Patch-ID# 109007-29
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security at atrm batch umount2 c2audit audit_event inetd sighup bsmunconv cron root
Synopsis: SunOS 5.8: at/atrm/batch/cron/inetd patch
Date: Mar/16/2012
Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Solaris Release: 8
SunOS Release: 5.8
Unbundled Product:
Unbundled Release:
Xref: This patch is available for x86 as patch 109008
Topic: SunOS 5.8: at/atrm/batch/cron/inetd patch
*********************************************************************
NOTE: This patch may contain one or more OEM-specific platform ports.
See the appropriate OEM_NOTES file within the patch for
information specific to these platforms.
DO NOT INSTALL this patch on an OEM system if a corresponding
OEM_NOTES file is not present (or is present, but instructs not
to install the patch), unless the OEM vendor directs otherwise.
*********************************************************************
NOTE: Refer to Special Install Instructions section for
IMPORTANT specific information on this patch.
Relevant Architectures: sparc sparc.sun4u
Bugs fixed with this patch:
Changes incorporated in this version: 6655642
Patches accumulated and obsoleted by this patch: 108875-13 111069-01 111624-05
Patches which conflict with this patch:
Patches required with this patch: 108528-01 108989-02 108991-02 108993-01 108997-03 (or greater)
Obsoleted by:
Files included with this patch:
/etc/security/audit_class
/etc/security/audit_event
/etc/security/bsmconv
/etc/security/bsmunconv
/kernel/sys/c2audit
/kernel/sys/sparcv9/c2audit
/usr/bin/at
/usr/bin/atq
/usr/bin/atrm
/usr/bin/batch
/usr/bin/crontab
/usr/bin/pfexec
/usr/include/bsm/audit_kevents.h
/usr/include/bsm/audit_record.h
/usr/include/bsm/audit_uevents.h
/usr/lib/abi/abi_libbsm.so.1
/usr/lib/abi/sparcv9/abi_libbsm.so.1
/usr/lib/libbsm.a
/usr/lib/libbsm.so
/usr/lib/libbsm.so.1
/usr/lib/llib-lbsm
/usr/lib/llib-lbsm.ln
/usr/lib/sparcv9/libbsm.so
/usr/lib/sparcv9/libbsm.so.1
/usr/lib/sparcv9/llib-lbsm.ln
/usr/sbin/auditconfig
/usr/sbin/auditd
/usr/sbin/cron
/usr/sbin/inetd
/usr/sbin/praudit
Problem Description:
6655642 problem with audit admin
(from 109007-28)
6414737 auditconfig -setasid, -setaudit, -setauid issues
(from 109007-27)
6744624 cron may ignore jobs when initializing if system clock is reset
(from 109007-26)
6618839 crontab(1) temporary file creation can be circumvented
6620661 possible race condition issue in crontab(1)
(from 109007-25)
6425176 inetd wastes time when doing serial rsh connections
(from 109007-24)
4279478 in.ftpd does not generate an audit record when the ftp session completes
(from 109007-23)
5064001 cron drops users for good during name service outage
(from 109007-22)
4403608 need cred locking on some syscall audits
(from 109007-21)
4964996 rpc.metamedd does not respond if it's been restarted via inetd
(from 109007-20)
4344166 audit trail corruption on closing audit files
6260039 at-jobs which don't have a corresponding ancillary file fail now
(from 109007-19)
4685545 audit_inetd_config gets SEGV if /etc/security/audit_event file is empty
4959077 bsmconv should reuse saved audit_startup file if it exists
5076801 the audit-ID for cron jobs with missing ancillary file can be wrong
(from 109007-18)
4857394 AUE_MODADDMAJ doesn't check user arguments properly
4904733 allocate(1) and friends may SEGV with certain device_maps
(from 109007-17)
This revision includes the updated postpatch script needed for
bug fix 4892034.
(from 109007-16)
4892034 audited system calls hang if auditd killed when audit_policy == 0x5 (argv, cnt)
(from 109007-15)
4925561 pfexec doesn't handle some invalid exec_attr entries correctly
(from 109007-14)
4779457 cron entries skipped after changing to wintertime
4828108 cron skips jobs
4829732 cron runs job that shouldn't exist
4750749 race condition in cron made worse by bug fix 4387131
(from 109007-13)
4845277 cron may dump core on BSM enabled systems
(from 109007-12)
4398611 pfexec should directly audit its use
4473022 pfexec without a defined group audits with group -1
4647684 PSARC/2002/352 Audit Class Expansion
(from 109007-11)
4732828 BSM enabled system can panic referencing NULL p_audit_data
(from 109007-10)
4801947 Solaris 8 cron patch rev -08 requires libbsm patch rev -13
(from 109007-09)
4776480 at -r job name handling and race conditions
(from 109007-08)
4457028 c2_bsm and cron are not working together
4712958 c2_bsm should handle at-jobs spawned by unaudited user
(from 109007-07)
4519829 cron can skip jobs under certain conditions
(from 109007-06)
4387131 BMC Patrol (Best/1) product fails to collect data due to Solaris cron failure
(from 109007-05)
4368876 at does not execute 7 submitted jobs during the next cron cycle, takes > 4 min
(from 109007-04)
4379735 at, batch, cron allow user not in allow file to run command
(from 109007-03)
4261967 no cronjobs if homedir of user is NFS mounted and has perm like 0700
(from 109007-02)
4304184 atjobs leaves temporary files
(from 109007-01)
4312278 tasks, projects, extended accounting project
(from 108875-13)
4457028 c2_bsm and cron are not working together
4712958 c2_bsm should handle at-jobs spawned by unaudited user
4499864 aug_save_tid_ex does not check for a type IP address type
4761401 auditconfig -setaudit doesn't work on Solaris 8
(from 108875-12)
4132950 no AUE_inetd_connect records recorded
4311626 na masks in audit_control are not set at system boot
(from 108875-11)
4525250 certain security relevant system calls are not auditable
(from 108875-10)
4331401 segmentation violation in au_user_mask()
(from 108875-09)
4349180 praudit on Solaris 8 cannot print audit log files produced by auditd on Solaris8
1253973 bsm does not audit write or writev system calls
(from 108875-08)
4353965 CDE logout / exit fails with Tooltalk message
(from 108875-07)
4339611 BSM does not work with some of the options
4344275 64 bit problem with libbsm audit_class.c
(from 108875-06)
4336689 typo's in /etc/security/audit_event
4336959 audit record ID's incorrect for xmknod, xstat, lxstat
(from 108875-05)
4325997 BSM lacks hooks to support administrator authentication
(from 108875-04)
4307306 stopping c2 auditing does not always stop auditing in the kernel
(from 108875-03)
4322741 recent change to sonode structure needlessly breaks lsof
(from 108875-02)
4224166 TPI messages get flushed if 3rd party module processes M_PROTO in service procedure
4290575 2nd connect() to determine status of non-blocking connect sends extra Syn
(from 108875-01)
4308525 the umount2 system call is not audited
(from 111624-05)
4521343 inetd outputs wrong error messages
(from 111624-04)
4383820 inetd is hanging and needs to be killed and restarted
(from 111624-03)
4132950 no AUE_inetd_connect records recorded
4314498 inetd generates two audit records instead of one
(from 111624-02)
4345189 inetd fails to monitor outstanding wait services after a SIGHUP
(from 111624-01)
4343874 *inetd* rpc calls fail: Illegal file descriptor
(from 111069-01)
4383308 bsmunconv overwrites root's crontab if customer has created dir called /tmp/root
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
NOTE 1: To get the complete support for Tasks, Projects and Accounting,
please also install the following patches:
108995-01 (or greater) /usr/lib/libproc.so.1 patch
109025-01 (or greater) /usr/bin/sparcv7/truss and
/usr/bin/sparcv9/truss patch
109003-01 (or greater) /etc/init.d/acctadm and
/usr/sbin/acctadm patch
109009-01 (or greater) /etc/magic and /usr/bin/file patch
109019-01 (or greater) /usr/bin/priocntl patch
109027-01 (or greater) /usr/bin/wracct patch
109011-01 (or greater) /usr/bin/id and /usr/xpg4/bin/id patch
109013-01 (or greater) /usr/bin/lastcomm patch
109015-01 (or greater) /usr/bin/newtask patch
108999-01 (or greater) PAM patch
109021-01 (or greater) /usr/bin/projects patch
109023-01 (or greater) /usr/bin/sparcv7/ps and
/usr/bin/sparcv9/ps patch
109005-01 (or greater) /sbin/su.static and /usr/bin/su patch
109035-01 (or greater) useradd/userdel/usermod patch
109029-01 (or greater) perl patch
109017-01 (or greater) /usr/bin/pgrep and /usr/bin/pkill patch
109033-01 (or greater) /usr/bin/sparcv7/prstat and
/usr/bin/sparcv9/prstat patch
109037-01 (or greater) /var/yp/Makefile and
/var/yp/nicknames patch
109031-01 (or greater) projadd/projdel/projmod patch
NOTE 2: To get the complete fix for 4224166 (TPI messages get flushed if 3rd
party module processes), please also install the following patches:
109043-01 (or greater) sonode adb macro patch
109041-01 (or greater) sockfs patch
109045-01 (or greater) /usr/sbin/sparcv7/crash and
/usr/sbin/sparcv9/crash patch
NOTE: The list of 'patches required with this patch' (above) has been
modified from the list specified at patch creation time. The reason for
the modification is that one or more of the required patches was
either never released or withdrawn after its release. The following
substitutions (which are guaranteed to satisfy the original requirements)
were therefore made:
108989-02 replaces 108989-01
108997-03 replaces 108997-01
README -- Last modified date: Friday, November 9, 2012