Patch Name: PHCO_27781 Patch Description: s700_800 11.11 su(1) cumulative patch Creation Date: 02/10/04 Post Date: 02/10/09 Hardware Platforms - OS Releases: s700: 11.11 s800: 11.11 Products: N/A Filesets: OS-Core.CORE-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP Automatic Reboot?: No Status: General Release Critical: No Category Tags: defect_repair general_release Path Name: /hp-ux_patches/s700_800/11.X/PHCO_27781 Symptoms: PHCO_27781: ( SR:8606269172 CR:JAGae33407 ) Applications that rely upon the ability of su(1) command to switch to another user and pass along certain environment variables, including but not limited to SHLIB_PATH, do not work. Defect Description: PHCO_27781: ( SR:8606269172 CR:JAGae33407 ) By default, the su(1) command does not export the environment variables LD_LIBRARY_PATH, SHLIB_PATH or LD_PRELOAD to its child process. Resolution: The default behavior now can be overridden with the optional parameter SU_KEEP_ENV_VARS in the file /etc/default/security. Any combination of these environment variables can be specified with comma separating the variables. SU_KEEP_ENV_VARS=var1,var2,....varN The SU_KEEP_ENV_VARS parameter, if set, forces su(1) to propagate any combination of these 'unsafe' environment variables to its child process. Currently, no other environment variables may be specified in this way. The file /etc/default/security should be owned by root and have 0644 permissions. As an example, to force su(1) to export the environment variables SHLIB_PATH and LD_PRELOAD to its child process, include the following lines in /etc/default/security, as specified above: SU_KEEP_ENV_VARS=SHLIB_PATH,LD_PRELOAD Enhancement: No SR: 8606269172 Patch Files: OS-Core.CORE-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64, v=HP: /usr/share/man/man1.Z/su.1 OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP: /usr/bin/su what(1) Output: OS-Core.CORE-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64, v=HP: /usr/share/man/man1.Z/su.1: None OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP: /usr/bin/su: $Revision: @(#) all CUP11.11_BL2002_1004_2 PATCH_11. 11 PHCO_27781 Fri Oct 4 00:27:58 PDT 2002 $ cksum(1) Output: OS-Core.CORE-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64, v=HP: 288720111 4448 /usr/share/man/man1.Z/su.1 OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP: 845851536 28672 /usr/bin/su Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: None Patch Package Size: 60 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHCO_27781 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHCO_27781.depot By default swinstall will archive the original software in /var/adm/sw/save/PHCO_27781. If you do not wish to retain a copy of the original software, include the patch_save_files option in the swinstall command above: -x patch_save_files=false WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHCO_27781.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHCO_27781.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHCO_27781.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None