 |
» |
|
|
|
|
|
|
|
|
|
Patch Name: PHNE_29463
Patch Description: s700_800 11.00 r-commands cumulative mega-patch
Creation Date: 04/10/01
Post Date: 04/12/17
Hardware Platforms - OS Releases:
s700: 11.00
s800: 11.00
Products: N/A
Filesets:
InternetSrvcs.INETSVCS-RUN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP
InternetSrvcs.INET-ENG-A-MAN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP
Automatic Reboot?: No
Status: General Superseded
Critical:
Yes
PHNE_29463: ABORT HANG
Category Tags:
defect_repair enhancement general_release critical
halts_system
Path Name: /hp-ux_patches/s700_800/11.X/PHNE_29463
Symptoms:
PHNE_29463:
1. JAGad90845 / SR 8606221711:
rexecd does not support the option "use_psd" in the file
"/etc/pam.conf".
2. JAGad93309 / SR 8606224214:
In the Secure Internet Services (SIS) environment, rlogin,
remsh and rcp do not use normal authentication, if
Kerberos authentication with the remote server fails.
3. JAGad93535 / SR 8606224447:
In the Secure Internet Services (SIS) environment,
rlogin and remsh do not read SIS options from the
krb5.conf configuration file.
4. JAGad93862 / SR 8606224774:
The credential cache file created by PAM-Kerberos is not
cleaned when rlogind exits.
5. JAGad94086 / SR 8606224998:
Although Secure Internet Services (SIS) is disabled on
the server system using the "inetsvcs_sec" command, rlogind
and remshd continue to use the Kerberos.
6. JAGae26392 / SR 8606262061:
In the Secure Internet Services (SIS) environment, rlogin
does not read the standard input under certain
circumstances.
7. JAGae30623 / SR 8606266375:
In the Secure Internet Services (SIS) environment,
r-commands clients dump core under certain circumstances.
8. JAGae32691 / SR 8606268453:
remshd fails to execute when the service name database
does not contain an entry for "kshell", and displays the
message: "remshd: getservbyname".
9. JAGae38108 / SR 8606274029:
remshd and rexecd dump core when the maximum stack size
is set to a value less than 4MB.
10. JAGae61659 / SR 8606298159:
When 'rcp' is used to copy a file to a remote system,
"last" command in the remote system shows the message
"still logged in" even after the file has been
completely copied to the system.
11. JAGae80482 / SR 8606317928:
When rcp is invoked with an invalid send or receive
buffer size, the error message in the syslog.log file
contains an incorrect timestamp value.
12. JAGaf05663 / SR 8606344813:
rdist displays protocol error messages and hangs when the
destination has certain directories with the same name as
the symbolic links in source.
13. JAGaf17130 / SR 8606356422:
Under certain circumstances, remsh/rexec kills a wrong
process.
PHNE_23003:
1. JAGab83643/SR 8606110892:
rdist fails to handle the hard links properly.
2. JAGad36477/SR 8606167191:
rdist sometimes does not handle source and destination
paths properly.
3. JAGad43677 / SR 8606174431:
"rdist -M" fails to retain permissions of the symbolically
linked files on the destination system.
4. JAGad44648 / SR 8606175407:
rlogind exits abnormally when the authentication to a
klogin service fails.
5. JAGad67581 / SR 8606198391:
remshd does not handle authentication properly.
6. JAGad64467 / SR 8606195262:
rwhod fails to start on a system with more than 32
interfaces configured. It exits with an error message,
"ioctl (get interface configuration)" in syslog.log file.
7. JAGad84516 / SR 8606215328:
remshd fails to handle sub shells in some cases.
8. JAGad64866 / SR 8606195662:
swverify logs error messages for few r-commands manpages
after installing 11.00 install media.
PHNE_21731:
1. JAGad05687 / SR 8606136563:
remsh fails for a multi-homed system when address
resolution is done via NIS server and if the first entry
for the hostname doesn't contain the primary IP address
in NIS host database.
2. JAGad15036 / SR 8606145700:
With the patch PHNE_17030 installed, remshd/rexecd
sometimes fails to display the error message while
executing a bad command when the user is in ksh.
3. JAGad15647 / SR 8606146303:
remsh was failing if a service request was made for any
port other than "shell" or "kshell".
4. JAGad06606 / SR 8606137488:
ruptime was showing ??:?? for the number of days when
the host was up/down for more than 365 days.
5. JAGad25536 / SR 8606156226:
In a trusted system, rexecd sometimes disables the account
even if the user gives the correct password.
6. JAGad28199 / SR 8606158870:
rlogind is intermittently failing to log syslog messages
for passwd entry timeouts and for failure in login attempt.
7. JAGad10918 / SR 8606141555:
Third_party transfer documentation is not clear in rcp.1
man page.
PHNE_17030:
1. JAGab83067: For NFS mount system, when the server has
no permissions for other for the user's home directory,
then remshd sets the directory to root.
2. JAGab73645: Both remsh and remshd are hanging when a
remote process is started through remsh.
3. JAGab21128: remshd and rexecd are not updating the
"/var/adm/wtmp" and "/var/adm/btmp" files.
4. JAGab21143: rexecd and remshd don't use PAM for
authentication.
5. JAGab31733: When "-pr" option is set, rcp fails to copy
the first file following any directory owned by root in
the target system.
6. JAGaa42962: When rcp is invoked with wild card characters
in the source path it fails to copy the first sub-directory
when the target directory is not existing.
7. JAGaa46005: rlogin fails for a multi-homed system when
address resolution is done via NIS server.
8. JAGac56656: Customer would like to have next rlogin patch
to have dependency on the transport patch PHNE_20094 or
later.
PHNE_17028:
1. When the patch PHNE_16091 is installed, remshd/rexecd
fails to transmit the error message to the client. When
the user gives invalid input to remsh/rexec, then the
error message will not be displayed to the user.
This happens only when the user is in ksh.
2. In NIS environment, rlogin prompts for the password
even if there is an entry in the .rhosts file. Even
if the user tries to give the password, it will report
as Login incorrect.
3. In NIS environment, remsh prompts for the password
even if there is an entry in the .rhosts file. Even
if the user tries to give the password, it will report
as Login incorrect.
PHNE_16091:
* Wrong permissions on rlogin in PHNE_13620.
PHNE_13620:
rlogin
* rlogin does not handle LANG enviornment variable
properly.
rlogind
* rlogind does not handle long hostname.
remsh
* ER - remsh with stderr closed returns "fd = 2".
* remsh does not handle LANG enviornment variable properly.
remshd
* remshd does not update login counters properly.
rcp
* rcp does not clear old errno value.
* SR: RCP may show file as being there even if it ran
out of disk space.
* rcp does not check for proper parameters.
* rcp does not handle LANG environment variable properly.
rdist
* rdist does not check for temporary files before creating
them.
* rdist does not set process resources properly.
* rdist does not process distfile properly.
* rdist fails if subdirectory exists that matches
remote hostname.
PHNE_13546:
1. rexecd does not update trusted systems DB on good
logins
2. Package switchover fails when remsh'ed into package
filesystems.
Defect Description:
PHNE_29463:
1. JAGad90845 / SR 8606221711:
rexecd does not support the option "use_psd" in the file
"/etc/pam.conf". This information is not documented in the
man page.
Resolution:
The information about the unsupported option "use_psd" in
the file "/etc/pam.conf" has now been documented in the
rexecd man page.
2. JAGad93309 / SR 8606224214:
If the remote server does not support Kerberos
authentication, rlogin, remsh, and rcp from a Kerberized
client fail instead of falling back to the normal mode of
authentication.
Resolution:
A new option "fallback" is now provided in the krb5.conf
file. If this option is set to "true", rlogin, remsh, and
rcp will use the normal mode of authentication if the
Kerberos authentication fails.
3. JAGad93535 / SR 8606224447:
In the SIS environment, rlogin and remsh do not read the
SIS configuration options specified in the krb5.conf file.
Resolution:
rlogin and remsh now read the SIS configuration options
specified in the [appdefaults] section of the krb5.conf
file.
4. JAGad93862 / SR 8606224774:
If the system is configured to use PAM-Kerberos for
authentication, a credential cache file is created. This
cache file is not cleaned up when rlogind exits.
Resolution:
Now rlogind cleans up the credential cache file before
exiting.
5. JAGad94086 / SR 8606224998:
Before using the Kerberos authentication, rlogind and
remshd do not check whether SIS is enabled on the system.
Resolution:
rlogind and remshd now check whether SIS is enabled on
the system before using the Kerberos authentication.
6. JAGae26392 / SR 8606262061:
In the SIS environment, the file descriptor of the
standard input is closed when Kerberos authentication
fails. Therefore, rlogin cannot read the standard input.
Resolution:
rlogin now reads the standard input even when the
Kerberos authentication fails.
7. JAGae30623 / SR 8606266375:
In the Secure Internet Services (SIS) environment,
r-commands clients do not process host names properly.
Resolution:
r-commands clients now process host names properly in
SIS environment.
8. JAGae32691 / SR 8606268453:
remshd can execute in two modes namely Kerberos and
non-Kerberos. In order to identify the mode, remshd
checks the port on which the request has arrived. For
this, remshd first calls getservbyname() on the "kshell"
entry in /etc/services file, and then checks the shell
entry in /etc/services file. If the "kshell" entry is
not present in /etc/services, remshd fails to execute and
exits with an error message.
Resolution:
Code has now been modified to rightly identify the port
on which the request has arrived.
9. JAGae38108 / SR 8606274029:
In the remshd and rexecd code, an array of size 4MB is
declared in a function. If the maximum stack size is less
than the array size, remshd and rexecd dump core.
Resolution:
Code has been modified to allocate buffer space
dynamically instead of an array.
10. JAGae61659 / SR 8606298159:
rcp uses remshd to remotely execute the rcp command.
remshd/rexecd fails to update the logout information in
the "/var/adm/wtmp" file when used with client
applications which do use secondary connections, like
rcp, resulting in the "still logged in" even after the
process has completed its execution.
Resolution:
remshd/rexecd code has been modified to include the
command line option "-t" using which will prevent
remshd/rexecd from logging the connections from clients
which does not use secondary connections such as rcp to
"/var/adm/wtmp".
11. JAGae80482 / SR 8606317928:
Some syslog error messages, which are generated due to an
invalid send and receive buffer size, are logged in the
syslog.log file after rcp clears the environment variable
"TZ", which is used to store the time zone information.
Therefore, the respective syslog error messages contain
an incorrect timestamp information.
Resolution:
Code has been modified to retain the value of environment
variable TZ. Therefore,the syslog.log file now contains
the correct timestamp information.
12. JAGaf05663 / SR 8606344813:
When rdist is used to distribute certain symbolic links in
a source to a destination that contains directories with
the same name as the symbolic links of source, rdist
displays protocol error messages and indefinitely waits
for further data instead of processing the next source
file.
Resolution:
rdist has been modified to display proper error messages
and continue processing the next source file when the
destination has directories with the same name as the
symbolic links in the source.
13. JAGaf17130 / SR 8606356422:
remsh/rexec kills its child process without checking
whether the child process has exited. Even though the child
process has exited, remsh/rexec kills the child process by
sending a SIGKILL signal to the child's process ID, which
may inturn kill a wrong process with the same process ID.
Resolution:
remsh/rexec has been modified to check for the existence
of the child process before killing it.
PHNE_23003:
1. JAGab83643/SR 8606110892 :
When rdist is used to distribute hard-linked files, it
fails to create the proper destination path.
Resolution:
rdist code has been modified to create the hard linked
files properly.
2. JAGad36477/SR 8606167191:
rdist sometimes does not handle source and destination path
properly.
Resolution:
rdist code has been modified to handle source and
destination path properly.
3. JAGad43677 / SR 8606174431:
The permission of a symbolic linked file is based on the
system umask value. rdist should set the umask to a value
identical to that of the permission of the source file when
it is invoked with '-M' option. However, rdist is not
setting the umask appropriately.
Resolution:
The code has been modified to set the umask to a value
appropriate to the permission of the symbolic linked source
file before creating it at the destination.
4. JAGad44648 / SR 8606175407:
The data structures in the authentication modules used by
'klogin' service are not initialised. Un-initialised data
structures caused kerberised rlogind daemon to create a
core dump if the authentication for a kerberised rlogin
client fails.
Resolution:
The data structures in the authentication modules have been
initialised.
5. JAGad67581 / SR 8606198391:
remshd does not handle authentication properly.
Resolution:
The code has been modified to handle authentication
properly.
6. JAGad64467 / SR 8606195262:
In rwhod, a limited memory is allocated to store the
information about interfaces. Hence it can handle only
upto 32 interfaces.
Resolution:
The code has been modified to handle any number of
interfaces upto the system limit.
7. JAGad84516 / SR 8606215328:
remshd does not wait until all its sub-child processes
finish execution.
Resolution:
remshd now waits for all the sub-child processes to finish
execution.
8. JAGad64866 / SR 8606195662:
The /sbin/init.d/inetsvcs script combines the kerberos
and non-kerberos manpages, eventhough it is already
combined.
Resolution:
The patch scripts have been modified to ensure the
/sbin/init.d/inetsvcs script will not combine the
kerberos and non-kerberos manpages.
PHNE_21731:
1. JAGad05687 / SR 8606136563:
In remshd, there is a concept of reverse lookup, i.e. it
cross checks the address it gets via gethostbyaddr()
through gethostbyname(). In NIS, there is a problem that
it cannot handle multi-homed address properly. For
gethostbyname() it queries on the hostname. So if in
NIS host database the first entry for the hostname doesn't
contain the primary IP address, reverse lookup fails.
Resolution:
Since this problem in NIS is impossible to fix, we
added another new option "-s" in remshd. If this is
set reverse lookup is disabled.
2. JAGad15036 / SR 8606145700:
In remshd/rexecd the child process writes the error message
into a pipe and dies. Sometimes the child process dies
before the parent process has read that error message. Then
the parent receives a SIGCHLD signal and exits without
reading the error message from the pipe. Thus the error
message is not getting displayed.
Resolution:
Now, the parent process after receiving the SIGCHLD signal
tries to read from the pipe before doing an exit. Also,
the SIGCHLD signal is now blocked during the read operation
from the pipe.
3. JAGad15647 / SR 8606146303:
Previously, remshd was checking whether the service request
is for port "shell" or "kshell". Accordingly, it should
start the non-Kerberised or the Kerberised version of the
remshd. If the service request is for neither "shell" nor
"kshell" port, it used to exit immediately.
Resolution:
Now remshd checks if the service request is for port
"kshell". Then it starts the Kerberised remshd. Otherwise,
for any other port it starts the non-Kerberised remshd.
4. JAGad06606 / SR 8606137488:
ruptime had a check to see if the machine is up/down for
more than 365 days. For that it was printing ??:?? .
Resolution:
Now the check has been removed so that ruptime can always
print the number of days the machine is up/down even if it
is up/down for more than 365 days.
5. JAGad25536 / SR 8606156226:
For trusted systems, there is a login counter called
"culogin" which gives the number of unsuccessful logins.
This counter should be reset to "-1" after a successful
login. rexecd uses PAM modules for authentication. It was
not opening the PAM session to update the login counter.
Resolution:
rexecd code has been modified so that now it opens the
session to update the login counter.
6. JAGad28199 / SR 8606158870:
rlogind was ignoring SIGCLD signal while ending rlogin
session . Now if it gets SIGCLD signal it was not calling
SIGCLD handler, where it was checking for child status and
logging syslog message. Hence it was not logging.
Resolution:
The code has been modified not to ignore the SIGCLD
signal. Now it goes to signal handler and logs the
message when it gets SIGCLD signal.
7. JAGad10918 / SR 8606141555:
Third_party transfer documentation is not clear in rcp.1
man page.
Resolution:
Now the "rcp.1" man page has been updated to give a Note
on Third_party transfer.
PHNE_17030:
1. JAGab83067: In remshd "chdir" was called before setuid().
Since, permissions are denied for 'other', chdir() fails,
and it is set to the root directory instead.
Resolution:
chdir() is called again after calling setgid() and
setuid().
2. JAGab73645: In remshd the SIGCHLD signal is not handled
properly. It is currently relying on the EOF from the pipe
which is used to send error messages from the child to the
parent process in remshd. Because of this remshd is hanging
in some cases and as a result remsh is also hanging.
Resolution:
A new signal handler for SIGCHLD has been added which,
for remshd, does a shutdown on the socket.
3. JAGab21128: For each login and logout remshd and rexecd
must log the necessary information in "/var/adm/wtmp" and
"/var/adm/btmp" files as the case may be. Currently
this feature is not there.
Resolution:
Modified the source code to add a new function. It has
a parameter from which it decides to which of the two
files it should update.
4. JAGab21143: rexecd and remshd were not using PAM for
authenticating users. So, only UNIX users will be able to
use these services.
Resolution:
Added code that will use PAM for authentication.
5. JAGab31733: If the target system has a directory owned by
the root, and in the source directory there are also other
files with a different owner then, rcp fails to copy the
first file following the root owned directory. This is due
to an error message sent by the remote m/c when utimes()
system call fails for the root owned directory.
Resolution:
Final response is sent from the server to the client
after the utimes() system call.
6. JAGaa42962: When rcp is invoked with more than one
files to be copied and "-r" option is used, the target
directory is not getting created.
Resolution:
As soon as the server function receives the first
file, it checks whether the target directory is
existing or not. If the target directory is not
existing, then it creates the target directory. Then it
copies the first sub-directory to the target directory.
7. JAGaa46005: In rlogind, there is a concept of reverse
lookup, i.e. it cross checks the address it gets via
gethostbyaddr() through gethostbyname(). In NIS, there is a
problem that it cannot handle multi homed address properly.
For gethostbyname() it queries on the hostname. So if in
NIS host database the first entry for the hostname doesn't
contain the primary IP address, reverse lookup fails.
Resolution:
Since this problem in NIS is impossible to fix, so in
rlogind we added another new option "-s". If this is
set reverse lookup is disabled.
8. JAGac56656: rlogind does not work properly in 64 bit
11.00 HP-UX systems because of a transport defect.
Resolution:
Install the transport patch PHNE_20094 or later in those
systems.
PHNE_17028:
1. The SO_LINGER option was disabled to increase the
performance. The child writes into the socket and
dies before the parent reads from the socket. So the
error message has not been sent to the client.
Resolution:
The stdout is kept opened in the parent process
instead of closing it. If the select call which will
enter into the loop when an event occurs, returns
the error with EINTR then it continues to wait in the
loop otherwise it breaks the loop. By this,the parent
process waits till the error message is received
which is generated by the child process and passes
the error message to the client.
2. In NIS environment, rlogin prompts for the password
even if there is an entry in the .rhosts file. The
password will not be accepted by rlogind as NIS
uses different mechanism to authenticate the user.
Earlier the password file is viewed as root user to
authenticate the user. Now, that part of the code
has been changed to view the password as local user
itself.
Resolution:
The effective user id is stored in temporary variable.
Then read the password file as local user and store it
in temporary pointer. Set the real user id from the
temporary pointer and then read the password file and
store it in another pointer.Then set the effective
user id back which is stored in the temporary variable.
Note that, the effective user id has been changed only
when authentication takes place and reverted back once
the authentication is done.
3. In NIS environment,remsh prompts for the password even
if there is an entry in the .rhosts file.The password
will not be accepted by remshd as NIS uses different
mechanism to authenticate the user.Earlier the password
file is viewed as root user to authenticate the user.
Now,that part of the code has been changed to view the
password as local user itself.
Resolution:
The effective user id is stored in temporary variable.
Then read the password file as local user and store
it in temporary pointer.Set the real user id from the
temporary pointer and then read the password file and
store it in another pointer.Then set the effective user
id back which is stored in the temporary variable.Note
that, the effective user id has been changed only when
authentication takes place and reverted back once
the authentication is done.
PHNE_16091:
* With PHNE_13620 installed, rlogin gives the error
message "rlogin: This program requires super user
privileges".
PHNE_13620:
rlogin
* rlogin does not handle LANG enviornment variable
properly.
rlogind
* rlogind does not handle long hostname.
remsh
* ER - remsh with stderr closed returns "fd = 2".
* remsh does not handle LANG enviornment variable properly.
remshd
* remshd does not update login counters properly.
rcp
* rcp does not clear old errno value.
* SR: RCP may show file as being there even if it ran
out of disk space.
* rcp does not check for proper parameters.
* rcp does not handle LANG environment variable properly.
rdist
* rdist does not check for temporary files before creating
them.
* rdist does not set process resources properly.
* rdist does not process distfile properly.
* rdist fails if subdirectory exists that matches
remote hostname.
PHNE_13546:
1. The field "passwd->ufld.fd_nlogins" is not reset to
zero following a successful login after a number of
permissible unsuccessful logins. Because of this
single login failures will accumulate and eventually
lock the account.
2. 11.0 now honours the SO_LINGER socket option which was
was not the case in 10.X. This caused performance
problems. The SO_LINGER socket option had to be
disabled.
Enhancement:
No (superseded patches contained enhancements)
PHNE_17030:
Enhancements were delivered in this patch or one it has
replaced. Please review the Defect Description text for more
information.
SR:
8606221711 8606224214 8606224447 8606224774 8606224998
8606262061 8606266375 8606268453 8606274029 8606298159
8606317928 8606344813 8606356422 8606110892 8606167191
8606174431 8606175407 8606198391 8606195262 8606215328
8606195662 8606136563 8606145700 8606146303 8606137488
8606156226 8606158870 8606141555 8606110364 8606105517
5003442921 1653305839 5003467134 1653289165 8606126091
5003444007 8606140969 5003446443 4701381525 1653188235
5003422279 1653257212 5003394536 1653234070 5003392761
5003444067 8606225608 8606380543 8606380542 8606380541
8606380540 8606380539 8606380538 8606380537 8606380536
Patch Files:
InternetSrvcs.INETSVCS-RUN,fr=B.11.00,
fa=HP-UX_B.11.00_32/64,v=HP:
/usr/bin/rcp
/usr/bin/rdist
/usr/bin/remsh
/usr/bin/rexec
/usr/bin/rlogin
/usr/bin/ruptime
/usr/lbin/remshd
/usr/lbin/rexecd
/usr/lbin/rlogind
/usr/sbin/rwhod
/usr/share/doc/pamized_rcom_readme.txt
InternetSrvcs.INET-ENG-A-MAN,fr=B.11.00,
fa=HP-UX_B.11.00_32/64,v=HP:
/usr/share/man/man1m.Z/rlogind.1m
/usr/share/man/man1m.Z/remshd.1m
/usr/share/man/man1m.Z/rexecd.1m
/usr/share/man/man1.Z/rcp.1
/usr/share/man/man1.Z/rlogin.1
/usr/share/man/man1.Z/remsh.1
/usr/share/man/man1.Z/kremsh.1
/usr/share/man/man1.Z/krlogin.1
/usr/share/man/man1.Z/krcp.1
/usr/share/man/man1m.Z/kremshd.1m
what(1) Output:
InternetSrvcs.INETSVCS-RUN,fr=B.11.00,
fa=HP-UX_B.11.00_32/64,v=HP:
/usr/bin/rcp:
Copyright (c) 1983 The Regents of the University of
California.
All rights reserved.
rcp.c $Revision: 1.18.214.20 $ $Date: 04/09/02 03:00
:04 $
rcp.c 5.20 (Berkeley) 5/23/89
patch id : PHNE_29463
/usr/bin/rdist:
$Revision: 1.1.214.4 Thu Sep 23 08:53:38 GMT 2004$
Patch id: PHNE_29463
/usr/bin/remsh:
Copyright (c) 1983 The Regents of the University of
California.
All rights reserved.
remsh.c $Revision: 1.30.214.6 $ $Date: 04/09/16 18:0
0:00 $
rsh.c 5.7 (Berkeley) 9/20/88
Patch id: PHNE_29463
/usr/bin/rexec:
Copyright (c) 1983 The Regents of the University of
California.
All rights reserved.
remsh.c $Revision: 1.30.214.6 $ $Date: 04/09/16 18:0
0:00 $
rsh.c 5.7 (Berkeley) 9/20/88
Patch id: PHNE_29463
/usr/bin/rlogin:
Copyright (c) 1983 The Regents of the University of
California.
All rights reserved.
rlogin.c $Revision: 1.37.214.8 $ $Date: 04/09/16 16:
00:00 $
Patch id : PHNE_29463
/usr/bin/ruptime:
Copyright (c) 1983 The Regents of the University of
California.
ruptime.c $Revision: 1.3.214.2 $ $Date: 96/10/08 13:
24:00 $
ruptime.c 5.5 (Berkeley) 8/25/88
patch id : PHNE_21731
/usr/lbin/remshd:
Copyright (c) 1983, 1988 The Regents of the Universi
ty of California.
All rights reserved.
rshd.c 5.17.1.2 (Berkeley) 2/7/89
remshd.c $Revision: 1.36.214.16 $
patch id : PHNE_29463
/usr/lbin/rexecd:
Copyright (c) 1983, 1988 The Regents of the Universi
ty of California.
All rights reserved.
rexecd.c 5.7 (Berkeley) 1/4/89
rexecd.c $Revision: 1.36.214.16 $
patch id : PHNE_29463
/usr/lbin/rlogind:
Copyright (c) 1983, 1988 The Regents of the Universi
ty of California.
All rights reserved.
rlogind.c $Header: rlogind.c,v 1.19.214.17 04/09/03
02:52:16 Exp $
rlogind.c 5.22.1.7 (Berkeley) 2/7/89
patch id : PHNE_29463
/usr/sbin/rwhod:
Copyright (c) 1983 The Regents of the University of
California.
rwhod.c $Revision: 1.9.214.2 $ $Date: 96/10/08 13:24
:16 $
rwhod.c 5.11 (Berkeley) 8/25/88
patch id : PHNE_23003
/usr/share/doc/pamized_rcom_readme.txt:
None
InternetSrvcs.INET-ENG-A-MAN,fr=B.11.00,
fa=HP-UX_B.11.00_32/64,v=HP:
/usr/share/man/man1m.Z/rlogind.1m:
None
/usr/share/man/man1m.Z/remshd.1m:
None
/usr/share/man/man1m.Z/rexecd.1m:
None
/usr/share/man/man1.Z/rcp.1:
None
/usr/share/man/man1.Z/rlogin.1:
None
/usr/share/man/man1.Z/remsh.1:
None
/usr/share/man/man1.Z/kremsh.1:
None
/usr/share/man/man1.Z/krlogin.1:
None
/usr/share/man/man1.Z/krcp.1:
None
/usr/share/man/man1m.Z/kremshd.1m:
None
cksum(1) Output:
InternetSrvcs.INETSVCS-RUN,fr=B.11.00,
fa=HP-UX_B.11.00_32/64,v=HP:
4243226693 53248 /usr/bin/rcp
3901963919 73728 /usr/bin/rdist
160745604 32768 /usr/bin/remsh
2133325219 20480 /usr/bin/rexec
1199768667 40960 /usr/bin/rlogin
3198139396 20480 /usr/bin/ruptime
1932734659 45056 /usr/lbin/remshd
3712947273 32768 /usr/lbin/rexecd
2906168285 40960 /usr/lbin/rlogind
1978190237 24576 /usr/sbin/rwhod
2170423975 4839 /usr/share/doc/pamized_rcom_readme.txt
InternetSrvcs.INET-ENG-A-MAN,fr=B.11.00,
fa=HP-UX_B.11.00_32/64,v=HP:
4208879052 7875 /usr/share/man/man1m.Z/rlogind.1m
156614525 11104 /usr/share/man/man1m.Z/remshd.1m
3690962714 3676 /usr/share/man/man1m.Z/rexecd.1m
979587988 9924 /usr/share/man/man1.Z/rcp.1
1435273432 10023 /usr/share/man/man1.Z/rlogin.1
166201351 9446 /usr/share/man/man1.Z/remsh.1
2695631999 5938 /usr/share/man/man1.Z/kremsh.1
1235405119 6076 /usr/share/man/man1.Z/krlogin.1
159478624 5923 /usr/share/man/man1.Z/krcp.1
717540430 7274 /usr/share/man/man1m.Z/kremshd.1m
Patch Conflicts: None
Patch Dependencies: None
Hardware Dependencies: None
Other Dependencies:
If you are using the Secure Internet Services (SIS)
environment, then for this patch to address defect fixes
SR 8606224774 (JAGad93862), SR 8606224214 (JAGad93309) and
SR 8606224447 (JAGad93535), it is imperative that the
libsis.sl beta patch PHSS_24834 be installed with this
patch. Please contact your local HP Support Center to obtain
a copy of beta patch PHSS_24834.
Supersedes:
PHNE_13546 PHNE_13620 PHNE_16091 PHNE_17028 PHNE_17030 PHNE_21731
PHNE_23003
Equivalent Patches:
PHNE_31731:
s700: 11.23
s800: 11.23
Patch Package Size: 310 KBytes
Installation Instructions:
Please review all instructions and the Hewlett-Packard
SupportLine User Guide or your Hewlett-Packard support terms
and conditions for precautions, scope of license,
restrictions, and, limitation of liability and warranties,
before installing this patch.
------------------------------------------------------------
1. Back up your system before installing a patch.
2. Login as root.
3. Copy the patch to the /tmp directory.
4. Move to the /tmp directory and unshar the patch:
cd /tmp
sh PHNE_29463
5. Run swinstall to install the patch:
swinstall -x autoreboot=true -x patch_match_target=true \
-s /tmp/PHNE_29463.depot
By default swinstall will archive the original software in
/var/adm/sw/save/PHNE_29463. If you do not wish to retain a
copy of the original software, include the patch_save_files
option in the swinstall command above:
-x patch_save_files=false
WARNING: If patch_save_files is false when a patch is installed,
the patch cannot be deinstalled. Please be careful
when using this feature.
For future reference, the contents of the PHNE_29463.text file is
available in the product readme:
swlist -l product -a readme -d @ /tmp/PHNE_29463.depot
To put this patch on a magnetic tape and install from the
tape drive, use the command:
dd if=/tmp/PHNE_29463.depot of=/dev/rmt/0m bs=2k
Special Installation Instructions:
o When you execute a remsh/rexec client, such as rcp that
does not use a secondary port, the "last" command in the
remote system shows the message "still logged in" even
after the remote command has completed successfully. To
rectify this, use the new command line option "-t" with
the remshd/rexecd entry in the /etc/inetd.conf file.
o After removing this patch, ensure that the "-t" option
for the remshd/rexecd entry does not exist in the
/etc/inetd.conf file, for proper functioning of
remshd/rexecd.
o When a user executes certain remote commands like
"nfs.client start", remsh may appear to hang. This hang
is seen as remsh waits for the remote command to complete
before exiting.
If users wish to avoid this behaviour, users must add the
"-m" option to the rexecd/remshd entry in the
/etc/inetd.conf file. It should be noted that when
remshd/rexecd is started with this option the standard
output and standard error messages may not appear on the
terminal.
o After removing this patch, make sure that the "-m" option
for the remshd/rexecd entry does not exist in the
/etc/inetd.conf file. If it does exist, remshd/rexecd
will fail.
o 'remshd' and 'rexecd' binaries that are shipped as
part of this patch hereafter will be using PAM for
authenticating users. For more details regarding
the PAMized versions of 'remshd' and 'rexecd'
refer the readme in
/usr/share/doc/pamized_rcom_readme.txt
o For rlogind(1M) to function properly on 64-bit systems,
the Streams Pty patch PHNE_20094 or any of its superseding
patches must be installed with this patch.
o After removing this patch, please remove the "-s" option
from remshd/rlogind entry in the file "/etc/inetd.conf"
if present. remshd/rlogind may fail with "-s" option if
this patch is removed.
|
Printable version
