OBSOLETE Patch-ID# 114332-25
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security cron at vold bsmconv inetd sighup signals hang
Synopsis: Obsoleted by: 122300-06 SunOS 5.9: c2audit & *libbsm.so.1 Patch
Date: Nov/28/2006
Install Requirements: Reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Solaris Release: 9
SunOS Release: 5.9
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 117469
Topic: SunOS 5.9: c2audit & *libbsm.so.1 Patch
***********************************************************
NOTE: This patch may contain one or more OEM-specific platform ports.
See the appropriate OEM_NOTES file within the patch for
information specific to these platforms.
DO NOT INSTALL this patch on an OEM system if a corresponding
OEM_NOTES file is not present (or is present, but instructs not
to install the patch), unless the OEM vendor directs otherwise.
***********************************************************
Relevant Architectures: sparc sparc.sun4u
Bugs fixed with this patch:
Changes incorporated in this version: 6490446
Patches accumulated and obsoleted by this patch: 112969-04 113496-01 114327-01
Patches which conflict with this patch:
Patches required with this patch:
Obsoleted by: 122300-06
Files included with this patch:
/etc/init.d/volmgt
/etc/rc0.d/K05volmgt
/etc/rc1.d/K05volmgt
/etc/rc2.d/K05volmgt
/etc/rc2.d/S92volmgt (deleted)
/etc/rc3.d/S81volmgt
/etc/rcS.d/K05volmgt
/etc/security/audit_class
/etc/security/audit_event
/etc/security/audit_record_attr
/etc/security/bsmconv
/etc/security/bsmunconv
/kernel/sys/c2audit
/kernel/sys/sparcv9/c2audit
/usr/bin/crontab
/usr/include/bsm/audit.h
/usr/include/bsm/audit_kernel.h
/usr/include/bsm/audit_kevents.h
/usr/include/bsm/audit_record.h
/usr/lib/abi/abi_libbsm.so.1
/usr/lib/abi/sparcv9/abi_libbsm.so.1
/usr/lib/adb/sparcv9/tad
/usr/lib/adb/tad
/usr/lib/libbsm.a
/usr/lib/libbsm.so.1
/usr/lib/sparcv9/libbsm.so.1
/usr/sbin/auditconfig
/usr/sbin/bsmrecord
/usr/sbin/cron
/usr/sbin/inetd
/usr/sbin/praudit
/usr/share/lib/xml/dtd/adt_record.dtd.1
/usr/share/lib/xml/style/adt_record.xsl.1
Problem Description:
6490446 114332-24 postpatch script needs an update
(from 114332-24)
4902763 patch 114332-05 fails with error if SUNWvolr is missing
6425176 inetd wastes time when doing serial rsh connections
(from 114332-23)
4964996 rpc.metamedd does not respond if it's been restarted via inetd
(from 114332-22)
6281786 fatal: vol_init: already a daemon running
(from 114332-21)
6260039 at-jobs which don't have a corresponding ancillary file fail now
(from 114332-20)
4685545 audit_inetd_config gets SEGV if /etc/security/audit_event file is empty
4959077 bsmconv should reuse saved audit_startup file if it exists
5076801 the audit-ID for cron jobs with missing ancillary file can be wrong
(from 114332-19)
5012065 audit_setfsat_path() panics on kernel initiated file rename
(from 114332-18)
5082875 bsmrecord -a > somefile displays uninitialized value message
6192370 L1-A audit records are not being generated
(from 114332-17)
5076694 audit records have invalid return for 64 bit apps
6174905 praudit(1M) displays a newline inside path_attr, exec_args, and exec_env tokens
(from 114332-16)
5093165 praudit -x needs to deal with illegal XML characters
(from 114332-15)
This revision corrects a patch construction error.
(from 114332-14)
5064001 cron drops users for good during name service outage
(from 114332-13)
5042248 umount2(2) audit record missing path audit token
(from 114332-12)
4857394 AUE_MODADDMAJ doesn't check user arguments properly
(from 114332-11)
4904733 allocate(1) and friends may SEGV with certain device_maps
(from 114332-10)
This revision addresses a packaging issue.
(from 114332-09)
4975802 s9 BSM patches break bsm/auditd - replace audit_startup with wrong permissions
(from 114332-08)
4892034 audited system calls hang if auditd killed when audit_policy == 0x5 (argv, cnt)
4916342 praudit does not handle multibyte characters
(from 114332-07)
4779457 cron entries skipped after changing to wintertime
4828108 cron skips jobs
4829732 cron runs job that shouldn't exist
4750749 race condition in cron made worse by bugfix 4387131
(from 114332-06)
4845277 cron may dump core on BSM enabled systems
(from 114332-05)
4833724 assert failure in audit_async_block
4835739 update audit dtd and xsl files
(from 114332-04)
4445394 PSARC/2002/262 Audit trail noise reduction
4647549 PSARC/2002/377 Audit Trail Translation to XML
4647684 PSARC/2002/352 Audit Class Expansion
4473026 pfexec audit event is in the ad class which produces noise
4647683 don't disable L1-A in bsmconv
4688063 packaging for audit config files broken for upgrade
4728819 audit locking broken for interrupt context
4735135 praudit is not getopt compliant
4745590 praudit prints the wrong value for 64bit microseconds in the header token
4778984 libbsm au_to_ipc is wrong
4501255 deadlock between auditd and NFS if file close is audited
4818300 missing attributes in some records for public files
4805352 many untranslatable strings are included in praudit.po
(from 114332-03)
4732828 BSM enabled system can panic referencing NULL p_audit_data
(from 114332-02)
This revision combines cron patch (114327-01) and c2audit patch
(114332-01) in one due to dependency.
(from 114332-01)
4457028 c2_bsm and cron are not working together
4712958 c2_bsm should handle at-jobs spawned by unaudited user
4499864 aug_save_tid_ex does not check for a type IP address type
4761401 auditconfig -setaudit doesn't work on Solaris 8
(from 114327-01)
4457028 c2_bsm and cron are not working together
4712958 c2_bsm should handle at-jobs spawned by unaudited user
4499864 aug_save_tid_ex does not check for a type IP address type
4761401 auditconfig -setaudit doesn't work on Solaris 8
(from 112969-04)
4842901 installf does not handle -R option correctly
(from 112969-03)
4809341 bsmconv fails when SUNWvolr is not installed
(from 112969-02)
4715363 patch 112969-01 can not be added with -R option of patchadd
(from 112969-01)
4592827 vold slows down the boot process
(from 113496-01)
4383820 inetd is hanging and needs to be killed and restarted
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
NOTE 1: To get the complete fix of Audit Enhancement feature, please also
install the following patches:
115004-01 (or greater) kbtrans patch
115006-01 (or greater) kb patch
112233-07 (or greater) Kernel patch
NOTE 2: This patch required a change to the following files that are currently
on your system:
/etc/security/audit_class
/etc/security/audit_event
During the installation of this patch, the following files will be
added to your system and must be site-merged with any local changes
that may be contained in the files that are listed above:
/etc/security/audit_class.new
/etc/security/audit_event.new
README -- Last modified date: Saturday, November 10, 2012