Patch Name: PHCO_11130 Patch Description: s700_800 10.24 (VVOS) epa(1M) cumulative patch Creation Date: 97/06/26 Post Date: 97/10/01 Hardware Platforms - OS Releases: s700: 10.24 s800: 10.24 Products: N/A Filesets: VirtualVaultOS.VVOS-MIN VirtualVaultOS.VVOS-AUX-IA VirtualVaultOS.VVSMIN-ENG-A-MAN Automatic Reboot?: No Status: General Release Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHCO_11130 Symptoms: PHCO_11130: - epa does not support localization. - epa does not pass all command lines verbatim to the shell Defect Description: PHCO_11130: - This patch allows epa to retrieve messages out of message catalogs and process multibyte characters. - epa scanned for the presence of ';', '&' and "||". Unfortunately, some single commands were judged to be multiple commands -- for example: command 2>&1 This results in the unnecessary creation of additional processes. SR: 4701354746 4701365601 Patch Files: /usr/bin/epa /tcb/bin/epa /usr/lib/nls/msg/C/epa.cat /etc/auth/system/files.fcdb/05.patches/PHCO11130.fcdb /usr/share/man/man1m.Z/epa.1m what(1) Output: /usr/bin/epa: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Fri Sep 12 09:38:59 EDT 1997 $ seccmd/epa.c, cmdsmisc, vvos_davis, davis27 $Date: 9 7/09/12 09:31:03 $ $Revision: 1.19.1.2 PATCH _10.24 (PHCO_11130) $ /usr/lib/nls/msg/C/epa.cat: None /tcb/bin/epa: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Fri Sep 12 09:38:59 EDT 1997 $ seccmd/epa.c, cmdsmisc, vvos_davis, davis27 $Date: 9 7/09/12 09:31:03 $ $Revision: 1.19.1.2 PATCH _10.24 (PHCO_11130) $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 09:30:31 $ $Re vision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis24 $Date: 97/09/12 09:30:37 $ $R evision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 09:30:33 $ $ Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/psecerror.c, libsecurity_util, vvos_ davis, davis24 $Date: 97/09/12 09:30:33 $ $R evision: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 09:30:37 $ $Re vision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis24 $Date: 97/09/12 09:30:28 $ $Revision : 1.3 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_errlst.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 09:30:33 $ $ Revision: 1.8 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Sep 12 1997 12:09:04 /etc/auth/system/files.fcdb/05.patches/PHCO11130.fcdb: $Revision: Hewlett-Packard ISSL 1.2 etc/auth/system/ files.fcdb/05.patches/PHCO11130.fcdb, files_ etc, vvos_davis, davis27 $ $Date: 97/07/28 1 0:20:33 $ etc/auth/system/files.fcdb/05.patches/PHCO11130.fcdb , files_etc, vvos_davis, davis27 $Date: 97/0 9/12 09:31:04 $ $Revision: 1.2 PATCH_10.24 ( PHCO_11130) $ /usr/share/man/man1m.Z/epa.1m: None cksum(1) Output: 1723755051 20480 /usr/bin/epa 1646559600 1321 /usr/lib/nls/msg/C/epa.cat 3398512991 344064 /tcb/bin/epa 4288013809 761 /etc/auth/system/files.fcdb/05.patches/ PHCO11130.fcdb 2828136720 3545 /usr/share/man/man1m.Z/epa.1m Patch Conflicts: None Patch Dependencies: s700: s800: 10.24: PHCO_11251 Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: None Patch Package Size: 430 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHCO_11130 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHCO_11130.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHCO_11130.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. By default swinstall will archive the original software in /var/adm/sw/patch/PHCO_11130. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHCO_11130.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHCO_11130.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: The functionality of epa has been modified. Prior to this patch, epa attempted to determine whether a command line included more than one command. If it found one command, it executed the command. If more than one command was found, it would fork and execute each command and wait for all commands to finish. With this patch epa has been modified to always fork and execute each command, waiting for all commands to finish. If the 'exec' keyword is prepended to the command, epa will execute the command on top of itself and will not wait for the command to complete. After this patch has been installed, commands in inittab which use epa and require their parent pid to be 1 in order to run successfully must have their inittab entry changed to include the 'exec' keyword in front of the command name. For example: tgad:23:respawn:/tcb/bin/epa -c 'syshi' -s 'syslo' \ -l tga -u tga -g www 'exec /tcb/lib/tgad' If this is not done, a message will appear on the console indicating that an error has occurred. The error would show which command was having trouble being run from init and would look something like this: INIT: Command respawning too rapidly. Will try again in 5 minutes. Check for possible errors: id:tgad "/tcb/bin/epa -c 'syshi' -s 'syslo' \ -l tga -u tga -g www 'exec /tcb/lib/tgad'"