Patch-ID# 104593-04 Keywords: auditreduce audit option -u -j token window SIGWINCH y2000 pathname Synopsis: Trusted Solaris 1.2: Auditreduce patch Date: May/05/99 Solaris Release: Trusted Solaris 1.2 SunOS Release: Unbundled Product: Unbundled Release: Relevant Architectures: sun4 sun4c sun4m BugId's fixed with this patch: 4024600 4067945 4128648 4153132 4216307 Changes incorporated in this version: 4216307 Patches accumulated and obsoleted by this patch: 104593-03 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: README - This file. install_patch - Script to install the appropriate patch components for the machine on which it is run. nis_master..tar.Z - Patches for NIS master machines for each supported architecture. nis_client..tar.Z - Patches for NIS client machines for each supported architecture. diskless..tar.Z - Patches for diskless machines for each supported architecture. Problem Description: THIS PATCH DOES NOT APPLY TO 4.1.1, 4.1.2, 4.1.3, 4.1.3_U1, CMW 1.0, OR TRUSTED SOLARIS 1.1 SYSTEMS. This patch contains a fix for the following bug(s): Note: In the following lists of files, the export/exec path prefix is used to load files into the appropriate places on the machine. For example, export/exec/kvm/ is used to refer to /usr/kvm on a machine where is the native architecture. Bug: 4024600 Desc: replaced code for command line option "-j" which was removed in version 3.6 of "option.c". Esc. 508177 Bug: 4067945 Desc: auditreduce catches and terminates on benign signals. Change back default action for SIGWINCH, SIGTTOU, SIGTTIN, rather than catch them and terminate. Esc. 514017 Bug: 4128648 Desc: audit reduce "-u" flag matches uid on attribute tokens, in addition to matching auid on subject tokens. Change attribute record code to match on "-e" flag (effective instead of "-u" flag (audit uids). Esc. 514299 Bug: 4153132 Desc: auditreduce does not recognize 2/29/2000 Bug: 4216307 Desc: auditreduce can SEGV on long pathnames, because buffers are statically allocated, and max. length is not checked. Read long pathnames incrementally and/or use dynamic allocation of buffers. Check for very long pathnames which result in no string being written to audit trail. Files: etc/auditreduce etc/praudit Patch Installation Instructions: 1. Boot the machine single user, clean the disks, and start a csh(1). > b -s or ok boot -s # fsck -f -p # exec csh # source /.cshrc # source /.login 2. Load this patch in a location that has disk space. This example assumes that /var is a separate partition and that the patch is delivered on tape. # mount /var # cd /var # mkdir -p patches/ # cd patches/ # tar xvf /dev/rst0 3. Install the patch and check the "log" for errors. # ./install_patch |& tee log # vi log 4. Reboot the machine. # cd / # umount -at cfs # sync; sync; sync; reboot