Patch Name: PHNE_30433 Patch Description: s700_800 11.11 r-commands cumulative mega-patch Creation Date: 04/03/18 Post Date: 04/05/18 Hardware Platforms - OS Releases: s700: 11.11 s800: 11.11 Products: N/A Filesets: InternetSrvcs.INETSVCS-RUN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP InternetSrvcs.INET-ENG-A-MAN,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP Automatic Reboot?: No Status: General Release Critical: Yes PHNE_30433: ABORT PHNE_27777: ABORT Category Tags: defect_repair enhancement general_release critical halts_system manual_dependencies Path Name: /hp-ux_patches/s700_800/11.X/PHNE_30433 Symptoms: PHNE_30433: 1. JAGad93309 / SR 8606224214: In the Secure Internet Services (SIS) environment, rlogin, remsh and rcp do not use normal authentication, if Kerberos authentication with the remote server fails. 2. JAGad93535 / SR 8606224447: In the Secure Internet Services (SIS) environment, rlogin and remsh do not read SIS options from the krb5.conf configuration file. 3. JAGad93862 / SR 8606224774: The credential cache file created by PAM-Kerberos is not cleaned when rlogind exits. 4. JAGad94086 / SR 8606224998: Although Secure Internet Services (SIS) is disabled on the server system using the "inetsvcs_sec" command, rlogind and remshd continue to use the Kerberos authentication. 5. JAGae26392 / SR 8606262061: In the Secure Internet Services (SIS) environment, rlogin does not read the standard input under certain circumstances. 6. JAGae30623 / SR 8606266375: In the Secure Internet Services (SIS) environment, r-commands clients dump core under certain circumstances. PHNE_29464: 1. JAGae80482 / SR 8606317928: When rcp is invoked with an invalid send or receive buffer size, the error message in the syslog.log file contains an incorrect timestamp value. 2. JAGae61659 / SR 8606298159: When 'rcp' is used to copy a file to a remote system, "last" command in the remote system shows the message "still logged in" even after the file has been completely copied to the system. 3. JAGae60531 / SR 8606296995: remshd fails to handle sub shells in some cases. 4. JAGae52961 / SR 8606289030: rdist fails with the "-b" option and displays the following error message for regular files that exist on both the local and remote system: Permission denied 5. JAGae32691 / SR 8606268453: remshd fails to execute when the service name database does not contain an entry for "kshell", and displays the message: "remshd: getservbyname". 6. JAGad90845 / SR 8606221711: rexecd does not support the option "use_psd" in the file "/etc/pam.conf". 7. JAGad83384 / SR 8606214193: If the path name of the source or destination is the root directory (/), rdist fails and displays the following error message: No such file or directory 8. JAGad64467 / SR 8606195262: rwhod fails to start on a system with more than 32 interfaces configured. It exits with an error message, "ioctl (get interface configuration)" in syslog.log file. PHNE_27777: 1. JAGae36908 / SR 8606272801: remsh and rexec do not audit login activities properly. 2. JAGae38108 / SR 8606274029: remshd and rexecd dump core when the maximum stack size is set to a value less than 4MB. 3. JAGad93130 / SR 8606224035: rcp prints wrong error message while transferring large files. PHNE_24132: 1. JAGad36477 / SR 8606167191: rdist sometimes does not handle the source and the destination path properly. 2. JAGad43677 / SR 8606174431: "rdist -M" fails to retain permissions of the symbolic linked files on the destination system. 3. JAGad44648 / SR 8606175407: rlogind exits abnormally when the authentication to a klogin service fails. 4. JAGad67581 / SR 8606198391: remshd does not handle authentication properly. 5. ER - JAGad69285 / SR 8606200101: Enable IPv6 functionality for r-commands. Defect Description: PHNE_30433: 1. JAGad93309 / SR 8606224214: If the remote server does not support Kerberos authentication, rlogin, remsh, and rcp from a Kerberized client fail instead of falling back to the normal mode of authentication. Resolution: A new option "fallback" is now provided in the krb5.conf file. If this option is set to "true", rlogin, remsh, and rcp will use the normal mode of authentication if the Kerberos authentication fails. 2. JAGad93535 / SR 8606224447: In the SIS environment, rlogin and remsh do not read the SIS configuration options specified in the krb5.conf file. Resolution: rlogin and remsh now read the SIS configuration options specified in the [appdefaults] section of the krb5.conf file. 3. JAGad93862 / SR 8606224774: If the system is configured to use PAM-Kerberos for authentication, a credential cache file is created. This cache file is not cleaned up when rlogind exits. Resolution: Now rlogind cleans up the credential cache file before exiting. 4. JAGad94086 / SR 8606224998: Before using the Kerberos authentication, rlogind and remshd do not check whether SIS is enabled on the system. Resolution: rlogind and remshd now check whether SIS is enabled on the system before using the Kerberos authentication. 5. JAGae26392 / SR 8606262061: In the SIS environment, the file descriptor of the standard input is closed when Kerberos authentication fails. Therefore, rlogin cannot read the standard input. Resolution: rlogin now reads the standard input even when the Kerberos authentication fails. 6. JAGae30623 / SR 8606266375: In the Secure Internet Services (SIS) environment, r-commands clients do not process host names properly. Resolution: r-commands clients now process host names properly in SIS environment. PHNE_29464: 1. JAGae80482 / SR 8606317928: Some syslog error messages, which are generated due to an invalid send and receive buffer size, are logged in the syslog.log file after rcp clears the environment variable "TZ", which is used to store the time zone information. Therefore, the respective syslog error messages contain an incorrect timestamp information. Resolution: Code has been modified to retain the value of environment variable TZ. Therefore,the syslog.log file now contains the correct timestamp information. 2. JAGae61659 / SR 8606298159: rcp uses remshd to remotely execute the rcp command. remshd/rexecd fails to update the logout information in the "/var/adm/wtmp" file when used with client applications which do use secondary connections, like rcp, resulting in the "still logged in" even after the process has completed its execution. Resolution: remshd/rexecd code has been modified to include the command line option "-t" using which will prevent remshd/rexecd from logging the connections from clients which does not use secondary connections such as rcp to "/var/adm/wtmp". 3. JAGae60531 / SR 8606296995: remshd does not wait until all its sub-child processes finish execution. Resolution: remshd now waits for all the sub-child processes to finish execution. 4. JAGae52961 / SR 8606289030: While transferring regular files, rdist creates a temporary file with write-only permission on the remote host . When rdist is used with the -b option, and if the file being transferred exists on the remote host, a binary comparison occurs between the temporary file and the remote file. Because the temporary file has write-only permission, rdist fails to read the temporary file and hence the remote file is not updated. Resolution: rdist now creates the temporary file on the remote host with read-write permissions. 5. JAGae32691 / SR 8606268453: remshd can execute in two modes namely Kerberos and non-Kerberos. In order to identify the mode, remshd checks the port on which the request has arrived. For this, remshd first calls getservbyname() on the "kshell" entry in /etc/services file, and then checks the shell entry in /etc/services file. If the "kshell" entry is not present in /etc/services, remshd fails to execute and exits with an error message. Resolution: Code has now been modified to rightly identify the port on which the request has arrived. 6. JAGad90845 / SR 8606221711: rexecd does not support the option "use_psd" in the file "/etc/pam.conf". This information is not documented in the man page. Resolution: The information about the unsupported option "use_psd" in the file "/etc/pam.conf" has now been documented in the rexecd man page. 7. JAGad83384 / SR 8606214193: rdist does not handle the path name properly when the path name of the source or destination contains a single slash (/) character. Resolution: rdist now handles the source and destination path names with a single slash (/) character properly. 8. JAGad64467 / SR 8606195262: In rwhod, a limited memory is allocated to store the information about interfaces. Hence it can handle only up to 32 interfaces. Resolution: The code has been modified to handle any number of interfaces up to the system limit. PHNE_27777: 1. JAGae36908 / SR 8606272801: remsh and rexec do not log all the login failures into the audit log file. Also, the audit message in the audit log file does not contain the user name and audit id. Resolution: The remshd and rexecd code have been modified to audit login activities in all the failure cases of login. The audit message now contains the user name and audit id, along with other information. 2. JAGae38108 / SR 8606274029: In the remshd and rexecd code, an array of size 4MB is declared in a function. If the maximum stack size is less than the array size, remshd and rexecd dump core. Resolution: Code has been modified to allocate buffer space dynamically instead of an array. 3. JAGad93130 / SR 8606224035: rcp stores the return value of sendfile() in a variable of type ssize_t. However, actual return type of sendfile() is sbsize_t. For large file transfers,this truncates the return value resulting in a negative value. rcp treats this as an error and prints an error message. Resolution: The return value of sendfile() is now stored in a variable of type sbsize_t. PHNE_24132: 1. JAGad36477 / SR 8606167191: rdist sometimes does not handle the source and the destination path properly. Resolution: Now rdist code has been modified to handle source and destination path properly. 2. JAGad43677 / SR 8606174431: The permission of a symbolic linked file is based on the system umask value. rdist should set the umask to a value identical to that of the permission of the source file when it is invoked with '-M' option. However, rdist is not setting the umask appropriately. Resolution: The code has been modified to set the umask to a value appropriate to the permission of the symbolic linked source file before creating it at the destination. 3. JAGad44648 / SR 8606175407: The data structures in the authentication modules used by 'klogin' service are not initialised. Resolution: The data structures of the authentication modules are initialised. 4. JAGad67581 / SR 8606198391: In 'remshd' authentication is not handled properly. Resolution: The code has been modified to authenticate appropriately. 5. ER - JAGad69285 / SR 8606200101: Enable IPv6 functionality in r-commands. Resolution: Enhanced r-commands to support IPv6 functionality. Enhancement: No (superseded patches contained enhancements) PHNE_24132: This patch contains IPv6 enhancements for r-commands. SR: 8606167191 8606174431 8606175407 8606198391 8606200101 8606272801 8606274029 8606224035 8606195262 8606214193 8606221711 8606268453 8606289030 8606296995 8606298159 8606317928 8606224214 8606224447 8606224774 8606224998 8606262061 8606266375 Patch Files: InternetSrvcs.INETSVCS-RUN,fr=B.11.11, fa=HP-UX_B.11.11_32/64,v=HP: /usr/bin/rcp /usr/bin/rdist /usr/bin/remsh /usr/bin/rexec /usr/bin/rlogin /usr/lbin/remshd /usr/lbin/rexecd /usr/lbin/rlogind /usr/sbin/rwhod InternetSrvcs.INET-ENG-A-MAN,fr=B.11.11, fa=HP-UX_B.11.11_32/64,v=HP: /usr/share/man/man1m.Z/rlogind.1m /usr/share/man/man1m.Z/remshd.1m /usr/share/man/man1m.Z/rexecd.1m /usr/share/man/man1.Z/rcp.1 /usr/share/man/man1.Z/remsh.1 /usr/share/man/man1.Z/rlogin.1 /usr/share/man/man1.Z/rdist.1 what(1) Output: InternetSrvcs.INETSVCS-RUN,fr=B.11.11, fa=HP-UX_B.11.11_32/64,v=HP: /usr/bin/rcp: Copyright (c) 1983 The Regents of the University of California. patch id : PHNE_30433 /usr/bin/rdist: Copyright (c) 1983 Regents of the University of Cali fornia. Copyright (c) 1993 Hewlett-Packard Co. patch id : PHNE_29464 /usr/bin/remsh: Copyright (c) 1983 The Regents of the University of California. patch id : PHNE_30433 /usr/bin/rexec: Copyright (c) 1983 The Regents of the University of California. patch id : PHNE_24132 /usr/bin/rlogin: Copyright (c) 1983 The Regents of the University of California. patch id : PHNE_30433 /usr/lbin/remshd: Copyright (c) 1983, 1988 The Regents of the Universi ty of California. patch id : PHNE_30433 /usr/lbin/rexecd: Copyright (c) 1983, 1988 The Regents of the Universi ty of California. patch id : PHNE_29464 /usr/lbin/rlogind: Copyright (c) 1983, 1988 The Regents of the Universi ty of California. patch id : PHNE_30433 /usr/sbin/rwhod: Copyright (c) 1983 The Regents of the University of California. patch id : PHNE_29464 InternetSrvcs.INET-ENG-A-MAN,fr=B.11.11, fa=HP-UX_B.11.11_32/64,v=HP: /usr/share/man/man1.Z/rcp.1: None /usr/share/man/man1.Z/rdist.1: None /usr/share/man/man1.Z/remsh.1: None /usr/share/man/man1.Z/rlogin.1: None /usr/share/man/man1m.Z/remshd.1m: None /usr/share/man/man1m.Z/rexecd.1m: None /usr/share/man/man1m.Z/rlogind.1m: None cksum(1) Output: InternetSrvcs.INETSVCS-RUN,fr=B.11.11, fa=HP-UX_B.11.11_32/64,v=HP: 227049871 49152 /usr/bin/rcp 1577164437 73728 /usr/bin/rdist 455026306 32768 /usr/bin/remsh 3890996647 20480 /usr/bin/rexec 1156487320 40960 /usr/bin/rlogin 927946825 45056 /usr/lbin/remshd 1676017183 32768 /usr/lbin/rexecd 2271114774 36864 /usr/lbin/rlogind 1463174050 20480 /usr/sbin/rwhod InternetSrvcs.INET-ENG-A-MAN,fr=B.11.11, fa=HP-UX_B.11.11_32/64,v=HP: 3407018290 6825 /usr/share/man/man1.Z/rcp.1 3960195848 6750 /usr/share/man/man1.Z/rdist.1 1774079301 5996 /usr/share/man/man1.Z/remsh.1 3816076547 6694 /usr/share/man/man1.Z/rlogin.1 3946356348 7370 /usr/share/man/man1m.Z/remshd.1m 3183810595 3733 /usr/share/man/man1m.Z/rexecd.1m 436211021 5585 /usr/share/man/man1m.Z/rlogind.1m Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: The fix for IPv6 ER - 8606200101 (JAGad69285) will work only if IPv6 stack is installed on the system. The defect fixes for SR 8606224774 (JAGad93862), SR 8606224214 (JAGad93309) and SR 8606224447 (JAGad93535) require that the Web release version of "PAM-Kerberos and Kerberos Support for HP-UX and DCE" Product Bundle (J5849AA - revision B.11.11.13 or later) be installed with this patch. The Web release version of "PAM-Kerberos and Kerberos Support for HP-UX and DCE" Product Bundle (J5849AA) is available from: http://www.software.hp.com/ Supersedes: PHNE_24132 PHNE_27777 PHNE_29464 Equivalent Patches: None Patch Package Size: 270 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_30433 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHNE_30433.depot By default swinstall will archive the original software in /var/adm/sw/save/PHNE_30433. If you do not wish to retain a copy of the original software, include the patch_save_files option in the swinstall command above: -x patch_save_files=false WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHNE_30433.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHNE_30433.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_30433.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: o When a user executes certain remote commands like "nfs.client start", remsh may appear to hang. This hang is seen as remsh waits for the remote command to complete before exiting. If users wish to avoid this behaviour, users must add the "-m" option to the rexecd/remshd entry in the /etc/inetd.conf file. It should be noted that when remshd/rexecd is started with this option the standard output and standard error messages may not appear on the terminal. o After removing this patch, make sure that the "-m" option for the remshd/rexecd entry does not exist in the /etc/inetd.conf file. If it does exist, remshd/rexecd will fail. o When you execute a remsh/rexec client, such as rcp that does not use a secondary port, the "last" command in the remote system shows the message "still logged in" even after the remote command has completed successfully. To rectify this, use the new command line option "-t" with the remshd/rexecd entry in the /etc/inetd.conf file. o After removing this patch, ensure that the "-t" option for the remshd/rexecd entry does not exist in the /etc/inetd.conf file, for proper functioning of remshd/rexecd.