Patch Name: PHCO_29028

Patch Description: s700_800 11.11 libsec cumulative patch

Creation Date: 03/05/09

Post Date: 03/10/14

Hardware Platforms - OS Releases:
	s700: 11.11
	s800: 11.11

Products: N/A

Filesets:
	OS-Core.CORE-64SLIB,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP
	OS-Core.CORE-SHLIBS,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP
	ProgSupport.PROG-MIN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP
	ProgSupport.PROG-MN-64ALIB,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP

Automatic Reboot?: No

Status: General Release

Critical:
	No (superseded patches were critical)
	PHCO_24613: ABORT
	PHCO_23990: OTHER
		Reduces potential severe performance impact on a
		Trusted System with a very large I/O buffer cache
		and heavy I/O; the system may appear to be hung.

Category Tags:
	defect_repair enhancement general_release critical
	halts_system

Path Name: /hp-ux_patches/s700_800/11.X/PHCO_29028

Symptoms:
	PHCO_29028:
	( SR:8606212549 CR:JAGad81735 )
	remshd and ftpd can intermittently fail under
	heavy loads on a trusted system.

	PHCO_27038:
	( SR:8606221280 CR:JAGad90414 )
	This patch is a member of a set of product updates needed
	to enable the optional HP-UX shadow password feature.
	Upon installation, the HP-UX shadow password bundle
	(ShadowPassword) will install the full set of products
	(including this patch) to enable the shadow password
	feature.

	If the HP-UX shadow password product is not installed,
	this patch will have no impact on your system.

	PHCO_24613:
	( SR:8606206706 CR:JAGad75879 )
	On a trusted system, libsec could core dump when
	called by a multithreaded application.

	( SR:8606107314 CR:JAGab77493 )
	On a trusted system, certain devices do not lock
	properly.

	PHCO_23990:
	( SR:8606180704 CR:JAGad49925 )
	There can be severe login delays on a Trusted System with a
	very large I/O buffer cache and heavy I/O; the system may
	appear to be hung.

Defect Description:
	PHCO_29028:
	( SR:8606212549 CR:JAGad81735 )
	remshd and ftpd can intermittently fail under
	heavy loads on a trusted system.

	Resolution:
	Fixed a timing problem in libsec.

	PHCO_27038:
	( SR:8606221280 CR:JAGad90414 )
	Enhancement request: HP-UX 11.11 does not support shadow
	passwords.

	Resolution:
	This module has been made aware of shadow passwords and
	will take the appropriate actions when the HP-UX shadow
	password bundle is installed.

	PHCO_24613:
	( SR:8606206706 CR:JAGad75879 )
	On a trusted system, a multithreaded application may
	coredump if it calls libsec with more than one thread.
	Libsec does not support two or more simultaneous threads,
	however, a coredump could occur even in the case where
	the threads are not simultaneous.

	Resolution:
	Libsec now properly handles two or more non-simultaneous
	threads.

	( SR:8606107314 CR:JAGab77493 )
	On a trusted system, certain devices do not lock
	properly, because libsec improperly identifies
	them as pseudo-devices.

	Resolution:
	Updated the pseudo-device identification algorithm.

	PHCO_23990:
	( SR:8606180704 CR:JAGad49925 )
	A login to a Trusted System with a very large buffer cache
	can take an extremely long time, because libsec sync's the
	entire buffer cache each time it updates the /tcb database.

	Resolution:
	Libsec no longer sync's the entire buffer cache when it
	updates the /tcb database. Now it syncs only the database
	files which were modified.

Enhancement:
	No (superseded patches contained enhancements)
	PHCO_27038:
		This patch is one of many pre-enablement patches
		for the shadow password feature.

SR:
	8606107314 8606180704 8606206706 8606212549 8606221280

Patch Files:
	
	OS-Core.CORE-64SLIB,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/pa20_64/libsec.2

	OS-Core.CORE-SHLIBS,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/libsec.2

	ProgSupport.PROG-MIN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/libsec.a

	ProgSupport.PROG-MN-64ALIB,fr=B.11.11,
		fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/pa20_64/libsec.a

what(1) Output:
	
	OS-Core.CORE-64SLIB,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/pa20_64/libsec.2:
		$Revision: @(#) be3_targets CUP11.11_BL2003_0509_4 P
			ATCH_11.11 PHCO_29028
		Fri May  9 13:49:48 PDT 2003 $

	OS-Core.CORE-SHLIBS,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/libsec.2:
		$Revision: @(#) be3_targets CUP11.11_BL2003_0509_4 P
			ATCH_11.11 PHCO_29028
		Fri May  9 13:47:01 PDT 2003 $

	ProgSupport.PROG-MIN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/libsec.a:
		$Revision: @(#) be3_targets CUP11.11_BL2003_0509_4 P
			ATCH_11.11 PHCO_29028
		Fri May  9 13:45:24 PDT 2003 $

	ProgSupport.PROG-MN-64ALIB,fr=B.11.11,
		fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/lib/pa20_64/libsec.a:
		$Revision: @(#) be3_targets CUP11.11_BL2003_0509_4 P
			ATCH_11.11 PHCO_29028
		Fri May  9 13:48:21 PDT 2003 $

cksum(1) Output:
	
	OS-Core.CORE-64SLIB,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	3692838130 162464 /usr/lib/pa20_64/libsec.2

	OS-Core.CORE-SHLIBS,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	1245562574 155648 /usr/lib/libsec.2

	ProgSupport.PROG-MIN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	1177602101 130148 /usr/lib/libsec.a

	ProgSupport.PROG-MN-64ALIB,fr=B.11.11,
		fa=HP-UX_B.11.11_32/64,v=HP:
	2103527974 241856 /usr/lib/pa20_64/libsec.a

Patch Conflicts: None

Patch Dependencies: None

Hardware Dependencies: None

Other Dependencies: None

Supersedes:
	PHCO_27038 PHCO_24613 PHCO_23990

Equivalent Patches:
	PHCO_29027:
	s700: 11.00
	s800: 11.00

Patch Package Size: 250 KBytes

Installation Instructions:
	Please review all instructions and the Hewlett-Packard
	SupportLine User Guide or your Hewlett-Packard support terms
	and conditions for precautions, scope of license,
	restrictions, and, limitation of liability and warranties,
	before installing this patch.
	------------------------------------------------------------
	1. Back up your system before installing a patch.

	2. Login as root.

	3. Copy the patch to the /tmp directory.

	4. Move to the /tmp directory and unshar the patch:

		cd /tmp
		sh PHCO_29028

	5. Run swinstall to install the patch:

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -s /tmp/PHCO_29028.depot

	By default swinstall will archive the original software in 
	/var/adm/sw/save/PHCO_29028.  If you do not wish to retain a
	copy of the original software, include the patch_save_files
	option in the swinstall command above:

		-x patch_save_files=false

	WARNING: If patch_save_files is false when a patch is installed,
		 the patch cannot be deinstalled.  Please be careful
		 when using this feature.

	For future reference, the contents of the PHCO_29028.text file is 
	available in the product readme:

		swlist -l product -a readme -d @ /tmp/PHCO_29028.depot

	To put this patch on a magnetic tape and install from the
	tape drive, use the command:

		dd if=/tmp/PHCO_29028.depot of=/dev/rmt/0m bs=2k

Special Installation Instructions: None