[ClusterLabs] Pacemaker 2.0.2 final release now available

Ken Gaillot kgaillot at redhat.com
Thu Jun 6 13:09:00 EDT 2019

On Thu, 2019-06-06 at 10:12 -0500, Ken Gaillot wrote:

While I appreciate brevity, this was my e-mail client eating a draft.

Source code for the Pacemaker 2.0.2 and 1.1.21 releases is now



This is primarily a security and bug fix release, with stricter two-way
authentication of inter-process communication. The most significant
issue this fixes is a privilege escalation vulnerability allowing an
attacker with login access on a node to use an impostor pacemaker
subdaemon to gain root privileges if pacemaker is started after the

The 2.0.2 release also has a few small features:

* crm_resource --validate can now be run using resource parameters from
the command line rather than the CIB, so configurations can be tested
before trying to add them

* crm_resource --clear now prints out any cleared constraints, so you
know when it did something

* A new HealthIOWait resource agent is available for tracking node
health based on CPU I/O wait

* A couple of experimental features discussed earlier on this list: a
new tool crm_rule can check for rule expiration, and stonith_admin now
supports XML output for easier machine parsing.

For more details about changes in this release, please see the change



Many thanks to all contributors of source code to this release,
including Chris Lumens, Gao,Yan, Jan Pokorný, Jehan-Guillaume de
Rorthais, Ken Gaillot, Klaus Wenninger, and Maciej Sobkowiak.
Ken Gaillot <kgaillot at redhat.com>

More information about the Users mailing list