Chapter 5. Package Updates

Bug Fixes

BZ#834096

Prior to this update, simultaneous updates that included deleting an attribute in an entry could cause the domain directory server to abort with a segmentation fault. This update checks whether a modified attribute entry has a NULL value. Now, the server handles simultaneous updates as expected.

BZ#836251

Prior to this update, the get_entry function did not accept a NULL pblock. As a consequence, the Account Usability feature did not return the correct information about user account expiration and locked status. This update modifies the underlying code so that the get_entry function now accepts a NULL pblock.

Security Fixes

CVE-2012-2678

A flaw was found in the way 389 Directory Server handled password changes. If an LDAP user has changed their password, and the directory server has not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password via the "unhashed#user#password" attribute.

CVE-2012-2746

It was found that when the password for an LDAP user was changed, and audit logging was enabled (it is disabled by default), the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on" (the default option), prevents 389 Directory Server from writing plain text passwords to the audit log. This option can be configured in /etc/dirsrv/slapd-ID/dse.ldif.

Security Fix

CVE-2012-0833

A flaw was found in the way the 389 Directory Server daemon (ns-slapd) handled access control instructions (ACIs) using certificate groups. If an LDAP user that had a certificate group defined attempted to bind to the directory server, it would cause ns-slapd to enter an infinite loop and consume an excessive amount of CPU time.

Bug Fixes

BZ#743979

Previously, 389 Directory Server used the Netscape Portable Runtime (NSPR) implementation of the read/write locking mechanism. Consequently, the server sometimes stopped responding to requests under heavy loads. This update replaces the original locking mechanism with the POSIX (Portable Operating System Interface) read/write locking mechanism. The server is now always responsive under heavy loads.

BZ#745201

Previously, Distinguished Names (DNs) were not included in access log records of LDAP compare operations. Consequently, this information was missing in the access logs. This update modifies the underlying source code so that DNs are logged and can be found in the access logs.

BZ#752577

Previously, when 389 Directory Server was under heavy load and operating in a congested network, problems with client connections sometimes occurred. When there was a connection problem while the server was sending Simple Paged Result (SPR) search results to the client, the LDAP server called a cleanup routine incorrectly. Consequently, a memory leak occurred and the server terminated unexpectedly. This update fixes the underlying source code to ensure that cleanup tasks are run correctly and no memory leaks occur. As a result, the server does not terminate or become unresponsive under heavy loads while servicing SPR requests.

BZ#757897

Previously, certain operations with the Change Sequence Number (CSN) were not performed efficiently by the server. Consequently, the ns-slapd daemon consumed up to 100% of CPU time when performing a large number of CSN operations during content replication. With this update, the underlying source code has been modified to perform the CSN operations efficiently. As a result, large numbers of CSN operations can be performed during content replications without any performance issues.

BZ#757898

Previously, allocated memory was not correctly released in the underlying code for the SASL GSSAPI authentication method when checking the Simple Authentication and Security Layer (SASL) identity mappings. This problem could cause memory leaks when processing SASL bind requests, which eventually caused the LDAP server to terminate unexpectedly with a segmentation fault. This update adds function calls that are needed to free allocated memory correctly. Memory leaks no longer occur and the LDAP server no longer crashes in this scenario.

BZ#759301

Previously, 389 Directory Server did not handle the Entry USN (Update Sequence Number) index correctly. Consequently, the index sometimes became out of sync with the main database and search operations on USN entries returned incorrect results. This update modifies the underlying source code of the Entry USN plug-in. As a result, the Entry USN index is now handled by the server correctly.

BZ#772777

Previously, search filter attributes were normalized and substring regular expressions were compiled repeatedly for every entry in the search result set. Consequently, using search filters with many attributes and substring subfilters resulted in poor search performance. This update ensures that search filters are pre-compiled and pre-normalized before being applied. These changes result in better search performance when applying search filters with many attributes and substring subfilters.

BZ#772778

Previously, the number of ACIs (Access Control Information records) to be cached was limited to 200. Consequently, evaluating a Directory Server entry against more than 200 ACIs failed with the following error message:

acl_TestRights - cache overflown

This update increases the default ACI cache limit to 2000 and allows it to be configurable by means of the new parameter nsslapd-aclpb-max-selected-acls in the configuration file entry "cn=ACL Plugin,cn=plugins,cn=config". As a result, the aforementioned error message is not displayed unless the new limit is exceeded, and it is now possible to change the limit when needed.

BZ#772779

Previously, the restore command contained a code path leading to an infinite loop. Consequently, 389 Directory Server sometimes became unresponsive when performing a restore from a database backup. This update removes the infinite loop code path from the underlying source code. As a result, the server does not stop responding when performing a database restore.

BZ#781485

Previously, performing the ldapmodify operation to modify RUV (Replica Update Vector) entries was allowed. Consequently, 389 Directory Server became unresponsive when performing such operations. This update disallows direct modification of RUV entries. As a result, the server does not stop responding when performing such operations, and returns an error message advising usage of the CLEANRUV operation instead.

BZ#781495

Previously, to identify restart events of 389 Directory Server, the logconv.pl script searched server logs for the "conn=0 fd=" string. Consequently, the script reported a wrong number of server restarts. This update modifies the script to search for the "conn=1 fd=" string instead. As a result, the correct number of server restarts is now returned.

BZ#781500

When reloading a database from an LDIF (LDAP Data Interchange Format) file that contained an RUV element with an obsolete or decommissioned replication master, the changelog was invalidated. As a consequence, 389 Directory Server emitted error messages and required re-initialization. This update ensures that the user is properly informed about obsolete or decommissioned replication masters, and that such masters are deleted from the RUV entries. Database is now reloaded as expected in this scenario.

BZ#781516

Previously, when a non-leaf node became a tombstone entry, its child entries lost the parent-child relationships. Consequently, non-leaf tombstone entries could have been reaped prior to their child tombstone entries. This update fixes the underlying source code so that parent-child relationships are maintained even when a non-leaf entry is deleted. As a result, tombstones are now reaped correctly in the bottom-up order.

BZ#781529

Previously, no validation of managed entry attributes against the managed entry template was performed before updating 389 Directory Server's managed entries. Consequently, managed entries could have been updated after updating an original entry attribute that was not contained in the managed entry template. This update adds a check that compares modified attributes with managed entry template attributes. As a result, the managed entries are not updated unless the modified attributes of the original entry are contained in the managed entry template.

BZ#781533

Previously, 389 Directory Server did not shut down before all running tasks had been completed. Consequently, it sometimes took a long time for the Directory Server to shut down when a long-running task was being carried out. This update enhances the underlying source code with a check for server shutdown requests during performance of long-running tasks. As a result, the server shuts down in a standard amount of time even when a long-running task is being processed.

BZ#781537

Previously, 389 Directory Server expected the value of the authzid attribute to be fully BER (Basic Encoding Rules) encoded. Consequently, the following error was returned when performing the ldapsearch command with proxy authorization:

unable to parse proxied authorization control (2 (protocol error))

This update modifies the underlying source code so that full BER encoding of the provided authzid value is not required. As a consequence, no error is returned in the scenario described above.

BZ#781538

Previously, the buffer for matching rule OIDs (Object Identifiers) had a fixed size of 1024 characters. Consequently, matching rule OIDs got truncated when their total length exceeded 1024 characters. This update modifies the underlying source code to use a dynamically allocated buffer instead of the one with a fixed size. As a result, any number of matching rule OIDs can be handled without being truncated.

BZ#781539

Previously, executing the ldapsearch command on the "cn=config" object returned all attributes of the object, including attributes with empty values. This update ensures that attributes with empty values are not saved into "cn=config", and enhances the ldapsearch command with a check for empty attributes. As a result, only attributes that have a value are returned in the aforementioned scenario.

BZ#781541

Previously, log records of operations performed using a proxy user contained the main user as the one who performed the operation. This update ensures that the proxy user is logged in log records of the search, add, mod, del, and modrdn operations.

BZ#784343

Previously, the database upgrade scripts checked if the server was offline by checking for the presence of .pid files. In some cases, however, the files remain present even if the associated processes have already been terminated. Consequently, the upgrade scripts sometimes assumed that the Directory Server was online and did not proceed with the database upgrade even if the server was actually offline. This update adds an explicit test to check if the processes referenced in the .pid files are really running. As a result, the upgrade scripts now work as expected.

BZ#784344

Previously, the repl-monitor command used only the subdomain part of hostnames for host identification. Consequently, hostnames with the identical subdomain part (for example: "ldap.domain1", "ldap.domain2") were identified as a single host, and inaccurate output was produced. This update ensures that the entire hostname is used for host identification. As a result, all hostnames are identified as separate and output of the repl-monitor command is accurate.

BZ#788140

Previously, the server used unnormalized DN strings to perform internal search and modify operations while the code for modify operations expected normalized DN strings. Consequently, error messages like the following one were logged when performing replication with domain names specified in unnormalized format:

NSMMReplicationPlugin - repl_set_mtn_referrals: could not set referrals for replica dc=example,dc=com: 32

This update ensures that DN strings are normalized before being used in modify operations. As a result, replication does not produce the error messages in the aforementioned scenario.

BZ#788722

Previously, the 389-ds-base/ldap/servers/snmp/ directory contained .mib files without copyright headers. Consequently, the files could not be included in certain Linux distributions due to copyright reasons. This update merges information from all such files into the redhat-directory.mib file, which contains the required copyright information, and ensures that it is the only file in the directory. As a result, no copyright issues block 389 Directory Server from being included in any Linux distribution.

BZ#788724

Previously, the underlying source code for extensible search filters used strcmp routines for value comparison. Consequently, using extensible search filters with binary data returned incorrect results. This update modifies the underlying source code to use binary-aware functions. As a result, extensible search filters work with binary data correctly.

BZ#788725

Previously, value normalization of the search filter did not respect the used filter type and matching rules. Consequently, when using different values than the default comparison type for the searched attribute syntax, search attempts returned incorrect results. This update modifies the underlying source code to use normalization sensitive to matching rules on filter attributes and values. As a result, search results in accordance with the matching rules are returned.

BZ#788729

Previously on the Directory Server, tombstones of child entries in a database were handled incorrectly. Therefore, if the database contained deleted entries that were converted to tombstones, an attempt to reindex the entryrdn index failed with the following error message:

_entryrdn_insert_key: Getting "nsuniqueid=ca681083-69f011e0-8115a0d5-f42e0a24,ou=People,dc=example,dc=com" failed

With this update, 389 Directory Server handles tombstones of child entries correctly, and the entryrdn index can now be reindexed successfully with no errors.

BZ#788731

Previously, RUV tombstone entries were indexed incorrectly by the entryrdn index. Consequently, attempts to search for such entries were not successful. This update ensures correct indexing of RUV tombstone entries in the entryrdn index and search attempts for such entries are now successful.

BZ#788741

Previously, the DNA (Distributed Numeric Assignment) plug-in used too short timeout for requests to replicate a range of UIDs. Consequently, using replication with DNA to add users sometimes failed on networks with high latency, returning the following error message:

Operations error: Allocation of a new value for range cn=posix ids,cn=distributed numeric assignment plugin,cn=plugins,cn=config failed

With this update, the default timeout for such replication requests has been set to 10 minutes. As a result, no errors are returned when using replication with DNA to add users, and the operation succeeds.

BZ#788745

Previously, change sequence numbers (CSNs) in RUV were not refreshed when a replication role was changed. Consequently, data on the server became inconsistent. This update ensures that CSNs are refreshed when a replication role is changed. As a result, data inconsistency is no longer observed in the previously mentioned cases.

BZ#788749

Previously, errors in schema files were not reported clearly in log files. Consequently, the messages could be incorrectly interpreted as reporting an error in the dse.ldif file. This update modifies the error messages so that they include the name of and path to the file where the error was found.

BZ#788750

Previously, the server used an outdated version of the nisDomain schema after an upgrade. Consequently, restarting 389 Directory Server after an upgrade produced the following error message:

attr_syntax_create - Error: the EQUALITY matching rule [caseIgnoreMatch] is not compatible with the syntax [1.3.6.1.4.1.1466.115.121.1.26] for the attribute [nisDomain]

This update ensures that the server uses the latest version of the nisDomain schema. As a result, restarting the server after an upgrade does not show any errors.

BZ#788751

389 Directory Server previously did not properly release allocated memory after finishing normalization operations. This caused memory leaks to occur during server's runtime. This update fixes the underlying code to release allocated memory properly so that memory leaks no longer occur under these circumstances

BZ#788753

Previously, the "connection" attribute was not included in the cn=monitor schema, which caused the access control information (ACI) handling code to ignore the ACI. Consequently, requesting the connection attribute when performing anonymous search on cn=monitor returned the connection attribute, even though it was denied by the default ACI. This update ensures that the ACI is processed even if the attribute is not in the schema. As a result, the connection attribute is not displayed if the ACI denies it.

BZ#788754

Previously, several memory leak errors sometimes occurred during the server's runtime. This update fixes all the memory leak errors so that none of them occur anymore.

BZ#788755

Previously, IPv4-mapped IPv6 addresses were treated as independent addresses by 389 Directory Server. Consequently, errors were reported during server startup when such addresses conflicted with standard IPv4 addresses. This update ensures that the IPv4 part of every IPv4-mapped IPv6 address is compared with existing IPv4 addresses. As a result, the server starts with no errors even when IPv4-mapped IPv6 addresses conflict with standard IPv4 addresses.

BZ#788756

Previously, the 389-ds-base man pages contained several typos and factual errors. This update corrects the man pages so that they contain correct information and no typos.

BZ#790491

Previously, a NULL pointer dereference sometimes occurred when initializing a Directory Server replica. Consequently, the server terminated unexpectedly with a segmentation fault. This update enhances the underlying source code for replica initialization with a check for the NULL value. As a result, replica initialization always finishes successfully.

BZ#796770

Previously, a double free error sometimes occurred during operations with orphaned tombstone entries. Consequently, when an orphaned tombstone entry was passed to the tombstone_to_glue function, the Directory Server terminated unexpectedly. This update fixes the logic for getting ancestor tombstone entries and eliminates the chance to convert a tombstone entry into an orphaned entry. As a result, unexpected server termination no longer occurs in the aforementioned scenario.

BZ#800215

Previously, an internal loop was incorrectly handled in code of the ldapcompare command. Consequently, performing concurrent comparison operations on virtual attributes caused the Directory Server to become unresponsive. This update fixes the internal loop issue. As a result, the server performs concurrent comparison operations without any issues.

BZ#803930

Previously, when upgrading 389 Directory Server, server startup had been initiated before the actual upgrade procedure finished. Consequently, the startup failed with the following error message:

ldif2dbm - _get_and_add_parent_rdns: Failed to convert DN cn=TESTRELM.COM to RDN

This update ensures that the server does not start before the upgrade procedure finishes. As a result, the server boots up successfully after the upgrade.

BZ#811291

Previously, the code of the range read operation did not correctly handle situations when an entry was deleted while a ranged search operation was being performed. Consequently, performing delete and ranged search operations concurrently under heavy loads caused the Directory Server to terminate unexpectedly. This update fixes the underlying source code to handle such situations correctly. As a result, the server does not terminate before performing delete and ranged search operations concurrently under heavy loads.

BZ#813964

When performing delete and search operations against 389 Directory Server under high load, the DB_MULTIPLE_NEXT pointer to the stack buffer could have been set to an invalid value. As a consequence, pointer's dereference lead to an attempt to access memory that was not allocated for the stack buffer. This caused the server to terminate unexpectedly with a segmentation fault. With this update, the DB_MULTIPLE_NEXT pointer is now properly tested. If the pointer's value is invalid, the page or value is considered deleted and the stack buffer is reloaded. As a result, the segmentation fault no longer occurs in this scenario.

BZ#815991

The ldap_initialize() function is not thread-safe. Consequently, 389 Directory Server terminated unexpectedly during startup when using replication with many replication agreements. This update ensures that calls of the ldap_initialize() function are protected by a mutual exclusion. As a result, when using replication with many replication agreements, the server starts up correctly.

BZ#819643

Due to an error in the underlying source code, an attempt to rename an RDN (Relative Distinguished Name) string failed if the new string sequence was the same except of using the different lower/upper case of some letters. This update fixes the code so that it is possible to rename RDNs to the same string sequence with case difference.

BZ#821542

Previously, the letter case information was ignored when renaming DN strings. Consequently, if the new string sequence differed only in the case of some letters, a DN string was only converted to lowercase and the case information lost. This update modifies the underlying code so that it is now possible to rename RDNs to the same string sequence with case difference.

BZ#822700

Previously, the code for ACI handling did not reject incorrectly specified DNs. Consequently, incorrectly specified DNs in an ACI caused 389 Directory Server to terminate unexpectedly during startup or after an online import. This update ensures that the underlying source code for ACI handling rejects incorrectly specified DNs. As a result, the server does not terminate in this scenario.

BZ#824014

Previously, the code handling the "entryusn" attribute modified cache entries directly. Consequently under heavy loads, the server terminated unexpectedly when performing delete and search operations using the "entryusn" and "memberof" attributes with referential integrity enabled. This update ensures that the entries are never modified in the cache directly. As a result, the server performs searches in the previously described conditions without terminating unexpectedly.

Enhancements

BZ#683241

Previously, post-operation plug-ins were executed after initial operation results had been returned to the LDAP client. Consequently, some results of the initial operation might not have been immediately available. This update introduces the "betxnpreoperation" and "betxnpostoperation" plug-in types. Plug-ins of these types run inside the regular transaction of initial operations. As a result, when these plug-in types are used, operations triggered by the initial operation complete before completion of the initial operation.

BZ#766322

Previously, there was no easy way to determine what default search base an LDAP client should use. Consequently, LDAP clients with no search base configured attempted to search against 389 Directory Server. This update adds a new attribute, defaultNamingContext, to the root DSE (Directory Server Entry). As a result, clients can query the root DSE for the value of the defaultNamingContext attribute and use the returned value as a search base.

BZ#768086

This update introduces the nsslapd-minssf-exclude-rootdse configuration attribute, with possible values "on" and "off". If its value is "off", which is the default, the server allows clients to access the root DSE even if the Security Strenght Factor (SSF) value is less than the nsslapd-minssf attribute value. As a result, it is possible to allow access to the root DSE without using SSL/TLS even if the rest of the server requires SSL/TLS.

BZ#768091

Previously, the delete operation was not allowed for Managed Entry Config entries. Consequently, attempts to delete such entries were rejected with the following error message:

ldap_delete: Server is unwilling to perform (53)additional info: Not a valid operation.

This update modifies the underlying source code so that deletion of Managed Entry Config entries is allowed and can be performed successfully.

BZ#781501

Previously, extended user account information was not available to LDAP clients from 389 Directory Server. This update adds support for Account Usable Request Control, which enables LDAP clients to get the extended user account information.

BZ#788760

Previously, the logconv.pl script was only able to produce a summary of operations for a file or for a requested period. This update introduces the -m option for generation of per-second statistics, and the -M option for generation of per-minute statistics. The statistics are generated in CSV format suitable for further post-processing.

BZ#790433

Previously, all newly created entries had to be added to groups manually. This update adds a new plug-in which ensures automatic adding of each new entry to a group if it matches certain criteria.

Security Fixes

CVE-2012-5659

It was found that the /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool did not sufficiently sanitize its environment variables. This could lead to Python modules being loaded and run from non-standard directories (such as /tmp/). A local attacker could use this flaw to escalate their privileges to that of the abrt user.

CVE-2012-5660

A race condition was found in the way ABRT handled the directories used to store information about crashes. A local attacker with the privileges of the abrt user could use this flaw to perform a symbolic link attack, possibly allowing them to escalate their privileges to root.

Security Fixes

CVE-2012-1106

If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to "2" (it is "0" by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access.

CVE-2011-4088

ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. Note that this fix does not apply to the default configuration, where reports are sent to Red Hat Customer Support. It only takes effect for users sending information to Red Hat Bugzilla.

Bug Fixes

BZ#809587, BZ#745976

When the ABRT GUI was used to report a bug using the menu button Report problem with ABRT, an empty bug was created. This update removes this button as it was only used for testing purposes.

BZ#800828

When a new dump directory was saved to /var/spool/abrt-upload/ via the reporter-upload utility, the ABRT daemon copied the dump directory to /var/spool/abrt/ and incremented the crash count which was already incremented before. Due to the crash count being incremented twice, the dump directory was marked as a duplicate of itself and removed. With this update, the crash count is no longer incremented for remotely uploaded dump directories, thus fixing the issue.

BZ#747624

The /usr/bin/abrt-cli utility was missing a man page. This update adds the abrt-cli(1) man page.

BZ#796216

Analyzing lines of a kernel oops caused the line variable to be freed twice. This update fixes this bug, and kernel oopses are now properly analyzed.

BZ#770357

Prior to this update, ABRT email notification via the mailx plug-in did not function properly due to a missing default configuration file for the mailx plug-in. This update adds a default configuration file for the mailx plug-in: /etc/libreport/plugins/mailx.conf.

BZ#799352

Starting the ABRT daemon resulted in an error if dbus was not installed on the system. This update removes the dbus dependency and the ABRT daemon can now be started even if dbus is not installed on the system.

BZ#727494

The previous version of ABRT silently allowed users to report the same problem to Bugzilla multiple times. This behavior is now changed and users are warned if the report was already submitted. The max allowed size of email attachments and local logs was increased to 1 MB. This fixes the problem where longer reports were being lost when sent via email or stored locally using the logger plug-in.

BZ#746727

This update fixes a bug which caused the /tmp/anaconda-tb-* files to be sometimes recognized as a binary file and sometimes as a text file.

BZ#771597

ABRT 2.x has added various new daemons. However, not all of the added daemons were properly enabled during the transition from ABRT 1.x. With this update, all daemons are correctly started and updating from ABRT 1.x to ABRT 2.x works as expected.

BZ#751068

The abrt-cli package previously depended on the abrt-addon-python package. This prevented users from removing the abrt-addon-python package via Yum as the abrt-cli would be removed as well. With this update, a new "virtual" abrt-tui package has been added that pulls all the required packages in order to use ABRT on the command line, thus, resolving the aforementioned issue.

BZ#749100

Previously, some strings in the ABRT tools were not marked as translatable. This update fixes this issue.

BZ#773242

When ABRT attempted to move data, a misleading message was returned to the user informing that a copy of the dump was created. This update improves this message so that it is clear that ABRT does not copy data but moves it.

BZ#811147

When a backtrace contains a frame with text consisting of function arguments that was too long, the backtrace printer in GDB truncates the arguments. The backtrace parser could not handle the truncated arguments and did not format them properly. With this update, the backtrace parser detects the truncated strings, indicating the function arguments were truncated. The parser state then adapts to this situation and correctly parses the backtrace.

BZ#823411

A change in the Bugzilla API prevented the ABRT bugzilla plug-in from working correctly. This update resolves this issue by modifying the source code to work with the new Bugzilla API.

BZ#758366

This update fixes a typographical error in the commentary of various ABRT configuration files.

BZ#625485

The previous version of ABRT generated an invalid XML log file. This update fixes this and every non-ASCII character is now escaped.

BZ#788577

Unlike ABRT, python-meh was not including a list of environment variables in its problem reports. A list of environment variables is useful information for assignees of the created bug. With this update, code producing a list of environment variables and passing it to libreport was added to python-meh, and problem reports generated by python-meh now include lists of environment variables.

Security Fix

CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616, CVE-2013-0617, CVE-2013-0618, CVE-2013-0619, CVE-2013-0620, CVE-2013-0621, CVE-2013-0623, CVE-2013-0626

This update fixes several security flaws in Adobe Reader. These flaws are detailed in the Adobe Security bulletin APSB13-02. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened.

BZ#674199

Prior to this update, the alsactl tool tried to initialize all sound cards if the /etc/asound.state file was not present. As a consequence, SElinux could deny access to non-existent devices. This update modifies the underlying code so that alsactl is called only once from udev.

BZ#650113

With this update, the alsa-delay and alsaloop utilities have been added to alsa-utils to manage the system audio delay.

Bug Fixes

BZ#690058

Prior to this update, the noprobe argument in a kickstart file was not passed to the last known codepath. Consequently, the noprobe request was not properly honored by Anaconda. This update improves the code so that the argument is passed to the last known codepath. As a result, device drivers are loaded according to the device command in the kickstart file.

BZ#691794

Previously, an improper device file that provided access to an array as a whole was used to initialize the boot loader in a Device Mapper Multipath (DM-Multipath) environment. Consequently, the system was not bootable. Anaconda has been modified to enumerate all drives in an array and initialize the boot loader on each of them. As a result, the system now boots as expected.

BZ#723404

When performing a minimal installation from media without the use of a network, network devices did not have a working default network configuration. Consequently, bringing a network device up after reboot using the ifup command failed. This update sets the value of BOOTPROTO to dhcp in default network device configuration files. As a result, network devices can be activated successfully using the ifup command after reboot in the scenario described.

BZ#727136

When Anaconda places a PowerPC Reference Platform (PReP) boot partition on a different drive to the root partition, the system cannot boot. This update forces the PReP boot partition to be on the same drive as the root partition. As a result, the system boots as expected.

BZ#734128

Due to a regression, when installing on systems with pre-existing mirrored Logical Volumes (LV), the installer failed to properly detect the Logical Volume Management configuration containing mirrored logical volumes. Consequently, a mirrored logical volume created before installation was not shown and could not be used in kickstart. The code to handle mirrored logical volumes has been updated to make use of the udev information that changed due to a previous bug fix. As a result, mirrored logical volumes are correctly detected by the installer.

BZ#736457

On IBM System z architectures, z/VM guests with only one CPU allocated failed to read the Conversational Monitor System (CMS) configuration file used by the installation environment. Consequently, users of z/VM guests with a single CPU had to either pass all installation environment configuration values on the kernel boot line or supply the information at the interactive prompts as the installation environment booted up. This update improves the code to detect the number of guests after mounting the /proc file. As a result, guests with one CPU can bring the boot device online so the CMS configuration file can be read and automated installations proceed as expected.

BZ#738577

The repo commands in kickstart generated by Anaconda contained base installation repository information but they should contain only additional repositories added either by the repo kickstart command or in the graphical user interface (GUI). Consequently, in media installations, the repo command generated for installation caused a failure when the kickstart file was used. With this update, Anaconda now generates repo commands only for additional repositories. As a result, kickstart will not fail for media installations.

BZ#740870

Manual installation on to BIOS RAID devices of level 0 or level 1 produced an Intel Media Storage Manager (IMSM) metadata read error in the installer. Consequently, users were not able to install to such devices. With this update, Anaconda properly detects BIOS RAID level 0 and level 1 IMSM metadata. As a result, users are able to install to these devices.

BZ#746495

The LiveCD environment was missing a legacy symlink to the devkit-disks utility. Consequently, the call that modified automounter behavior was never properly executed. The code has been updated to call the proper non-legacy binary. As a result, USB devices used during installation are no longer automounted.

BZ#747219

The console tty1 was put under control of Anaconda, but was not returned when Anaconda exited. Consequently, init did not have permission to modify tty1's settings to enable Ctrl+C functionality when Anaconda exited, which resulted in Ctrl+C not working when the installer prompted the user to press the Ctrl+C or Ctrl+Alt+Delete key combination after Anaconda terminated unexpectedly. A code returning tty1 control back to init was added to Anaconda. As a result, Ctrl+C now works as expected if the user is prompted to press it when Anaconda crashes.

BZ#750126

The Bash version used in the buildinstall script had a bug that influenced parsing of the =~ operator. This operator is used to check for the architecture when including files. Consequently, some binaries which provide the grub command were present on x86_64 versions of the installer, but were missing from i686 media. The Bash code has been modified to prevent this bug. As a result, the binaries are now also present on i686 media and users can now use the grub command from installation media as expected.

BZ#750417

Due to bad ordering in the unmounting sequence, the dynamic linker failed to link libraries, which caused the mdadm utility not to work and exit with the status code of 127. This update fixes the ordering in the unmounting sequence and as a result, the dynamic linker and mdadm now work correctly.

BZ#750710

There was no check to see if the file descriptors passed as stdout and stderr were distinct. Consequently, if the stdout and stderr descriptors were the same, using them both for writing resulted in overwriting and the log file not containing all of the lines expected. With this update, if the stdout and stderr descriptors are the same then only one of them is used for both stdin and stderr. As a result, the log file contains all lines from both stdout and stderr.

BZ#753108

When installing on a system with more than one disk with a PowerPC Reference Platform (PReP) partition present, the PReP partitions that should be left untouched were updated. This update corrects the problem so that PReP partitions other than the one used during installation are left untouched. As a result, old PReP partitions do not get updated.

BZ#754031

The kernel command line /proc/cmdline ends with \n but the installer only checked for \0. Consequently, the devel argument was not detected when it was the last argument on the command line and the installation failed. This update improves the code to also check for \n. As a result, the devel argument is correctly parsed and installation proceeds as expected.

BZ#756608

Network installations on IBM System z check the nameserver address provided using the ping command. Environments restricting ICMP ECHO packets will cause this test to fail, halting the installation and asking the user whether or not the provided nameserver address is valid. Consequently, automated installations using kickstart will stop if this test fails. With this update, in the event that the ping test fails, the nslookup command is used to validate the provided nameserver address. If the nslookup test succeeds then kickstart will continue with the installation. As a result, automated network installations on IBM System z in non-interactive mode will complete as expected in the scenario described.

BZ#760250

When configuring a system with multiple active network interfaces and the ksdevice = link command was present, the link specification was not used consistently for device activation and device configuration. Consequently, other network devices having link status were sometimes misconfigured using the settings targeted to the device activated by the installer. With this update, the code has been improved and now refers to the same device with link specification both in case of device activation and device configuration. As a result, when multiple devices with link status are present during installation, ksdevice = link specification of the device to be activated and used by the installer does not cause misconfiguration of another device having link status.

BZ#766902

When configuring the network using the Anaconda GUI hostname screen, the keyboard shortcut for the Configure Network button was missing. This update adds the C keyboard shortcut. Network configuration can now be invoked using the Alt+C keyboard shortcut.

BZ#767727

The Ext2FS class in Anaconda has a maximum file size attribute correctly set to 8 TB, but Ext3FS and Ext4FS inherited this value without overriding it. Consequently, when attempting to create an ext3 or ext4 file system of a size greater than 8Tb the installer would not allow it. With this update, the installer's upper bound for new ext3 and ext4 filesystem size has been adjusted from 8Tb to 16TB. As a result, the installer now allows creation of ext3 and ext4 filesystems up to 16TB.

BZ#769145

The Anaconda dhcptimeout boot option was not working. NetworkManager used a DHCP transaction timeout of 45 seconds without the possibility of configuring a different value. Consequently, in certain cases NetworkManager failed to obtain a network address. NetworkManager has been extended to read the timeout parameter from a DHCP configuration file and use that instead of the default value. Anaconda has been updated to write out the dhcptimeout value to the interface configuration file used for installation. As a result, the boot option dhcptimeout works and NetworkManager now waits to obtain an address for the duration of the DHCP transaction period as specified in the DHCP client configuration file.

BZ#783245

Prior to this update, USB3 modules were not in the Anaconda install image. Consequently, USB3 devices were not detected by Anaconda during installation. This update adds the USB3 modules to the install image and USB3 devices are now detected during installation.

BZ#783841

When the kickstart clearpart command or the installer's automatic partitioning options to clear old data from the system's disks were used with complex storage devices such as logical volumes and software RAID, LVM tools caused the installation process to become unresponsive due to a deadlock. Consequently, the installer failed when trying to remove old metadata from complex storage devices. This update changes the LVM commands in the udev rules packaged with the installer to use a less restrictive method of locking and the installer was changed to explicitly remove partitions from a disk instead of simply creating a new partition table on top of the old contents when it initializes a disk. As a result, LVM no longer hangs in the scenario described.

BZ#785400

The /usr/lib/anaconda/textw/netconfig_text.py file tried to import a module from the wrong location. Consequently, Anaconda failed to start and the following error message was generated:

No module named textw.netconfig_text

The code has been corrected and the error no longer occurs in the scenario described.

BZ#788537

Prior to this update, kickstart repository entries did not use the global proxy setting. Consequently, on networks restricted to use a proxy installation would terminate unexpectedly when attempting to connect to additional repository entries in a kickstart file if no proxy had been explicitly specified. This update changes the code to use the global proxy if an additional repository has no proxy set for it. As a result, the global proxy setting will be used and installation will proceed as expected in the scenario described.

BZ#800388

The kickstart pre and post installation scripts had no information about the proxy being used by Anaconda. As a consequence, programs such as wget and curl would not work properly in a pre-installation and post-installation script on networks restricted to using a proxy. This update sets the PROXY, PROXY_USER, PROXY_PASSWORD environmental variables. As a result, pre and post installation scripts now have access to the proxy setting used by Anaconda.

BZ#802397

Using the --onbiosdisk=NUMBER option for the kickstart part command sometimes caused installation failures as Anaconda was not able to find the disk that matches the specified BIOS disk number. Users wishing to use BIOS disk numbering to control kickstart installations were not able to successfully install Red Hat Enterprise Linux. This update adjusts the comparison in Anaconda that matches the BIOS disk number to determine the Linux device name. As a result, users wishing to use BIOS disk numbering to control kickstart installations will now be able to successfully install Red Hat Enterprise Linux.

BZ#805910

Due to a regression, when running the system in Rescue mode with no or only uninitialized disks, the Anaconda storage subsystem did not check for the presence of a GUI before presenting the user with a list of options. Consequently, when the user selected continue the installer terminated unexpectedly with a traceback. This update adds a check for presence of the GUI and falls back to a TUI if there is none. As a result, the user is informed about the lack of usable disks in the scenario described.

BZ#823810

When using Anaconda with Qlogic qla4xxx devices in firmware boot mode and with iSCSI targets set up in BIOS (either enabled or disabled), the devices were exposed as iSCSI devices. But in this mode the devices cannot be handled with the iscsiadm and libiscsi tools used by the installer. Consequently, installation failed with a traceback during examination of storage devices by the installer. This update changes the installer to not try to manage iSCSI devices set up with qla4xxx firmware with iscsiadm or libiscsi. As a result, installation in an environment with iSCSI targets set up by qla4xxx devices in firmware mode finishes successfully.

Note

The firmware boot mode is turned on and off by the qla4xxx.ql4xdisablesysfsboot boot option. With this update, it is enabled by default.

Enhancements

BZ#500273

There was no support for binding of iSCSI connections to network interfaces, which is required for installations using multiple iSCSI connections to a target on a single subnet for Device Mapper Multipath (DM-Multipath) connectivity. Consequently, DM-Multipath connectivity could not be used on a single subnet as all devices used the default network interface. With this update, the Bind targets to network interfaces option has been added to the "Advanced Storage Options" dialog box. When turned on, targets discovered specifically for all active network interfaces are available for selection and login. For kickstart installations a new iscsi --iface option can be used to specify network interface to which a target should be bound. Once interface binding is used, all iSCSI connections have to be bound, that is to say the --iface option has to be specified for all iscsi commands in kickstart. Network devices required for iSCSI connections can be activated either using kickstart network command with the --activate option or in the graphical user interface (GUI) using the Configure Network button from the "Advanced Storage Options" dialog ("Connect Automatically" has to be checked when configuring the device so that the device is also activated in the installer). As a result, it is now possible to configure and use DM-Multipath connectivity for iSCSI devices using different network interfaces on a single subnet during installation.

BZ#625697

The curl command line tool was not in the install image file. Consequently, curl could not be used in the %pre section of kickstart. This update adds curl to the install image and curl can be used in the %pre section of kickstart.

BZ#660686

Support for installation using IP over InfiniBand (IPoIB) interfaces has been added. As a result, it is possible to install systems connected directly to an InfiniBand network using IPoIB network interfaces.

BZ#663647

Two new options were added to the kickstart volgroup command to specify initially unused space in megabytes or as a percentage of the total volume group size. These options are only valid for volume groups being created during installation. As a result, users can effectively reserve space in a new volume group for snapshots while still using the --grow option for logical volumes within the same volume group.

BZ#671230

The GPT disk label is now used for disks of size 2.2 TB and larger. As a result, Anaconda now allows installation to disks of size 2.2 TB and larger, but the installed system will not always boot properly on non-EFI systems. Disks of size 2.2 TB and larger may be used during the installation process, but only as data disks; they should not be used as bootable disks.

BZ#705328

When an interface configuration file is created by a configuration application such as Anaconda, NetworkManager generates the Universally Unique IDentifier (UUID) by hashing the existing configuration file name. Consequently, the same UUID was generated on multiple installed systems for a given network device name. With this update, a random UUID is generated by Anaconda for NetworkManager so that it does not have to generate the connection UUID by hashing the configuration file name. As a result, each network connection of all installed systems has different UUID.

BZ#735791

When IPv6 support is set to be disabled by the installer using the noipv6 boot option, or the network --nopipv6 kickstart command, or by using the "Configure TCP/IP" screen of the loader Text User Interface (TUI), and no network device is configured for IPv6 during installation, the IPv6 kernel modules on the installed system will now be disabled.

BZ#735857

The ability to configure a VLAN discovery option for Fibre Channel over Ethernet (FCoE) devices added during installation using Anaconda's graphical user interface was required. All FCoE devices created in Anaconda installer were configured to perform VLAN discovery using the fcoemon daemon by setting the AUTO_VLAN value of its configuration file to yes. A new "Use auto vlan" checkbox was added to the "Advanced Storage Options" dialog, which is invoked by the Add Advanced Target button in "Advanced Storage Devices" screen. As a result, when adding FCoE device in Anaconda, it is now possible to configure the VLAN discovery option of the device using "Use auto vlan" checkbox in "Advanced Storage Options" dialog. The value of AUTO_VLAN option of FCoE device configuration file /etc/fcoe/cfg-device is set accordingly.

BZ#737097

The lsscsi and sg3_utils were not present in the install image. Consequently, maintenance of Data Integrity Field (DIF) disks was not possible. This update adds the lsscsi and sg3_utils to the install image and now utilities to maintain DIF disks can be used during the installation.

BZ#743784

Anaconda creates FCoE configuration files under the /etc/fcoe/ directory using biosdevname, which is the new style interface naming scheme, for all the available Ethernet interfaces for FCoE BFS. However, it did not add the ifname kernel command line argument for FCoE interface that stays offline after discovering FCoE targets during installation. Because of this, during subsequent reboot the system tried to find the old style ethX interface name in /etc/fcoe/, which does not match the file created by Anaconda using biosdevname. Therefore, due to the missing FCoE config file, FCoE interface is never created on this interface. Consequently, during FCoE BFS installation, when an Ethernet interface went offline after discovering the targets, FCoE links did not come up after reboot. This update adds dracut ip parameters for all FCoE interfaces including those that went offline during installation. As a result, FCoE interfaces disconnected during installation will be activated after reboot.

BZ#744129

Installations with the swap --recommended command in kickstart created a swap file of size 2 GB plus the installed RAM size regardless of the amount of RAM installed. Consequently, machines with a large amount of RAM had huge swap files prolonging the time before the oom_kill syscall was invoked even in malfunctioning cases. In this update, swap size calculations for swap --recommended were changed to meet the values recommended in the documentation https://access.redhat.com/knowledge/solutions/15244 and the --hibernation option was added for the swap kickstart command and as the default in GUI/TUI installations. As a result, machines with a lot of RAM have a reasonable swap size now if swap --recommended is used. However, hibernation might not work with this configuration. If users want to use hibernation they should use swap --hibernation.

BZ#755147

If there are multiple Ethernet interfaces configured for FCoE boot, by default, only the primary interface is turned on and the other interfaces are not configured. This update sets the value ONBOOT=yes in the ifcfg configuration file during installation for all network interfaces used by FCoE. As a result, all network devices used for installation to FCoE storage devices are activated automatically after reboot.

BZ#770486

This update adds the Netcat (nc) networking utility to the install environment. Users can now use the nc program in Rescue mode.

BZ#773545

The virt-what shell script has been added to the install image. Users can now use the virt-what tool in kickstart.

BZ#784327

Firmware files were loaded only from RPM files in $prefix/lib/firmware paths on a Driver Update Disk (DUD). This update adds the $prefix/lib/firmware/updates directory to the path to be searched for firmware. RPM files containing firmware updates can now have firmware files in %prefix/lib/firmware/updates.

BZ#723350

Previously, binary files from the base atlas package contained illegal instructions from an incompatible instruction set (3DNow!). As a consequence, an "Illegal instruction" error was displayed. This update disables usage of the instruction set.

Bug Fixes

BZ#803349

Previously, not enough information was parsed to determine whether audit records are part of the same event if the server's node name was longer than approximately 80 characters. With this update, the problem has been fixed.

BZ#797848

This update fixes a typo in the audit.rules(7) man page.

BZ#658630

Prior to this update, if the audit rules had a typo or the command was not supported by the Linux kernel, either an error was triggered and you were able to stop processing the rules or, as the other option, you were able to ignore any errors in which case it completed everything it could but returned success. This update introduces the "-c" option to auditctl which works like the ignore option, but instead of returning success, the "-c" option returns failure if any rule triggers an error. Note that like the ignore option, the "-c" option continues to process all audit rules.

BZ#766920

This release adds support for a new kernel auditing feature that allows for inter-field comparisons. For each audit event, the Linux kernel collects information about what is causing the event. Now, you can use the "-C" option to compare: "auid", "uid", "euid", "suid", "fsuid", or "obj_uid"; and "gid", "egid", "sgid", "fsgid", or "obj_gid". The two groups cannot be mixed. Comparisons can use either the equal or not equal operators. Note that for this enhancement to work, the system must boot the Linux 2.6.32-244 kernel or later.