Patch Name: PHNE_18871 Patch Description: s700_800 11.04 (VVOS) r-commands cumulative mega-patch Creation Date: 99/06/11 Post Date: 99/09/10 Hardware Platforms - OS Releases: s700: 11.04 s800: 11.04 Products: N/A Filesets: InternetSrvcs.INETSVCS-RUN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP Automatic Reboot?: No Status: General Release Critical: No Category Tags: defect_repair enhancement general_release Path Name: /hp-ux_patches/s700_800/11.X/PHNE_18871 Symptoms: PHNE_18871: Port HP-UX patch PHNE_17028 to VVOS. Based on HP-UX patch PHNE_17028: 1. When the patch PHNE_16091 is installed, remshd/rexecd fails to transmit the error message to the client. When the user gives invalid input to remsh/rexec, then the error message will not be displayed to the user. This happens only when the user is in ksh. 2. In NIS environment, rlogin prompts for the password even if there is an entry in the .rhosts file. Even if the user tries to give the password, it will report as Login incorrect. 3. In NIS environment, remsh prompts for the password even if there is an entry in the .rhosts file. Even if the user tries to give the password, it will report as Login incorrect. Based on HP-UX patch PHNE_16091: * Wrong permissions on rlogin in PHNE_13620. Based on HP-UX patch PHNE_13620: rlogin * rlogin does not handle LANG enviornment variable properly. rlogind * rlogind does not handle long hostname. remsh * ER - remsh with stderr closed returns "fd = 2". * remsh does not handle LANG enviornment variable properly. remshd * remshd does not update login counters properly. rcp * rcp does not clear old errno value. * SR: RCP may show file as being there even if it ran out of disk space. * rcp does not check for proper parameters. * rcp does not handle LANG environment variable properly. rdist * rdist does not check for temporary files before creating them. * rdist does not set process resources properly. * rdist does not process distfile properly. * rdist fails if subdirectory exists that matches remote hostname. Based on HP-UX patch PHNE_13546: 1. rexecd does not update trusted systems DB on good logins 2. Package switchover fails when remsh'ed into package filesystems. Defect Description: PHNE_18871: Port HP-UX patch PHNE_17028 to VVOS. NOTE: Inbound r-services (r-service daemons) are not supported on VVOS. The networking clients are supported but only as single level services. Based on HP-UX patch PHNE_17028: 1. The SO_LINGER option was disabled to increase the performance. The child writes into the socket and dies before the parent reads from the socket. So the error message has not been sent to the client. Resolution: The stdout is kept opened in the parent process instead of closing it. If the select call which will enter into the loop when an event occurs, returns the error with EINTR then it continues to wait in the loop otherwise it breaks the loop. By this,the parent process waits till the error message is received which is generated by the child process and passes the error message to the client. 2. In NIS environment, rlogin prompts for the password even if there is an entry in the .rhosts file. The password will not be accepted by rlogind as NIS uses different mechanism to authenticate the user. Earlier the password file is viewed as root user to authenticate the user. Now, that part of the code has been changed to view the password as local user itself. Resolution: The effective user id is stored in temporary variable. Then read the password file as local user and store it in temporary pointer. Set the real user id from the temporary pointer and then read the password file and store it in another pointer.Then set the effective user id back which is stored in the temporary variable. Note that, the effective user id has been changed only when authentication takes place and reverted back once the authentication is done. 3. In NIS environment,remsh prompts for the password even if there is an entry in the .rhosts file.The password will not be accepted by remshd as NIS uses different mechanism to authenticate the user.Earlier the password file is viewed as root user to authenticate the user. Now,that part of the code has been changed to view the password as local user itself. Resolution: The effective user id is stored in temporary variable. Then read the password file as local user and store it in temporary pointer.Set the real user id from the temporary pointer and then read the password file and store it in another pointer.Then set the effective user id back which is stored in the temporary variable.Note that, the effective user id has been changed only when authentication takes place and reverted back once the authentication is done. Based on HP-UX patch PHNE_16091: * With PHNE_13620 installed, rlogin gives the error message "rlogin: This program requires super user privileges". Based on HP-UX patch PHNE_13620: rlogin * rlogin does not handle LANG enviornment variable properly. rlogind * rlogind does not handle long hostname. remsh * ER - remsh with stderr closed returns "fd = 2". * remsh does not handle LANG enviornment variable properly. remshd * remshd does not update login counters properly. rcp * rcp does not clear old errno value. * SR: RCP may show file as being there even if it ran out of disk space. * rcp does not check for proper parameters. * rcp does not handle LANG environment variable properly. rdist * rdist does not check for temporary files before creating them. * rdist does not set process resources properly. * rdist does not process distfile properly. * rdist fails if subdirectory exists that matches remote hostname. Based on HP-UX patch PHNE_13546: 1. The field "passwd->ufld.fd_nlogins" is not reset to zero following a successful login after a number of permissible unsuccessful logins. Because of this single login failures will accumulate and eventually lock the account. 2. 11.0 now honours the SO_LINGER socket option which was was not the case in 10.X. This caused performance problems. The SO_LINGER socket option had to be disabled. SR: 5003444007 5003446443 4701381525 1653188235 5003422279 1653257212 5003394536 1653234070 5003392761 Patch Files: InternetSrvcs.INETSVCS-RUN,fr=B.11.04, fa=HP-UX_B.11.04_32/64,v=HP: /usr/lbin/remshd /usr/lbin/rexecd /usr/lbin/rlogind /usr/bin/rlogin /usr/bin/remsh /usr/bin/rcp /usr/bin/rexec /usr/bin/rdist what(1) Output: InternetSrvcs.INETSVCS-RUN,fr=B.11.04, fa=HP-UX_B.11.04_32/64,v=HP: /usr/lbin/remshd: Copyright (c) 1983, 1988 The Regents of the Universi ty of California. rshd.c 5.17.1.2 (Berkeley) 2/7/89 remshd.c $Revision: 1.36.214.12 $ patch id : PHNE_17028 /usr/lbin/rexecd: Copyright (c) 1983, 1988 The Regents of the Universi ty of California. rexecd.c 5.7 (Berkeley) 1/4/89 rexecd.c $Revision: 1.36.214.12 $ patch id : PHNE_17028 /usr/lbin/rlogind: Copyright (c) 1983, 1988 The Regents of the Universi ty of California. rlogind.c $Header: rlogind.c,v 1.19.214.13 98/05/28 02:52:16 hnt Exp $ rlogind.c 5.22.1.7 (Berkeley) 2/7/89 patch id : PHNE_17028 /usr/bin/rlogin: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Jun 12 22:34:43 EDT 1999 $ Copyright (c) 1983 The Regents of the University of California. $Source: net/INETSVCS/rlogin/rlogin.c, hpuxcmdnet, v vos_rose, rose0008 $ $Date: 99/06/11 13:32:5 9 $ $Revision: 1.20 PATCH_11.04 (PHNE_18871) $ rlogin.c $Revision: 1.37.214.7 $ $Date: 98/05/27 23: 39:11 $ /usr/bin/remsh: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Jun 12 22:34:43 EDT 1999 $ Copyright (c) 1983 The Regents of the University of California. $Source: net/INETSVCS/remsh/remsh.c, hpuxcmdnet, vvo s_rose, rose0008 $ $Date: 99/06/11 13:33:15 $ $Revision: 1.12 PATCH_11.04 (PHNE_18871) $ remsh.c $Revision: 1.30.214.5 $ $Date: 98/05/28 06:0 6:43 $ rsh.c 5.7 (Berkeley) 9/20/88 /usr/bin/rcp: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Jun 12 22:34:43 EDT 1999 $ Copyright (c) 1983 The Regents of the University of California. $Source: net/INETSVCS/rcp/rcp.c, hpuxcmdnet, vvos_ro se, rose0008 $ $Date: 99/06/11 13:33:22 $ $R evision: 1.19 PATCH_11.04 (PHNE_18871) $ rcp.c $Revision: 1.18.214.17 $ $Date: 98/06/09 03:00 :04 $ rcp.c 5.20 (Berkeley) 5/23/89 /usr/bin/rexec: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Jun 12 22:34:43 EDT 1999 $ Copyright (c) 1983 The Regents of the University of California. $Source: net/INETSVCS/remsh/remsh.c, hpuxcmdnet, vvo s_rose, rose0008 $ $Date: 99/06/11 13:33:15 $ $Revision: 1.12 PATCH_11.04 (PHNE_18871) $ remsh.c $Revision: 1.30.214.5 $ $Date: 98/05/28 06:0 6:43 $ rsh.c 5.7 (Berkeley) 9/20/88 /usr/bin/rdist: $Revision: 1.1.214.2 Tue Jul 7 10:05:24 GMT 1998$ cksum(1) Output: InternetSrvcs.INETSVCS-RUN,fr=B.11.04, fa=HP-UX_B.11.04_32/64,v=HP: 2247452330 36864 /usr/lbin/remshd 489640399 28672 /usr/lbin/rexecd 190353987 40960 /usr/lbin/rlogind 1340525398 28672 /usr/bin/rlogin 2693664813 24576 /usr/bin/remsh 4229861700 40960 /usr/bin/rcp 4250468626 24576 /usr/bin/rexec 2172438664 73728 /usr/bin/rdist Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: PHNE_17028: s700: 11.00 s800: 11.00 Patch Package Size: 330 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_18871 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHNE_18871.depot By default swinstall will archive the original software in /var/adm/sw/save/PHNE_18871. If you do not wish to retain a copy of the original software, use the patch_save_files option: swinstall -x autoreboot=true -x patch_match_target=true \ -x patch_save_files=false -s /tmp/PHNE_18871.depot WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHNE_18871.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHNE_18871.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_18871.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: NOTE: Inbound r-services (r-service daemons) are not supported on VVOS. The networking clients are supported but only as single level services.