 |
≫ |
|
|
|
パッチ名: PHCO_35874
パッチ摘要: s700_800 11.23 ugm累積パッチ
作成日: 07/01/25
公開日: 07/03/13
ハードウェアプラットフォームおよびOSリリース:
s700: 11.23
s800: 11.23
現象:
PHCO_35874:
(SR:8606463302 CR:JAGag19091)
この製品アップデートは、オプションのHP-UX Restricted Movement of Home
Directories機能を使用可能にするために必要な一連の製品アップデートの1つ
です。HP-UX Restricted Movement of Home Directoriesバンドル
(UsermodRestHome)をインストールすると、Restricted Movement of Home
Directories機能を使用可能にするために必要なすべての製品アップデート(こ
の製品アップデートも含む)がインストールされます。
HP-UX Restricted Movement of Home Directories製品がインストールされて
いない場合、この製品アップデートはシステムに対してなにも影響を与えませ
ん。
問題点の説明:
PHCO_35874:
(SR:8606463302 CR:JAGag19091)
この製品アップデートにはHP-UX Restricted Movement of Home Directories
を使用可能にするために必要な一部の拡張機能が含まれています。
解決方法:
HP-UX Restricted Movement of Home Directoriesを認識して、そのバンドル
がインストールされている場合は適切なアクションを取るようにusermod(1M)
を拡張しました。
-----------------------------------------------------------------------------
Patch Name: PHCO_35874
Patch Description: s700_800 11.23 ugm cumulative patch
Creation Date: 07/01/25
Post Date: 07/03/13
Hardware Platforms - OS Releases:
s700: 11.23
s800: 11.23
Products: N/A
Filesets:
OS-Core.ADMN-ENG-A-MAN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,v=HP
OS-Core.SYS-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,v=HP
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP
Automatic Reboot?: No
Status: General Release
Critical:
No (superseded patches were critical)
PHCO_34764: CORRUPTION
Category Tags:
defect_repair enhancement general_release critical
corruption
Path Name: /hp-ux_patches/s700_800/11.X/PHCO_35874
Symptoms:
PHCO_35874:
( SR:8606463302 CR:JAGag19091 )
This product update is a member of a set needed to enable
the optional HP-UX Restricted Movement of Home Directories
feature. Upon installation, the HP-UX Restricted Movement of
Home Directories bundle (UsermodRestHome) will install the
full set of product updates (including this one) to enable
the Restricted Movement of Home Directories feature.
If the HP-UX Restricted Movement of Home Directories
product is not installed, this product update will have no
impact on your system.
PHCO_34764:
( SR:8606426888 CR:JAGaf86369 )
Under certain scenarios, useradd/usermod/userdel are not
working as expected.
( SR:8606430827 CR:JAGaf90284 )
usermod(1M) incorrectly changes ownership of all the files
and directories residing in the home directory irrespective
of the ownership.
( SR:8606425738 CR:JAGaf85246 )
In a particular scenario, usermod(1M) is not working as
expected.
( SR:8606418034 CR:JAGaf77867 )
usermod(1M) is accessing /etc/group file even when not
needed. If an unexpected reboot occurs when useradd(1M) is
running, then /etc/group file may get corrupted.
PHCO_33980:
( SR:8606406545 CR:JAGaf66451 )
This product update is required to pre-enable the
adjustment of a system configurable limit.
PHCO_32253:
( SR:8606379594 CR:JAGaf39843 )
This patch is a member of a set needed to enable the
optional HP-UX Standard Mode Security Extensions feature.
Upon installation, the HP-UX Standard Mode Security
Extensions bundle (StdModSecExt) will install the full set
of patches (including this one) required to enable the
Standard Mode Security Extensions feature.
If the Standard Mode Security Extensions feature is not
enabled, this patch will have no impact on your system.
PHCO_31566:
( SR:8606350634 CR:JAGaf11446 )
usermod(1M) tries to modify the home directory even when
modifying comments and supplementary group for a user.
( SR:8606350635 CR:JAGaf11447 )
The usermod -e '''' syntax does not work for the Shadow
password mode: When usermod is invoked with -e and "''''",
the usermod should update the /etc/shadow file, which is
not happening.
Defect Description:
PHCO_35874:
( SR:8606463302 CR:JAGag19091 )
This product update contains minor enhancements required to
enable the HP-UX Restricted Movement of Home Directories.
Resolution:
usermod(1M) has been made aware of HP-UX Restricted
Movement of Home Directories and will take the appropriate
actions when the HP-UX Restricted Movement of Home
Directories bundle is installed.
PHCO_34764:
( SR:8606426888 CR:JAGaf86369 )
Under certain scenarios, useradd/usermod/userdel are not
working as expected.
Resolution:
Now, useradd/usermod/userdel has been fixed to work as
expected.
( SR:8606430827 CR:JAGaf90284 )
When a user's home directory is modified, if the old home
directory happens to be same as the new home directory, then
usermod(1M) recursively changes the ownership of all the
files and directories in it, irrespective of their
ownership.
Resolution:
usermod(1M) has been fixed to change the ownership of files
and directories appropriately.
( SR:8606425738 CR:JAGaf85246 )
In a particular scenario, usermod(1M) is not working as
expected.
Resolution:
Now, usermod(1M) has been fixed to work as expected.
( SR:8606418034 CR:JAGaf77867 )
useradd(1M) is accessing /etc/group file even when -g option
is used. Actually useradd(1M) need not access /etc/group
file when invoked with -g option.
If the system misbehaves in the midst of an operation of
useradd <new user>, then /etc/group file could be
corrupted after the reboot.
Resolution:
useradd(1M) and usermod(1M) have been modified to handle
this problem.
PHCO_33980:
( SR:8606406545 CR:JAGaf66451 )
This product update contains minor enhancements required to
pre-enable the adjustment of a system configurable limit.
Resolution:
ugm commands are enhanced to address the adjustment in the
system configurable limit.
PHCO_32253:
( SR:8606379594 CR:JAGaf39843 )
This patch contains enhancements that support the Standard
Mode Security Extensions feature.
Resolution:
When the Standard Mode Security Extensions feature is
installed, this module supports the following:
1. useradd(1M) and usermod(1M) support the -f option
for shadow password systems.
2. userdel(1M) removes the user information from the
user database when a user is deleted.
3. usermod(1M) updates the user database when the -l
option is used to change the login name.
PHCO_31566:
( SR:8606350634 CR:JAGaf11446 )
usermod(1M) tries to modify the home directory i.e. tries to
change its userid and groupid, even when modifying the
following parameters of the user:
comments,
supplementary group,
shell,
expire date,
login name or
inactive period
Steps to reproduce the problem :
# useradd -d /tmp/test_dir -m test_usr
# chmod 700 /tmp/test_dir/
# usermod -c "hello" test_usr
Cannot modify home directory
The above error message should not come while updating the
comment or supplementary group id.
Resolution:
usermod(1M) has been corrected so that it does not modify
the home directory.
( SR:8606350635 CR:JAGaf11447 )
When usermod -e is invoked with "''''" for a particular
user the /etc/shadow file should get updated with expire
date field of that user to null, which is not happening.
It can be reproduced as follows,
# usermod -e '7/22/04' tstusr1
# echo $?
0
# grep tstusr1 /etc/shadow
tstusr1::12461:::::12621:
<-- the sp_expire field ':12621:' has been added
# usermod -e '''' tstusr1
# echo $?
0
# grep tstusr1 /etc/shadow
tstusr2::12461:::::12621:
<-- the sp_expire field has not been removed.
Resolution:
The check is added to see if the string given to
usermod -e is '''', then the expiry date field for the
user on which it was invoked will be disabled.
Enhancement:
Yes
PHCO_35874:
Support added for Restricted Movement of Home
Directories.
PHCO_33980:
Pre-enablement of the adjustment of a system
configurable limit.
PHCO_32253:
Pre-enablement for the Standard Mode Security
Extensions feature.
SR:
8606463302 8606426888 8606430827 8606425738 8606418034
8606406545 8606350634 8606350635 8606379594
Patch Files:
OS-Core.ADMN-ENG-A-MAN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,
v=HP:
/usr/share/man/man1m.Z/useradd.1m
/usr/share/man/man1m.Z/userdel.1m
/usr/share/man/man1m.Z/usermod.1m
OS-Core.SYS-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,v=HP:
/usr/lib/nls/msg/C/ugm.cat
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP:
/usr/sbin/groupadd
/usr/sbin/useradd
/usr/sbin/userdel
/usr/sbin/usermod
/usr/sbin/groupdel
/usr/sbin/groupmod
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP:
/usr/sbin/groupadd
/usr/sbin/useradd
/usr/sbin/userdel
/usr/sbin/usermod
/usr/sbin/groupdel
/usr/sbin/groupmod
what(1) Output:
OS-Core.ADMN-ENG-A-MAN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,
v=HP:
/usr/share/man/man1m.Z/useradd.1m:
None
/usr/share/man/man1m.Z/userdel.1m:
None
/usr/share/man/man1m.Z/usermod.1m:
None
OS-Core.SYS-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,v=HP:
/usr/lib/nls/msg/C/ugm.cat:
None
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP:
/usr/sbin/groupadd:
groupadd.c $Date: 2005/11/17 04:42:05 $Revision: r11
.23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/useradd:
useradd.c $Date: 2006/06/29 04:25:49 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
walkfs.c $Date: 2006/09/05 17:46:18 $Revision: r11.2
3/2 PATCH_11.23 (PHCO_35369)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/userdel:
userdel.c $Date: 2005/11/17 04:43:32 $Revision: r11.
23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/usermod:
usermod.c $Date: 2007/01/24 08:14:53 $Revision: r11.
23/7 PATCH_11.23 (PHCO_35874)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
walkfs.c $Date: 2006/09/05 17:46:18 $Revision: r11.2
3/2 PATCH_11.23 (PHCO_35369)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/groupdel:
groupadd.c $Date: 2005/11/17 04:42:05 $Revision: r11
.23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/groupmod:
groupadd.c $Date: 2005/11/17 04:42:05 $Revision: r11
.23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP:
/usr/sbin/groupadd:
$Revision: 92453-07 linker linker crt0.o B.11.16.01
030415 $
groupadd.c $Date: 2005/11/17 04:42:05 $Revision: r11
.23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/useradd:
$Revision: 92453-07 linker linker crt0.o B.11.16.01
030415 $
useradd.c $Date: 2006/06/29 04:25:49 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
walkfs.c $Date: 2006/09/05 17:46:18 $Revision: r11.2
3/2 PATCH_11.23 (PHCO_35369)
/usr/sbin/userdel:
$Revision: 92453-07 linker linker crt0.o B.11.16.01
030415 $
userdel.c $Date: 2005/11/17 04:43:32 $Revision: r11.
23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/usermod:
$Revision: 92453-07 linker linker crt0.o B.11.16.01
030415 $
usermod.c $Date: 2007/01/24 08:14:53 $Revision: r11.
23/7 PATCH_11.23 (PHCO_35874)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
walkfs.c $Date: 2006/09/05 17:46:18 $Revision: r11.2
3/2 PATCH_11.23 (PHCO_35369)
/usr/sbin/groupdel:
$Revision: 92453-07 linker linker crt0.o B.11.16.01
030415 $
groupadd.c $Date: 2005/11/17 04:42:05 $Revision: r11
.23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
/usr/sbin/groupmod:
$Revision: 92453-07 linker linker crt0.o B.11.16.01
030415 $
groupadd.c $Date: 2005/11/17 04:42:05 $Revision: r11
.23/2 PATCH_11.23 (PHCO_33980)
ugm_cmn.c $Date: 2006/05/28 22:24:04 $Revision: r11.
23/6 PATCH_11.23 (PHCO_34764)
$Revision: @(#) ugm R11.23_BL2007_0125_2 PATCH_11.23
PHCO_35874
cksum(1) Output:
OS-Core.ADMN-ENG-A-MAN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,
v=HP:
425927007 5353 /usr/share/man/man1m.Z/useradd.1m
1338948687 2492 /usr/share/man/man1m.Z/userdel.1m
3650788557 4534 /usr/share/man/man1m.Z/usermod.1m
OS-Core.SYS-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA/PA,v=HP:
3057782414 3088 /usr/lib/nls/msg/C/ugm.cat
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP:
153612759 87644 /usr/sbin/groupadd
2298459781 165116 /usr/sbin/useradd
2102617162 98004 /usr/sbin/userdel
1363399034 155636 /usr/sbin/usermod
153612759 87644 /usr/sbin/groupdel
153612759 87644 /usr/sbin/groupmod
OS-Core.SYS2-ADMIN,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP:
2093918603 102400 /usr/sbin/groupadd
2639803229 126976 /usr/sbin/useradd
1608556994 102400 /usr/sbin/userdel
3883643984 122880 /usr/sbin/usermod
2093918603 102400 /usr/sbin/groupdel
2093918603 102400 /usr/sbin/groupmod
Patch Conflicts: None
Patch Dependencies: None
Hardware Dependencies: None
Other Dependencies: None
Supersedes:
PHCO_34764 PHCO_33980 PHCO_32253 PHCO_31566
Equivalent Patches: None
Patch Package Size: 430 KBytes
Installation Instructions:
Please review all instructions and the Hewlett-Packard
SupportLine User Guide or your Hewlett-Packard support terms
and conditions for precautions, scope of license,
restrictions, and, limitation of liability and warranties,
before installing this patch.
------------------------------------------------------------
1. Back up your system before installing a patch.
2. Login as root.
3. Copy the patch to the /tmp directory.
4. Move to the /tmp directory and unshar the patch:
cd /tmp
sh PHCO_35874
5. Run swinstall to install the patch:
swinstall -x autoreboot=true -x patch_match_target=true \
-s /tmp/PHCO_35874.depot
By default swinstall will archive the original software in
/var/adm/sw/save/PHCO_35874. If you do not wish to retain a
copy of the original software, include the patch_save_files
option in the swinstall command above:
-x patch_save_files=false
WARNING: If patch_save_files is false when a patch is installed,
the patch cannot be deinstalled. Please be careful
when using this feature.
For future reference, the contents of the PHCO_35874.text file is
available in the product readme:
swlist -l product -a readme -d @ /tmp/PHCO_35874.depot
To put this patch on a magnetic tape and install from the
tape drive, use the command:
dd if=/tmp/PHCO_35874.depot of=/dev/rmt/0m bs=2k
Special Installation Instructions:
The behaviour of usermod(1m) with -m option is undefined,
if the file /etc/default/usermod is present even when the
Restricted Movement of Home Directories feature is not
installed.
|
