vcs-rhel6_x86_64-Patch-7.4.1.1200

 Basic information
Release type: Patch
Release date: 2019-11-05
OS update support: None
Technote: None
Documentation: None
Popularity: 366 viewed    62 downloaded
Download size: 109.39 MB
Checksum: 2126216563

 Applies to one or more of the following products:
InfoScale Availability 7.4.1 On RHEL6 x86-64
InfoScale Enterprise 7.4.1 On RHEL6 x86-64
InfoScale Storage 7.4.1 On RHEL6 x86-64

 Obsolete patches, incompatibilities, superseded patches, or other requirements:
None.

 Fixes the following incidents:
3982912

 Patch ID:
VRTSvcs-7.4.1.1200-RHEL6

Readme file
                          * * * READ ME * * *
                * * * Veritas Cluster Server 7.4.1 * * *
                         * * * Patch 1200 * * *
                         Patch Date: 2019-08-26


This document provides the following information:

   * PATCH NAME
   * OPERATING SYSTEMS SUPPORTED BY THE PATCH
   * PACKAGES AFFECTED BY THE PATCH
   * BASE PRODUCT VERSIONS FOR THE PATCH
   * SUMMARY OF INCIDENTS FIXED BY THE PATCH
   * DETAILS OF INCIDENTS FIXED BY THE PATCH
   * INSTALLATION PRE-REQUISITES
   * INSTALLING THE PATCH
   * REMOVING THE PATCH


PATCH NAME
----------
Veritas Cluster Server 7.4.1 Patch 1200


OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
RHEL6 x86-64


PACKAGES AFFECTED BY THE PATCH
------------------------------
VRTSvcs


BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
   * InfoScale Availability 7.4.1
   * InfoScale Enterprise 7.4.1
   * InfoScale Storage 7.4.1


SUMMARY OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
Patch ID: 7.4.1.1200
* 3982912 (3981992) A potentially critical security vulnerability in VCS needs to be addressed.


DETAILS OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
This patch fixes the following incidents:

Patch ID: 7.4.1.1200

* 3982912 (Tracking ID: 3981992)

SYMPTOM:
A potentially critical security vulnerability in VCS needs to be addressed.

DESCRIPTION:
A potentially critical security vulnerability in VCS needs to be addressed.

RESOLUTION:
This hotfix addresses the security vulnerability. For details, refer to the security advisory at: https://www.veritas.com/content/support/en_US/security/VTS19-003.html



INSTALLING THE PATCH
--------------------
Run the Installer script to automatically install the patch:
-----------------------------------------------------------
Please be noted that the installation of this P-Patch will cause downtime.

To install the patch perform the following steps on at least one node in the cluster:
1. Copy the patch vcs-rhel6_x86_64-Patch-7.4.1.1200.tar.gz to /tmp
2. Untar vcs-rhel6_x86_64-Patch-7.4.1.1200.tar.gz to /tmp/hf
    # mkdir /tmp/hf
    # cd /tmp/hf
    # gunzip /tmp/vcs-rhel6_x86_64-Patch-7.4.1.1200.tar.gz
    # tar xf /tmp/vcs-rhel6_x86_64-Patch-7.4.1.1200.tar
3. Install the hotfix(Please be noted that the installation of this P-Patch will cause downtime.)
    # pwd /tmp/hf
    # ./installVRTSvcs741P1200 [<host1> <host2>...]

You can also install this patch together with 7.4.1 base release using Install Bundles
1. Download this patch and extract it to a directory
2. Change to the Veritas InfoScale 7.4.1 directory and invoke the installer script
   with -patch_path option where -patch_path should point to the patch directory
    # ./installer -patch_path [<path to this patch>] [<host1> <host2>...]

Install the patch manually:
--------------------------
To install the patch perform the following steps on all nodes in the VCS cluster:
1. Stop VCS on the cluster node.
2. Install the patch.
3. Restart VCS on the node.
Stopping VCS on the cluster node
--------------------------------
To stop VCS on the cluster node:
1. Ensure that the "/opt/VRTSvcs/bin" directory is included in your PATH environment variable so that you can execute all the VCS commands. For more information, refer to the Veritas Cluster Server Installation Guide.
2. Persistently freeze all the service groups:
    # haconf -makerw   
    # hagrp -freeze [group] -persistent   
    # haconf -dump -makero
3. Stop the cluster on all nodes. If the cluster is writable, you may close the configuration before stopping the cluster. On any node, run the following command to stop the cluster:   
    # hastop -all -force
4. Verify that the cluster is stopped on all nodes:    
    # hasys -state
5. On all nodes, make sure that both the had and hashadow processes are stopped.
6. Stop the VCS CmdServer on all nodes:   
        # /opt/VRTSvcs/bin/CmdServer -stop
7. Copy the /etc/VRTSvcs/conf/config/types.cf file to /etc/VRTSvcs/conf/config/types.cf.orig.
8. Copy the /etc/VRTSvcs/conf/config/main.cf file to /etc/VRTSvcs/conf/config/main.cf.orig. 
Installing the patch
--------------------
To install the patch:
1. Log in as superuser on the system where you are installing the patch.
2. Uncompress the patch that you downloaded from Veritas.
3. Change the directory to the uncompressed patch location.
4. Install the patch using the following command:
        # rpm -Uvh VRTSvcs-7.4.1.1200-RHEL6.x86_64.rpm
5. Run the following command to verify if the new patch has been installed:
        # rpm -q VRTSvcs
    If the proper patch is installed, the following output is displayed:
        VRTSvcs-7.4.1.1200-RHEL6.x86_64
6. Run the following command to load updated scripts
        # systemctl daemon-reload
Starting VCS on the cluster node:
1. To start VCS run the following command:
        # hastart
        # /opt/VRTSvcs/bin/CmdServer
2. Make VCS cluster writable:
        # haconf -makerw
3. Unfreeze all the groups:
        # hagrp -unfreeze [group] -persistent
        # haconf -dump -makero


REMOVING THE PATCH
------------------
Removal of the patch will result in removing the whole package from the system/node. To go back to a previous installed version of the package, you may need to re-install the package.
Run the following steps on the node where the patch is being uninstalled:
To remove the patch from a cluster node:
---------------------------------------------
1. Freeze all the service groups persistently.
        # haconf -makerw
        # hagrp -freeze [group] -persistent
2. Stop VCS on the node by running the following command:
    # hastop -all -force
3. Stop the VCS CmdServer
    #/opt/VRTSvcs/bin/CmdServer -stop
4. Remove the patch by using the following command:
        # rpm -e VRTSvcs
5. Verify that the patch has been removed from the system:
        # rpm -qa|grep VRTSvcs
   Ensure that the package is not be displayed. This confirms that the package is removed.
6. Install the relevant package from the VCS base media. Also refer to SORT for any applicable patches.
7. To start the cluster service, run the following command first on one node:
    # hastart
    On all the other nodes, start VCS by issuing the hastart command after the first node's state changes to LOCAL_BUILD or RUNNING.
8. Unfreeze all the service groups:
    # haconf -makerw
    # hagrp -unfreeze [group] -persistent
    # haconf -dump -makero
9. Start the VCS CmdServer on all nodes
    # /opt/VRTSvcs/bin/CmdServer


SPECIAL INSTRUCTIONS
--------------------
NONE


OTHERS
------
NONE
Read and accept Terms of Service