|
---|
Release type: | Patch |
Release date: | 2019-11-05 |
OS update support: | None |
Technote: | None |
Documentation: | None |
Popularity: | 1142 viewed downloaded |
Download size: | 100.18 MB |
Checksum: | 3912852831 |
InfoScale Availability 7.3.1 On Solaris 11 SPARC
InfoScale Enterprise 7.3.1 On Solaris 11 SPARC InfoScale Storage 7.3.1 On Solaris 11 SPARC |
None.
|
3946643, 3947280, 3965118, 3981993
|
None.
|
* * * READ ME * * * * * * Veritas Cluster Server 7.3.1 * * * * * * Patch 1100 * * * Patch Date: 2019-11-23 This document provides the following information: * PATCH NAME * OPERATING SYSTEMS SUPPORTED BY THE PATCH * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * SUMMARY OF INCIDENTS FIXED BY THE PATCH * DETAILS OF INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Veritas Cluster Server 7.3.1 Patch 1100 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- Solaris 11 SPARC Solaris 11 X64 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSvcs BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * InfoScale Availability 7.3.1 * InfoScale Enterprise 7.3.1 * InfoScale Storage 7.3.1 SUMMARY OF INCIDENTS FIXED BY THE PATCH --------------------------------------- Patch ID: 7.3.1.1100 * 3946643 (3932232) Even after SMF of Solaris disables VCS service, the had and hashadow processes still continue to run * 3947280 (3947279) Memory leaks occurred in the hacli and the hacli_runcmd processes. * 3965118 (3969838) A failover Service Group can be brought online on one node even when it is ONLINE on another node * 3981993 (3981992) A potentially critical security vulnerability in VCS needs to be addressed. DETAILS OF INCIDENTS FIXED BY THE PATCH --------------------------------------- This patch fixes the following incidents: Patch ID: 7.3.1.1100 * 3946643 (Tracking ID: 3932232) SYMPTOM: Even after SMF of Solaris disables VCS service, the had and hashadow processes still continue to run DESCRIPTION: The VCS service stops when SMF disables the VCS services. However, even if the VCS service is in disabled state, the had or hashadow still continue to run. RESOLUTION: Added error handling in VCS init script to verify if the VCS service is stopped or not, and return the state to SMF accordingly. * 3947280 (Tracking ID: 3947279) SYMPTOM: Memory leaks occurred in the hacli and the hacli_runcmd processes. DESCRIPTION: When an hacli command is executed on a cluster node, which runs a process on another cluster node, the hacli_runcmd process is forked on the other node. Thereafter, the memory usage for the hacli and the hacli_runcmd processes continues to increase continuously until the systems run out of memory. RESOLUTION: This hoftix updates the hacli and the hacli_runcmd processes to plug the memory leaks. * 3965118 (Tracking ID: 3969838) SYMPTOM: A failover Service Group can be brought online on one node even when it is ONLINE on another node DESCRIPTION: The flush operation clears the internal state of a resource, but doesn't stop the entry points that are already running. In this situation, the entry point may report pseudo fault even when the service group is already offline on that particular node. When such fault is reported, the value of CurrentCount is decremented to zero although the service group is active in the cluster. The zero value signifies that the group is completely offline and hence VCS inadvertently allows any subsequent online request. RESOLUTION: Additional checks are introduced to ensure that this incorrect decrement in CurrentCount is prevented when the failover service group is active on any other node in the cluster. * 3981993 (Tracking ID: 3981992) SYMPTOM: A potentially critical security vulnerability in VCS needs to be addressed. DESCRIPTION: A potentially critical security vulnerability in VCS needs to be addressed. RESOLUTION: This hotfix addresses the security vulnerability. For details, refer to the security advisory at: https://www.veritas.com/content/support/en_US/security/VTS19-003.html INSTALLING THE PATCH -------------------- Run the Installer script to automatically install the patch: ----------------------------------------------------------- Please be noted that the installation of this P-Patch will cause downtime. To install the patch perform the following steps on at least one node in the cluster: 1. Copy the patch vcs-sol11_sparc-Patch-7.3.1.1100.tar.gz to /tmp 2. Untar vcs-sol11_sparc-Patch-7.3.1.1100.tar.gz to /tmp/hf # mkdir /tmp/hf # cd /tmp/hf # gunzip /tmp/vcs-sol11_sparc-Patch-7.3.1.1100.tar.gz # tar xf /tmp/vcs-sol11_sparc-Patch-7.3.1.1100.tar 3. Install the hotfix(Please be noted that the installation of this P-Patch will cause downtime.) # pwd /tmp/hf # ./installVRTSvcs731P1100 [<host1> <host2>...] You can also install this patch together with 7.3.1 base release using Install Bundles 1. Download this patch and extract it to a directory 2. Change to the Veritas InfoScale 7.3.1 directory and invoke the installer script with -patch_path option where -patch_path should point to the patch directory # ./installer -patch_path [<path to this patch>] [<host1> <host2>...] Install the patch manually: -------------------------- To apply the patch perform the following steps on all nodes in the VCS cluster: 1. Stop VCS on the cluster node. 2. Install the patch. 3. Restart VCS on the node. To stop VCS on the cluster node: 1. Ensure that the "/opt/VRTSvcs/bin" directory is included in your PATH environment variable so that you can execute all the VCS commands. For more information, refer to the Veritas Cluster Server Installation Guide. 2. Verify that the base version of VRTSvcs is 7.3.1 3. Persistently freeze all the service groups: # haconf -makerw # hagrp -freeze [group] -persistent # haconf -dump -makero 4. Stop the cluster on all nodes. On any node, run the following command to stop the cluster: # hastop -all -force 5. Verify that the cluster is stopped on all nodes: # hasys -state 6. On all nodes, make sure that both the had and hashadow processes are stopped. 7. Stop the VCS CmdServer on all nodes: # /opt/VRTSvcs/bin/CmdServer -stop 8. Copy the /etc/VRTSvcs/conf/config/types.cf file to /etc/VRTSvcs/conf/config/types.cf.orig as a backup. 9. Copy the /etc/VRTSvcs/conf/config/main.cf file to /etc/VRTSvcs/conf/config/main.cf.orig as a backup. Installing the patch -------------------- To install the patch: 1. Log in as superuser on the system where you are installing the patch. 2. Uncompress the patch that you downloaded from Veritas. 3. Change the directory to the uncompressed patch location. 4. Apply the patch by issuing the following commands a. Set the publisher # pkg set-publisher -g Veritas e.g: # pkg set-publisher -g /hotfix_dir/patches/VRTSvcs.p5p Veritas b. Install the package # pkg install --accept --no-backup-be VRTSvcs 5. After the installation completes, verify that the package is installed. # pkg info VRTSvcs 6. Unset the publisher # pkg unset-publisher Veritas 7. Start VCS: # hastart 8. Start the VCS CmdServer on all nodes # /opt/VRTSvcs/bin/CmdServer REMOVING THE PATCH ------------------ Note: Uninstalling this patch will remove the entire VRTSvcs package. If you need an earlier version of the package, re-install it from original source media ( ref step 3 below ). Run the following steps on all the nodes in the VCS cluster: 1. Stop VCS: # haconf -dump -makero # hastop -local -force 2. Stop the VCS CmdServer #/opt/VRTSvcs/bin/CmdServer -stop 3. Uninstall the VRTSvcs package: a. If you have local zones on the system, uninstall the VRTSvcs package and its dependent packages from all local zones in which it is present (repeat with set to each local zone in which VRTSvcsag is installed): # zlogin pkg uninstall VRTSvcsag VRTSvcswiz VRTSvcs b. Once the package is uninstalled from all local zones, uninstall the VRTSvcs package and its dependent packages from the global zone: # pkg uninstall VRTSvcsag VRTSvcswiz VRTSvcs 4. (optional) Install the previous version of the VRTSvcs package and its dependent packages from original source media to revert your system to pre-patch conditions. 5. Start VCS: # hastart 6. Start the VCS CmdServer on all nodes # /opt/VRTSvcs/bin/CmdServer SPECIAL INSTRUCTIONS -------------------- If a local zone is in 'configured' state while the VRTSvcs package is being updated, then the package is not updated in local zone. To update packages inside a local zone, set the publisher on the global zone and execute the below command (repeat per zone as needed): # zoneadm -z attach -u OTHERS ------ NONE |
Why Register?
Get notifications about ASLs/APMs, HCLs, patches, and high availability agents
As a registered user, you can create notifications to receive updates about NetBackup Future Platform and Feature Plans, NetBackup hot fixes/EEBs in released versions, Array Support Libraries (ASLs)/Array Policy Modules (APMs), hardware compatibility lists (HCLs), patches and high availability agents. In addition, you can create system-specific notifications customized to your environment.
Compare configurations
The Compare Configurations feature lets you compare different system scans by the data collector. When you sign in, you can choose a target system, compare reports run at different times, and easily see how the system's configuration has changed.
Save configurations
After logging in, you can retrieve past reports, share reports with colleagues, review notifications you received, and retain custom settings. Anonymous users cannot access these features.
Bulk uploader
As a registered user,you can upload multiple reports, using the Bulk Uploader.