README VERSION : 1.1 README CREATION DATE : 2012-09-20 PATCH-ID : 143295-13 PATCH NAME : VRTSvcsag 5.1 SP1RP3 BASE PACKAGE NAME : Veritas Cluster Server Bundled Agents by Symantec BASE PACKAGE VERSION : VRTSvcsag 5.1SP1 SUPERSEDED PATCHES : NONE REQUIRED PATCHES : NONE INCOMPATIBLE PATCHES : NONE SUPPORTED PADV : sol10_x86 (P-PLATFORM , A-ARCHITECTURE , D-DISTRIBUTION , V-VERSION) PATCH CATEGORY : HANG PATCH CRITICALITY : OPTIONAL HAS KERNEL COMPONENT : NO ID : NONE REBOOT REQUIRED : NO PATCH INSTALLATION INSTRUCTIONS: -------------------------------- Please refer the release notes for installation instructions PATCH UNINSTALLATION INSTRUCTIONS: ---------------------------------- Please refer the release notes for un-installation instructions. SPECIAL INSTRUCTIONS: --------------------- NONE SUMMARY OF FIXED ISSUES: ----------------------------------------- 1787018 (1919382) Mount agent fails to detect the mounted file system with trailing "/". 2567728 (2567582) Apache agent should remove the check for Solaris 8 and Solaris 9 2619254 (2593173) DiskGroup agent do not detect serial split-brain situation. 2639184 (2639181) The clean entry point for Mount agent fails to un-mount a file system of type nfs. 2680749 (2680428) When you configure an IPMultiNICB resource for a Solaris zone, agent fails to plumb the options. 2689294 (2689300) Convert 5054 ERROR message to debug log 2705411 (2705391) Enhancement to use different RouteOptions while adding and deleting the route. 2705594 (2526681) The Zone agent and the hazonesetup utility can not use the same VCS user name across multiple zones. 2714432 (2714464) Using only spaces in an attribute value may cause issues with the related VCS agent. 2728805 (2728802) Apache agent should work correctly even if Mountpoint for httpd directory is not present on the failover node. 2730981 (2730979) In IPMP mode, when if_mpadm command to diable interface fails, IPMultiNICB agent may report resource as faulted. 2788082 (2788059) System did not panic when "PanicSystemOnDGLoss" is set. 2818051 (2731133) When NFSRestart resource is brought offline, it forcefully stops automountd process. SUMMARY OF KNOWN ISSUES: ----------------------------------------- KNOWN ISSUES : -------------- FIXED INCIDENTS: ---------------- PATCH ID:143295-13 * INCIDENT NO:1787018 TRACKING ID:1919382 SYMPTOM: The Mount agent fails to detect the mounted file system if either the BlockDevice or MountPoint attribute contains a trailing forward slash ("/"). DESCRIPTION: If the value configured in either the BlockDevice or MountPoint attribute contains a trailing forward slash, the Mount agent online entry point does not remove it. The monitor entry point fails to record the entry in the mount table because the monitor entry point removes the trailing forward slash before searching the mount table. RESOLUTION: Symantec has modified the Mount agent code to remove the trailing forward slash while mounting the file system. * INCIDENT NO:2567728 TRACKING ID:2567582 SYMPTOM: The VCS agent for Apache HTTP server may fail to bring certain resources online in a Solaris zone. DESCRIPTION: Before bringing a resource online, the Apache agent incorrectly checks for the operating system version inside the zone. If the zone does not run Solaris 10, the agent fails to bring the resource online. RESOLUTION: Symantec has modified the Apache agent code to skip the check for the operating system version running inside the zone. * INCIDENT NO:2619254 TRACKING ID:2593173 SYMPTOM: Online entry point of DiskGroup agent do not detect the serial split-brain situation and fail to log warning about it. DESCRIPTION: Diskgroup agent check for incorrect return code of the vxdg import command expected during serial split-brain situation and thus do not recognize the serial split-brain situation. RESOLUTION: Symantec has now modified the DiskGroup agent to look for correct return code of vxdg import command during serial split-brain situation. * INCIDENT NO:2639184 TRACKING ID:2639181 SYMPTOM: The clean entry point for Mount agent fails to un-mount a file system of type nfs. DESCRIPTION: The clean entry point of Mount agent executes the umount command to un-mount the file system of type nfs. When the NFS mount point hangs without any response, umount command fails to un-mount the nfs file system and thus causes clean entry point to timeout. In addition to this the clean entry point of Mount agent also executes the df command to see if the file system is mounted before un-mounting it. The df command also hangs for nfs mount points on NFS client when the NFS service on NFS server is down. RESOLUTION: Symantec has modified the Mount agent to use umount -f command to un-mount file system and not to use the df command when file system of type nfs is configured with Mount resource. * INCIDENT NO:2680749 TRACKING ID:2680428 SYMPTOM: When you configure an IPMultiNICB resource for a Solaris zone, the VCS IPMultiNICB agent fails to plumb the options specified in the 'Options' attribute onto a target interface. DESCRIPTION: The 'Options' attribute includes a list of values for operating system-related parameters. These values are not plumbed onto the target interface. RESOLUTION: Symantec has modified the IPMultiNICB agent to fix the issue. * INCIDENT NO:2689294 TRACKING ID:2689300 SYMPTOM: Error message "setting up options" is displayed when Options attribute is configured for IPMultiNICB agent. DESCRIPTION: IPMultiNICB agent wrongly displays error message when Options attribute is configured. RESOLUTION: Symantec has updated IPMultiNICB agent to display debug message instead of error. * INCIDENT NO:2705411 TRACKING ID:2705391 SYMPTOM: If you set the RouteOptions attribute to include a modifier that applies only to adding a route, then if you take the resource offline, the route delete command fails. DESCRIPTION: This is a required enhancement, not a defect. RESOLUTION: Symantec has added the DeleteRouteOptions to the IPMultiNICB resource configuration to fix this issue. If you set the DeleteRouteOptions attribute, VCS uses its value to implement the route delete command, and the value of the RouteOptions attribute to add a route. If you do not set the DeleteRouteOptions attribute, VCS uses the RouteOptions attribute to add as well as delete a route. If you do not set the RouteOptions value, VCS also ignores the DeleteRouteOptions value. * INCIDENT NO:2705594 TRACKING ID:2526681 SYMPTOM: The Zone agent and the hazonesetup utility can not use the same VCS user name across multiple zones. DESCRIPTION: Each zone requires a unique VCS user name for communicating between the non-global zone and the global zone. An increase in the number of zones can subsequently result in the overhead of maintaining multiple VCS user accounts. RESOLUTION: Symantec has now modified the Zone agent and the hazonesetup utility to support a common VCS user across multiple zones. With this change, the hazonesetup utility accepts the user name as an optional argument. If the user name is not specified, the hazonesetup utility uses the default user name. * INCIDENT NO:2714432 TRACKING ID:2714464 SYMPTOM: Using only spaces in an attribute value for a VCS agent might cause the related commands to fail. DESCRIPTION: If you configure the RouteOptions or DeleteRouteOptions attribute of the IPMultiNICB agent using only a space (or spaces), then the agent adds/deletes a route by using the 'space' character. As a result, the "route add" or "route delete" command fails. RESOLUTION: Symantec has modified the IPMultiNICB agent to ignore RouteOptions or DeleteRouteOptions attribute when only spaces are configured as value. * INCIDENT NO:2728805 TRACKING ID:2728802 SYMPTOM: If the directory or filename specified as part of 'httpdDir' attribute does not exist on the cluster node, the Apache agent cannot monitor the HTTP server correctly. And Apache agent logs error with following message id V-16-10061-20495. DESCRIPTION: As part of validations Apache agent checks existence of file or directory specified as part of 'httpdDir' attribute. However on a node where apache resource is offline, it is possible that even the mountpoint for httpd directory may not be present, in such a case Apache agent should report the resource state as offline instead of logging an error message. RESOLUTION: Symantec has update the Apache agent to report the resource state as offline when the directory or file specified as part of 'httpdDir' attribute is not present on the system. In such an event, during process level monitoring agent looks for the Apache processes assuming the value specified as part of 'httpdDir' attribute in following ways: 1 A directory name containing 'httpd' binary 2 Complete path to the binary name itself * INCIDENT NO:2730981 TRACKING ID:2730979 SYMPTOM: If you enable the IPMP mode of the MultiNICB agent, and configure multiple IPMultiNICB resources for IPv6 addresses, then the if_mpadm command to disable an active interface may fail. The IPMultiNICB agent may report the resource as faulted. DESCRIPTION: This behavior occurs when you enable the IPMP mode of the MultiNICB agent by setting the UseMpathd attribute to 1. RESOLUTION: Symantec has modified the IPMultiNICB agent to fix this issue. * INCIDENT NO:2788082 TRACKING ID:2788059 SYMPTOM: System did not panic on loss of storage connectivity, even after the PanicSystemOnDGLoss attribute of DiskGroup resource is set to 1. DESCRIPTION: If a resource other than DiskGroup in a service group detects loss of storage connectivity, then that resource faults and the DiskGroup resource is brought offline. The offline entry point of DiskGroup agent does not check the state of the underlying disk group before deporting it. RESOLUTION: Symantec has modified the DiskGroup agent code to check the state of the underlying disk group before deporting. This ensures that if the offline entry point is called for DiskGroup resource due to loss of storage connectivity and PanicSystemOnDGLoss attribute of DiskGroup resource is set to 1, then the system will panic. * INCIDENT NO:2818051 TRACKING ID:2731133 SYMPTOM: When NFSRestart resource is brought offline, it forcefully stops automountd process. DESCRIPTION: When NFSRestart resource is brought offline, it terminates NFS daemons. It looks for 'mountd' daemon in running processes and stops the matching ones. It also matches 'automountd' process and subsequently forcefully stops it. RESOLUTION: The NFSRestart Agent behaviour is updated in VCS to do a strict matching for process name, which means only stop 'mountd' process. INCIDENTS FROM OLD PATCHES: --------------------------- Patch Id::143295-12 * Incident no::2253349 Tracking ID ::2253345 Symptom::The IP agent fails to go offline when NetMask is changed outside of VCS control for an online VCS IP resource. Description::The IP agent makes use of IP address and Netmask value pair to perform online and offline operations. When the Netmask value on the interface is changed outside of VCS control, the VCS expected value of Netmask mismatches with the netmask value present on the device and hence offline operation fails. Resolution::Symantec has modified the VCS IP agent to log a warning which prompts to update the NetMask attribute value if the Netmask value is changed outside of VCS control. * Incident no::2275376 Tracking ID ::2423623 Symptom::If you do not specify a value for the BootState attribute, then the Zone agent does not automatically use the default value of the attribute. As a result, some of the commands that the Zone agent uses, may fail. Description::If you do not set the BootState attribute, then the Zone agent must use the default value, which is typically 'multi-user'. The Zone agent fails to do so. Resolution::Symantec has modified the Zone agent to ensure that if you do not specify the BootState attribute, then the Zone agent uses the default value, "multi-user". * Incident no::2298775 Tracking ID ::2298765 Symptom::If you use the 'hazonesetup' utility to configure a Zone group, then you cannot configure different local Zone names on the different nodes in a VCS cluster. Description::The 'hazonesetup' utility does not localize the ContainerInfo attribute. As a result, you cannot have different local Zone names on different nodes. Resolution::Symantec has fixed this issue by adding the parallel option to the 'hazonesetup' utility. You can use the new option to localize the ContainerInfo attribute. * Incident no::2317067 Tracking ID ::2317065 Symptom::Application resource fails to come online inside zones if PID files are specified. Description::Due to a program error, Application agent checked for the PID files in the global zone for applications running inside the local zone. Resolution::Symantec has modified the Application agent to first check if the application resource is configured to monitor applications running inside the local zone. If the resource is configured to monitor applications running inside the local zone then the Application agent checks for the PID files inside the local zone or else it checks in the global zone. * Incident no::2323312 Tracking ID ::2323311 Symptom::When you configure the MonitorProcesses attribute, if you specify a process name with more than 79 characters, then the Application agent fails to detect the process. Description::In order to accommodate the string termination character ('\0'), the Application agent trims the process name length (PRARGSZ) by one character. By default, the size limit on PRARGSZ is 80 characters. As a result, the Application agent detects a process name only if the process name is 79 characters in length, or less. Resolution::Symantec has increased the internal buffers in the Application agent code. As a result, the agent now correctly reads process names if the number of characters in the process name is equal to the maximum allowed value of PRARGSZ. * Incident no::2330045 Tracking ID ::2195569 Symptom::If you set the ControlMode attribute of a RemoteGroup resource to OnlineOnly or MonitorOnly, then the resource fails to go offline when it loses connectivity with the remote cluster. Description::The RemoteGroup resource tries to connect to the remote cluster even after the agent has invoked its offline entry point. If the connection to the remote cluster is not available, the resource goes into the UNKNOWN state and prevents the service group from going offline. Resolution::Symantec has modified the RemoteGroup resource to check for the remote cluster connection only when the resource is ONLINE. This fix is valid only if you set the ControlMode attribute of a RemoteGroup resource to OnlineOnly or MonitorOnly. * Incident no::2358616 Tracking ID ::2358476 Symptom::In case of certain network drivers, the MultiNICB agent may incorrectly report a link to be down. Description::If you set the IgnoreLinkStatus attribute to 0, then the MultiNICB agent tests the links for their status. However, the MultiNICB agent does not support certain versions of network drivers and the link test may fail. Resolution::Symantec has modified the MultiNICB agent code to fix this issue. * Incident no::2366701 Tracking ID ::2371667 Symptom::a. If you store the Start/Stop/Monitor programs on shared disks, and a VCS node is unable to access the shared disks, then the Application agent cannot monitor an application on the node. Further, VCS cannot fail over applications on such a node. b. The Monitor program returns UNIX style values, that is, "0" in case of success and "1" In case of failure. The Application Agent does not handle these values. Description::a. The Application agent checks for the existence of the Start/Stop/Monitor programs on a node. On nodes that cannot access the shared disk, this check fails. As a result, on such nodes, the agent marks the status of the application as Unknown. Further, if an application goes down on an active node, then the application cannot fail over to nodes where the status of the application is Unknown. b. The Application agent can handle only the following set of values returned by the monitor program: 100 --> OFFLINE 101 to 110 --> ONLINE Any other value --> UNKNOWN. If a monitor program returns "0" as success and "1" as failure, the Application agent returns the resource state as UNKNOWN. Resolution::a. Symantec has modified the Application agent to check for non-null values of the attributes associated with the Start/Stop/Monitor programs, instead of checking for the existence of the programs. As a result, for nodes that cannot access the shared disks, the agent now reports the application as OFFLINE, only if the previous state of the application was OFFLINE, and the application was not waiting for a state change. In all other cases, for nodes that cannot access the shared disks, the agent reports the state of the application as UNKNOWN. b. The Application agent handles the standard UNIX style return values, that is, "0" for success and "1" for failure, and now reports the resource state based on following set of values: 100 or 1 --> OFFLINE 101 to 110 or 0 --> ONLINE Any other value --> UNKNOWN. * Incident no::2371652 Tracking ID ::2358594 Symptom::In a GCO (Global Cluster Option) setup, you may be unable to bring an IPMultiNIC resource online. Description::In a GCO setup, the IPMultiNIC resource may be unable to successfully use certain commands to detect the state of the corresponding MultiNICA resource. As a result, the IPMultiNIC resource does not come online. Resolution::Symantec has modified the IPMultiNIC agent code to fix this issue. * Incident no::2407872 Tracking ID ::2407871 Symptom::When VCS tries to bring an application resource online, or tries to take an application resource offline, the following error message appears in the engine log: "sh: setenv: not found" Description::The above error message appears when the following conditions simultaneously occur: a. The login shell of the root user is *csh b. The 'User' attribute is not set c. The value of the 'UseSUDash' attribute is '0' The Application agent sets the USER, HOME, and LOGNAME environment variables by using the 'setenv' command, before the agent executes the program specified for the user with the csh shell. For the root user (default user), the Application agent online/offline entry points execute the above program by directly using a system call. This internally executes the '/bin/sh -c' command. The csh shell command 'setenv' does not work in /bin/sh, and therefore the error occurs. Resolution::Symantec has modified the Application agent online/offline entry points such that the agent sets the environment variables, USER, LOGNAME, and HOME only if the user is a non-root user. * Incident no::2416956 Tracking ID ::2416950 Symptom::For VCS 5.1SP1 or later, if you do not set the value of the CleanProgram attribute, then the Application agent uses the StopProgram attribute to clean a resource during a clean entry point. This behavior may invalidate your agent configuration. Description::In VCS 5.1SP1, Symantec modified the Application agent code to use the StopProgram attribute to perform the clean operation, if a user does not configure the CleanProgram attribute. Resolution::Symantec has re-modified the Application agent to ensure that if you do not configure the CleanProgram attribute, the StopProgram attribute is not called, and the clean entry point fails. If you want the agent to clean the application, then you can configure the CleanProgram attribute. * Incident no::2423838 Tracking ID ::2301855 Symptom::If you configure IP resources, you may observe memory leaks in the IP agent process. Description::The IP agent fails to free internal memory allocations. This failure may lead to memory leaks. Resolution::Symantec has modified the IP agent code to fix this issue. * Incident no::2423990 Tracking ID ::2423984 Symptom::In a VCS Application agent configuration, if the administrator specifies a user name that is invalid on a system, then the agent may not correctly function on that system. Description::In the above case, the agent may display error messages or abruptly terminate. Resolution::Symantec has modified the Application agent to validate the user name configured as an User attribute. If the user name is not valid on a system, the agent reports the state of a configured resource on that system as UNKNOWN. * Incident no::2427464 Tracking ID ::2427433 Symptom::In an IPv6 setup, the MultiNICB agent incorrectly reports the state of a MultiNICB resource as UNKNOWN, if the following condition occurs: - Interfaces that are under MultiNICB control are on a subnet other than the subnet of interfaces that are not under MultiNICB Agent control Description::The MultiNICB agent compares the subnets of all the interfaces on a system, and in the above case, reports an incorrect resource state. Resolution::Symantec has modified the MultiNICB agent to skip the check for the subnet of IPv6 interfaces. * Incident no::2433347 Tracking ID ::2433325 Symptom::The Application agent searches for the user's home directory in the global zone for applications configured in the local zone. Description::Due to a program error, Application agent checked for home directory in the global zone for applications running inside the local zone. Resolution::Symantec has modified the Application agent to first check if the application resource is configured to monitor applications running inside the local zone. If the resource is configured to monitor applications running inside the local zone then the Application agent checks for home directory inside the local zone or else it will check in the global zone. * Incident no::2476897 Tracking ID ::2476893 Symptom::In a Solaris Zone or an AIX WPAR environment, if you configure a resource for physical-to-virtual (P2V) failover on a VCS node, the configured resource may fail to come online. Description::Certain VCS agents fail to check the ContainerInfo attribute for P2V information. As a result, the agents may fail to bring the configured resource online. The affected agents include: Application, IP, IPMultiNICB, Mount, ASMInst, Oracle, Netlsnr, Sybase, SybaseBk Resolution::Symantec has modified the above agents to check the ContainerInfo attribute for P2V information. * Incident no::2477268 Tracking ID ::2477285 Symptom::In a Solaris zone or an AIX WPAR environment, if you configure a resource for physical-to-virtual (P2V) failover, the Zone agent or the WPAR agent may report incorrect state of the resource. Description::In certain corner cases, the Zone agent or the WPAR agent fails to correctly interpret the state of a resource. Resolution::Symantec has modified the Zone and WPAR agents to cover the corner cases in P2V configurations. * Incident no::2485202 Tracking ID ::2481411 Symptom::The Application agent monitor entry point fails when the 80th character in the value specified for MonitorProcesses attribute is a space. Description::The above issue is observed because Application agent internally removes spaces from the processes specified in MonitorProcesses attribute. Additionally, the Application agent reads pr_psargs value from psinfo structure by scanning the /proc file system. Therefore, the Application agent can detect a maximum of 80 characters of the command line processes specified in the MonitorProcesses attribute. Resolution::Symantec has modified the Application agent such that it does not remove spaces from the processes specified in MonitorProcesses attribute. Agent now uses "/usr/ucb/ps -ww pid" command to get the process COMMAND name from system which returns the complete COMMAND name without any limitation of characters. You must now configure the exact command line of the processes in the MonitorProcesses attribute as returned by the "/usr/ucb/ps -ww pid" command. * Incident no::2491635 Tracking ID ::2491627 Symptom::On Solaris systems when VxVM version 5.1 is installed with VCS version 5.1SP1, online entry point of DiskGroup resource logs the following error message "ERROR: vxdefault list autostartvolumes command failed". Description::VxVM introduced autostartvolumes feature in 5.1SP1 release. The DiskGroup agent online entry point in VCS 5.1SP1 fails to correctly verify the VxVM version to check the availability of autostartvolumes feature. Resolution::Symantec has modified the online entry point of DiskGroup agent to directly verify the availability of autostartvolumes feature in VxVM. * Incident no::2513928 Tracking ID ::2476893 Symptom::In a Solaris Zone or an AIX WPAR environment, if you configure a resource for physical-to-virtual (P2V) failover on a VCS node, the configured resource may fail to come online. Description::Certain VCS agents fail to check the ContainerInfo attribute for P2V information. As a result, the agents may fail to bring the configured resource online. The affected agents include: Application, IP, IPMultiNICB, Mount, ASMInst, Oracle, Netlsnr, Sybase, SybaseBk Resolution::Symantec has modified the above agents to check the ContainerInfo attribute for P2V information. * Incident no::2516807 Tracking ID ::2476893 Symptom::In a Solaris Zone or an AIX WPAR environment, if you configure a resource for physical-to-virtual (P2V) failover on a VCS node, the configured resource may fail to come online. Description::Certain VCS agents fail to check the ContainerInfo attribute for P2V information. As a result, the agents may fail to bring the configured resource online. The affected agents include: Application, IP, IPMultiNICB, Mount, ASMInst, Oracle, Netlsnr, Sybase, SybaseBk Resolution::Symantec has modified the above agents to check the ContainerInfo attribute for P2V information. * Incident no::2514514 Tracking ID ::2523471 Symptom::If the 'httpd' binary or the 'ab' binary is not present at the location that you specified in the 'httpdDir' attribute, the Apache agent cannot perform detail monitoring or start the HTTP server. Description::To start the HTTP server, the Apache agent uses the 'httpd' binary from the location specified in the 'httpdDir' attribute. To perform detail monitoring, the agent uses the Apache Benchmarking utility or 'ab' binary from the same location. If the binaries in that location use a slightly different name, such as say 'httpd2', the agent does not recognize the binary, and therefore cannot perform the desired actions. Resolution::Symantec has enhanced the 'httpdDir' attribute such that you can specify the full path of the binary (including the binary name). If you specify only the directory name, the agent assumes the default binary name 'httpd'. If the Apache Benchmarking binary in the specified directory does not use the default name, then the agent recognizes the alternative binary name 'ab2', and performs detail monitoring. * Incident no::2528475 Tracking ID ::2528470 Symptom::The preonline_ipc trigger functionality of VCS, that performs certain checks before bringing a group online, does not work for resources other than IP resources. Description::This is a known limitation. There is an enhancement requirement to extend preonline_ipc trigger support to other resources types. Resolution::Symantec has enhanced the preonline_ipc trigger to support the following types of resources on a system: IP, IPMultiNIC, and IPMultiNICB.