Patch Name: PHNE_20773 Patch Description: s700_800 10.26 radm(1M) cumulative patch Creation Date: 00/01/21 Post Date: 00/01/26 Hardware Platforms - OS Releases: s700: 10.26 s800: 10.26 Products: N/A Filesets: BLS.BLS-CORE NFS.NIS-SERVER Automatic Reboot?: No Status: General Release Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHNE_20773 Symptoms: PHNE_20773: Certain yp commands require network functionality. PHNE_16960: 1. When a machine is configured with DNS and radm(1M) is run (eg. via /sbin/init.d/nis.client stop), you see an error message: radmd: Not Authorised to run remote session 2. No auditing was happening on either error or success. Defect Description: PHNE_20773: The ypwrapper for ypmake, ypinit, etc used radm(1M) to increase privileges instead of setbaseprivs(3). * Resolution: Use setbaseprivs(3) instead of radm. Remove special case code from radmd and radm. PHNE_16960: 1. radm and associated tools do not deal with fully qualified domain names. So, when DNS is enabled, radm fails because myhost != myhost.xxx.xx.com. 2. No radm or radmd audits are submitted by the trusted programs. Resolution: 1. Use canonical hostname for all comparisons. 2. The radm and radmd utilities now proactively audit their actions and any errors. SR: 0000000000 Patch Files: /tcb/bin/radm /tcb/bin/radmd /tcb/bin/ypwrapper /etc/auth/system/files.fcdb/15.net/PHNE_16960.fcdb /etc/auth/system/files.fcdb/15.net/PHNE_20773.fcdb what(1) Output: /tcb/bin/radm: 2000/01/05 Hewlett-Packard HP-UX 10.26 TOS [ ic5eb - DAV17 ] 00/01/21 seccmd/radm/radm.c, hpux, hpux_10.26 Revisi on 1.19 PATCH_10.26 (PHNE_20773) 00/01/05 seccmd/radm/radmlib.c, hpux, hpux_10.26, ic 5eb Revision 1.5 PATCH_10.26 (PHNE_16960) /tcb/bin/radmd: 2000/01/05 Hewlett-Packard HP-UX 10.26 TOS [ ic5eb - DAV17 ] 00/01/05 seccmd/radm/radmd.c, hpux, hpux_10.26, ic5e b Revision 1.18 PATCH_10.26 (PHNE_20773) /tcb/bin/ypwrapper: 2000/01/05 Hewlett-Packard HP-UX 10.26 TOS [ ic5eb - DAV17 ] 99/12/22 services/NFS/cmds/usr.etc/ypwrap/ypwrapper. c, hpux, hpux_10.26, ic5eb Revision 1.7 PATC H_10.26 (PHNE_20773) /etc/auth/system/files.fcdb/15.net/PHNE_16960.fcdb: 99/03/08 etc/auth/system/files.fcdb/15.net/PHNE_1696 0.fcdb, hpux, hpux_10.26, ic5bd Revision 1.3 PATCH_10.26 (PHNE_16960) /etc/auth/system/files.fcdb/15.net/PHNE_20773.fcdb: 99/12/22 etc/auth/system/files.fcdb/15.net/PHNE_2077 3.fcdb, hpux, hpux_10.26, ic5eb Revision 1.1 PATCH_10.26 (PHNE_20773) cksum(1) Output: 666831955 20480 /tcb/bin/radm 118547808 24576 /tcb/bin/radmd 139281426 16384 /tcb/bin/ypwrapper 259672838 344 /etc/auth/system/files.fcdb/15.net/ PHNE_16960.fcdb 1947789221 1219 /etc/auth/system/files.fcdb/15.net/ PHNE_20773.fcdb Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHNE_16960 Equivalent Patches: None Patch Package Size: 120 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_20773 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHNE_20773.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHNE_20773. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHNE_20773.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_20773.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None