Home

Red Hat Enterprise Linux 5.2: WTF. Are you serious?

Submitted by digitalruin on Wed, 07/09/2008 - 14:23
Tagged:
Red Hat FAIL People who know me would say that usually I'm the first one to back Red Hat based distro's. I'm a big fan of RPM, spent much of my youth playing with early Red Hat boxes, and usually don't tend to enjoy working with Debian... but this week has been some what of a gigantic black hole of SUCK. What began as a small set of updates and bug fixes has turned into a total nightmare. 

A few weeks ago Red Hat released RHEL 5.2, the second maintenance release for their series 5 server. As many people know, these updates don't happen all that often and there are few individual packages released in the interim. The whole point of this is that the applications can be tested and deemed stable before being sent out to a production environment. Unlike Fedora where you receive daily updates of the latest bleeding edge, these releases are supposed to be tried and tested heavily. Then there's nss_ldap 253-12...

Following pretty standard procedures, we updated a few test machines to 5.2 before putting it on anything important, and as it turned out, I'm extremely glad I did! The first thing we noticed after the update was that upon boot up, almost all our services failed to start. What. The. Fuck. Almost nothing would run. Once I was able to get into the machine, just running bash was spewing bad code all over the screen and all our bash scripting was broken. It seemed like bash itself had sold its soul to the devil and then immediately commenced eating babies. Pipes were broken, return codes were in the thousands... absolute insanity.

Of course I immediately started poking around on the web and, WOW what a surprise, bug #448014 over at Red Hat's bugzilla. As it turns out, if you use LDAP, the upgrade from nss_ldap 253-5 => 253-12 completely fries your system. GREAT. What do we run just about everywhere??? Yes, that's right. LDAP. Good one guys! A little more reading in the bug informs us that apparently there has been a major regression in the code, and this issue should be considered a block for the 5.2 release, but it gets even better! They release 5.2 anyways! Awesome. Red Hat Inspiration

Needless to say, this problem completely crippled our whole system. Luckily, a patch was upstreamed and packaged by none other than the CentOS crew, but seriously. This should never have made it into a release... especially one designed as a bug *FIX*. Breaking all LDAP users is unacceptable. So, at this point we're out of the woods right?! Wrong.

Soon after patching I discovered that, yes, the immediate symptoms were gone, but that now we could not shutdown or reboot without causing a never ending segfault!! YAY!! :(

It's amazing how no one noticed any of this prior to signing off on nss_ldap 253-12 as stable. For the new problems I opened up bug #454675, but once again, downgrading to 253-5 (the 5.1 release) fixes the problems. *sigh* It's been a never ending bucket of FAIL for Red Hat Enterprise Linux this week, and as far as I'm concerned they need to start getting their shit together. People spend thousands on support contracts only to find out that the bug which was supposed to block a release, as designated by their own staff, was pushed out anyways.

This whole debacle just shows me how much CentOS is totally justified and the proper way to go.

Comments

Read somewhere that 5.3 isn't

Submitted by Bill (not verified) on Thu, 07/24/2008 - 13:04.

Read somewhere that 5.3 isn't expected until January....I guess you are in for the long haul until then. Enjoy the beauty of it. I'm using 5.2 now, but I don't think I'll be encountering this bug at all.

Heh, this is a such

Submitted by George (not verified) on Tue, 07/29/2008 - 17:28.

Heh, this is a such hypocritical blog :) In the link to bug reports you've provided in this blog post you seem to be talking nicely about low priority problem that does not affect anyone, not showing your anger about this problem and here you bitch. Other detail is that CentOS is +/- exact rebuild of RHEL, so no... you won't get updated SysVinit in CentOS either. If you're smart enough, patch it yourself and build a package with your fix, if not, pay for their people for it and get the hotfix from support group. We are using it in our company quite often.

"you seem to be talking

Submitted by digitalruin on Tue, 07/29/2008 - 18:06.

"you seem to be talking nicely about low priority problem that does not affect anyone"

Interesting... especially considering I say nothing of the sort anywhere in those two bug tickets. In fact, I mention how this issue has been breaking all our LDAP systems.

As far as bitching on a ticket, I don't believe it is helpful or useful to bitch and complain on a bug ticket. Just because I am frustrated on my own time doesn't mean I need to be rude to the developers, and so I treat them as such. Besides, I'm glad they are helping to fix the issue. That doesn't mean I can't complain about the initial problem on my own page. Would you rather I flame them because of an issue that most likely was out of their control?

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.