PHCO_36429 s700_800 11.23 pwgrd(1M)累積パッチ

パッチ名:   PHCO_36429

パッチ摘要: s700_800 11.23 pwgrd(1M)累積パッチ

作成日:  07/05/21

公開日:  07/06/12

ハードウェアプラットフォームおよびOSリリース:

	s700: 11.23
	s800: 11.23

現象:

	PHCO_36429:

	(SR:8606451660 CR:JAGag08582)
	LDAPから長いグループエントリを受信すると、pwgrd(1M)デーモンがハングす
	るか、デーモンのパフォーマンスが低下します。

問題点の説明:

	PHCO_36429:

	(SR:8606451660 CR:JAGag08582)
	要求されたグループエントリがLINE_MAXを超えていると、pwgrd(1M)デーモン
	が以下のいずれかの状態になっていました。

	1. 要求されたエントリをクライアントに送信できません。そのため、クライ
	   アントがタイムアウトになり、要求されたエントリをフェッチするlibcに
	   フォールバックします。その結果、長いグループエントリが何度も要求さ
	   れると、pwgrd(1M)デーモンのパフォーマンスが低下します。

	または

	2. pwgrd(1M)デーモンが無限ループに入り、結果的に、デーモンが矛盾した状
	   態になるため、その後、他の要求を処理できません。この場合、pwgrd(1M)
	   デーモンのCPU使用率が極端に高くなります。

	解決方法:
	この問題を解決するようにpwgrd(1M)のコードを修正しました。

-----------------------------------------------------------------------------
Patch Name: PHCO_36429

Patch Description: s700_800 11.23 pwgrd(1M) cumulative patch

Creation Date: 07/05/21

Post Date: 07/06/12

Hardware Platforms - OS Releases: 
	s700: 11.23
	s800: 11.23

Products: N/A

Filesets: 
	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP
	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP

Automatic Reboot?: No

Status: General Release

Critical: 
	Yes
	PHCO_36429: HANG

Category Tags: 
	defect_repair enhancement general_release critical
	halts_system

Path Name: /hp-ux_patches/s700_800/11.X/PHCO_36429

Symptoms: 
	PHCO_36429:
	( SR:8606451660 CR:JAGag08582 )
	pwgrd(1M) daemon either hangs or gives degradation in
	performance on receiving a long group entry from LDAP.

	PHCO_33978:
	( SR:8606413966 CR:JAGaf73825 )
	This product update is required to pre-enable the
	adjustment of a system configurable limit.

	PHCO_31560:
	( SR:8606349628 CR:JAGaf10445 )
	If pwgrd(1M) daemon is running, getpwnam(3C) and
	getpwuid(3C) return encrypted password that are
	truncated to 13 characters, under certain circumstances.

	( SR:8606354031 CR:JAGaf14825 )
	pwgrd(1M) is not creating the /var/spool/sockets/pwgr
	directory with sticky bit set.

	PHCO_30244:
	( SR:8606338529 CR:JAGae99482 )
	If pwgrd(1M) daemon is running, getpwnam(3C) and
	getpwuid(3C) return encrypted password that are
	truncated to 13 characters, under certain circumstances.

Defect Description: 
	PHCO_36429:
	( SR:8606451660 CR:JAGag08582 )
	pwgrd(1M) daemon shows either of the following behaviours,
	if the requested group entry exceeds LINE_MAX.

	1. It is unable to transmit the requested entry to the
	   client. This causes the client to time out and fall
	   back to libc for fetching requested entry. If the
	   long group entry is requested many times, it results in
	   poor performance from pwgrd(1M) daemon.
	Or

	2. It starts looping indefinitely and as the result daemon
	   goes into inconsistent state after which it is unable
	   to serve any other request. This causes enormous
	   increase in CPU usage for the pwgrd(1M) daemon.

	Resolution:
	pwgrd(1M) is modified to solve the problem.

	PHCO_33978:
	( SR:8606413966 CR:JAGaf73825 )
	This product update contains minor enhancements required to
	pre-enable the adjustment of a system configurable limit.

	Resolution:
	pwgrd(1m) is enhanced to address the adjustment in the
	system configurable limit.

	PHCO_31560:
	( SR:8606349628 CR:JAGaf10445 )
	getpwnam(3C) and getpwuid(3C) return initial 13 characters
	of the encrypted password.
	If  the  pwgrd(1M)  daemon  is  running, getpwnam(3C) and
	getpwuid(3C)  collect the  user  information  through the
	pwgrd(1M)  daemon. pwgrd(1M) caches  only the  initial 13
	characters of the encrypted password, if the user details
	are available from source other than /etc/passwd (eg. NIS).

	Resolution:
	pwgrd(1M) has been modified to cache the complete password
	string instead of truncating it.

	( SR:8606354031 CR:JAGaf14825 )
	pwgrd(1M) is not setting the sticky bit for the directory
	/var/spool/sockets/pwgr, as a result any user can delete
	the files in this directory since the directory has world
	read-write permission.

	Resolution:
	pwgrd(1M) has been modified to create the directory
	/var/spool/sockets/pwgr with sticky bit.

	PHCO_30244:
	( SR:8606338529 CR:JAGae99482 )
	getpwnam(3C) and getpwuid(3C) return initial 13 characters
	of the encrypted password.
	If  the  pwgrd(1M)  daemon  is  running, getpwnam(3C) and
	getpwuid(3C)  collect the  user  information  through the
	pwgrd(1M)  daemon. pwgrd(1M) caches  only the  initial 13
	characters of the encrypted password, if the user details
	are available from source other than /etc/passwd (eg. NIS).

	Resolution:
	pwgrd(1M) has been modified to cache the complete password
	string instead of truncating it.

Enhancement: 
	No (superseded patches contained enhancements)
	PHCO_33978:
		Pre-enablement of the adjustment of a system
		configurable limit.

SR: 
	8606451660 8606413966 8606338529 8606349628 8606354031

Patch Files: 
	
	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP:
	/usr/sbin/pwgrd

	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP:
	/usr/sbin/pwgrd

what(1) Output: 
	
	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP:
	/usr/sbin/pwgrd:
		main.c $Date: 2005/11/22 03:26:42 $Revision: r11.23/
			2 PATCH_11.23 (PHCO_33978)
		server.c $Date: 2007/04/11 20:51:52 $Revision: r11.2
			3/2 PATCH_11.23 (PHCO_36429)
		string_lst.c $Date: 2005/11/16 20:07:43 $Revision: r
			11.23/1 PATCH_11.23 (PHCO_33978)
		$Revision: @(#) pwgr R11.23_BL2007_0521_6 PATCH_11.2
			3 PHCO_36429

	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP:
	/usr/sbin/pwgrd:
		$Revision: 92453-07 linker linker crt0.o B.11.16.01 
			030415 $
		main.c $Date: 2005/11/22 03:26:42 $Revision: r11.23/
			2 PATCH_11.23 (PHCO_33978)
		server.c $Date: 2007/04/11 20:51:52 $Revision: r11.2
			3/2 PATCH_11.23 (PHCO_36429)
		string_lst.c $Date: 2005/11/16 20:07:43 $Revision: r
			11.23/1 PATCH_11.23 (PHCO_33978)
		$Revision: @(#) pwgr R11.23_BL2007_0521_6 PATCH_11.2
			3 PHCO_36429

cksum(1) Output: 
	
	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP:
	1026998774 135940 /usr/sbin/pwgrd

	OS-Core.UX2-CORE,fr=B.11.23,fa=HP-UX_B.11.23_PA,v=HP:
	1829224201 57344 /usr/sbin/pwgrd

Patch Conflicts: None

Patch Dependencies: None

Hardware Dependencies: None

Other Dependencies: None

Supersedes: 
	PHCO_33978 PHCO_31560 PHCO_30244

Equivalent Patches: None

Patch Package Size: 110 KBytes

Installation Instructions: 
	Please review all instructions and the Hewlett-Packard
	SupportLine User Guide or your Hewlett-Packard support terms
	and conditions for precautions, scope of license,
	restrictions, and, limitation of liability and warranties,
	before installing this patch.
	------------------------------------------------------------
	1. Back up your system before installing a patch.

	2. Login as root.

	3. Copy the patch to the /tmp directory.

	4. Move to the /tmp directory and unshar the patch:

		cd /tmp
		sh PHCO_36429

	5. Run swinstall to install the patch:

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -s /tmp/PHCO_36429.depot

	By default swinstall will archive the original software in 
	/var/adm/sw/save/PHCO_36429.  If you do not wish to retain a
	copy of the original software, include the patch_save_files
	option in the swinstall command above:

		-x patch_save_files=false

	WARNING: If patch_save_files is false when a patch is installed,
		 the patch cannot be deinstalled.  Please be careful
		 when using this feature.

	For future reference, the contents of the PHCO_36429.text file is 
	available in the product readme:

		swlist -l product -a readme -d @ /tmp/PHCO_36429.depot

	To put this patch on a magnetic tape and install from the
	tape drive, use the command:

		dd if=/tmp/PHCO_36429.depot of=/dev/rmt/0m bs=2k

Special Installation Instructions: None