Patch Name: PHSS_10373 Patch Description: s700_800 10.09-16 VirtualVault syslogd options patch Creation Date: 97/03/14 Post Date: 97/04/10 Warning: 97/04/16 - This Non-Critical Warning has been issued by HP. Changes to key system configuration files which take place after the patch install invocation of setfiles(1M) is run result in system failures, these failures include: 1. S220syslogd script failure The /sbin/rc2.d/S220syslogd fails at boot time with: /sbin/rc[38]: /sbin/rc2.d/S220syslogd: Execute \ permission denied. "/sbin/rc2.d/S220syslogd start" FAILED The incorrect file attributes on /sbin/init.d/syslogd also cause the boot menu to display incorrectly. The setfiles command should be run to correctly set the system's file attributes. 2. X-Terminals will not be managed by VirtualVault The patch documentation does not clearly indicate to the customer that this patch will remove support for remote X terminals. 3. xdm respawning too rapidly If the patch is installed on a system that was using XDMCP to remotely manage X terminal sessions AND the system does not have a local graphics display then post patch installation and post reboot the system will generate the following error messages: INIT: Command is respawning too rapidly. Will try again in 5 minutes. Check for possible errors. id: xdm "/usr/bin/X11/xdm -nodaemon" To correct this problem the customer should edit the /etc/inittab file and modify the line that starts xdm. The third field should be changed from "respawn" to "off". Hardware Platforms - OS Releases: s700: 10.09 10.16 s800: 10.09 10.16 Products: VirtualVault Transaction Server A.01.00 US/Canada Release VirtualVault Transaction Server A.01.00 International Release VirtualVault Transaction Server A.01.01 US/Canada Release VirtualVault Transaction Server A.01.01 International Release Filesets: VaultTS.VAULT-CORE-CMN,A.01.00,A.01.01 Automatic Reboot?: Yes Status: General Superseded With Warnings Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHSS_10373 Symptoms: PHSS_10373: Controlled access enhancements have been added to components of the HP-UX CMW in the areas of syslogd, Xdmcp and the X Window server operation. This patch, PHSS_10373, enables the VirtualVault Transaction Server A.01.00 and A.01.01 to utilize the enhancements made to the underlying HP-UX CMW operating system. Defect Description: PHSS_10373: Enhancements were made to the HP-UX CMW operating system in three areas: syslogd(1M) - Because of the nature of syslogd(1M) and the way that it uses UDP for communication, it was possible to forward to a VirtualVault Transaction Server the syslogd console messages from either the SYSTEM INSIDE or SYSTEM OUTSIDE network. An enhanced syslogd has been created which does not bind to and listen for requests on a UDP socket, thus preventing the acceptance of remote logging requests. This feature has been made available via a '-n' flag during syslogd startup. This patch automatically alters the syslogd startup script, /sbin/init.d/syslogd, to invoke syslogd with a '-n' flag. Xdmcp - xdm(1X) listens on 2 ports, one for the xdmcp protocol (UDP 177) and another on a TCP port for the xdmcp chooser capability. The chooser port is not fixed and is automatically assigned at the time the listen call is made. Both the xdmcp and chooser ports can be disabled in xdmcp by placing the following resource in the xdm resource file (/usr/lib/X11/xdm/xdm-config) : *requestPort: 0 This patch automatically sets this xdm resource. NOTE: VirtualVault will not manage remote X terminal session(s). X server - A feature has been added to the X Window server that will prevent it from opening tcp sockets. This feature can be enabled via a flag, '-ni', upon X server invocation. This patch automatically alters the X window server startup line in /usr/lib/X11/xdm/Xservers to invoke the X server with a '-ni' flag. SR: 4701348623 4701348649 4701348656 Patch Files: /opt/vaultTS/bin/patch_phss10373 what(1) Output: /opt/vaultTS/bin/patch_phss10373: None cksum(1) Output: 1029708608 7010 /opt/vaultTS/bin/patch_phss10373 Patch Conflicts: None Patch Dependencies: s700: 10.09 10.16: PHCO_10387 PHSS_10383 s800: 10.09 10.16: PHCO_10387 PHSS_10383 Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: None Patch Package Size: 70 Kbytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHSS_10373 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHSS_10373.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHSS_10373.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. By default swinstall will archive the original software in /var/adm/sw/patch/PHSS_10373. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHSS_10373.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHSS_10373.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: Disregard the above installation instructions. They are automatically generated and are not specific to the VirtualVault environment. The correct procedure for installing the VirtualVault syslogd options patch (PHSS_10373) is as follows : (Remember that PHSS_10383 and PHCO_10387 MUST be installed previous to installation of this patch!) 1. Backup your system before installing a patch. 2. Login as root; open an xterm window at the SYSTEM level. 3. Copy the patch to the /patches directory. Create /patches using: mkdir -p /patches 4. Move to the /patches directory and unshar the patch: cd /patches sh PHSS_10373 5. Run swinstall to install the patch: swinstall -x match_target=true \ -x autoreboot=true -s /patches/PHSS_10373.depot