Accepting request 700144 from home:yan_gao:branches:network:ha-clustering:Factory

- Update to version 2.0.1+20190430.8e851b084:
- controller: avoid memory leak when duplicate monitor is scheduled
- libcrmcommon: return proper code if testing pid is denied (bsc#1131353, bsc#1131356)

- Update to version 2.0.1+20190424.a365fc58d:
- libcrmcommon: avoid use-of-NULL when checking whether process is active (bsc#1131353, bsc#1131356)
- daemons: make start-up log messages consistent across all daemons
- executor: downgrade disappeared remote client message to notice
- remote: include channel name in IPC proxy failure message
- fencing: clarify device search messages
- libcrmcluster: improve CPG membership messages
- tools: Use formatted output in stonith_admin.
- libstonithd: Add custom formatting to fencing types.
- libcrmcommon: Add formatted output.
- xml: Add a schema for API results.

- Update to version 2.0.1+20190417.13d370ca9:
- controld: fix possible NULL pointer dereference (bsc#1131353, bsc#1131356)
- pacemakerd vs. IPC/procfs confused deputy authenticity issue (CVE-2018-16877, bsc#1131356) (CVE-2018-16878, bsc#1131353)
- libservices: fix use-after-free wrt. alert handling (CVE-2019-3885, bsc#1131357)
- executor: systemd starts should return UNKNOWN_ERROR instead of NOT_RUNNING
- pacemaker-remoted: improve proxy accept failure message
- executor: consider stonith resource stopped only if stop succeeded
- executor: improve stonith operation rc and status mapping
- executor: reschedule recurring stonith monitor if not connected
- executor: put recurring stonith failsafe stop in correct place

OBS-URL: https://build.opensuse.org/request/show/700144
OBS-URL: https://build.opensuse.org/package/show/network:ha-clustering:Factory/pacemaker?expand=0&rev=328

0002-Revert-use-common-service-interface-for-fence-agents.patch

@@ -1,7 +1,7 @@
-From 5e862acfe98fa659095c651b6e7d97fd2ed39a07 Mon Sep 17 00:00:00 2001
+From 3663798bc8548e47109c7457b86713355253d8a0 Mon Sep 17 00:00:00 2001
 From: "Gao,Yan" <ygao@suse.com>
-Date: Thu, 11 Apr 2019 17:20:33 +0200
-Subject: [PATCH 2/2] Revert "use common service interface for fence-agents and
+Date: Mon, 29 Apr 2019 10:27:12 +0200
+Subject: [PATCH] Revert "use common service interface for fence-agents and
  RAs"
 
 This reverts commit 18c321e792a279d81008cbd99cb5ec7f81db096f.
@@ -30,7 +30,7 @@ index c13fc0f04..013f0b851 100644
      int rc;
      int pid;
 diff --git a/lib/fencing/Makefile.am b/lib/fencing/Makefile.am
-index 6191cb9e2..486dd7d7a 100644
+index 024932457..02aed12f3 100644
 --- a/lib/fencing/Makefile.am
 +++ b/lib/fencing/Makefile.am
 @@ -15,7 +15,6 @@ libstonithd_la_CFLAGS	= $(CFLAGS_HARDENED_LIB)
@@ -39,7 +39,7 @@ index 6191cb9e2..486dd7d7a 100644
  libstonithd_la_LIBADD	= $(top_builddir)/lib/common/libcrmcommon.la
 -libstonithd_la_LIBADD   += $(top_builddir)/lib/services/libcrmservice.la
  
- libstonithd_la_SOURCES	= st_client.c st_rhcs.c
+ libstonithd_la_SOURCES	= st_client.c st_output.c st_rhcs.c
  if BUILD_LHA_SUPPORT
 diff --git a/lib/fencing/st_client.c b/lib/fencing/st_client.c
 index 0f2c33012..8f6734d33 100644
@@ -633,10 +633,10 @@ index 0f2c33012..8f6734d33 100644
  }
  
 diff --git a/lib/services/services_linux.c b/lib/services/services_linux.c
-index 66f0fbfc7..23428a828 100644
+index 87a25d687..5df51d20a 100644
 --- a/lib/services/services_linux.c
 +++ b/lib/services/services_linux.c
-@@ -196,39 +196,6 @@ add_action_env_vars(const svc_action_t *op)
+@@ -223,39 +223,6 @@ add_action_env_vars(const svc_action_t *op)
      }
  }
  
@@ -676,7 +676,7 @@ index 66f0fbfc7..23428a828 100644
  gboolean
  recurring_action_timer(gpointer data)
  {
-@@ -318,10 +285,6 @@ operation_finished(mainloop_child_t * p, pid_t pid, int core, int signo, int exi
+@@ -345,10 +312,6 @@ operation_finished(mainloop_child_t * p, pid_t pid, int core, int signo, int exi
          op->opaque->stdout_gsource = NULL;
      }
  
@@ -687,7 +687,7 @@ index 66f0fbfc7..23428a828 100644
      if (signo) {
          if (mainloop_child_timeout(p)) {
              crm_warn("%s - timed out after %dms", prefix, op->timeout);
-@@ -653,9 +616,6 @@ action_synced_wait(svc_action_t * op, sigset_t *mask)
+@@ -680,9 +643,6 @@ action_synced_wait(svc_action_t * op, sigset_t *mask)
  
      close(op->opaque->stdout_fd);
      close(op->opaque->stderr_fd);
@@ -697,15 +697,15 @@ index 66f0fbfc7..23428a828 100644
  
  #ifdef HAVE_SYS_SIGNALFD_H
      close(sfd);
-@@ -669,7 +629,6 @@ services_os_action_execute(svc_action_t * op)
+@@ -696,7 +656,6 @@ services_os_action_execute(svc_action_t * op)
  {
      int stdout_fd[2];
      int stderr_fd[2];
 -    int stdin_fd[2] = {-1, -1};
      int rc;
      struct stat st;
-     sigset_t *pmask;
-@@ -735,25 +694,6 @@ services_os_action_execute(svc_action_t * op)
+     sigset_t *pmask = NULL;
+@@ -762,25 +721,6 @@ services_os_action_execute(svc_action_t * op)
          return FALSE;
      }
  
@@ -731,7 +731,7 @@ index 66f0fbfc7..23428a828 100644
      if (op->synchronous) {
  #ifdef HAVE_SYS_SIGNALFD_H
          sigemptyset(&mask);
-@@ -801,10 +741,6 @@ services_os_action_execute(svc_action_t * op)
+@@ -828,10 +768,6 @@ services_os_action_execute(svc_action_t * op)
              close(stdout_fd[1]);
              close(stderr_fd[0]);
              close(stderr_fd[1]);
@@ -742,7 +742,7 @@ index 66f0fbfc7..23428a828 100644
  
              crm_err("Could not execute '%s': %s (%d)", op->opaque->exec, pcmk_strerror(rc), rc);
              services_handle_exec_error(op, rc);
-@@ -818,9 +754,6 @@ services_os_action_execute(svc_action_t * op)
+@@ -845,9 +781,6 @@ services_os_action_execute(svc_action_t * op)
          case 0:                /* Child */
              close(stdout_fd[0]);
              close(stderr_fd[0]);
@@ -752,7 +752,7 @@ index 66f0fbfc7..23428a828 100644
              if (STDOUT_FILENO != stdout_fd[1]) {
                  if (dup2(stdout_fd[1], STDOUT_FILENO) != STDOUT_FILENO) {
                      crm_err("dup2() failed (stdout)");
-@@ -833,13 +766,6 @@ services_os_action_execute(svc_action_t * op)
+@@ -860,13 +793,6 @@ services_os_action_execute(svc_action_t * op)
                  }
                  close(stderr_fd[1]);
              }
@@ -766,7 +766,7 @@ index 66f0fbfc7..23428a828 100644
  
              if (op->synchronous) {
                  sigchld_cleanup();
-@@ -852,9 +778,6 @@ services_os_action_execute(svc_action_t * op)
+@@ -879,9 +805,6 @@ services_os_action_execute(svc_action_t * op)
      /* Only the parent reaches here */
      close(stdout_fd[1]);
      close(stderr_fd[1]);
@@ -776,7 +776,7 @@ index 66f0fbfc7..23428a828 100644
  
      op->opaque->stdout_fd = stdout_fd[0];
      rc = crm_set_nonblocking(op->opaque->stdout_fd);
-@@ -872,22 +795,6 @@ services_os_action_execute(svc_action_t * op)
+@@ -899,22 +822,6 @@ services_os_action_execute(svc_action_t * op)
                   pcmk_strerror(rc), rc);
      }
  

_servicedata

@@ -1,6 +1,6 @@
 <servicedata>
   <service name="tar_scm">
     <param name="url">git://github.com/ClusterLabs/pacemaker.git</param>
-    <param name="changesrevision">1b68da8e8994330a9034280221357abdb02084f4</param>
+    <param name="changesrevision">977e17f1377e30f53585beb0e82c652991942234</param>
   </service>
 </servicedata>

pacemaker-2.0.1+20190408.1b68da8e8.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d1d94399165c8dacebd71226f59fde5fa4fa3d980140ebc5f137fdafe8f342c0
-size 3427476

pacemaker-2.0.1+20190430.8e851b084.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:49f0fb503ae983bd5988a7c869113874dd13c52fd94564b4f3dc8974f47535e4
+size 3446944

pacemaker.changes

@@ -1,3 +1,39 @@
+-------------------------------------------------------------------
+Wed May 01 07:22:56 UTC 2019 - Yan Gao <ygao@suse.com>
+
+- Update to version 2.0.1+20190430.8e851b084:
+- controller: avoid memory leak when duplicate monitor is scheduled
+- libcrmcommon: return proper code if testing pid is denied (bsc#1131353, bsc#1131356)
+
+-------------------------------------------------------------------
+Tue Apr 30 13:17:22 UTC 2019 - Yan Gao <ygao@suse.com>
+
+- Update to version 2.0.1+20190424.a365fc58d:
+- libcrmcommon: avoid use-of-NULL when checking whether process is active (bsc#1131353, bsc#1131356)
+- daemons: make start-up log messages consistent across all daemons
+- executor: downgrade disappeared remote client message to notice
+- remote: include channel name in IPC proxy failure message
+- fencing: clarify device search messages
+- libcrmcluster: improve CPG membership messages
+- tools: Use formatted output in stonith_admin.
+- libstonithd: Add custom formatting to fencing types.
+- libcrmcommon: Add formatted output.
+- xml: Add a schema for API results.
+
+-------------------------------------------------------------------
+Thu Apr 18 12:07:35 UTC 2019 - Yan Gao <ygao@suse.com>
+
+- Update to version 2.0.1+20190417.13d370ca9:
+- controld: fix possible NULL pointer dereference (bsc#1131353, bsc#1131356)
+- pacemakerd vs. IPC/procfs confused deputy authenticity issue (CVE-2018-16877, bsc#1131356) (CVE-2018-16878, bsc#1131353)
+- libservices: fix use-after-free wrt. alert handling (CVE-2019-3885, bsc#1131357)
+- executor: systemd starts should return UNKNOWN_ERROR instead of NOT_RUNNING
+- pacemaker-remoted: improve proxy accept failure message
+- executor: consider stonith resource stopped only if stop succeeded
+- executor: improve stonith operation rc and status mapping
+- executor: reschedule recurring stonith monitor if not connected
+- executor: put recurring stonith failsafe stop in correct place
+
 -------------------------------------------------------------------
 Thu Apr 11 15:32:23 UTC 2019 - Yan Gao <ygao@suse.com>
 

pacemaker.spec

@@ -74,7 +74,7 @@
 %endif
 
 Name:           pacemaker
-Version:        2.0.1+20190408.1b68da8e8
+Version:        2.0.1+20190430.8e851b084
 Release:        0
 Summary:        Scalable High-Availability cluster resource manager
 # AGPL-3.0 licensed extra/clustermon.sh is not present in the binary