Patch Name: PHCO_21566 Patch Description: s700_800 10.24 (VVOS) patch for shutdown(1m) Creation Date: 00/04/19 Post Date: 00/05/02 Warning: 00/05/10 - This Non-Critical Warning has been issued by HP. - In a specific situation, the removal PHCO_21566 can prevent the use of the shutdown and reboot commands. If PHCO_12510 was installed prior to PHCO_21566, when PHCO_21566 is removed it will incorrectly remove the shutdown authorization from the system. This will prevent the use of the shutdown and reboot commands. - To avoid this problem, HP recommends the following action be taken: 1. Determine if PHCO_12510 was installed prior to PHCO_21566 by issuing the following command as root: grep PHCO_12510 /var/adm/sw/patch/PATCH.log If an entry similar to the following is returned then proceed with step 2 below, otherwise no action is required: PHCO_12510 Superseded by PHCO_21566 2. Make a backup copy of /etc/auth/system/authorize: cp -p /etc/auth/system/authorize /tmp 3. Remove PHCO_21566: swremove PHCO_21566 4. Restore the backup copy of /etc/auth/system/authorize: cp -p /tmp/authorize /etc/auth/system/authorize 5. Install PHCO_21629. - The problem is corrected in PHCO_21629, which is released. PHCO_21629 should be installed after PHCO_21566 is removed. - To prevent reverting patch to PHCO_21566 if PHCO_21629 is removed in the future, HP recommends that PHCO_21566 be removed before PHCO_21629 is installed. If you choose not to remove PHCO_21566 before installing PHCO_21629, the system will still function properly after PHCO_21629 is installed. Hardware Platforms - OS Releases: s700: 10.24 s800: 10.24 Products: N/A Filesets: OS-Core.UX-CORE OS-Core.CORE-ENG-A-MAN VirtualVaultOS.VVOS-AUX-IA Automatic Reboot?: No Status: General Superseded With Warnings Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHCO_21566 Symptoms: PHCO_21566: Ported HP-UX patch PHCO_21574 to VVOS. Based on HP-UX patch PHCO_21574: shutdown(1M) script replaced with compiled program to correct basic functionality problem. PHCO_12510: Users with the 'shutdown' command authorization should be able to use the reboot(1m) and shutdown(1m) commands to bring the system down. Currently these two commands require the 'sysadmin' command authorization. Defect Description: PHCO_21566: HP-UX patch PHCO_21574 corrects a problem with shutdown (1m) which also affects VVOS. Resolution: Ported HP-UX patch PHCO_21574 to VVOS. Based on HP-UX patch PHCO_21574: Proper execution of the command is not assured when considering input variables. Resolution: Input variable is now properly initialized. PHCO_12510: A new command authorization, 'shutdown', is added to the system. The 'sysadmin' and the 'operator' command authorization imply the 'shutdown' command authorization. The shutdown(1m) and reboot(1m) commands are modified to check for the 'shutdown' command authorization instead of the 'sysadmin' command authorization when the commands are used to bring the system down. The 'sysadmin' command authorization is still required to bring the system to single-user mode. SR: 4701367250 1653225102 8606126826 Patch Files: /sbin/reboot /sbin/shutdown /usr/share/man/man1m.Z/reboot.1m /usr/share/man/man1m.Z/shutdown.1m /usr/newconfig/etc/auth/system/authorize what(1) Output: /sbin/shutdown: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Thu Apr 20 16:45:33 EDT 2000 $ cmd/reboot/shutdown.c, hpuxcmdcntl, vvos_davis, davi s161 $Date: 00/04/20 17:07:03 $ $Revision: 1 .19 PATCH_10.24 (PHCO_21566) $ $Revision: 78.1.1.1 $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis158 $Date: 00/04/20 16:59:12 $ $R evision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis158 $Date: 00/04/20 16:59:13 $ $ Revision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis158 $Date: 00/04/20 16:59:15 $ $Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/subsystems.c, libsecurity_util, vvos _davis, davis158 $Date: 00/04/20 16:59:18 $ $Revision: 1.10.1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis158 $Date: 00/04/20 17:01:44 $ $R evision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis158 $Date: 00/04/20 16:59:09 $ $Revi sion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis158 $Date: 00/04/20 16:59:07 $ $Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis158 $Date: 00/04/20 17:04:27 $ $Revisio n: 1.1.1.4 PATCH_10.24 (PHCO_12734) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis158 $Date: 00/04/20 16:59:07 $ $Revi sion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis158 $Date: 00/04/20 17:01:07 $ $R evision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis158 $Date: 00/04/20 16:59:09 $ $Revis ion: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis158 $Date: 00/04/20 17:03:22 $ $Rev ision: 1.9 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis158 $Date: 00/04/20 16:59:10 $ $R evision: 1.14 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Apr 20 2000 19:08:37 /sbin/reboot: $Revision: Hewlett-Packard ISSL Level vvos_davis40 $ $Header: Hewlett-Packard ISSL Release vvos_ davis $ $Date: Thu Apr 20 16:45:33 EDT 2000 $ $Revision: 78.2 $ cmd/reboot/reboot.c, hpuxcmdcntl, vvos_davis, davis1 58 $Date: 00/04/20 17:00:48 $ $Revision: 1.1 8 PATCH_10.24 (PHCO_12510) $ $Revision: 72.2 $ lib/libsecurity/identity.c, libsecurity_util, vvos_d avis, davis158 $Date: 00/04/20 16:59:12 $ $R evision: 1.8 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/privileges.c, libsecurity_util, vvos _davis, davis158 $Date: 00/04/20 16:59:15 $ $Revision: 1.1.1.12 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/authaudit.c, libsecurity_audit, vvos _davis, davis158 $Date: 00/04/20 16:59:07 $ $Revision: 1.21 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/subsystems.c, libsecurity_util, vvos _davis, davis158 $Date: 00/04/20 16:59:18 $ $Revision: 1.10.1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_conf.c, libsecurity_util, vvos_d avis, davis158 $Date: 00/04/20 17:01:44 $ $R evision: 1.5 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/discr.c, libsecurity_util, vvos_davi s, davis158 $Date: 00/04/20 16:59:09 $ $Revi sion: 1.7 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/sec_nls.c, libsecurity, vvos_davis, davis158 $Date: 00/04/20 17:04:27 $ $Revisio n: 1.1.1.4 PATCH_10.24 (PHCO_12734) $ lib/libsecurity/mandlib.c, libsecurity_macilb, vvos_ davis, davis158 $Date: 00/04/20 16:59:13 $ $ Revision: 1.17 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/acllib.c, libsecurity_acl, vvos_davi s, davis158 $Date: 00/04/20 16:59:07 $ $Revi sion: 1.2.3.2 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/auditdb.c, libsecurity_audit, vvos_d avis, davis158 $Date: 00/04/20 17:01:07 $ $R evision: 1.15 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fields.c, libsecurity_ia, vvos_davis , davis158 $Date: 00/04/20 16:59:09 $ $Revis ion: 1.10 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/fileattr.c, libsecurity_fs, vvos_dav is, davis158 $Date: 00/04/20 17:03:22 $ $Rev ision: 1.9 PATCH_10.24 (PHCO_11251) $ lib/libsecurity/getdvagent.c, libsecurity_ia, vvos_d avis, davis158 $Date: 00/04/20 16:59:10 $ $R evision: 1.14 PATCH_10.24 (PHCO_11251) $ Internal_Unsupported_Version libc.a_ID@@/main/r10dav /libc_dav/15 /ux/libc/libs/libc/archive_pa1/libc.a_ID Apr 20 2000 19:08:37 /usr/share/man/man1m.Z/shutdown.1m: None /usr/share/man/man1m.Z/reboot.1m: None /usr/newconfig/etc/auth/system/authorize: $Revision: Hewlett-Packard ISSL 1.16 etc/auth/system /authorize, files_etc, vvos_davis, davis158 $ $Date: 97/09/11 15:36:44 $ */ etc/auth/system/authorize, files_etc, vvos_davis, da vis158 $Date: 00/04/20 16:58:56 $ $Revision: 1.16 PATCH_10.24 (PHCO_12510) $ cksum(1) Output: 3891955557 532480 /sbin/shutdown 2416791592 393216 /sbin/reboot 4281399017 4801 /usr/share/man/man1m.Z/shutdown.1m 643184464 3182 /usr/share/man/man1m.Z/reboot.1m 3214673586 1022 /usr/newconfig/etc/auth/system/authorize Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHCO_12510 Equivalent Patches: PHCO_21567: s700: 11.04 s800: 11.04 PHCO_21534: s700: 11.00 s800: 11.00 Patch Package Size: 990 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHCO_21566 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHCO_21566.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHCO_21566. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHCO_21566.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHCO_21566.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: When removing the patch from the system, make sure that no user account has the 'shutdown' command authorization. If any of the user accounts has the 'shutdown' command authorization the patch cannot be removed.