Patch-ID# 124206-02 NOTE: *********************************************************************** READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE. *********************************************************************** Keywords: security libtsol libtsnet Synopsis: SunOS 5.10: libtsol patch Date: Oct/10/2006 Install Requirements: Reconfigure immediately after patch is installed Install in Single User Mode Solaris Release: 10 SunOS Release: 5.10 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 124207 Topic: SunOS 5.10: libtsol patch Relevant Architectures: sparc BugId's fixed with this patch: 1236941 5039974 5080821 6227744 6249707 6268229 6270225 6293271 6313214 6355953 6357764 6378316 6388050 6389264 6391893 6394554 6398564 6403267 6404051 6404290 6404563 6404654 6404729 6404877 6405400 6405777 6406097 6407402 6407920 6411400 6411980 6412471 6413767 6413809 6414797 6415528 6415535 6429516 6431503 6433603 6435911 6450052 6457407 6458668 6465639 Changes incorporated in this version: 1236941 6357764 6388050 6415535 6435911 6457407 6458668 6465639 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /lib/libtsnet.so.1 /lib/libtsol.so /lib/libtsol.so.2 /lib/llib-ltsnet /lib/llib-ltsnet.ln /lib/llib-ltsol /lib/llib-ltsol.ln /lib/sparcv9/libtsnet.so /lib/sparcv9/libtsnet.so.1 /lib/sparcv9/libtsol.so /lib/sparcv9/libtsol.so.2 /lib/sparcv9/llib-ltsnet.ln /lib/sparcv9/llib-ltsol.ln /usr/lib/libtsnet.so /usr/lib/libtsnet.so.1 /usr/lib/libtsol.so /usr/lib/libtsol.so.2 /usr/lib/llib-ltsnet.ln /usr/lib/llib-ltsol.ln /usr/lib/sparcv9/libtsnet.so /usr/lib/sparcv9/libtsnet.so.1 /usr/lib/sparcv9/libtsol.so /usr/lib/sparcv9/libtsol.so.2 /usr/lib/sparcv9/llib-ltsnet.ln /usr/lib/sparcv9/llib-ltsol.ln Problem Description: 6465639 useradd usermod passmgmt need support for Trusted Extensions keywords 1236941 would like usermod -c to not abort if the user is logged in 6357764 monitor manipulation in FEM panics 6388050 the message for successful password update is a PAM_ERROR_MSG 6415535 audit_event TX code review issues 6435911 root can't login via console CLI if label daemon is not running 6457407 the fix for 6431503 broke printer banners for complex labels 6458668 TX route get changes can cause panic if passed an ioctl with NULL credentials (from 124206-01) 5080821 auditconfig(1M)'s usage message is not up-to-date 6249707 auditconfig has unused variables 6378316 auditconfig has undocumented commands that do nothing and undocumented redundant commands 6398564 auditconfig TX code review issues 6407402 named pipes should work between labeled zones to support write up 6411980 getlabel(2) returns wrong label for lofs mounted FIFOs 6415528 syslog plugin TX code review issues 6431503 label_to_str printer_caveats and printer_channels always start with a space 6433603 panic occurs when setting the audit flags to "all" 6394554 integrate Solaris Trusted Extensions 5039974 modhash could do with an mdb walker 6429516 tx10: mkdevmaps should not be a link to mkdevalloc 6227744 sys/modhash.h has an unnecessary nested include 6268229 gcc and snoop don't get along 6270225 gcc and route don't get along 6293271 Zone processes should use zone_kcred instead of kcred 6313214 hextoalabel(1M) succeeds with hexadecimal label that is invalid by one character 6355953 assertion failed: cpu == CPU, file: ../../i86pc/vm/hat_i86.c, line: 925 6403267 address remaining issues raised during TX code reviews 6389264 acl_totext needs support for bypassing nameservice lookup 6391893 acl_totext support for bypassing nameservice lookup needs to support ZFS-style ACLs 6404051 ABI versioning is missing for sparcv9 and amd64 libtsnet 6404290 snoop uses is_system_labeled as if it were a variable 6404563 Trusted integration breaks part of ucred propagation 6404654 zoneadm mount command fails on labeled systems 6404729 libtsol changes needed for gcc 6404877 classifications should be range-checked during label conversions 6405400 sctp_send_abort() tips over referencing uninitialized variable 6405777 SCTP cannot find a correct source address 6406097 tsol_option_set breaks userland IP option setting 6407920 TX panic during lo_mount 6411400 Solaris trusted extensions putback breaks SC build 6412471 str_to_label error offsets into the string are dependent on leading spaces 6413767 sort out libc versions for U3 (and TLC) 6413809 Trusted Extensions automount daemon failure in reading-down over NFS 6414797 code in zone_find_by_any_path generates bad assembly code and panics, can be worked around with change 6450052 missing TX deliverables Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-10 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- NOTE 1: If you're planning to set up Zones on this system, please make sure to install the following patch which fixes bugid 6216195 (zone installation confused by UPDATE=yes in pkginfo(4) file): 119015-01 (or greater) Install and Patch Utilities Patch (Note that 119254 has superseded 119015; installation of the current version is recommended to be preferred, due to its central role in the installation and removal of patches.) README -- Last modified date: Tuesday, October 10, 2006