Patch Name: PHCO_11132 Patch Description: s700_800 10.24 (VVOS) auditcmd/reduce cumulative patch Creation Date: 97/09/20 Post Date: 97/10/06 Hardware Platforms - OS Releases: s700: 10.24 s800: 10.24 Products: N/A Filesets: VirtualVaultOS.VVOS-AUX-AUDIT VirtualVaultOS.VVSAUD-ENG-A-MAN VirtualVaultOS.VVOS-AUX-IA Automatic Reboot?: Yes Status: General Superseded Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHCO_11132 Symptoms: PHCO_11132: Reduce and alarmd do not support localization, a feature required by current customers. PHSS_10501: Under certain circumstances, reduce and alarmd can terminate abnormally when processing large audit records. Defect Description: PHCO_11132: This patch allows auditcmd/reduce/alarmd to retrieve their messages out of message catalogs and process multibyte characters. PHSS_10501: Large audit records submitted by privileged programs can result in reduce reporting a potential compression buffer overflow before abnormally terminating. The compression buffer is dynamically allocated and not in the process's stack. SR: 4701349159 4701354761 4701359273 4701359281 Patch Files: /usr/bin/auditcmd /tcb/bin/auditcmd /usr/bin/reduce /tcb/bin/reduce /tcb/bin/alarmd /tcb/bin/mkaud /usr/lib/nls/msg/C/reduce.cat /usr/lib/nls/msg/C/auditcmd.cat /etc/auth/system/files.fcdb/05.patches/PHCO11132.fcdb /usr/share/man/man1m.Z/reduce.1m /usr/share/man/man1m.Z/alarmd.1m /usr/share/man/man1m.Z/auditcmd.1m what(1) Output: /tcb/bin/auditcmd: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Sat Sep 13 07:52:18 EDT 1997 $ seccmd/auditcmd.c, cmdsaudit, vvos_davis, davis26 $D ate: 97/09/12 17:04:09 $ $Revision: 1.14.3.4 PATCH_10.24 (PHCO_11132) $ lib/libsecurity/getprdfent.c, libsecurity_ia, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.6.1.4 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis24 $Date: 97/09/12 17:03:54 $ $R evision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:50 $ $ Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/psecerror.c, libsecurity_util, vvos_ davis, davis24 $Date: 97/09/12 17:03:50 $ $R evision: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/subsystems.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:52 $ $ Revision: 1.10.1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis24 $Date: 97/09/12 17:03:45 $ $Revision : 1.3 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis24 $Date: 97/09/12 17:03:52 $ $Re vision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis24 $Date: 97/09/12 17:03:47 $ $Revis ion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis24 $Date: 97/09/12 17:03:47 $ $Revisi on: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getprpwent.c, libsecurity_ia, vvos_d avis, davis24 $Date: 97/09/12 17:03:53 $ $Re vision: 1.9.2.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getprtcent.c, libsecurity_ia, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.9 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis24 $Date: 97/09/12 17:03:46 $ $ Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:55 $ $Re vision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_errlst.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:50 $ $ Revision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis24 $Date: 97/09/12 17:03:54 $ $Revis ion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.14 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis24 $Date: 97/09/12 17:03:47 $ $Revi sion: 1.9 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Sep 13 1997 10:09:41 /tcb/bin/reduce: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Sat Sep 13 07:52:18 EDT 1997 $ seccmd/reduce.c, cmdsaudit, vvos_davis, davis26 $Dat e: 97/09/12 17:04:07 $ $Revision: 1.69 PATCH _10.24 (PHCO_11132) $ lib/libsecalarm/app_event.c, libsecalarm, vvos_davis , davis41 $Date: 97/09/12 17:05:36 $ $Revisi on: 1.2.1.7 PATCH_10.24 (PHCO_11954) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis24 $Date: 97/09/12 17:03:54 $ $Revis ion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis24 $Date: 97/09/12 17:03:47 $ $Revisi on: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis24 $Date: 97/09/12 17:03:54 $ $R evision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/printbuf.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:50 $ $Re vision: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:50 $ $ Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/subsystems.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:52 $ $ Revision: 1.10.1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:55 $ $Re vision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis24 $Date: 97/09/12 17:03:45 $ $Revision : 1.3 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis24 $Date: 97/09/12 17:03:47 $ $Revis ion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.14 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis24 $Date: 97/09/12 17:03:46 $ $ Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis24 $Date: 97/09/12 17:03:52 $ $Re vision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis24 $Date: 97/09/12 17:03:47 $ $Revi sion: 1.9 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Sep 13 1997 10:09:41 /tcb/bin/alarmd: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Sat Sep 13 07:52:18 EDT 1997 $ seccmd/reduce.c, cmdsaudit, vvos_davis, davis26 $Dat e: 97/09/12 17:04:07 $ $Revision: 1.69 PATCH _10.24 (PHCO_11132) $ seccmd/alarm.c, cmdsaudit, vvos_davis, davis26 $Date : 97/09/12 17:04:08 $ $Revision: 1.22.1.3 PA TCH_10.24 (PHCO_11132) $ /tcb/bin/mkaud: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Sat Sep 13 07:52:18 EDT 1997 $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis24 $Date: 97/09/12 17:03:47 $ $Revis ion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:50 $ $ Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/subsystems.c, libsecurity_util, vvos _davis, davis24 $Date: 97/09/12 17:03:52 $ $ Revision: 1.10.1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis24 $Date: 97/09/12 17:03:55 $ $Re vision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis24 $Date: 97/09/12 17:03:46 $ $ Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis24 $Date: 97/09/12 17:03:45 $ $Revision : 1.3 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis24 $Date: 97/09/12 17:03:54 $ $Revis ion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis24 $Date: 97/09/12 17:03:52 $ $Re vision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis24 $Date: 97/09/12 17:03:47 $ $Revisi on: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis24 $Date: 97/09/12 17:03:54 $ $R evision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis24 $Date: 97/09/12 17:03:47 $ $Revi sion: 1.9 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis24 $Date: 97/09/12 17:03:48 $ $Re vision: 1.14 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Sep 13 1997 10:09:41 /usr/bin/auditcmd: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Sat Sep 13 07:52:18 EDT 1997 $ seccmd/auditcmd.c, cmdsaudit, vvos_davis, davis26 $D ate: 97/09/12 17:04:09 $ $Revision: 1.14.3.4 PATCH_10.24 (PHCO_11132) $ /usr/bin/reduce: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Sat Sep 13 07:52:18 EDT 1997 $ seccmd/reduce.c, cmdsaudit, vvos_davis, davis26 $Dat e: 97/09/12 17:04:07 $ $Revision: 1.69 PATCH _10.24 (PHCO_11132) $ /usr/lib/nls/msg/C/reduce.cat: None /usr/lib/nls/msg/C/auditcmd.cat: None /etc/auth/system/files.fcdb/05.patches/PHCO11132.fcdb: $Revision: Hewlett-Packard ISSL 1.3 etc/auth/system/ files.fcdb/05.patches/PHCO11132.fcdb, files_ etc, vvos_davis, davis26 $ $Date: 97/08/20 1 7:03:44 $ etc/auth/system/files.fcdb/05.patches/PHCO11132.fcdb , files_etc, vvos_davis, davis26 $Date: 97/0 9/12 17:04:09 $ $Revision: 1.3 PATCH_10.24 ( PHCO_11132) $ /usr/share/man/man1m.Z/reduce.1m: None /usr/share/man/man1m.Z/alarmd.1m: None /usr/share/man/man1m.Z/auditcmd.1m: None cksum(1) Output: 3696826591 458752 /tcb/bin/auditcmd 3294157619 540672 /tcb/bin/reduce 2131063833 118784 /tcb/bin/alarmd 2981335073 438272 /tcb/bin/mkaud 456638795 1818 /etc/auth/system/files.fcdb/05.patches/ PHCO11132.fcdb 1367280492 20480 /usr/bin/auditcmd 467147427 102400 /usr/bin/reduce 1885941187 27226 /usr/lib/nls/msg/C/reduce.cat 2848346439 1773 /usr/lib/nls/msg/C/auditcmd.cat 2491255109 5671 /usr/share/man/man1m.Z/reduce.1m 263537385 3572 /usr/share/man/man1m.Z/alarmd.1m 1853180505 3275 /usr/share/man/man1m.Z/auditcmd.1m Patch Conflicts: None Patch Dependencies: s700: 10.24: PHCO_11251 PHCO_11954 s800: 10.24: PHCO_11251 PHCO_11954 Hardware Dependencies: None Other Dependencies: None Supersedes: PHSS_10501 Equivalent Patches: None Patch Package Size: 1760 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHCO_11132 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHCO_11132.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHCO_11132.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. By default swinstall will archive the original software in /var/adm/sw/patch/PHCO_11132. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHCO_11132.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHCO_11132.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: If this patch is installed in conjunction with a new VirtualVault 2.0 installation, this patch must be applied after the installation of the VirtualVault software. If this patch is not installed after the VirtualVault software has been loaded, the commands reduce, alarmd, and auditcmd will not be the latest version and the functionality of this patch will be lost.