From 7d373a80884b80d487c617db4fad8a48070f9f2f Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Wed, 16 Feb 2022 04:21:07 +0000 Subject: [PATCH] import resource-agents-4.9.0-14.el8 --- .../bz1654862-IPsrcaddr-dhcp-warning.patch | 41 +++++++++++++++++++ SPECS/resource-agents.spec | 9 +++- 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 SOURCES/bz1654862-IPsrcaddr-dhcp-warning.patch diff --git a/SOURCES/bz1654862-IPsrcaddr-dhcp-warning.patch b/SOURCES/bz1654862-IPsrcaddr-dhcp-warning.patch new file mode 100644 index 0000000..34bad14 --- /dev/null +++ b/SOURCES/bz1654862-IPsrcaddr-dhcp-warning.patch @@ -0,0 +1,41 @@ +From 6d2ed7615614ede093f097189876d0f08553a43e Mon Sep 17 00:00:00 2001 +From: Reid Wahl +Date: Mon, 14 Feb 2022 22:23:39 -0800 +Subject: [PATCH] IPsrcaddr: Add warning about DHCP + +If DHCP is enabled for the interface that serves OCF_RESKEY_ipaddress, +then NetworkManager (and possibly dhclient in systems without NM; +unsure) may later re-add a route that the IPsrcaddr resource replaced. +This may cause the resource to fail or cause other unexpected behavior. + +So far this has been observed with a default route, albeit with an edge +case of a configuration (OCF_RESKEY_ipaddress on a different subnet) +that may not be totally valid. There are likely to be other situations +as well where DHCP can cause conflicts with IPsrcaddr's manual updates +via iproute. The safest option is to use only static configuration for +the involved interface. + +Resolves: RHBZ#1654862 + +Signed-off-by: Reid Wahl +--- + heartbeat/IPsrcaddr | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/heartbeat/IPsrcaddr b/heartbeat/IPsrcaddr +index ec868409f..fd7b6f68d 100755 +--- a/heartbeat/IPsrcaddr ++++ b/heartbeat/IPsrcaddr +@@ -99,6 +99,12 @@ meta_data() { + + Resource script for IPsrcaddr. It manages the preferred source address + modification. ++ ++Note: DHCP should not be enabled for the interface serving the preferred ++source address. Enabling DHCP may result in unexpected behavior, such as ++the automatic addition of duplicate or conflicting routes. This may ++cause the IPsrcaddr resource to fail, or it may produce undesired ++behavior while the resource continues to run. + + Manages the preferred source address for outgoing IP packets + diff --git a/SPECS/resource-agents.spec b/SPECS/resource-agents.spec index 65873ef..c907fef 100644 --- a/SPECS/resource-agents.spec +++ b/SPECS/resource-agents.spec @@ -66,7 +66,7 @@ Name: resource-agents Summary: Open Source HA Reusable Cluster Resource Scripts Version: 4.9.0 -Release: 13%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} +Release: 14%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} License: GPLv2+ and LGPLv2+ URL: https://github.com/ClusterLabs/resource-agents %if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel} @@ -96,6 +96,7 @@ Patch9: bz2027591-nfsnotify-fix-notify_args-default.patch Patch10: bz2012057-Route-return-OCF_NOT_RUNNING-missing-route.patch Patch11: bz2029706-db2-crm_attribute-use-forever.patch Patch12: bz1992661-mysql-use-ssl-mode.patch +Patch13: bz1654862-IPsrcaddr-dhcp-warning.patch # bundle patches Patch1000: 7-gcp-bundled.patch @@ -282,6 +283,7 @@ exit 1 %patch10 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 chmod 755 heartbeat/nova-compute-wait chmod 755 heartbeat/NovaEvacuate @@ -862,6 +864,11 @@ ccs_update_schema > /dev/null 2>&1 ||: %{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm %changelog +* Tue Feb 15 2022 Oyvind Albrigtsen - 4.9.0-14 +- IPsrcaddr: add warning about possible issues when used with DHCP + + Resolves: rhbz#1654862 + * Thu Jan 20 2022 Oyvind Albrigtsen - 4.9.0-13 - mysql: add support for local SSL connection