DCE DCEECO1021 DCE V2.1 for DIGITAL UNIX ECO Summary
TITLE: DCE DCEECO1021 DCE V2.1 for DIGITAL UNIX ECO Summary
Modification Date: 20-NOV-98
Modification Type: New Kit
Copyright (c) Compaq Computer Corporation 1998. All rights reserved.
PRODUCT: Distributed Computing Environment (DCE) for DIGITAL UNIX
COMPONENTS: RPC
Security
Kerberos 5 Support
SIA
Distributed Time Service (DTS)
CDS
DCED
DFS
OP/SYS: DIGITAL UNIX [R]
SOURCE: Compaq Computer Corporation
ECO INFORMATION:
ECO Kit Name: DCEECO1021
ECO Kits Superseded by This ECO Kit: None
ECO Kit Approximate Size: 67340 Blocks
34478080 Bytes
Kit Applies To: DCE V2.1 on DIGITAL UNIX V4.0 - V4.0E
System/Cluster Reboot Necessary: No
Rolling Re-boot Supported: Information Not Available
Installation Rating: INSTALL_UNKNOWN
Kit Dependencies:
The following remedial kit(s) must be installed BEFORE
installation of this kit:
None
In order to receive all the corrections listed in this
kit, the following remedial kits should also be installed:
None
ECO KIT SUMMARY:
An ECO kit exists for DCE V2.1 on DIGITAL UNIX V4.0 through V4.0E. This
kit addresses the following problems:
Corrections to RPC:
o Previously, the timer event was being placed on the queue with a
stale timestamp. The problem was fixed by making a call to
rpc__clock_update() in rpc__timer_set_int() to get an accurate
timestamp for the event trigger. In addition, a test was removed
that determined whether to signal the timer loop in
rpc__timer_set_int() when the timer queue was empty.
o A correction was incorporated to allow the use of cluster service
addresses.
o This release adds a check_unsupported_ifs() function to check for
interfaces in RPC_UNSUPPORTED_NETIFS that should be avoided when
initializing DLI. The ifs are stored in the static variable
unsupported_if_list, and the number of unsupported ifs is stored in
the static variable int num_unsupported_ifs. A correction was
incorporated to allow the use of cluster service addresses.
o An array indexing problem in rpc_object_reference::fast_client_ping()
has been fixed. Under certain circumstances, the problem caused
memory corruptions in seemingly unrelated areas. Zeroing was also
added to enhance rpc_object_reference::init_client_ping_list().
o RPC runtime corrections made in this release allow an RPC
application to reject an unsupported authentication service. Prior
to this fix, a request for an unsupported authentication service
caused a core dump of the server.
Corrections to Security:
o A leak that affected secd was fixed by changes to dce_aud_commit.
o The component of the security server that handles invalid logins was
built using the assumption that pointers are 4 bytes long, which is
not true for Alpha systems. As a result, secd crashed on Alpha
systems when invalid login handling was enabled for a principal.
This problem was corrected.
o The secd lock manager was enhanced to ensure fair access for both
readers and writers on a heavily used system. The changes ensure
that a succession of readers does not indefinitely delay writers.
o Several memory leaks were fixed in the processing of DCE third-party
preauthentication data by a DCE security server. Prior to this fix,
secd leaked memory with every successful authentication.
Corrections to Kerberos 5 Support:
o A problem was fixed that was causing credentials acquisition during
an intercell dfs operation to take too long. Previously, in the
function krb5_get_cred_from_kdc, a pointer array was not initialized
correctly.
o A problem was fixed that had blocked the acquisition of a valid
ticket from the KDC if an expired matching ticket was present in the
cache. On the client, the DCE Kerberos ticket acquisition code
checks a cache of previously acquired tickets before requesting a
ticket from the KDC. If a matching ticket is found in the cache, it
is reused, and the KDC is not contacted. The matching process
previously failed to check whether a matching ticket in the cache
had expired. The presence of an expired matching ticket in the cache
could thus prevent the client from consulting the KDC for a valid,
non-expired ticket.
Corrections to SIA:
o A problem was corrected that caused the file matrix.conf to become
corrupted upon DCE reboot. In matrix.conf, the path was not
specified for the libsecurity.so entry. The full path is now
specified as: /usr/shlib/libsecurity.so.
o When a DCE group contains many members, a call to the getgrent
routine no longer results in a core dump of the calling program (for
example, ls -l).
o When DCE SIA is enabled, mailx no longer dumps core.
o Users will no longer experience inordinate delays at login when DCE
SIA is enabled. Previously, such delays occurred whenever the DCE
Registry contained many groups. The delays were caused by making one
remote procedure call per group to the security server to compute a
user's group memberships. The same information is now obtained by a
single remote procedure call to the security server.
o When DCE SIA is enabled, the login program performs a DCE
authentication. If the authentication succeeds, the environment
variable KRB5CCNAME should be set so that programs running within
the login environment can inherit the authenticated user's DCE
credentials. Previously, the value of KRB5CCNAME was not preserved
in the login environment. A fix in this release ensures that
KRB5CCNAME is preserved.
o Previously, when DCE SIA was enabled, a user with an entry in the
passwd_override file was incorrectly prevented from logging in to
the local system (in addition to being correctly denied DCE
credentials). This problem has been fixed.
o The DCE SIA group information server (proxied by dced) now employs
the group override facility to localize group information obtained
from the DCE registry. Prior to this fix, group overrides were not
considered when a user's group memberships were returned from the
registry. As a result of this change, the group override facility
can be used to constrain or modify a user's DCE group memberships to
satisfy local machine security policy.
Group override processing by the DCE SIA group information server
had been inadvertently disabled as the result of a patch distributed
to speed up integrated logins where the registry contains many
groups. The fix in this ECO preserves the performance improvements
provided by the patch while restoring and improving group
processing. Group password and gid overrides are now handled
correctly.
Corrections to Distributed Time Service:
o Minor changes were applied to the following files to improve memory
cleanup: time/service/mgtrpc.c
time/service/time_request.c
time/service/transport_rpc.c
time/service/dtss_service_main.c
time/service_dtss_service_global_set.c
time/service/dtss_service_state.c
o Previously, a few DTS functions handled NULL parameters incorrectly.
The problem was corrected.
o Several changes were made to ParseTime to comply with Year 2000
requirements and to allow for correct leap year calculation in the
Year 2000.
Corrections to CDS:
o A problem was corrected in the dcecp directory synchronize command
that was causing directory synchronization to fail. An error was
found in the syntax used by dcecp when it employed the cdscp set dir
to new epoch command in the directory synchronization process.
o A change made to CDS allows it to handle arbitrarily large output
results. The maximum size of the output buffer passed to readentry
is now reduced by the size of the area reserved for the progress
record. This change eliminates problems such as limitations on the
number of member names an nsi group could contain.
o The dcecp clearinghouse repair command was fixed. The command no
longer returns the error, "Clearinghouse exists but it not
available," after a successful clearinghouse repair.
Corrections to DCED:
o A change was incorporated to prevent the loss of diagnostic
information when DCE is restarted. Previously, whenever dced was
restarted, it recreated the log file used to record its error
messages. Dced now creates a log file only if one does not exist.
When a log file exists, dced appends all new output to the existing
file.
o The dced concurrent lock manager was modified so that it is no
longer vulnerable to thread cancellation. Previously, if a dced
thread was canceled while in the process of acquiring or releasing a
lock, the lock manager would deadlock on any subsequent lock
operations, resulting in a hang of the calling thread, and
ultimately of the dced process.
The use of concurrent locks by dced to serialize reading of the
password and override files was made cancel and exception-safe.
Prior to this fix, a thread that was canceled or that encountered an
exception while holding an override lock would neglect to free the
lock for use by other threads. Once an override lock was lost,
requests by clients for override service from dced would hang at the
server (dced), waiting for a lock. This was especially problematic
with the DCE SIA mechanism configured for integrated login, as it
could result in an inability to log in to the machine or perform a
certified DCE authentication.
Corrections to DFS:
o This ECO1 release includes a fix for a dfsbind core dump.
NOTE: All of the following DFS corrections require rebuilding a kernel
and rebooting.
o A fix was completed that restricts the range of UDP ports used by
DFS. Part one of the implementation was included in the Version 2.1
release: dfsbind reads an environment variable, RPC_RESTRICTED_PORTS,
and passes the restriction down to the kernel. This ECO1 release
includes part two of the fix: the kernel allocates ports in
accordance with the restriction. This fix affects dcedfs.mod.
o This release includes a fix for the premature umask application to
the mode bits before they are passed to the server. This fix works
in conjunction with changes incorporated into DIGITAL UNIX V4.0D. It
affects dcedfs.mod.
If you are running a version of DIGITAL UNIX earlier than 4.0D, do
not attempt to apply this fix. An appropriate patch for versions
earlier than 4.0D is under development.
If you do not need the umask fix, no action is required.
If you are running V4.0D of DIGITAL UNIX or higher and need the
umask fix, apply it using the following procedure:
1. Enter:
dbx -k /vmunix
patch dfs_umask_rawmode_fix_present = 1
quit
2. Verify that the change has been made:
dbx -k /vmunix
print dfs_umask_rawmode_fix_present
{THIS SHOULD PRINT 1}
quit
3. Reboot.
o The Cache Manager now passes through the setuid/setgid mode bits of
directories without changing the bits. These bits still get turned
off on regular files unless the client explicitly enables the
capability to leave the bits unchanged. This capability can be set
on a fileset with the cm setsetuid command. This change affects
dcedfs.mod.
o This release includes a change to the token expiration time of
freely given tokens. The change was made in response to a problem
that caused clients to hang occasionally for approximately 4
minutes, and then return a communications failure. The change
affects dcedfs.mod.
o Because of insufficient locking, it was previously possible for
requests from the kernel to the dfsbind process to be lost.
Eventually the kernel would run out of request space and hang. Two
fixes were made:
1. Sufficient locking was added to prevent the loss of requests.
2. The request queue is periodically pruned of old requests. This
enables the administrator to restart dfsbind only, instead of
all of DFS, in the event of a problem, and to reclaim the
resources that the kernel was using.
INSTALLATION NOTES:
Follow these steps to install the DCE for DIGITAL UNIX V2.1 ECO1 kit.
1. Verify a successful installation of DCE for DIGITAL UNIX V2.1 before
installing the ECO1 kit.
2. Untar the ECO1 kit into a local directory, using the following command:
% tar xvf /DCEECO1021.tar
3. Use the setld procedure to start the installation procedure:
% setld -l ./output
4. Select the subsets to install from the following choices:
DCERTSECO1021
DCEADKECO1021
DCEDFSECO1021
DCESECECO1021
DCECDSECO1021
DCEDFSBINECO1021
To install multiple subsets, enter the number of each subset
followed by a space. Use a hyphen between numbers to indicate a
range of subsets.
An example of the installation screen is in the ECO kit Cover Letter.
5. After the installation completes successfully, restart DCE by
entering the following command:
% /usr/sbin/dcesetup restart
[R] UNIX is a registered trademark in the United States and other
countries, licensed exclusively through X/Open Company Ltd.
All other trademarks are the property of their respective owners.
Files on this server are as follows:
dceeco1021.README
dceeco1021.CHKSUM
dceeco1021.CVRLET_TXT
dceeco1021.tar
|