support/knowledgecenter/de/SSB27U_7.2.0/com.ibm.zvm.v720.dmse6/auf.htm
|
||||
"""
|
||||
|
||||
Resolves: RHBZ1935641
|
||||
|
||||
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
|
||||
---
|
||||
agents/zvm/fence_zvmip.py | 37 ++++++++++++++++++++++-------
|
||||
tests/data/metadata/fence_zvmip.xml | 37 ++++++++++++++++++++++-------
|
||||
2 files changed, 56 insertions(+), 18 deletions(-)
|
||||
|
||||
diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py
|
||||
index 4f538e10d..c37950a20 100644
|
||||
--- a/agents/zvm/fence_zvmip.py
|
||||
+++ b/agents/zvm/fence_zvmip.py
|
||||
@@ -199,21 +199,40 @@ def main():
|
||||
|
||||
docs = {}
|
||||
docs["shortdesc"] = "Fence agent for use with z/VM Virtual Machines"
|
||||
- docs["longdesc"] = """The fence_zvm agent is intended to be used with with z/VM SMAPI service via TCP/IP
|
||||
+ docs["longdesc"] = """The fence_zvmip agent is intended to be used with the
|
||||
+z/VM SMAPI service via TCP/IP.
|
||||
|
||||
-To use this agent the z/VM SMAPI service needs to be configured to allow the virtual machine running this agent to connect to it and issue
|
||||
-the image_recycle operation. This involves updating the VSMWORK1 AUTHLIST VMSYS:VSMWORK1. file. The entry should look something similar to
|
||||
-this:
|
||||
+The z/VM SMAPI service must be configured so that the virtual machine running
|
||||
+the agent can connect to the service, access the system's directory manager,
|
||||
+and shortly thereafter run image_deactivate and image_activate. This involves
|
||||
+updating the VSMWORK1 NAMELIST and VSMWORK1 AUTHLIST VMSYS:VSMWORK1 files.
|
||||
+
|
||||
+The NAMELIST entry assigns all the required functions to one nick and should
|
||||
+look similar to this:
|
||||
+
|
||||
+:nick.ZVM_FENCE
|
||||
+:list.
|
||||
+IMAGE_ACTIVATE
|
||||
+IMAGE_DEACTIVATE
|
||||
+IMAGE_STATUS_QUERY
|
||||
+CHECK_AUTHENTICATION
|
||||
+IMAGE_NAME_QUERY_DM
|
||||
+
|
||||
+
|
||||
+The AUTHLIST entry authorizes the user to perform all the functions associated
|
||||
+with the nick, and should look similar to this:
|
||||
|
||||
Column 1 Column 66 Column 131
|
||||
|
||||
- | | |
|
||||
- V V V
|
||||
+| | |
|
||||
+V V V
|
||||
+
|
||||
+XXXXXXXX ALL ZVM_FENCE
|
||||
|
||||
-XXXXXXXX ALL IMAGE_CHARACTERISTICS
|
||||
+where XXXXXXXX is the name of the user in the authuser field of the request.
|
||||
|
||||
-Where XXXXXXX is the name of the virtual machine used in the authuser field of the request. This virtual machine also has to be authorized
|
||||
-to access the system's directory manager.
|
||||
+Refer to the official z/VM documentation for complete instructions and
|
||||
+reference materials.
|
||||
"""
|
||||
docs["vendorurl"] = "http://www.ibm.com"
|
||||
show_docs(options, docs)
|
||||
diff --git a/tests/data/metadata/fence_zvmip.xml b/tests/data/metadata/fence_zvmip.xml
|
||||
index 6996ab736..96393bdfa 100644
|
||||
--- a/tests/data/metadata/fence_zvmip.xml
|
||||
+++ b/tests/data/metadata/fence_zvmip.xml
|
||||
@@ -1,20 +1,39 @@
|
||||
<?xml version="1.0" ?>
|
||||
<resource-agent name="fence_zvmip" shortdesc="Fence agent for use with z/VM Virtual Machines" >
|
||||
-<longdesc>The fence_zvm agent is intended to be used with with z/VM SMAPI service via TCP/IP
|
||||
+<longdesc>The fence_zvmip agent is intended to be used with the
|
||||
+z/VM SMAPI service via TCP/IP.
|
||||
|
||||
-To use this agent the z/VM SMAPI service needs to be configured to allow the virtual machine running this agent to connect to it and issue
|
||||
-the image_recycle operation. This involves updating the VSMWORK1 AUTHLIST VMSYS:VSMWORK1. file. The entry should look something similar to
|
||||
-this:
|
||||
+The z/VM SMAPI service must be configured so that the virtual machine running
|
||||
+the agent can connect to the service, access the system's directory manager,
|
||||
+and shortly thereafter run image_deactivate and image_activate. This involves
|
||||
+updating the VSMWORK1 NAMELIST and VSMWORK1 AUTHLIST VMSYS:VSMWORK1 files.
|
||||
+
|
||||
+The NAMELIST entry assigns all the required functions to one nick and should
|
||||
+look similar to this:
|
||||
+
|
||||
+:nick.ZVM_FENCE
|
||||
+:list.
|
||||
+IMAGE_ACTIVATE
|
||||
+IMAGE_DEACTIVATE
|
||||
+IMAGE_STATUS_QUERY
|
||||
+CHECK_AUTHENTICATION
|
||||
+IMAGE_NAME_QUERY_DM
|
||||
+
|
||||
+
|
||||
+The AUTHLIST entry authorizes the user to perform all the functions associated
|
||||
+with the nick, and should look similar to this:
|
||||
|
||||
Column 1 Column 66 Column 131
|
||||
|
||||
- | | |
|
||||
- V V V
|
||||
+| | |
|
||||
+V V V
|
||||
+
|
||||
+XXXXXXXX ALL ZVM_FENCE
|
||||
|
||||
-XXXXXXXX ALL IMAGE_CHARACTERISTICS
|
||||
+where XXXXXXXX is the name of the user in the authuser field of the request.
|
||||
|
||||
-Where XXXXXXX is the name of the virtual machine used in the authuser field of the request. This virtual machine also has to be authorized
|
||||
-to access the system's directory manager.
|
||||
+Refer to the official z/VM documentation for complete instructions and
|
||||
+reference materials.
|
||||
</longdesc>
|
||||
<vendor-url>http://www.ibm.com</vendor-url>
|
||||
<parameters>
|
@ -0,0 +1,41 @@
|
||||
From adac1d81c5758235b6df46d0a91f1e948655848a Mon Sep 17 00:00:00 2001
|
||||
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
||||
Date: Wed, 3 Jan 2024 10:17:50 +0100
|
||||
Subject: [PATCH] fence_zvmip: fix manpage formatting
|
||||
|
||||
---
|
||||
agents/zvm/fence_zvmip.py | 14 +++++++-------
|
||||
1 file changed, 7 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/agents/zvm/fence_zvmip.py b/agents/zvm/fence_zvmip.py
|
||||
index f1cea2652..bd8273c49 100644
|
||||
--- a/agents/zvm/fence_zvmip.py
|
||||
+++ b/agents/zvm/fence_zvmip.py
|
||||
@@ -210,12 +210,12 @@ def main():
|
||||
The NAMELIST entry assigns all the required functions to one nick and should
|
||||
look similar to this:
|
||||
|
||||
-:nick.ZVM_FENCE
|
||||
-:list.
|
||||
-IMAGE_ACTIVATE
|
||||
-IMAGE_DEACTIVATE
|
||||
-IMAGE_STATUS_QUERY
|
||||
-CHECK_AUTHENTICATION
|
||||
+:nick.ZVM_FENCE\n.br\n\
|
||||
+:list.\n.br\n\
|
||||
+IMAGE_ACTIVATE\n.br\n\
|
||||
+IMAGE_DEACTIVATE\n.br\n\
|
||||
+IMAGE_STATUS_QUERY\n.br\n\
|
||||
+CHECK_AUTHENTICATION\n.br\n\
|
||||
IMAGE_NAME_QUERY_DM
|
||||
|
||||
|
||||
@@ -224,7 +224,7 @@ def main():
|
||||
|
||||
Column 1 Column 66 Column 131
|
||||
|
||||
-| | |
|
||||
+| | |\n.br\n\
|
||||
V V V
|
||||
|
||||
XXXXXXXX ALL ZVM_FENCE
|
68
SOURCES/RHEL-5396-fence_scsi-1-fix-ISID-reg-handling.patch
Normal file
68
SOURCES/RHEL-5396-fence_scsi-1-fix-ISID-reg-handling.patch
Normal file
@ -0,0 +1,68 @@
|
||||
From 9d0d0d013c7edae43a4ebc5f46bf2e7a4f127654 Mon Sep 17 00:00:00 2001
|
||||
From: "sreejit.mohanan" <sreejit.mohanan@nutanix.com>
|
||||
Date: Fri, 17 Feb 2023 18:04:03 -0800
|
||||
Subject: [PATCH] fence_scsi: fix registration handling if ISID conflicts ISID
|
||||
(Initiator Session ID) belonging to I_T Nexus changes for RHEL based on the
|
||||
session ID. This means that the connection to the device can be set up with
|
||||
different ISID on reconnects.
|
||||
|
||||
fence_scsi treats same key as a tip to ignore issuing registration
|
||||
to the device but if the device was registered using a different
|
||||
ISID, the key would be the same but the I_T Nexus (new ISID) would
|
||||
not have access to the device.
|
||||
|
||||
Fixing this by preempting the old key and replacing with the current
|
||||
one.
|
||||
---
|
||||
agents/scsi/fence_scsi.py | 35 ++++++++++++++++++++++++++++++++---
|
||||
1 file changed, 32 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
|
||||
index f9e6823b2..85e4f29e6 100644
|
||||
--- a/agents/scsi/fence_scsi.py
|
||||
+++ b/agents/scsi/fence_scsi.py
|
||||
@@ -137,12 +137,41 @@ def register_dev(options, dev):
|
||||
for slave in get_mpath_slaves(dev):
|
||||
register_dev(options, slave)
|
||||
return True
|
||||
- if get_reservation_key(options, dev, False) == options["--key"]:
|
||||
- return True
|
||||
+
|
||||
+ # Check if any registration exists for the key already. We track this in
|
||||
+ # order to decide whether the existing registration needs to be cleared.
|
||||
+ # This is needed since the previous registration could be for a
|
||||
+ # different I_T nexus (different ISID).
|
||||
+ registration_key_exists = False
|
||||
+ if options["--key"] in get_registration_keys(options, dev):
|
||||
+ registration_key_exists = True
|
||||
+ if not register_helper(options, options["--key"], dev):
|
||||
+ return False
|
||||
+
|
||||
+ if registration_key_exists:
|
||||
+ # If key matches, make sure it matches with the connection that
|
||||
+ # exists right now. To do this, we can issue a preempt with same key
|
||||
+ # which should replace the old invalid entries from the target.
|
||||
+ if not preempt(options, options["--key"], dev):
|
||||
+ return False
|
||||
+
|
||||
+ # If there was no reservation, we need to issue another registration
|
||||
+ # since the previous preempt would clear registration made above.
|
||||
+ if get_reservation_key(options, dev, False) != options["--key"]:
|
||||
+ return register_helper(options, options["--key"], dev)
|
||||
+ return True
|
||||
+
|
||||
+# cancel registration without aborting tasks
|
||||
+def preempt(options, host, dev):
|
||||
+ reset_dev(options,dev)
|
||||
+ cmd = options["--sg_persist-path"] + " -n -o -P -T 5 -K " + host + " -S " + options["--key"] + " -d " + dev
|
||||
+ return not bool(run_cmd(options, cmd)["rc"])
|
||||
+
|
||||
+# helper function to send the register command
|
||||
+def register_helper(options, host, dev):
|
||||
reset_dev(options, dev)
|
||||
cmd = options["--sg_persist-path"] + " -n -o -I -S " + options["--key"] + " -d " + dev
|
||||
cmd += " -Z" if "--aptpl" in options else ""
|
||||
- #cmd return code != 0 but registration can be successful
|
||||
return not bool(run_cmd(options, cmd)["rc"])
|
||||
|
||||
|
103
SOURCES/RHEL-5396-fence_scsi-2-fix-ISID-reg-handling-off.patch
Normal file
103
SOURCES/RHEL-5396-fence_scsi-2-fix-ISID-reg-handling-off.patch
Normal file
@ -0,0 +1,103 @@
|
||||
From 34baef58db442148b8e067509d2cdd37b7a91ef4 Mon Sep 17 00:00:00 2001
|
||||
From: "sreejit.mohanan" <sreejit.mohanan@nutanix.com>
|
||||
Date: Thu, 7 Sep 2023 15:57:51 -0700
|
||||
Subject: [PATCH] fence_scsi: fix registration handling in device 'off'
|
||||
workflows
|
||||
|
||||
ISID (Initiator Session ID) belonging to I_T Nexus changes for
|
||||
RHEL based on the session ID. This means that the connection to
|
||||
the device can be set up with different ISID on reconnects.
|
||||
|
||||
When a device is powered off, fence_scsi assumes that the client
|
||||
has a registration to the device and sends a preempt-and-abort
|
||||
request which ends up failing due to reservation conflict.
|
||||
|
||||
Fixing this by registering the host key with the device and preempting
|
||||
the old registration (if it exists). This should make sure that the
|
||||
host is able to preempt the other key successfully.
|
||||
---
|
||||
agents/scsi/fence_scsi.py | 29 +++++++++++++++--------------
|
||||
1 file changed, 15 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/agents/scsi/fence_scsi.py b/agents/scsi/fence_scsi.py
|
||||
index 42530ceb5..519319bf5 100644
|
||||
--- a/agents/scsi/fence_scsi.py
|
||||
+++ b/agents/scsi/fence_scsi.py
|
||||
@@ -41,7 +41,7 @@ def set_status(conn, options):
|
||||
for dev in options["devices"]:
|
||||
is_block_device(dev)
|
||||
|
||||
- register_dev(options, dev)
|
||||
+ register_dev(options, dev, options["--key"])
|
||||
if options["--key"] not in get_registration_keys(options, dev):
|
||||
count += 1
|
||||
logging.debug("Failed to register key "\
|
||||
@@ -62,7 +62,7 @@ def set_status(conn, options):
|
||||
fail_usage("Failed: keys cannot be same. You can not fence yourself.")
|
||||
for dev in options["devices"]:
|
||||
is_block_device(dev)
|
||||
-
|
||||
+ register_dev(options, dev, host_key)
|
||||
if options["--key"] in get_registration_keys(options, dev):
|
||||
preempt_abort(options, host_key, dev)
|
||||
|
||||
@@ -131,11 +131,11 @@ def reset_dev(options, dev):
|
||||
return run_cmd(options, options["--sg_turs-path"] + " " + dev)["rc"]
|
||||
|
||||
|
||||
-def register_dev(options, dev):
|
||||
+def register_dev(options, dev, key):
|
||||
dev = os.path.realpath(dev)
|
||||
if re.search(r"^dm", dev[5:]):
|
||||
for slave in get_mpath_slaves(dev):
|
||||
- register_dev(options, slave)
|
||||
+ register_dev(options, slave, key)
|
||||
return True
|
||||
|
||||
# Check if any registration exists for the key already. We track this in
|
||||
@@ -143,34 +143,35 @@ def register_dev(options, dev):
|
||||
# This is needed since the previous registration could be for a
|
||||
# different I_T nexus (different ISID).
|
||||
registration_key_exists = False
|
||||
- if options["--key"] in get_registration_keys(options, dev):
|
||||
+ if key in get_registration_keys(options, dev):
|
||||
+ logging.debug("Registration key exists for device " + dev)
|
||||
registration_key_exists = True
|
||||
- if not register_helper(options, options["--key"], dev):
|
||||
+ if not register_helper(options, dev, key):
|
||||
return False
|
||||
|
||||
if registration_key_exists:
|
||||
# If key matches, make sure it matches with the connection that
|
||||
# exists right now. To do this, we can issue a preempt with same key
|
||||
# which should replace the old invalid entries from the target.
|
||||
- if not preempt(options, options["--key"], dev):
|
||||
+ if not preempt(options, key, dev, key):
|
||||
return False
|
||||
|
||||
# If there was no reservation, we need to issue another registration
|
||||
# since the previous preempt would clear registration made above.
|
||||
- if get_reservation_key(options, dev, False) != options["--key"]:
|
||||
- return register_helper(options, options["--key"], dev)
|
||||
+ if get_reservation_key(options, dev, False) != key:
|
||||
+ return register_helper(options, dev, key)
|
||||
return True
|
||||
|
||||
-# cancel registration without aborting tasks
|
||||
-def preempt(options, host, dev):
|
||||
+# helper function to preempt host with 'key' using 'host_key' without aborting tasks
|
||||
+def preempt(options, host_key, dev, key):
|
||||
reset_dev(options,dev)
|
||||
- cmd = options["--sg_persist-path"] + " -n -o -P -T 5 -K " + host + " -S " + options["--key"] + " -d " + dev
|
||||
+ cmd = options["--sg_persist-path"] + " -n -o -P -T 5 -K " + host_key + " -S " + key + " -d " + dev
|
||||
return not bool(run_cmd(options, cmd)["rc"])
|
||||
|
||||
# helper function to send the register command
|
||||
-def register_helper(options, host, dev):
|
||||
+def register_helper(options, dev, key):
|
||||
reset_dev(options, dev)
|
||||
- cmd = options["--sg_persist-path"] + " -n -o -I -S " + options["--key"] + " -d " + dev
|
||||
+ cmd = options["--sg_persist-path"] + " -n -o -I -S " + key + " -d " + dev
|
||||
cmd += " -Z" if "--aptpl" in options else ""
|
||||
return not bool(run_cmd(options, cmd)["rc"])
|
||||
|
@ -17,8 +17,8 @@
|
||||
%global ruamelyamlclib_version 0.2.6
|
||||
%global kubernetes kubernetes
|
||||
%global kubernetes_version 12.0.1
|
||||
%global certifi certifi
|
||||
%global certifi_version 2021.10.8
|
||||
%global certifi certifi
|
||||
%global certifi_version 2023.7.22
|
||||
%global googleauth google-auth
|
||||
%global googleauth_version 2.3.0
|
||||
%global cachetools cachetools
|
||||
@ -33,12 +33,12 @@
|
||||
%global pyyaml_version 5.1
|
||||
%global six six
|
||||
%global six_version 1.16.0
|
||||
%global urllib3 urllib3
|
||||
%global urllib3_version 1.26.7
|
||||
%global websocketclient websocket-client
|
||||
%global websocketclient_version 1.2.1
|
||||
%global urllib3 urllib3
|
||||
%global urllib3_version 1.26.18
|
||||
%global websocketclient websocket-client
|
||||
%global websocketclient_version 1.2.1
|
||||
%global jinja2 Jinja2
|
||||
%global jinja2_version 3.0.2
|
||||
%global jinja2_version 3.1.3
|
||||
%global markupsafe MarkupSafe
|
||||
%global markupsafe_version 2.0.1
|
||||
%global stringutils string-utils
|
||||
@ -59,7 +59,7 @@
|
||||
Name: fence-agents
|
||||
Summary: Set of unified programs capable of host isolation ("fencing")
|
||||
Version: 4.10.0
|
||||
Release: 55%{?alphatag:.%{alphatag}}%{?dist}
|
||||
Release: 62%{?alphatag:.%{alphatag}}%{?dist}
|
||||
License: GPLv2+ and LGPLv2+
|
||||
URL: https://github.com/ClusterLabs/fence-agents
|
||||
Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz
|
||||
@ -83,7 +83,7 @@ Source1002: aliyuncli-2.1.10-py2.py3-none-any.whl
|
||||
Source1003: cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl
|
||||
Source1004: colorama-0.3.3.tar.gz
|
||||
Source1005: jmespath-0.7.1-py2.py3-none-any.whl
|
||||
Source1006: pycryptodome-3.10.1-cp35-abi3-manylinux2010_x86_64.whl
|
||||
Source1006: pycryptodome-3.20.0.tar.gz
|
||||
Source1007: pycparser-2.20-py2.py3-none-any.whl
|
||||
# awscli
|
||||
Source1008: awscrt-0.11.13-cp39-cp39-manylinux2014_x86_64.whl
|
||||
@ -100,7 +100,7 @@ Source1017: boto3-1.17.102-py2.py3-none-any.whl
|
||||
Source1018: botocore-1.20.102-py2.py3-none-any.whl
|
||||
Source1019: python_dateutil-2.8.1-py2.py3-none-any.whl
|
||||
Source1020: s3transfer-0.4.2-py2.py3-none-any.whl
|
||||
Source1021: urllib3-1.26.6-py2.py3-none-any.whl
|
||||
Source1021: urllib3-1.26.18.tar.gz
|
||||
# azure
|
||||
Source1022: adal-1.2.7-py2.py3-none-any.whl
|
||||
Source1023: azure_common-1.1.27-py2.py3-none-any.whl
|
||||
@ -109,85 +109,83 @@ Source1025: azure_mgmt_compute-21.0.0-py2.py3-none-any.whl
|
||||
Source1026: azure_mgmt_core-1.2.2-py2.py3-none-any.whl
|
||||
Source1027: azure_mgmt_network-19.0.0-py2.py3-none-any.whl
|
||||
Source1028: azure-identity-1.10.0.zip
|
||||
Source1029: certifi-2021.5.30-py2.py3-none-any.whl
|
||||
Source1030: chardet-4.0.0-py2.py3-none-any.whl
|
||||
Source1031: idna-2.10-py2.py3-none-any.whl
|
||||
Source1032: isodate-0.6.0-py2.py3-none-any.whl
|
||||
Source1033: msrest-0.6.21-py2.py3-none-any.whl
|
||||
Source1034: msrestazure-0.6.4-py2.py3-none-any.whl
|
||||
Source1035: %{oauthlib}-%{oauthlib_version}.tar.gz
|
||||
Source1036: PyJWT-2.1.0-py3-none-any.whl
|
||||
Source1037: requests-2.25.1-py2.py3-none-any.whl
|
||||
Source1038: requests_oauthlib-1.3.0-py2.py3-none-any.whl
|
||||
Source1139: msal-1.18.0.tar.gz
|
||||
Source1140: msal-extensions-1.0.0.tar.gz
|
||||
Source1141: portalocker-2.5.1.tar.gz
|
||||
Source1029: chardet-4.0.0-py2.py3-none-any.whl
|
||||
Source1030: idna-2.10-py2.py3-none-any.whl
|
||||
Source1031: isodate-0.6.0-py2.py3-none-any.whl
|
||||
Source1032: msrest-0.6.21-py2.py3-none-any.whl
|
||||
Source1033: msrestazure-0.6.4-py2.py3-none-any.whl
|
||||
Source1034: %{oauthlib}-%{oauthlib_version}.tar.gz
|
||||
Source1035: PyJWT-2.1.0-py3-none-any.whl
|
||||
Source1036: requests-2.25.1-py2.py3-none-any.whl
|
||||
Source1037: requests_oauthlib-1.3.0-py2.py3-none-any.whl
|
||||
Source1038: msal-1.18.0.tar.gz
|
||||
Source1039: msal-extensions-1.0.0.tar.gz
|
||||
Source1040: portalocker-2.5.1.tar.gz
|
||||
# google
|
||||
Source1042: cachetools-4.2.2-py3-none-any.whl
|
||||
Source1043: chardet-3.0.4-py2.py3-none-any.whl
|
||||
Source1044: google_api_core-1.30.0-py2.py3-none-any.whl
|
||||
Source1045: google_api_python_client-1.12.8-py2.py3-none-any.whl
|
||||
Source1046: googleapis_common_protos-1.53.0-py2.py3-none-any.whl
|
||||
Source1047: google_auth-1.32.0-py2.py3-none-any.whl
|
||||
Source1048: google_auth_httplib2-0.1.0-py2.py3-none-any.whl
|
||||
Source1049: httplib2-0.19.1-py3-none-any.whl
|
||||
Source1050: packaging-20.9-py2.py3-none-any.whl
|
||||
Source1051: protobuf-3.17.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl
|
||||
Source1052: pyasn1-0.4.8-py2.py3-none-any.whl
|
||||
Source1053: pyasn1_modules-0.2.8-py2.py3-none-any.whl
|
||||
Source1054: pyparsing-2.4.7-py2.py3-none-any.whl
|
||||
Source1055: pyroute2-0.6.4.tar.gz
|
||||
Source1056: pyroute2.core-0.6.4.tar.gz
|
||||
Source1057: pyroute2.ethtool-0.6.4.tar.gz
|
||||
Source1058: pyroute2.ipdb-0.6.4.tar.gz
|
||||
Source1059: pyroute2.ipset-0.6.4.tar.gz
|
||||
Source1060: pyroute2.ndb-0.6.4.tar.gz
|
||||
Source1061: pyroute2.nftables-0.6.4.tar.gz
|
||||
Source1062: pyroute2.nslink-0.6.4.tar.gz
|
||||
Source1063: pytz-2021.1-py2.py3-none-any.whl
|
||||
Source1064: rsa-4.7.2-py3-none-any.whl
|
||||
Source1065: setuptools-57.0.0-py3-none-any.whl
|
||||
Source1066: uritemplate-3.0.1-py2.py3-none-any.whl
|
||||
Source1041: cachetools-4.2.2-py3-none-any.whl
|
||||
Source1042: chardet-3.0.4-py2.py3-none-any.whl
|
||||
Source1043: google_api_core-1.30.0-py2.py3-none-any.whl
|
||||
Source1044: google_api_python_client-1.12.8-py2.py3-none-any.whl
|
||||
Source1045: googleapis_common_protos-1.53.0-py2.py3-none-any.whl
|
||||
Source1046: google_auth-1.32.0-py2.py3-none-any.whl
|
||||
Source1047: google_auth_httplib2-0.1.0-py2.py3-none-any.whl
|
||||
Source1048: httplib2-0.19.1-py3-none-any.whl
|
||||
Source1049: packaging-20.9-py2.py3-none-any.whl
|
||||
Source1050: protobuf-3.17.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl
|
||||
Source1051: pyasn1-0.4.8-py2.py3-none-any.whl
|
||||
Source1052: pyasn1_modules-0.2.8-py2.py3-none-any.whl
|
||||
Source1053: pyparsing-2.4.7-py2.py3-none-any.whl
|
||||
Source1054: pyroute2-0.6.4.tar.gz
|
||||
Source1055: pyroute2.core-0.6.4.tar.gz
|
||||
Source1056: pyroute2.ethtool-0.6.4.tar.gz
|
||||
Source1057: pyroute2.ipdb-0.6.4.tar.gz
|
||||
Source1058: pyroute2.ipset-0.6.4.tar.gz
|
||||
Source1059: pyroute2.ndb-0.6.4.tar.gz
|
||||
Source1060: pyroute2.nftables-0.6.4.tar.gz
|
||||
Source1061: pyroute2.nslink-0.6.4.tar.gz
|
||||
Source1062: pytz-2021.1-py2.py3-none-any.whl
|
||||
Source1063: rsa-4.7.2-py3-none-any.whl
|
||||
Source1064: setuptools-57.0.0-py3-none-any.whl
|
||||
Source1065: uritemplate-3.0.1-py2.py3-none-any.whl
|
||||
# common (pexpect / suds)
|
||||
Source1067: pexpect-4.8.0-py2.py3-none-any.whl
|
||||
Source1068: ptyprocess-0.7.0-py2.py3-none-any.whl
|
||||
Source1069: suds_community-0.8.5-py3-none-any.whl
|
||||
Source1066: pexpect-4.8.0-py2.py3-none-any.whl
|
||||
Source1067: ptyprocess-0.7.0-py2.py3-none-any.whl
|
||||
Source1068: suds_community-0.8.5-py3-none-any.whl
|
||||
### END ###
|
||||
# kubevirt
|
||||
## pip download --no-binary :all: openshift "ruamel.yaml.clib>=0.1.2"
|
||||
### BEGIN
|
||||
Source1070: %{openshift}-%{openshift_version}.tar.gz
|
||||
Source1071: %{ruamelyamlclib}-%{ruamelyamlclib_version}.tar.gz
|
||||
Source1072: %{kubernetes}-%{kubernetes_version}.tar.gz
|
||||
Source1073: %{certifi}-%{certifi_version}.tar.gz
|
||||
Source1074: %{googleauth}-%{googleauth_version}.tar.gz
|
||||
Source1075: %{cachetools}-%{cachetools_version}.tar.gz
|
||||
Source1076: %{pyasn1modules}-%{pyasn1modules_version}.tar.gz
|
||||
Source1077: %{pyasn1}-%{pyasn1_version}.tar.gz
|
||||
Source1078: python-%{dateutil}-%{dateutil_version}.tar.gz
|
||||
Source1079: %{pyyaml}-%{pyyaml_version}.tar.gz
|
||||
Source1069: %{openshift}-%{openshift_version}.tar.gz
|
||||
Source1070: %{ruamelyamlclib}-%{ruamelyamlclib_version}.tar.gz
|
||||
Source1071: %{kubernetes}-%{kubernetes_version}.tar.gz
|
||||
Source1072: %{certifi}-%{certifi_version}.tar.gz
|
||||
Source1073: %{googleauth}-%{googleauth_version}.tar.gz
|
||||
Source1074: %{cachetools}-%{cachetools_version}.tar.gz
|
||||
Source1075: %{pyasn1modules}-%{pyasn1modules_version}.tar.gz
|
||||
Source1076: %{pyasn1}-%{pyasn1_version}.tar.gz
|
||||
Source1077: python-%{dateutil}-%{dateutil_version}.tar.gz
|
||||
Source1078: %{pyyaml}-%{pyyaml_version}.tar.gz
|
||||
## rsa is dependency for "pip install",
|
||||
## but gets removed to use cryptography lib instead
|
||||
Source1080: rsa-4.7.2.tar.gz
|
||||
Source1081: %{six}-%{six_version}.tar.gz
|
||||
Source1082: %{urllib3}-%{urllib3_version}.tar.gz
|
||||
Source1083: %{websocketclient}-%{websocketclient_version}.tar.gz
|
||||
Source1084: %{jinja2}-%{jinja2_version}.tar.gz
|
||||
Source1085: %{markupsafe}-%{markupsafe_version}.tar.gz
|
||||
Source1086: python-%{stringutils}-%{stringutils_version}.tar.gz
|
||||
Source1087: %{requests}-%{requests_version}.tar.gz
|
||||
Source1088: %{chrstnormalizer}-%{chrstnormalizer_version}.tar.gz
|
||||
Source1089: %{idna}-%{idna_version}.tar.gz
|
||||
Source1090: %{reqstsoauthlib}-%{reqstsoauthlib_version}.tar.gz
|
||||
Source1091: %{ruamelyaml}-%{ruamelyaml_version}.tar.gz
|
||||
Source1092: %{setuptools}-%{setuptools_version}.tar.gz
|
||||
Source1079: rsa-4.7.2.tar.gz
|
||||
Source1080: %{six}-%{six_version}.tar.gz
|
||||
Source1081: %{websocketclient}-%{websocketclient_version}.tar.gz
|
||||
Source1082: %{jinja2}-%{jinja2_version}.tar.gz
|
||||
Source1083: %{markupsafe}-%{markupsafe_version}.tar.gz
|
||||
Source1084: python-%{stringutils}-%{stringutils_version}.tar.gz
|
||||
Source1085: %{requests}-%{requests_version}.tar.gz
|
||||
Source1086: %{chrstnormalizer}-%{chrstnormalizer_version}.tar.gz
|
||||
Source1087: %{idna}-%{idna_version}.tar.gz
|
||||
Source1088: %{reqstsoauthlib}-%{reqstsoauthlib_version}.tar.gz
|
||||
Source1089: %{ruamelyaml}-%{ruamelyaml_version}.tar.gz
|
||||
Source1090: %{setuptools}-%{setuptools_version}.tar.gz
|
||||
## required for installation
|
||||
Source1093: setuptools_scm-6.3.2.tar.gz
|
||||
Source1094: packaging-21.2-py3-none-any.whl
|
||||
Source1095: poetry-core-1.0.7.tar.gz
|
||||
Source1096: pyparsing-3.0.1.tar.gz
|
||||
Source1097: tomli-1.0.1.tar.gz
|
||||
Source1098: wheel-0.37.0-py2.py3-none-any.whl
|
||||
Source1091: setuptools_scm-6.3.2.tar.gz
|
||||
Source1092: packaging-21.2-py3-none-any.whl
|
||||
Source1093: poetry-core-1.0.7.tar.gz
|
||||
Source1094: pyparsing-3.0.1.tar.gz
|
||||
Source1095: tomli-1.0.1.tar.gz
|
||||
Source1096: wheel-0.37.0-py2.py3-none-any.whl
|
||||
### END
|
||||
|
||||
Patch0: ha-cloud-support-aliyun.patch
|
||||
@ -237,10 +235,18 @@ Patch43: bz2187327-fence_scsi-2-support-space-separated-devices.patch
|
||||
Patch44: bz2211930-fence_azure-arm-stack-hub-support.patch
|
||||
Patch45: bz2221643-fence_ibm_powervs-performance-improvements.patch
|
||||
Patch46: bz2224267-fence_ipmilan-fix-typos-in-metadata.patch
|
||||
Patch47: RHEL-5396-fence_scsi-1-fix-ISID-reg-handling.patch
|
||||
Patch48: RHEL-5396-fence_scsi-2-fix-ISID-reg-handling-off.patch
|
||||
Patch49: RHEL-14344-fence_zvmip-1-document-user-permissions.patch
|
||||
Patch50: RHEL-14030-1-all-agents-metadata-update-IO-Power-Network.patch
|
||||
Patch51: RHEL-14030-2-fence_cisco_mds-undo-metadata-change.patch
|
||||
Patch52: RHEL-14344-fence_zvmip-2-fix-manpage-formatting.patch
|
||||
|
||||
### HA support libs/utils ###
|
||||
Patch1000: bz2217902-1-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
Patch1001: bz2217902-2-kubevirt-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
# all archs
|
||||
Patch1000: bz2217902-1-kubevirt-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
# cloud (x86_64 only)
|
||||
Patch2000: bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
|
||||
%global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti
|
||||
%ifarch x86_64
|
||||
@ -351,53 +357,59 @@ BuildRequires: %{systemd_units}
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:-%{alphatag}}%{?dirty:-%{dirty}}
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1 -F2
|
||||
%patch15 -p1 -F1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
%patch22 -p1
|
||||
%patch23 -p1
|
||||
%patch24 -p1
|
||||
%patch25 -p1
|
||||
%patch26 -p1
|
||||
%patch27 -p1
|
||||
%patch28 -p1
|
||||
%patch29 -p1
|
||||
%patch30 -p1
|
||||
%patch31 -p1
|
||||
%patch32 -p1
|
||||
%patch33 -p1
|
||||
%patch34 -p1
|
||||
%patch35 -p1
|
||||
%patch36 -p1
|
||||
%patch37 -p1
|
||||
%patch38 -p1
|
||||
%patch39 -p1
|
||||
%patch40 -p1
|
||||
%patch41 -p1
|
||||
%patch42 -p1
|
||||
%patch43 -p1
|
||||
%patch44 -p1
|
||||
%patch45 -p1
|
||||
%patch46 -p1
|
||||
%patch -p1 -P 0
|
||||
%patch -p1 -P 1
|
||||
%patch -p1 -P 2
|
||||
%patch -p1 -P 3
|
||||
%patch -p1 -P 4
|
||||
%patch -p1 -P 5
|
||||
%patch -p1 -P 6
|
||||
%patch -p1 -P 7
|
||||
%patch -p1 -P 8
|
||||
%patch -p1 -P 9
|
||||
%patch -p1 -P 10
|
||||
%patch -p1 -P 11
|
||||
%patch -p1 -P 12
|
||||
%patch -p1 -P 13
|
||||
%patch -p1 -P 14 -F2
|
||||
%patch -p1 -P 15 -F1
|
||||
%patch -p1 -P 16
|
||||
%patch -p1 -P 17
|
||||
%patch -p1 -P 18
|
||||
%patch -p1 -P 19
|
||||
%patch -p1 -P 20
|
||||
%patch -p1 -P 21
|
||||
%patch -p1 -P 22
|
||||
%patch -p1 -P 23
|
||||
%patch -p1 -P 24
|
||||
%patch -p1 -P 25
|
||||
%patch -p1 -P 26
|
||||
%patch -p1 -P 27
|
||||
%patch -p1 -P 28
|
||||
%patch -p1 -P 29
|
||||
%patch -p1 -P 30
|
||||
%patch -p1 -P 31
|
||||
%patch -p1 -P 32
|
||||
%patch -p1 -P 33
|
||||
%patch -p1 -P 34
|
||||
%patch -p1 -P 35
|
||||
%patch -p1 -P 36
|
||||
%patch -p1 -P 37
|
||||
%patch -p1 -P 38
|
||||
%patch -p1 -P 39
|
||||
%patch -p1 -P 40
|
||||
%patch -p1 -P 41
|
||||
%patch -p1 -P 42
|
||||
%patch -p1 -P 43
|
||||
%patch -p1 -P 44
|
||||
%patch -p1 -P 45
|
||||
%patch -p1 -P 46
|
||||
%patch -p1 -P 47
|
||||
%patch -p1 -P 48
|
||||
%patch -p1 -P 49
|
||||
%patch -p1 -P 50
|
||||
%patch -p1 -P 51
|
||||
%patch -p1 -P 52
|
||||
|
||||
# prevent compilation of something that won't get used anyway
|
||||
sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac
|
||||
@ -428,21 +440,18 @@ sed -i -e "/^#\!\/Users/c#\!%{__python3}" support/aws/bin/jp support/aliyun/bin/
|
||||
sed -i -e "/^import awscli.clidriver/isys.path.insert(0, '/usr/lib/%{name}/support/awscli')" support/awscli/bin/aws
|
||||
%endif
|
||||
|
||||
# regular patch doesnt work in build-section
|
||||
# Patch1000
|
||||
%ifarch x86_64
|
||||
pushd support
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{_sourcedir}/bz2217902-1-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
popd
|
||||
%endif
|
||||
|
||||
# kubevirt
|
||||
%{__python3} -m pip install --user --no-index --find-links %{_sourcedir} setuptools-scm
|
||||
%{__python3} -m pip install --target support/kubevirt --no-index --find-links %{_sourcedir} openshift
|
||||
rm -rf kubevirt/rsa*
|
||||
# Patch1001
|
||||
|
||||
# regular patch doesnt work in build-section
|
||||
pushd support
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{_sourcedir}/bz2217902-2-kubevirt-fix-bundled-dateutil-CVE-2007-4559.patch
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH1000}
|
||||
|
||||
%ifarch x86_64
|
||||
/usr/bin/patch --no-backup-if-mismatch -p1 --fuzz=0 < %{PATCH2000}
|
||||
%endif
|
||||
popd
|
||||
|
||||
./autogen.sh
|
||||
@ -574,7 +583,7 @@ Provides: bundled(aliyuncli) = 2.1.10
|
||||
Provides: bundled(python-cffi) = 1.14.5
|
||||
Provides: bundled(python-colorama) = 0.3.3
|
||||
Provides: bundled(python-jmespath) = 0.7.1
|
||||
Provides: bundled(python-pycryptodome) = 3.10.1
|
||||
Provides: bundled(python-pycryptodome) = 3.20.0
|
||||
Provides: bundled(python-pycparser) = 2.20
|
||||
# awscli
|
||||
Provides: bundled(awscli) = 2.2.15
|
||||
@ -592,7 +601,7 @@ Provides: bundled(python-boto3) = 1.17.102
|
||||
Provides: bundled(python-botocore) = 1.20.102
|
||||
Provides: bundled(python-dateutil) = 2.8.1
|
||||
Provides: bundled(python-s3transfer) = 0.4.2
|
||||
Provides: bundled(python-urllib3) = 1.26.6
|
||||
Provides: bundled(python-urllib3) = 1.26.18
|
||||
# azure
|
||||
Provides: bundled(python-adal) = 1.2.7
|
||||
Provides: bundled(python-azure-common) = 1.1.27
|
||||
@ -600,7 +609,7 @@ Provides: bundled(python-azure-core) = 1.15.0
|
||||
Provides: bundled(python-azure-mgmt-compute) = 21.0.0
|
||||
Provides: bundled(python-azure-mgmt-core) = 1.2.2
|
||||
Provides: bundled(python-azure-mgmt-network) = 19.0.0
|
||||
Provides: bundled(python-certifi) = 2021.5.30
|
||||
Provides: bundled(python-certifi) = %{certifi_version}
|
||||
Provides: bundled(python-chardet) = 4.0.0
|
||||
Provides: bundled(python-idna) = 2.10
|
||||
Provides: bundled(python-isodate) = 0.6.0
|
||||
@ -1477,6 +1486,33 @@ are located on corosync cluster nodes.
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Jan 18 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-62
|
||||
- bundled urllib3: fix CVE-2023-45803
|
||||
Resolves: RHEL-18139
|
||||
- bundled pycryptodome: fix CVE-2023-52323
|
||||
Resolves: RHEL-20917
|
||||
- bundled jinja2: fix CVE-2024-22195
|
||||
Resolves: RHEL-21345
|
||||
|
||||
* Wed Jan 3 2024 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-61
|
||||
- fence_zvmip: document required user permissions in metadata/manpage
|
||||
Resolves: RHEL-14344
|
||||
|
||||
* Mon Oct 23 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-60
|
||||
- all agents: update metadata in non-I/O agents to Power or Network
|
||||
fencing
|
||||
Resolves: RHEL-14030
|
||||
|
||||
* Wed Oct 11 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-57
|
||||
- bundled urllib3: fix CVE-2023-43804
|
||||
Resolves: RHEL-11999
|
||||
|
||||
* Wed Sep 27 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-56
|
||||
- fence_scsi: fix registration handling if ISID conflicts
|
||||
Resolves: RHEL-5396
|
||||
- bundled certifi: fix CVE-2023-37920
|
||||
Resolves: RHEL-9446
|
||||
|
||||
* Thu Aug 3 2023 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-55
|
||||
- bundled dateutil: fix tarfile CVE-2007-4559
|
||||
Resolves: rhbz#2217902
|
||||
|
Loading…
Reference in New Issue
Block a user