Patch Name: PHCO_28798

Patch Description: s700_800 11.11 init(1M) cumulative patch

Creation Date: 03/04/07

Post Date: 03/07/08

Hardware Platforms - OS Releases:
	s700: 11.11
	s800: 11.11

Products: N/A

Filesets:
	OS-Core.ADMN-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP
	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP

Automatic Reboot?: Yes

Status: General Release

Critical:
	No (superseded patches were critical)
	PHCO_27011: HANG

Category Tags:
	defect_repair enhancement general_release critical
	halts_system

Path Name: /hp-ux_patches/s700_800/11.X/PHCO_28798

Symptoms:
	PHCO_28798:
	( SR:8606250483 CR:JAGae16858 )
	No symptom. This is an enhancement request. This patch
	is a member of a set of product updates needed to
	enable the optional HP-UX Boot Authentication feature
	in non-trusted mode. Upon installation, the HP-UX
	Boot Authenticator bundle (BOOTAUTH11i) will install
	the full set of product updates (including this patch)
	to enable the boot authentication feature in non-trusted
	mode.

	If the HP-UX Boot Authenticator product is not installed,
	this patch will have no impact on your system.

	PHCO_27011:
	( SR:8606204653 CR:JAGad73835 )
	init(1m) hangs when two or more processes started
	by init die (call exit, etc) at very nearly exactly
	the same time.

	( SR:8606224172 CR:JAGad93268 )
	Console window hangs when the system returns to
	multiuser run level 3, from single user mode.

	( SR:8606227506 CR:JAGad96564 )
	init(1m) behaves unpredictably because of
	incorrect use of pwd_shell.

	( SR:8606272797 CR:JAGae36904 )
	init(1m) is entering SINGLE USER state instead of
	initdefault state, without giving proper error
	message.

Defect Description:
	PHCO_28798:
	( SR:8606250483 CR:JAGae16858 )
	This patch contains enhancements required to enable
	the HP-UX Boot Authenticator for non-trusted mode.

	Resolution:
	Enhancements added to enable Boot Authenticator for
	non-trusted mode when this product is installed and
	configured.

	PHCO_27011:
	( SR:8606204653 CR:JAGad73835 )
	init(1m) hangs when two or more processes started
	by init die (call exit, etc) at very nearly exactly
	the same time. This problem can be reproduced by
	making two or more init started processes to die at
	same time. This is a problem of race condition, and
	lot depends on the current happenings/load, hence
	can not be consistently reproduced.
	This was because, In case of a race condition( like
	two processes dying at same time ) an uninitialized
	pointer was getting accessed.

	Resolution:
	Now the code is changed to address this issue.
	It is taken care that, the pointer is properly
	initialized before being accessed.

	( SR:8606224172 CR:JAGad93268 )
	The console window hangs when the system returns to
	multiuser of run level 3(init 3) from single user mode.
	The problem can be reproduced as follows:
	1.Get the console window(win1) on your work station.
	2.Get one more root window(win2) of the same system.
	3.On root window(win2) type "init s"(to go to single
	  user mode).
	4.Console window displays sysconf file is getting
	  transferred to root window pty(win2) and hangs
	  (expected).
	5.Root window(win2) will get sysconf file.
	6.Type 'init 3' from root window(win2).
	7.sysconf file should return back to console window
	  and back to normal operational mode, however console
	  window never comes back to normal from HANG
	  mode(unexpected).
	This was because, signal(SIGWINCH) was assigned to
	run level 3, so whenever 'init 3' was called,
	SIGWINCH is sent to init, but the init was
	expecting SIGTRAP to move to run level 3.

	Resolution:
	Now the condition is changed to check for SIGWINCH
	and not SIGTRAP.

	( SR:8606227506 CR:JAGad96564 )
	init(1m) was behaving unpredictably when the pw_shell
	entry for root in /etc/passwd was null or some invalid
	shell name with length less than 8.
	The problem can be reproduced as follows:
	1.Modify the entry for root in /etc/passwd file with
	  entry corresponding to pw_shell being made null or
	  some invalid shell name - the length of the shell
	  path being less than 8.
	2.Reboot the system.
	3.Bring the system in single user mode.
	4.The system should come up properly flahing a warning
	  about corrupted shell entry. But the system doesn't
	  behave in expected manner.
	When the pw_shell( current shell) entry in /etc/passwd
	is null, pw_shell shell was not assigned any memory.
	If the pw_shell entry is null or some invalid shell,
	init tries to copy the contents of SH2 to pwd_entry
	causing a data corruption.

	Resolution:
	Now the code is changed to make pw_shell point to SH2
	in case it is null or some invalid shell.

	( SR:8606272797 CR:JAGae36904 )
	init(1m) is entering SINGLE USER state, instead of
	initdefault state, without giving proper error
	message.

	init(1m) checks for root entry in /etc/passwd file
	while initialization. getspwnam() was called after
	getpwnam() without taking the backup of the output
	from getpwnam(). The return value of getpwnam() was
	used later to check the root entry in /etc/passwd
	file. The data was getting corrupted as getspwnam()
	internally calls getpwnam() and getpwnam() uses a
	static memory. As the data is corrupted, init(1m)
	was entering SINGLE USER mode. But error messages
	were not there in code to be displayed in this
	cases.

	The problem can be reproduced as follows:
	1. Enter trusted mode ( Use tsconvert )
	2. Change the u_pswduser field in
	   /tcb/files/auth/system/default to any existing or
	   non-existent user other than root
	3. Reboot the system, the init(1m) process will place
	   the system in single user mode without any message.

	The output that gets displayed on the console is as
	follows:
	-----------------------------------------------------
	Memory Information:
	    physical page size = 4096 bytes,
	    logical page size = 4096 bytes
	        Physical: 6291456 Kbytes, lockable:
	        5784556 Kbytes, available: 5782220 Kbyts

	        /sbin/ioinitrc:
	        /sbin/krs_sysinit:

	        INIT: SINGLE USER MODE

	        INIT: Running /sbin/sh
	        #
	        #
	             <System is in single user mode>
	-----------------------------------------------------

	Resolution:
	The code of init(1m) is changed to call getspwnam() first
	and then getpwnam(). Hence the root entry data is not
	corrupted. Also proper error messages are added to be
	displayed.

Enhancement:
	Yes
	PHCO_28798:
		A site's security policies may require a user
		to authenticate before they can boot the system
		into single-user mode. Previously, this feature
		was only available on a system that has been
		converted to trusted mode.  This patch is one
		of the several pre-enablement patches that
		enable this feature on a system without
		converting it to trusted mode.

SR:
	8606204653 8606224172 8606227506 8606250483 8606272797

Patch Files:
	
	OS-Core.ADMN-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,
		v=HP:
	/usr/share/man/man1m.Z/init.1m

	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/sbin/init

what(1) Output:
	
	OS-Core.ADMN-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,
		v=HP:
	/usr/share/man/man1m.Z/init.1m:
		None

	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/sbin/init:
		init.c $Date: 2003/03/17 04:37:22 $Revision: r11.11/
			4 PATCH_11.11 (PHCO_28798)
		proctable.c $Date: 2002/10/08 04:09:34 $Revision: r1
			1.11/2 PATCH_11.11 (PHCO_27011)
		$Revision: @(#) init.sbin CUP11.11_BL2003_0407_1 PAT
			CH_11.11 PHCO_28798
		Mon Apr  7 01:26:20 PDT 2003 $
		$ Version_11.11  Mar 31 2003 09:02:37 $

cksum(1) Output:
	
	OS-Core.ADMN-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,
		v=HP:
	3314332635 6775 /usr/share/man/man1m.Z/init.1m

	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	2122257897 311296 /sbin/init

Patch Conflicts: None

Patch Dependencies: None

Hardware Dependencies: None

Other Dependencies: None

Supersedes:
	PHCO_27011 

Equivalent Patches: None

Patch Package Size: 350 KBytes

Installation Instructions:
	Please review all instructions and the Hewlett-Packard
	SupportLine User Guide or your Hewlett-Packard support terms
	and conditions for precautions, scope of license,
	restrictions, and, limitation of liability and warranties,
	before installing this patch.
	------------------------------------------------------------
	1. Back up your system before installing a patch.

	2. Login as root.

	3. Copy the patch to the /tmp directory.

	4. Move to the /tmp directory and unshar the patch:

		cd /tmp
		sh PHCO_28798

	5. Run swinstall to install the patch:

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -s /tmp/PHCO_28798.depot

	By default swinstall will archive the original software in 
	/var/adm/sw/save/PHCO_28798.  If you do not wish to retain a
	copy of the original software, include the patch_save_files
	option in the swinstall command above:

		-x patch_save_files=false

	WARNING: If patch_save_files is false when a patch is installed,
		 the patch cannot be deinstalled.  Please be careful
		 when using this feature.

	For future reference, the contents of the PHCO_28798.text file is 
	available in the product readme:

		swlist -l product -a readme -d @ /tmp/PHCO_28798.depot

	To put this patch on a magnetic tape and install from the
	tape drive, use the command:

		dd if=/tmp/PHCO_28798.depot of=/dev/rmt/0m bs=2k

Special Installation Instructions: None