This page lists publically-released patches for Veritas Enterprise Products.
For Product GA build, see Veritas Entitlement Management System(VEMS) by clicking the
Veritas Support 'Licensing' option.
Veritas is making it easier to find all software installers and updates for Veritas products with a completely redesigned experience. NetBackup HotFixes and NetBackup Appliance patches are now also available at the new
Veritas Download Center.
Patches for your product can have a variety of names. These names are based on product, component, or package names. For more information on patch naming conventions and the relationship between products, components, and packages, see the
SORT online help.
vcs-rhel6_x86_64-VRTSvxfen-5.1SP1RP2P2
Obsolete
|
Sign in if you want to rate this patch.
|
Basic information
Release type: |
P-patch |
Release date: |
2012-05-21 |
OS update support: |
None |
Technote: |
None
|
Documentation: |
None |
Popularity: |
627 viewed 75 downloaded |
Download size: |
872.04 KB
|
Checksum: |
3045187712
|
Applies to one or more of the following products:
VirtualStore 5.1SP1PR2 On RHEL6 x86-64 Cluster Server 5.1SP1PR2 On RHEL6 x86-64 Storage Foundation Cluster File System 5.1SP1PR2 On RHEL6 x86-64 Storage Foundation Cluster File System for Oracle RAC 5.1SP1PR2 On RHEL6 x86-64 Storage Foundation for Oracle RAC 5.1SP1PR2 On RHEL6 x86-64 Storage Foundation HA 5.1SP1PR2 On RHEL6 x86-64
|
Obsolete patches, incompatibilities, superseded patches, or other requirements:
Fixes the following incidents:
Patch ID:
VRTSvxfen-5.1.132.200-SP1RP2P2_RHEL6
|
* * * READ ME * * *
* * * Veritas Cluster Server 5.1 SP1 PR2 RP2 * * *
* * * P-patch 2 * * *
Patch Date: 2012-05-21
This document provides the following information:
* PATCH NAME
* PACKAGES AFFECTED BY THE PATCH
* BASE PRODUCT VERSIONS FOR THE PATCH
* OPERATING SYSTEMS SUPPORTED BY THE PATCH
* INCIDENTS FIXED BY THE PATCH
* INSTALLATION PRE-REQUISITES
* INSTALLING THE PATCH
* REMOVING THE PATCH
PATCH NAME
----------
Veritas Cluster Server 5.1 SP1 PR2 RP2 P-patch 2
PACKAGES AFFECTED BY THE PATCH
------------------------------
VRTSvxfen
BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
* Veritas Cluster Server 5.1 SP1 PR2
* Veritas Storage Foundation for Oracle RAC 5.1 SP1 PR2
* Veritas Storage Foundation Cluster File System 5.1 SP1 PR2
* Veritas Storage Foundation High Availability 5.1 SP1 PR2
* Veritas Storage Foundation Cluster File System for Oracle RAC 5.1 SP1 PR2
* Symantec VirtualStore 5.1 SP1 PR2
OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
RHEL6 x86-64
INCIDENTS FIXED BY THE PATCH
----------------------------
This patch fixes the following Symantec incidents:
Patch ID: 5.1.132.200
* 2708638 (Tracking ID: 2708619)
SYMPTOM:
If you set the scsi3_disk_policy attribute to dmp, you cannot enable the Veritas
fencing module (VxFEN).
DESCRIPTION:
When you set the scsi3_disk_policy attribute to dmp, the VxFEN module tries to
use the dmp device path to access the coordination disks. The dmp device path
refers to a disk partition. A recent kernel security fix prohibits the SCSI
ioctl system call to disk partitions. As a result the VxFEN configuration fails.
The recent kernel security fix that prohibits system calls to disk partitions is:
752375 - CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl
RESOLUTION:
Symantec has updated the VxFEN source code to pick up the dmp device path that
contains the full disk name instead of a partition/slice.
* 2768873 (Tracking ID: 2768871)
SYMPTOM:
In some RHEL5 and RHEL6 setups, fencing utility vxfentsthdw(1M) incorrectly
reports the status of a SCSI disk as SCSI-3 PR non-compliant over the dmp path.
If you specify the raw path of the disk, vxfentsthdw(1M) reports the disk status
as SCSI-3 compliant.
DESCRIPTION:
This issue is caused by the following kernel security fix that prohibits the
SCSI ioctl system call to disk partitions:
752375 - CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl
Red Hat distributes the kernel security fix with the following kernel versions:
o For RHEL5: Kernel version 2.6.18-274.18.1.el5 and above
o For RHEL6: Kernel version 2.6.32-220.2.1.el6 and above
The vxfentsthdw(1M) utility issues an IOCTL call to a partition/slice of the
disk over a dmp path. The call fails due to the kernel security fix and the
utility therefore reports SCSI-3 PR non-compliance. When you specify the raw
path of the disk, the IOCTL call goes through, and the utility reports the
correct compliance status of the SCSI disk.
RESOLUTION:
Symantec has updated the VxFEN source code to fix this issue. The code fix
ensures that the vxfentsthdw(1M) utility, by default, uses the dmp device path
that contains the full disk name, instead of the name of the partition/slice.
INSTALLING THE PATCH
--------------------
Perform the following steps on each cluster node, one node at a time:
1. Stop VCS:
# hastop -local
2. Stop vxfen:
# /etc/init.d/vxfen stop
3. Apply the patch:
# rpm -Uvh VRTSvxfen-5.1.132.200-SP1RP2P2_RHEL6.x86_64.rpm
Verify that proper VRTSvxfen is installed:
# rpm -qi VRTSvxfen
Name : VRTSvxfen Relocations: (not relocatable)
Version : 5.1.132.200 Vendor: Symantec Corporation
Release : SP1RP2P2_RHEL6 Build Date: Mon 30 Apr 2012 05:40:21 AM PDT
Install Date: (not installed) Build Host: vcsbuildrhel6x8664
Group : Applications/System Source RPM: VRTSvxfen-5.1.132.200-SP1RP2P2_RHEL6.src.rpm
Size : 5221246 License: Symantec Proprietary
Signature : (none)
Packager : support@veritas.com
URL : http://www.support.veritas.com
Summary : Veritas I/O Fencing by Symantec
Description :
Supported kernel(s): 2.6.32-71.el6.x86_64
Build Stamp : Veritas-5.1.132.200-SP1RP2P2-2012-04-30_04.46.58
4. Start vxfen:
# /etc/init.d/vxfen start
5. Start VCS:
# hastart
REMOVING THE PATCH
------------------
Perform the following steps on each node one at a time:
1. Stop VCS:
# hastop -local
2. Stop vxfen:
# /etc/init.d/vxfen stop
3. Uninstall VRTSvxfen package:
# rpm -ev VRTSvxfen
4. Install previous version of VRTSvxfen package.
5. Start vxfen:
# /etc/init.d/vxfen start
6. Start VCS:
# hastart
SPECIAL INSTRUCTIONS
--------------------
NONE
OTHERS
------
NONE
|