HP Tru64 UNIX and TruCluster Server Version 5.
© Copyright 2009 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents About This Manual......................................................................................................................13 Audience.............................................................................................................................13 Organization.......................................................................................................................13 Related Documentation................................................................
2.2.1.10 Possible Errors Seen After Kit Installation..................................................28 2.2.1.11 Message Seen During Reboot Can Be Ignored...........................................28 2.2.2 Kit Removal Release Notes...................................................................................28 2.2.2.1 Some Patch Kits Cannot Be Removed...........................................................28 2.2.2.2 Changes to System May Need to Be Reversed..........................................
3.2.1.3 Link Aggregation Extended to Cluster LAN Interconnects.........................40 3.2.1.4 NetRAIN over LAG Supported....................................................................41 3.2.1.5 Support Provided for 2007 Changes to U.S. Daylight Savings Time...........41 3.2.1.6 BIND Updated to Version 9.2.5.....................................................................41 3.2.1.7 Library Calls for Fibre Channel HBA Added...............................................42 3.2.1.
3.2.1.34 New Tunable Attribute Corrects NetRAIN Failover Problem....................57 3.2.1.35 New Attribute Controls Tape Driver Path Control.....................................57 3.2.1.36 pr Command Behavior Now Works as Described in Reference Page........58 3.2.1.37 Kit's Session Log Made More Useful..........................................................58 3.2.1.38 Sys_Check Version 143 Provided................................................................58 3.2.1.
3.2.2.19 Potential NFS Duplicate Request Cache Scalability Limitation with High Loads and Uncharacteristic File Access Behavior on Clustered NFS Servers.........70 3.2.2.20 Tuning the NFS Server Duplicate Request Cache.......................................72 3.2.2.21 Performance of hwmgr Commands on Large System Configurations......72 3.2.2.22 LSM Spin Lock Issue...................................................................................73 3.2.2.
4.2.13.2 Correcting the problem.............................................................................211 4.2.14 File System Unmount Recommended if Message Is Displayed.......................213 4.2.15 Tunable Attribute May Help Performance Problem.........................................214 4.2.16 AlphaServer ES47 or AlphaServer GS1280 Hangs When Added to Cluster....215 4.2.17 Problems with clu_upgrade Switch Stage.........................................................215 4.2.
C.2.1.5 srclib\apr\passwd\apr_md5.c Component..............................................270 C.2.1.6 apr_md5_encode() Routine Component....................................................271 C.2.1.7 srclib\apr-util\crypto\apr_md4.c Component.........................................271 C.2.1.8 srclib\apr-util\include\apr_md4.h Component.......................................271 C.2.1.9 srclib\apr-util\test\testdbm.c Component...............................................272 C.2.1.
List of Figures A-1 10 Enhanced Distance Cluster Configuration................................................................
List of Tables 3-1 3-2 6-1 6-2 6-3 6-4 6-5 6-6 6-7 6-8 6-9 A-1 Reference Pages Revised for Version 5.1B-5...............................................................78 Reference Pages Revised in Previous Version 5.1B Patch Kits....................................79 Superseded CSPs 01936.01 to 02355.00.....................................................................242 Superseded CSPs 00021.00 to 00283.00.....................................................................243 Superseded CSPs 00283.
About This Manual This manual contains information specific to Version 5.1B-5 of the Tru64 UNIX® operating system, TruCluster Server software, and Worldwide Language Support products. It briefly describes the patches contained in this kit and provides information you should be aware of when installing or removing this kit. Audience This manual is for those who upgrade their operating system to Tru64 UNIX Version 5.1B-5.
• Technical Updates for the Version 5.1B and Higher Operating System and Patches This online supplement reports any information about restrictions and problems that may have been discovered since the release of the Version 5.1B operating system and its patch kits. http://h30097.www3.hp.com/docs/updates/V51B/html/index.html • Patch Kit Installation Instructions http://h30097.www3.hp.com/docs/patch/install/HTML/TITLE.HTM • Patching Best Practice http://h30097.www3.hp.
• To visit our Business Support Center: http://h20000.www2.hp.com/bizsupport/TechSupport/Home.jsp • To visit the Tru64 UNIX homepage: http://h30097.www3.hp.com/ HP Encourages Your Comments We welcome any comments and suggestions you have on this and other Tru64 UNIX documentation. You can send your comments using the following website: http://h30097.www3.hp.com/ comments.
1 Enhancements, Improvements, and Features This chapter describes key new features, enhancements, and improvements delivered in Version 5.1B-5. 1.1 Performance Improvement for TCP Applications The TCP selective acknowledgment feature is enabled by default. When the selective acknowledgments feature is enabled, the data receiver can inform the sender about all the segments that were received successfully, so that the sender needs to retransmit only those segments that were lost.
3. 4. Notify the user upon disk full state to clear the disk space and restart the binlogd daemon. Provide crash extensions to dump .blbuf and the newly introduced track framework data structures. 1.
5. interconnect without a reboot, requires a change in the ics0 interface's MTU as well. The ICSNET optimization feature is not supported in configurations where cluster interconnects are configured as VLAN (virtual LAN). 1.7 sys_Check upgraded to version 145 This kit includes sys_Check Version 145. However, HP recommends that you visit the sys_check website to download and install the latest version of sys_check: http://h30097.www3.hp.com/sys_check/ 1.
The announcement can be found at: http://www.telam.com.ar/vernota.php?tipo=N&idPub=87481&id=201230&sec=1&dis=1. There are similar updates to the DST of Canada, Bahamas, Bermuda, Brazil, and Uruguay in V5.1B-5. 1.9 BIND Updated to Version 9.2.8 This kit replaces the current version of BIND Version 9.2.5 with BIND Version 9.2.8. BIND 9.2.8 fixes the security issues that were faced in the BIND 9.2.5 version. 1.10 Updated Tru64 UNIX Documentation on docs.hp.com Starting with Tru64 UNIX V5.
2 Kit Installation and Removal This chapter provides information you need to be aware of before you install or remove this kit. It is organized as follows: • The “Required Storage Space” section lists the approximate storage space requirements for this patch kit when installing the operating system patches alone and in combination with the TruCluster Server and Worldwide Language Support (WLS) patches.
3.4 MB for Tru64 UNIX, TruCluster Server, and WLS subset • Approximately 200 KB of storage space is needed in /usr/sbin/dupatch for the patch management utility. For more information, see the Patch Kit Installation Instructions. 2.2 Important Kit Installation and Removal Release Notes The release notes in this section provide information you need to be aware of when installing or removing this kit. Notes indicated as “(new)” do not appear in the release notes that shipped with prior 5.1B versions.
patches be re-installed after 5.1B-5 update. The CPQIM kit is available at: http:// h30097.www3.hp.com/cma/ The CPQIM patches are available at: http://h30097.www3.hp.com/cma/patches.html NOTE: See the section “Insight Manager Components DUMP Core” (page 64) for information about a potential problem with Insight Management Agents that can occur after Version 5.1B-5 is installed. 2.2.1.2.1 Some Insight Management Agents Kits May Prevent V5.
4. 5. Phase 5 reports patches that do not pass installation applicability tests due to the current state of your system. The installation of Patch 28020.00 was prevented because of changed system files. The dupatch utility reports the known information about the files contained in each patch and asks if you want to enable the installation. Answering yes, enables dupatch to install patches that were prevented from being installed due to unknown files. Install Version 5.1B-5.
If you did not back up the snmpd file before installing V5.1B-5, you can modify the file after the installation, as described in “Some Insight Management Agents Kits May Prevent V5.1B-5 Installation (revised).” 2.2.1.3 Stop sendmail Before Installing Kit It is important that you stop the sendmail mailer daemon before installing this kit. Failing to do so can lead to the loss of queued mails. Lost mails cannot be recovered. To stop the daemon, enter the following command: # /sbin/init.d/sendmail stop 2.2.1.
2.2.1.5 inetd Daemon Restart Required Because of changes made to the Internet services daemon introduced in this release, you need to stop and then restart inetd after installing or removing this kit. You can do this from the command line or by using the sysman application. From the command line, enter the following commands: # /sbin/init.d/inetd stop # /sbin/init.d/inetd start Failure to do this will result in an older version of inetd running on your system. 2.2.1.
to activate that domain will fail. This includes mounting filesets from the affected domain. Following a system upgrade to Version 5.1B-4 or higher, the problem can occur after all the filesets in a domain are unmounted. (The problem will not occur as long as the filesets remain mounted.) The solution is to use the fixfdmn utility to correct the problem.
# /usr/sbin/showfile mountpoint/.tags/M-6 Id Vol PgSz Pages XtntType fffffffa.0000 1 16 1 simple Segs ** SegSz ** I/O ftx Perf 100% File M-6 See the fixfdmn(8), showfile(8), and showfile(8) reference pages for information about using these commands. 2.2.1.10 Possible Errors Seen After Kit Installation The following problems have been known to occur after Version 5.
• The patch kit you want to remove was installed before the NHD (New Hardware Delivery) kit. For example, if you installed Patch Kit 2 and then installed NHD-7, you cannot remove that patch kit. However, if you later installed Patch Kit 4, you can remove that patch kit. • The patch kit was installed with NHD-7. Beginning with the release of Patch Kit 3, patch kits were incorporated into the NHD-7 kits. As a result, when you installed NHD-7, you automatically installed the current patch kit.
NOTE: Because the no-roll procedure automatically reboots the system after deleting the patches, you cannot use this method to delete this patch kit if doing so returns your system to a pre-patched state. Failing to run this script will result in your system being unable to boot normally. If this occurs, do the following: 1. Boot your system in single-user mode: >>> boot -fl s 2. Run the script: # /etc/dn_fix_dat.sh 3. Reboot normally.
. . You can ignore this message. In all cases, the subsets will be installed correctly. See “Cluster Cloning Offers Alternative to No-Roll Patching” (page 40) for an introduction to dupclone. 2.2.3.
1. 2. 3. Reinstall the operating system on the standalone system. Run the clu_create command and bring the standalone system as a cluster node. Apply all base and cluster patches. 2.2.3.4 Disable vfast Utility if Running On Cluster Domains If the vfast utility is running on the TruCluster domains cluster_root and cluster_var, deactivate it on the domains before installing or removing this kit.
2.2.3.7 Enabling the Version Switch After Installation Some patches require you to run the versw -switch command to enable the new functions delivered in those patches. (See the Patch Kit Installation Instructions for information about version switches.) Enter the command as follows after dupatch has completed the installation process: # versw -switch The new functionality will not be available until after you reboot your system.
2.2.3.10 Do Not Install Prior NHD Kits on a Patched System Do not install the NHD–5 or NHD–6 kits on your TruCluster Server system if you have installed this patch kit or earlier patch kits. Doing so may cause an incorrect system configuration. The installation code for these new hardware delivery kits does not correctly preserve some cluster subset files.
3 Tru64 UNIX Patches This chapter provides information about the patches included in Version 5.1B-5 for the base operating system. It also includes any general information about working with these patches. This chapter is organized as follows: • The “New Release Notes” section lists release notes that are specific to the Tru64 UNIX patches in this kit, as well as release notes that are of general interest. • The “Prior Release Notes” section lists release notes listed from the initial Version 5.
3.1.3 Support for Evaluating String Comparison Expressions as per POSIX Standards The sh-posix built-in test is modified to evaluate string expressions as per the POSIX standard and can interpret "(" and "!" as operands in a string comparison operation. To produce this POSIX compliant action, set the STDS_FLAG environment variable to ALL: STDS_FLAG=ALL If STDS_FLAG is not set or is set to NULL, the test function interprets "(" and "!" as operators in string comparison and reports wrong result.
On a cluster this tunable must be set on all the cluster members. 3.1.6 New rc.config Variables to Hide User Process Arguments and Environmental Variables for ps and w Commands By default, the ps command displays a process's arguments and the ps e command displays a process's environmental variables. You can prevent users from viewing the arguments and environmental variables of other users' processes. To hide user process arguments and variables, enable the variables in the /etc/rc.config.
tunable pwrite_no_append (in VFS subsystem) has to be set to 1 to enable this behavior. 3.1.11 smmsp User and Group Not Required for sendmail The smmsp user, group, and the /usr/var/spool/clientmqueue directory were created as a future requirement for sendmail in the previous patch release v5.1B-4. Because, sendmail is not smmsp enabled, the smmsp user, group, and /usr/var/ spool/clientmqueue will no longer be required.
3.1.13 Version 5.1B-5 Kit Requires Uninstallation of Internet Express System Authentication LDAP Module (IAELDAMXXX) The Version 5.1 B-5 patch kit installation fails if the Internet Express System Authentication LDAP Module (IAELDAMXXX) is installed on the system. To install the Version 5.1 B-5 patch kit, perform the following steps: 1. Uninstall Internet Express System Authentication LDAP Module (IAELDAMXXX). For example, set1d -d IAELDAMXXX where, XXX stands for the IAELDAM version. 2. 3.
3.2.1.2 Cluster Cloning Offers Alternative to No-Roll Patching This kit provides a new installation method, generically referred to as cloning, using a new tool named dupclone . The process consists of two primary steps: • Creating an exact duplicate of an existing system on an alternate set of disk drives. • Using dupclone to install the patch kit to the alternate disk set. After completion, the system can immediately be rebooted using the alternate disks.
• • Ports in the same link aggregation group must operate at the same data rate. Ports in a link aggregation group must be attached to the same system, either server-to-server or server-to-switch. Link aggregation enables system administrators to combine two or more physical Ethernet Network Interface Cards (NICs) and create a single virtual link. Upper-layer software sees this link aggregation group as a single virtual interface for example: lag0.
version from the Internet Software Consortium represents a major rewrite of nearly all aspects of the underlying BIND architecture.
• HBA_CloseAdapter • HBA_GetAdapterAttributes • HBA_GetAdapterPortAttributes • HBA_GetDiscoveredPortAttributes • HBA_GetPortAttributesByWWN • HBA_GetPortStatistics • HBA_GetBindingCapability • HBA_GetBindingSupport • HBA_SetBindingSupport • HBA_GetFcpTargetMapping • HBA_GetFcpTargetMappingV2 • HBA_GetFcpPersistentBinding • HBA_SendScsiInquiry • HBA_ScsiInquiryV2 • HBA_SendReportLUNs • HBA_ScsiReportLunsV2 • HBA_SendReadCapacity • HBA_ScsiReadCapacityV2 For information about each of these APIs, see the Stora
The Version 8.13.6 sendmail server provides advanced features, including the following: • • • • Masquerading Virtual domain hosting Restricted relaying Milter functionality NOTE: These features can be configured only with the sendmail provided with the HP Tru64 Internet Express Software distribution. A new account, smmsp, is created as part of the sendmail installation process. This account is required for future enhancements of sendmail. You can find information about sendmail Version 8.13.
3.2.1.12 envmond Daemon Modified to Use EVM Events The envmond daemon has been modified to allow it to use EVM events instead of the hwmgr command to determine the environmental status of the system. On systems with many sensors, this improvement may reduce or eliminate previously seen performance problems. By default, envmond is configured to use the hwmgr command (the poll method) for environmental monitoring.
3.2.1.14 Command Option Now Provides Additional EMX Driver Information After installing this kit, issuing the following command for an EMX adapter will return the hardware revision, firmware revision, SAN address, and full duplex flag attributes: # hwmgr -get att 3.2.1.15 New EMX Subsystem Attribute Turns on LLER for Tape I/O This release provides a new attribute, erp_ller, to the EMX subsystem that allows you to turn on Link Level Error Recovery (LLER) for tape I/O.
In the Requirements for Internet Protocol (IP) Version 4 Routers (RFC 1812), research suggests that the use of ICMP Source Quench packets is an ineffective (and unfair) antidote for congestion. HP therefore recommends using the icmp_rejectcodemask attribute to ignore ICMP Source Quench packets. The ICMP type codes are in /usr/include/netinet/ip_icmp.h.
3.2.1.19 Environment Variable Improves btcreate Kernel Build This kit provides the means to allow the btcreate command to build the kernel with all options. Currently, if the kernel built with the current system configuration exceeds the firmware limit, btcreate will remove all options except DVDFS and CDFS. If the newly built kernel with CDFS and DVDFS also fails, btcreate then builds a kernel with mandatory options alone.
3.2.1.22 New Features Added to kdbx Debugger The kdbx command has been enhanced in several ways: • A new cluster alias extension, clua, has been added to provide information about cluster aliases. • New options, -s and -v, have been added to the netstat extension to expand it usefulness: — The -s option, when used alone, displays protocol statistics for all configured interfaces. When used with the -i option, -s displays interface statistics for all configured interfaces.
3.2.1.24 New disklabel Command Option Expands Partitions A new option to the disklabel command lets you extend a partition that is currently in use. This option, F, is used with the -e option as follows: # /sbin/disklabel -e -F disk For more information, see the revised disklabel(8) reference page included in this kit. 3.2.1.25 Commands Modified to Conform to POSIX Standard The following Tru64 UNIX commands have been modified to conform to the POSIX standard.
If STDS_FLAG is not set or is set to NULL, awk interprets this use of numbers and the equal sign as numeric strings when specified as arguments to “program text.” This was the default action before these commands were modified. 3.2.1.25.3 Changes to chmod The chmod command has been modified to force it to consider the umask when the who(ugoa) argument is not specified.
If STDS_FLAG is not set or is set to NULL, find will treat the first hyphen as special and exit with an error. This was the default action before find was modified. 3.2.1.25.7 Changes to rm The rm command has been modified to handle an excessive depth of files. Even if the pathname is longer than PATH_MAX by multiple times, rm will delete the directory with all its subdirectories and exit with value 0.
See the revised sys_attris_generic(5) reference page delivered in this kit for more information. Refer to the standards(5) reference page for more information about industry standards and associated tags. 3.2.1.26.
of POLLWRBAND is in play. By default, this bit in std_unix98 is not set, so poll( ) will behave the same way as it does today. See the revised poll(2) reference page delivered in this kit. 3.2.1.27 New I/O Subsystem Attributes Can Improve Booting Speed Three new I/O subsystem attributes control path registration during the boot process, allowing systems with multiple paths to a large number of devices to boot faster. The following list provides a brief description of these attributes.
3.2.1.28 New Attributes Added to NFS and RPC Subsystems Several new tunable attributes have been added to the NFS server subsystem, nfs_server, the NFS client subsystem, nfs, and the Remote Procedure Call (RPC) subsystem, rpc Previously, the configurations produced by these attributes could only be changed by using the dbx command. Now, you can easily use and modify these kernel subsystem configurations with the sysconfig command. The following list provides a brief description of these new attributes.
— use_fastsend Enables or disables the optimization of client and server code used by NFS over UDP. — use_fastroute Enables or disables improved fastsend optimization that affect the NFS server. 3.2.1.29 New cam Attribute Controls Path Usage A new attribute, cam_ccfg_aa_enable, has been added to the cam subsystem to control preferred path usage.
For more information about the custom_gated option, see the revised cluamgr(8) reference page included in this kit. 3.2.1.32 fsdb Utility Now Operates on File System Image The fsdb utility is now capable of operating on a file system image as well as a special file. The name argument will first be processed as a special file; should that fail, it will be processed as a regular file. To avoid conflict, an optional f argument will force the name argument to be processed only as a regular file.
The following steps will prevent this problem from occurring: • Before performing a backup, reserve the device and lock down the path as follows: # mt -f /dev/ntape/tape0 reserve • After performing the backup, release the device and unlock the path as follows: # mt -f /dev/ntape/tape0 release 3.2.1.
Be aware that if you set this option, incomplete jobs that trigger reprint conditions will not reprint. A fix to remote job reprinting that this patch kit provides can trigger reprints which, under conditions previously described, do not appear to be needed. 3.2.1.42 Support for the Name Services Switch Added The Name Service Switch (NSS) has been added to Tru64 UNIX as a replacement for the svc.conf database service selection.
3.2.1.45 Protection Against Buffer Overflow Exploitation Added This kit provides a security feature to prevent the execution of instructions that reside in heap or other data areas of process memory. The result is additional protection against buffer overflow exploits. This feature is similar in concept to Tru64 UNIX executable stack protection. This feature is implemented as a dynamic sysconfig tunable variable, executable_data, in the proc subsystem.
NOTE: The Java language interprets byte code at runtime. Unless marked as exempt, privileged applications written in Java will receive an error when they attempt to execute instructions residing in the unexecutable memory. The manner in which these errors are handled is application-specific and thus unpredictable. This is why you must run the /usr/sbin/javaexecutedata before you enable executable_data.
3.2.1.46 Enhancements to pmgrd Daemon and collect Utility Patches in this kit provide enhancements to the performance manager metrics server daemon, pmgrd, and the collect utility. 3.2.1.46.1 Performance Manager Metrics Server Daemon (pmgrd) The following features have been added to pmgrd: • Support for monitoring the disk I/O rates.
• AdvFS monitoring capability. (See “Enhancements to pmgrd Daemon and collect Utility” for a list of AdvFS metrics that are monitored.) Enables collect to report AdvFS volume I/O queue and fileset vnode operation statistics. You can specify the domain or fileset to be monitored, using the -A option. • Viewing CPU and memory metrics on a per Resource Affinity Domain (RAD) basis. When run on a NUMA platform, enables collect to automatically retrieve CPU and memory metrics for each RAD.
3.2.2.2 Tru64 UNIX Rebranding Results in File Changes As a consequence of the rebranding of Tru64 UNIX from the Compaq name to HP, the following files have changed: • • • version.abbrev_vendor from COMPAQ to HP version.banner from Compaq Tru64 UNIX to HP Tru64 UNIX version.vendor from Compaq Computer Corporation to Hewlett-Packard Company The .mrg..sysconfigtab file has been modified to incorporate these changes into the generic sysconfig subsystem in the /etc/sysconfigtab file.
3.2.2.6 Do Not Use dxarchiver to Verify Bootable Tape Do not use dxarchiver command to verify a bootable tape. Instead, use the mt and restore commands as follows: # mt fsf 1 # restore -i The first command skips the first file on the tape. When preparing for a btcreate session, verify the size of the file system to ensure that you have sufficient tape volumes, depending on the maximum storage capacity of your tape device.
These packets need to have source and destination IP addresses that match the established connection as well as the same source and destination TCP ports. The fact that TCP sessions can be reset by sending suitable RST and SYN packets is a design feature of TCP. According to RFC 793, an RST or SYN attack is only possible when the source IP address and TCP port can be forged (also called spoofed). In that case TCP sessions, including Telnet, SSH, SFTP and HTTP may be disconnected without warning.
inet: tcp_rst_win = 2048 3.2.2.10.2 Adjusting the tcp_syn_win Variable You can adjust the TCP SYN window variable, tcp_syn_win, as follows: # sysconfig -q inet tcp_syn_win inet: tcp_syn_win = -1 # sysconfig -r inet tcp_syn_win=2048 tcp_syn_win: reconfigured # sysconfig -q inet tcp_syn_win inet: tcp_syn_win = 2048 # sysconfig -q inet tcp_syn_win /tmp/tcp_syn_win_merge # sysconfigdb -m -f /tmp/tcp_syn_win_merge inet # sysconfigdb -l inet inet: tcp_syn_win = 2048 3.2.2.
Previously, the sorting of audit data on single CPU systems was unnecessary. This changed, however, when the capability for auditing these network events was introduced. Now, to view these network events in order with respect to other events, you must sort the data on a single CPU system. To do this, use the audit_tool -S command. 3.2.2.13 new_wire_method Tunable Attribute Retired The tunable attribute new_wire_method has been retired.
To revert back to the old sendmail behavior, do the following: 1. Verify the V2/Digital header line is in the /var/adm/sendmail/sendmail.cf file. If the line is there, proceed to step 2. If it's not there, add it above the # predefined line. For example: # vi sendmail.cf ############################################################ V2/Digital ## predefined 2. Add the following lines to the /var/adm/sendmail/sendmail.cf file: O MaxMimeHeaderLength=0/0 O MaxHeadersLength=-1/-1 3. Restart sendmail 3.2.2.
Once you have started SysMan, you will need to modify the configuration of each IPsec and IKE connection to add the identity of the remote hosts that are allowed to connect. You enter this information on the third dialog box you see during the connection configuration wizard; the dialog box is titled “Manage IPsec: Add/Modify Connection: IKE Proposal.
• • • Avoid congestion on your LAN and cluster interconnect. Ensure your servers have enough excess capacity to respond quickly to NFS requests that modify the file system (writes, file and directory creation, and so forth.) Increase the size of the server's duplicate request cache when the nfsstat command shows a large number of retransmits to clients. For instructions on increasing the size of the cache, see “Tuning the NFS Server Duplicate Request Cache”.
Use the netstat command to determine if your network is saturated. For Ethernet networks, a high number of collisions indicates that the network may be saturated. The following example shows the output from the netstat -I tu0 command: Name Mtu Network Address tu0 1500
The output from these commands is gathered and sorted in memory before the report begins to be displayed. In a system with hundreds or thousands of attached storage units, the processing stage can take several minutes and you will not see any output during that time.
You can also use the xargs command to break a long argument list into smaller lists. For more information, see the xargs(1) reference page. 3.2.2.24 Loading Firmware from a BOOTP Server The fwupgrade command has been modified to allow the specified firmware update image to be loaded from a BOOTP server in a connected network. This process must use the bootpd daemon.
When creating an archive with these commands, specifying multiple slashes will result in the placement of one slash for any directory entry in the archive header. Previously, specifying multiple slashes would put these slashes in the archive header. For example: # tar cvf filename.tar dir1////////// Specifying a single slash when creating the archive will cause tar, pax, or cpio to pick up all of the directory's contents. For example: # tar cvf filename.tar dir1/ 3.2.2.
cannot be determined. Some of these files may affect patch installation. You will want to consider this information when you later make decisions in phase 5. * list of changed files with unknown origin: -----------------------------------------./etc/lprsetup.dat OSFPRINT540 UNKNOWN ./usr/share/doclib/annex/man/man3/Thread.3 OSFTCLBASE540 UNKNOWN BROKEN HARDLINK TO ./usr/share/doclib/annex/man/man3/Tcl_ConditionNotify.3 ./usr/share/doclib/annex/man/man3/Tcl_ConditionNotify.
If your firmware is lower than V6.4-12, the problem is experienced if one or both of the following conditions exists: • The system manager uses the following hwmgr utility commands: # hwmgr -view devices # hwmgr -view hierarchy • The Environmental Monitoring daemon, envmond, is running. As a workaround to the problem, you can modify one of the following two files and then reboot your system for the new setting to take effect: • /etc/rc.
# hwmgr -offline -name cpuN If, for example, the codconfig command returns the message "Error for CPU 2: Unable to offline this CPU," you would enter the following hwmgr command: # hwmgr -offline -name cpu2 For more information, see codconfig(8) and hwmgr(8). The Manage CPUs suitlet is available from the SysMan Menu and SysMan Station. 3.2.2.30.4 Repeated Reboots May Cause Panic Repeated reboots of the system may cause a kernel memory fault panic, but does not result in the loss of data.
Table 3-1 Reference Pages Revised for Version 5.1B-5 (continued) sendmail(8) sftp2(1) sialog(4) signal(2) ssh2(1) ssh-agent2(1) sshd2_config(4) sys_attrs_advfs(5) sys_attrs_cam(5) sys_attrs_generic(5) sys_attrs_inet(5) sys_attrs_vfs(5) sys_attrs_vm(5) unmount(2) unmount(8) useradd(8) vacation(1) vfast(8) vipw(1) w(1) Table 3-2 Reference Pages Revised in Previous Version 5.
Table 3-2 Reference Pages Revised in Previous Version 5.1B Patch Kits (continued) rm(1) rmvol(8) route(8) sh(1b) snmp_request(8) SSH (various) sshd2(4) sshd2_conf(4) svc.
• • Corrects problems with RFC1323 TCP timestamps and PAWS implementation. Provides an enhancement to remove drawbacks of using TCP keepalives and make LAN cluster more resilient. Patch 28002.00 OSFADVFS540 • Corrects a time stamp problem in vrestore/rvrestore. • Fixes vrestore to restore the file attributes properly. • Fixes an issue with vdump(8), where it gets into an infinite loop after the end of tape is reached. Patch 28003.
Patch 28009.00 OSFBASE540 • Fixes the RPC (TCP) connection reset problem when receiving XDR EOR packet without data( zero sized XDR EOR fragment). • Fixes find(1) to match the pathname, if the base file name of the pathname matches the pattern specified in -name, even when the pathname has trailing slash(es). • Fixes a problem in scanf family of functions when format specifier is %%. • Fixes an issue with fopen(),fdopen() and popen(). • Fixes a failure in printf family of functions.
• • • • • • • • • • • • • • • • • • Corrects South East Australia DST changes starting April 2008. Fixes an issue with strip command. Fixes incorrect exit/continue logic in mailsetup. Fixes a problem in /sbin/init.d/envmon which prevented the envmon daemon from starting in Japanese locale. Fixes a problem in /sbin/init.d/smauth and /sbin/init.d/smsd which prevented the smauth and smsd daemons from starting or restarting in Japanese locale.
• • • • • • • • • • • • • • • • • • • • • • • • • • 84 Fixes a Path MTU problem in network stack. Fixes double unlocking of netisr_lock in netisr thread. Resolves synchronization issues surrounding concurrent references to shared memory. Fixes a SACK (Selective Acknowledgement) validation issue with TCP. Resolves a race condition between process exit and coredump.
• • • • • • • • • • • • • • • • Corrects a problem with the Tru64 NFS server where, under certain conditions, directories may not be visible to clients. Fixes a problem with read of /dev/mem which resulted in netstat hang. Add support in cluster alias to handle socket unlisten. Fixes an improper reference in anon_dup routine. Fixes an issue with handling page-faults inside kernel. Fixes an issue in FIFO open, where under certain circumstances, applications using FIFOs may hang.
• • • • • • Fixes a failure in printf family of functions. Fixes a problem in printf family of functions when number grouping is requested. A potential security vulnerability has been identified in the ps and w commands on the HP Tru64 UNIX Operating System. The ps and w commands can be used to disclose environmental variable and argument information that might be exploited by a local, authorized user. Fixes the DNS problem, where DNS client loops with unknown incoming UDP packets.
• • • • • • • • • • • • • • • • • • • • • • • • Provides envmon subsystem enhancements on DS-25 and ES-45 platforms. Fixes a panic in alt driver. Corrects panic seen during hardware registration. Corrects a rare circumstance where an IO can erroneously be returned as successful when it has failed. Provides event markers to track missing binary.errlog events. Corrects a Kernel Memory Fault panic in the emx driver.
• • • A potential security vulnerability has been reported on the HP Tru64 operating system running BIND. The vulnerability is remotely exploitable and may result in DNS cache poisoning. Fixes various functionality issues in Sysman mail application. BIND 9.2.8-P1 release. Patch 28045.00 OSFKTOOLS540 • Provides a command-line option (-ignore_pset) to lockinfo command to print the lock details of all processors (-percpu) ignoring processor set boundaries.
• • Adds support into LSM for 2TB LUNs. Updates volstat utility and kernel to report cluster-wide LSM statistics. Patch 28054.00 OSFMANOP540 • Updates the following reference pages: aliases(4) advfsd(8) disklabel(8) dsfmgr(8) dumpfs(8) fcntl(2) fread(3) freezefs(2) gethostbyaddr(3) gethostbyname(3) getlogin(2) getrlimit(2) iconv_intro(5) ksh(1) lockinfo(8) mailstats(8) mail.
mail.local(8) mailq(1) makemap(8) newaliases(1) netstat(1) praliases(1) proplist(4) ps(1) sendmail(8) sftp2(1) sialog(4) signal(2) ssh2(1) ssh-agent2(1) sshd2_config(4) sys_attrs_advfs(5) sys_attrs_cam(5) sys_attrs_generic(5) sys_attrs_inet(5) sys_attrs_vfs(5) sys_attrs_vm(5) useradd(8) vacation(1) vfast(8) vipw(8) w(1) Patch 28062.00 OSFNFS540 • Fixes an issue with NFS rpc.lockd in the lock reclaim path. • Fixes the mountd problem when user supplies wrong port number.
Patch 28079.00 OSFSYSMAN540 • Corrects a potential security vulnerability that may lead to improper file access. • Fixes a problem in /sbin/init.d/envmon which prevented the envmon daemon from starting in Japanese locale. • Fixes a problem in /sbin/init.d/smauth and /sbin/init.d/smsd which prevented the smauth and smsd daemons from starting or restarting in Japanese locale.
3.4.2 Patches Delivered in Previous Kits The following patches were first delivered in previous Version 5.1B patch kits. These patches will be installed on your system if they are newer than the last patch kit you installed. Patch 27001.00 OSFACCT540 • Corrects the action of the dodisk command to skip the commented file systems contained in the /etc/fstab file. • Fixes acctcom to exit with proper error message when used with invalid user ID and group ID.
Patch 27002.00 OSFADVFS540 • Corrects the following problems with the fixfdmn utility: — Fixes fixfdmn so that it will continue when it finds more than one root tag file, rather than exiting with the message “Unable to continue, more than one root tag file.” — Fixes a potential memory fault while running the fixfdmn. — Fixes a problem in which fixfdmn does not properly handle domains with multi-page RBMT files. • Fixes the incorrect number of tag pages being returned by some AdvFS user commands.
• • • • 94 Provides support for Smart Array disk controllers. Without this patch, if the Smart Array product is installed on the system, the SysMan Station hardware view will fail to operate. Corrects the error message returned when trying to migrate striped files when the -s option is omitted.
• • • • • • • • • • • • • • • • • • • • • • • Fixes many small problems with the dsfmgr command. Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.
• • • • • • • • • • • • Corrects a problem that occurs when fixfdmn is run with an invalid fileset argument and the user is prompted if exit or run it against all the filesets in the domain. If exit fixfdmn is selected, changes may be made to the domain, which could cause problems. Modifies vdump and vrestore to support autoloader or manual loader when the dump size exceeds single tape size Modifies vdump and vrestore so they can be run as cron or batch jobs.
• • • • • • • • • • • • • • • • • • • • • • Fixes a hang that occurs in file systems between racing memory-mapping threads. Turns a potential AdvFS panic into a domain panic. Corrects a problem with the AdvFS bitfile state where, under certain circumstances, the state of the bitfile is changed without holding the lock that protects the state. Fixes an issue with vfast in which a vfast thread might cause a "kernel memory fault" panic because of a race condition.
• • Changes the behavior of migrate_normal and migrate_stripe when migrating an original file that has a clone. If the clone was marked out of sync, migrate could come back with E_CLONE_OUT_OF_SYNC even though the migrate succeeded. Now this case is caught, and handled.
• • • • • • • • • • • • Allows AdvFS to record if a domain panic has occurred, even if a system panic results. Replaces two potential panics in AdvFS with domain panics. Provides scalability improvements to AdvFS that will help reduce lock contention and improve performance. Fixes an AdvFS path that can cause a panic in the advfs_page_busy() routine. Fixes a deadlocking problem in the kernel where a file open on a clone could hang when ACLs are enabled.
• • • • • • • • • • • • Corrects idle-wait time accounting within the AdvFS file system, as reported by vmstat -w. Corrects a condition in which command response deteriorates to about 30 seconds when doing an rmvol on a domain with a volume containing large files (8 GB). Removes the obsolete function bs_bfdmn_flush_all. Prevents a potential unaligned memory crash when ACLs are on. Eliminates the lock_terminate: lock owned panic.
• • • • • • • • • • • • Fixes a condition that causes a system hang that occurs when the rename command is called with "." as the target. This patch also reinforces other rename argument restrictions. Fixes an RBMT metadata inconsistency that prevents a file system from being mounted. Changes a system panic resulting from a kernel memory fault in imm_remove_page_map into a domain panic. Fixes a condition that can cause the invalidation of mmap dirty pages before they can be flushed to disk.
• • • • • • • • • • • • • • • • • • • 102 Corrects a problem in which I/O error codes were not always propagated correctly when AdvFS directIO was used without AIO. Fixes a situation that occurs on a full file system in which a write using directIO via AIO may report the incorrect number of bytes written. Fixes an unaligned access panic in insert_seq(). Fixes a check for an invalid lookup operation through the . tags interface and prevents an AdvFS domain panic.
Patch 27004.00 OSFADVFSDAEMON540 • Improves the /sbin/init.d/advfsd startup script to allow the user to control the boot time invocation of the advfsd daemon. Patch 27007.00 OSFATMBIN540 • • Corrects a problem that causes a kernel memory fault panic in the event_queue_insert() routine on systems using ATM. Fixes a problem of stale arp in ATM Elan connectivity. Patch 27009.00 OSFBASE540 • • • • • • • • • • Corrects a problem with the adduser command so that duplicate UIDs are allowed.
• • • • • • • • • • • • • • • • • • • • • • • 104 Fixes getaddrinfo so it works properly when IPv6 is not configured. Fixes an issue of sendmail registration with PSM Fixes a problem found during invalid options passed to mount while updating UFS file system Enables uudecode to take care of both absolute and symbolic mode while decoding a file. Corrects the message catalogue for /usr/sbin/auditd.
• • • • • • • • • • • • • • • • • • • Corrects a problem with the “rcmgr set” command. Fixes a POSIX standard violation in the strfmon() function by causing preceding and following spaces to be padded to the return value to make an equal length between positive and negative values. Fixes the getnameinfo routine to display an IPv4 address instead of an IPv4 mapped IPv6 address when the BIND mapping does not exist.
• • • • • • • • • • • • • • • • • • • • • 106 Improves space utilization in small MFS file systems by decreasing metadata overhead. Fixes a problem with the mkcdsl command in which the -a option misbehaves when used on a context-dependent symbolic link (CDSL). Fixes RPC timeout error messages in the ypwhich -m command. Corrects a problem in which SysMan and SysMan Station are not functional after installing Java 1.3.1-4 or higher. Prevents addvol from adding invalid disks into a domain.
• • • • • • • • • • • • • • • • • Fixes the search algorithm to differentiate between prived and non-prived UIDs, and to allow regular expressions in string searches. Corrects a problem found wherein the rmtmpfiles script would leave empty directories in /var/tmp at system startup. Fixes a problem that occurs while encoding $@ in the Bourne shell. Eliminates the warning message "Using an array as a reference is deprecated" when running /usr/sbin/siacfg and during system boot on systems using Perl 5.8.
• • • • • • • • • • • • • • • • • • • 108 Corrects possible dead lock with the ./isl/log and ./usr/sbin/log commands. Provides the correct labels for mach events to the audit subsystem. Corrects the find -ls command to display the correct number of blocks. Provides protection against a class of potential security vulnerabilities called buffer overflows.
• • • • • • • • • • • • • • • • • • • • Corrects the behavior of the more command when nonexisting file and a nonempty file with a long file name are both specified. Causes /usr/opt/ultrix/usr/bin/make to properly check dependencies on archive libraries. Fixes various problems in the dbx and object file tools: dbx, ostrip, strip, mcs, dis, cord, file, and stdump. Causes the grep command allow blank lines in the pattern file and to not hang when executed with the -w and -f options.
— Fixes pax to handle ACL on directories properly. — Corrects tar to properly handle unusual directory specifications. — Modifies the tar utility so it correctly restores directory permissions when extracted using -p option. — Fixes the tar and pax utilities so they correctly restore the file mode when extracted using appropriate options. • • • • • • • • • • • • • • • • • • 110 Fixes /usr/bin/cut to correctly handle incomplete lines.
• • • • • • • • • • • • • • • • • Corrects a potential security vulnerability which may result in non-privileged users gaining unauthorized access to files or privileged access on the system. Fixes an sh problem that occurs when executing command substitution. Fixes a fatal assertion error reported by pixie, hiprof, third spike, cord, uprofile and odump object file tools for some executable files linked at optimization level 2 (-O2) or greater.
• • • • • • • • • • • • • • • • • • • • • 112 Corrects a problem that can cause binlogd to dump core when parsing its remote host authorization file (/etc/binlog.auth) with greater than 513 characters. Removes the 250 variable limit for /usr/bin/env. Fixes a problem of race condition in rm command in which two threads can successfully delete a file simultaneously.
• • • • • • • • • • • • • • • • • • • • • • Addresses a problem with sh while using the ulimit built-in command in displaying hard and soft resource setting values when -H (hard) and -S (soft) resource limits options are specified. Corrects a problem in which logins in TruCluster environments using Enhanced Security could hang on any member other than the one serving /var to CFS.
• • • • • • • • • • • • • • • • • • • • • • • 114 Corrects a problem that occurs when using C1crypt for password encryption on Enhanced Security systems in which users are unable to change their passwords and see the passwd command warning "Password not changed: failed to write protected password entry." Corrects the output of the vmstat command with per-RAD kernel usage data. Fixes problems such as segmentation faults when strxfrm() function runs on the French locales.
• • • • • • • • • • • • • • • • • • • • • • • Causes the tar utility to correctly restores directory permissions when extracted using -p option. Fixes the vi command with respect to the handling of locales and the +[subcommand]. Corrects the behavior of the find command with respect to -size option. Corrects the behavior of the ltf command for UIDs and GIDs greater than four digits. Eliminates several compiler warnings. Expands libpset APIs to enable the caller to get processor set information.
(SSRT2384 rpc — Severity - High) • • • • • • • • • • • • • • • • • • • • • 116 Adds support for NEW_OPEN_MAX_SYSTEM (64K) file descriptors to libaio. Corrects a problem in which a DNS resolver routines never time out if interrupted by signals. Corrects a problem in which the pop3d command dumps core when SSO (single sign-on) is configured. Corrects a problem in which long-running programs using Enhanced Security interfaces (such as getespwnam) directly grow in memory use over time.
• • • • • • • • • • • • • • • • • • • • • • • Fixes a vold threads problem in which LSM devices may be incorrectly recorded as disk clones when LSM starts up. Provides a new LSM EVM event that is posted when LSM is processing clusterwide plex detaches. Corrects a problem in which xdmcp terminal failures are not logged within the terminal control database for Enhanced Security. Corrects a problem in which the Mail program would occasionally generate duplicate file names when invoking the editor.
• • • • • • • • • • • • • • • • • • • Fixes bad error handling that occurs when trying to install setld via the command line options setld -l
• • • • • • • • • • • • • • • • • • • • • • • • Corrects a scenario in which a spurious wakeup is sent to a process that had interrupted a blocked attempt to set a mandatory file lock. Provides performance enhancements to the vm_overflow feature. Changes the way page migrations occur on a NUMA system to address poor performance due to excessive paging. Corrects an incompatibility between the cpus_in_rad and gh_chunks/rad_gh_regions tunable attributes that could result in a boot failure.
• • • • • • • • Introduces sysconfig tunable attibutes for NFS/RPC Fixes multiple panics and application hangs seen when interacting with Process Shared POSIX 1003.1c objects. Fixes the handling of NFS requests that have an erroneous file handle length field. Corrects the output of wired pages and gh regions found in the -P option of the vmstat command when run on a NUMA system.
• • • • • • • • • • • • • • Corrects tracking of controlling terminal reference to session structure. Corrects a problem that causes the transmission of duplicate FIN packets, which could result in a stuck connection. Allows systems with multiple paths to a large number of devices to boot faster. Fixes an issue with the NFS client async daemon that can occur in specific NUMA configurations.
• • • • • • • • • • • • • • • • • • • • • • • 122 Makes possible a sticky connection feature for cluster alias. Updates sysconfig to use the cluster interconnect to allow for greater SSI collaboration, which will help with changing variables on hung systems, single user systems, and normal running systems. Allows the UFS attribute delay_wbuffers to be tuned using sysconfig. Allows the packet filter variables pfilt_loopback and pfilt_physaddr to be tuned using sysconfig.
• • • • • • • • • • • • • • • • • • • • • • • • • Improves the process exit procedure for processes that have had the nice command used on them. Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Fixes multiple defects in AutoFS user space and kernel code. Corrects performance issues when accessing a file with direct I/O enabled.
• • • • • • • • • • • • • • • • • • • • • • • • 124 Fixes a condition that causes the panic “u_seg_vop_remove: seg not found” in vop. Fixes a problem in which a duplicate IP address might be configured on the system or an IP address might be configured with an incorrect netmask. Extension of UFS file systems via the mount command can effectively disable use of the file system. Additionally, on some LSM based systems a panic can occur after a file system extension has been completed.
• • • • • • • • • • • • • • • • • • Corrects a kernel memory fault that can happen when running applications that use the Cray Intra-Node Shared Memory library. Prevents a potential process (not system) hang seen when a system comes under heavy memory load with monolithic memory use. (Gigabyte-scale single objects.) Prevents a kernel memory fault when running with protection on the 128-byte bucket — an action that should only be undertaken as directed by HP customer support personnel.
• • • • • • • • Fixes a problem in which a device file such as /dev/console can become inaccessible, returning the error “Bad File Number.” Fixes a system panic in the ubc_page_stealer routine. Causes the correct error message for the freezefs -q command to be displayed on a non-AdvFS file system. Adds comment to reserve 0x10000000 and 0x20000000 for AutoFS flags. Prevents issues in the DCE/DFS file system when pages are being flushed as part of a vnode. This patch is required for AlphaServer SC.
• • • • • • • • • • • • • • • • • • • • Fixes a problem where the system can panic with a kernel memory fault in simple_lock() being called from fuser(). Resolves kernel memory faults in the TCP/IP subsystem. Fixes a problem where threads can hang mallocing memory. Increases the default values for udp_ttl and tcp_ttl to 128 hops. Fixes a condition that causes the "rdg: unwiring" panic. Increases the default limit of DLI packets to 16 KB and makes the limit tunable.
• • • • • • • • • • • • • • • • • • • • • • • • • 128 Fixes a problem seen with the TAHI IPv6 conformance test, specifically Test 4 for the IPv6 specification. Resolves a problem that results in multiple cluster members crashing with kernel memory fault in rfs_find_fsid(). Corrects a potential system hang when an error occurs while updating special file or named pipe access times on an NFS client. Fixes an AdvFS asynchronous direct I/O problem that can cause a thread to hang.
• • • • • • • • • • • • • • • • • • • • • • • Fixes a kernel memory fault panic while running the IDRIS benchmark. Corrects a kernel memory fault caused by configuring an IPv6 address on a legacy network interface card. Fixes multiple problems with IPv6 advanced API implementation. Corrects a problem in which calling aio_write with a negative size may cause a system panic. Corrects a potential security vulnerability reported by SSRT2323. Fixes a leak of kernel address space.
• • • • • • • • • • • • • • • • • • • • 130 Fixes a panic condition in AIO. Fixes a "simple lock: time limit exceeded" panic. Fixes a problem that prevents access to the AutoFS file systems if ACLs are enabled. Improves NFS client performance on NUMA systems by doing a better job distributing data, locks, and nfsiod threads across Resource Affinity Domains (RADs). Addresses the dispatching of NFS server requests for the public file handle on cluster members and multi-RAD systems.
• • • • • • • • • • • • • • • • • • • • • Corrects a system panic when running with big pages enabled. Addresses problems that occur when taking noninteractive core dumps using the coredump command. Corrects potential hangs of applications using the pshared subsystem that can occur as a result of a thread failing to wake up after its condition variable timer had expired.
• • • • • • • • • • • • • • • • • • • • • • • • • • 132 Improve the performance of systems that are performing heavy file I/O. Corrects several minor problems with the IPv6 subsystem related to the Neighbor Discovery specification. Provides an RFC3542 compliant implementation of IPv6 Advanced API. Fixes a panic condition caused by a problem in the swapping subsystem. Allows the niffconfig command to exceed 10 interfaces. Corrects a potential kernel memory fault.
• • • • • • • • • • • • • • • • • • • • • • • • Fixes a problem in which some reads on /dev/random wait until the entropy pool is completely full while other reads of /dev/random and /dev/urandom do not. Fixes a problem on a VMAC -enabled cluster wherein the member that acts as the Proxy-ARP-Master for the default cluster alias address sometimes incorrectly uses the VMAC address created for it as the source MAC address. Fixes the cause of a "u_anon_unlock_page: anon already unlocked" panic.
• • • • • • • • • • • • • • • • • • • • • 134 Fixes a condition that causes a connection timeout error when using socket keepalive options with small values on sockets over a localhost connection. Corrects the cause of the a panic: "panic: Hashing that is not marked VPP_REPL." Corrects a problem in the kernel dli module that causes system hangs and crashes on multi-CPU systems. The crashes occur with the panic string "lock_terminate: lock held".
• • • • • • • • • • • • • • • • • • • • • Corrects a condition that results in a failure to release file region locks (NFS client only). Corrects a panic “vm_pg_free: page on o/h list.” Fixes a process deadlock that occurs when rename is called with “.” as the target. Resolves a potential system hang in the kernel virtual memory subsystem when running the ClearCase V5.0 Multiversion File System (MVFS).
• • • • • • • • • • • • • • Corrects a condition to avoid the copying of multicast packets to the networking stack when packetfilter is enabled and pfilt_copymulti=0; default is 1, meaning always copy multicast packets. Fixes NFS client hangs on systems with no associated memory for RADs.
• Fixes the following panics: mcs_unlock: lock not currently owned the zombie walks, the sequel • • • • • Changes I/O retry processing when a command time out is encountered by causing the retry code to attempt to take advantage of other active paths during retries if command time outs are encountered. Fixes a rare lock timeout on some AlphaServer ES47/ES80/GS1280 systems with heavy binary errorlog activity.
• • • • • • • • • • • • • • • • • • • • • • 138 Revises the btcreate utility to overcome the 32MB firmware limitation on SAS kernel size. Reduces the default value of IPFRAGTTL from 60 to 18 to avoid reassembly problems. Provides an option that allows cluster NFS clients to use a nonprivileged TCP port to see if a remote NFS server is up. Allows the hwmgr redirect scsi command to work with lockmode 4.
• • • • • • • • • • • • • • • • • • • • • • function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities. Fixes the IDE/ATAPI driver. Prevents an IDE bus hang caused when issuing a play audio track command from scu to an ATAPI CD-ROM containing an enhanced CD.
• • • • • • • • • • • • • • • • • • • • • • • • • 140 Corrects a problem in which /sbin/ddr_config does not accept values for ReadyTimeSeconds larger than 255. The new limit is 86400 seconds (24 hours). Fixes problems with NUMA disk statistics. Fixes a KMF problem that can occur when some nodes in cluster are rebooted and a device is shared by all the nodes. Changes the CAM subsystem message that is printed to the error log on a recovered read error from "bad block number" to "block number.
• • • • • • • • • • • • • • • Provides enhancements for NetRAIN operation. Adds the ability to decouple RPC client retransmission activity from the UDP or interface transmission completion handling. Fixes a logic error in the virtual memory macros used for accessing the memory descriptor. Allows multiple retries to mount the root file system and the ability to adjust the retry period.
• • • • • • • • Modifies the prpasswdd and rpc.yppasswdd daemons to properly handle /var/tcb/files on a file system from different from /var. Fixes client login, su, rshd, edauth, and sshd2 hangs and long delays under Enhanced Security, as well as some intermittent errors or failures seen with prpasswdd or rpc.yppasswdd. Corrects a problem in which logins in TruCluster environments using Enhanced Security can hang on any member other than the one serving /var to CFS.
• • function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.
Patch 27016.00 OSFCDEMAIL540 • • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access. Corrects a potential security vulnerability that may result in unauthorized Privileged Access or a Denial of Service (DoS). This may be in the form of local and remote security domain risks. Patch 27019.00 OSFCDEMIN540 • • • • • Resolves a problem that occurs when opening big file using dtfile.
Patch 27020.00 OSFCLINET540 • • • • • • • • • • • • • Fixes a problem with the niffconfig command whereby certain characters in the interface name may be ignored. Fixes a problem in the /etc/.mrg..inetd.conf merge script that causes customer-specific changes in the /etc/inetd.conf file to be ignored. Fixes a problem with inetd -L in which a cluster loops in shutdown -c or rcinet start. Upgrades BIND 8 to BIND 9.
• Corrects a potential security vulnerability that may result in a Denial of Service (DoS). This potential vulnerability may be in the form of local and remote security domain risks. (SSRT2384 rpc — Severity - High) • • • • • • • • • • • • • • • • 146 Corrects a problem in os_mibs that results in the swap size and swap used values for the host mib being reported as negative values on some systems. Introduces dumprmt.msg for remote dump/restore messages.
• • • • • • • • • • • • • • • • • • • • • • Adds support to the ifconfig application for the IPv6 command line argument ip6reachabletime. Fixes a condition that causes an ftpd file transfer failure when a file exceeds 2 GB. Fixes an ftp client accounting error that occurs when transferring files larger than 4 GB. Fixes library dependencies to allow ifconfig to be run in single user mode. Corrects a problem that occurs when using MD5 authentication with Version 2 RIP.
• • • • • • • • • • • • • • • • • Resolves a problem that can cause rsh processes hang. Corrects a problem where the telnet command causes unnecessary delays when an IP address is supplied as a command-line argument. Corrects a problem with the nslookup utility that results in an unexpected termination in certain situations. Fixes the behavior of rpc.rquotad in a cluster. Allows rcp to correctly interpret file names that contains rcp special characters such as the at ( @ ) sign and colon ( : ).
Patch 27021.00 OSFCMPLRS540 • • • • • • • • • • • • • • • • • • • Corrects default values for YESEXPR and NOEXPR defined in the localedef command and libc to get correct return value from nl_langinfo(YESEXPR) and nl_langinfo(NOEXPR) Resolves a problem that could cause the rexec() function to hang. Fixes the getaddrinfo() routine to work properly when IPv6 is not configured. Fixes memory leaks in the libc getipnodebyname routine, which is used by ldapcd.
(SSRT2384 rpc — Severity - High) • • • • • • • • • • • • • • • 150 Fixes a problem in which the home directory and login shell attributes for a user account are not suppled to the audit daemon for authentication failures. Fixes an extended regular expression problem where the interval expression {m,n} is handled incorrectly. Fixes a problem from pre-Version 5.
• • • • • • • • • • • • • • • • • • Corrects problems with name resolution when an error is encountered during the processing of the local host files. Fixes a yacc stack overflow error in the Tru64 UNIX assembler. Fixes a fatal error in /usr/bin/spike. Fixes problems such as segmentation faults caused by the strxfrm() function running on the French locales. Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.
Patch 27022.00 OSFDCMT540 • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management. Patch 27023.00 OSFDCMTEXT540 • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Patch 27026.
• • • Corrects a performance problem on systems with many sensors by reducing the polling frequency. Prevents a long boot pause on AlphaServer GS1280 systems with large disk and sensor counts. Fixes issues with envmond with respect to log messages and the execution of shutdown scripts. Patch 27030.00 OSFEXAMPLES540 • Eliminates the use of a /tmp file in a SysMan CLI example. Patch 27031.00 OSFEXER540 • • Corrects the memory exerciser user.syslog message from "Started" to "Stopped".
• • • • • • • • • • • • • • • • • • • • 154 Fixes a problem in which the display for the hwmgr -show name command is not aligned properly for the name field. Adds IEEE 802.1Q Virtual Local Area Network (VLAN) support for the following: — DEGPA — DEGXA — DE50x, lan_common.h — DE60x Fixes a problem in the alt driver for DEGPA Gigabit Ethernet adapters. This problem affects all Tru64 UNIX systems containing DEGPA network interfaces.
• • • • • • • • • • • • • • • • • • • • • • • Increases the default limit of DLI packets to 16 K and makes the limit tunable. This corrects a problem in which attempts to sent packets larger than 5000 bytes (jumbo packets) can fail. Updates DDR for the MSA array controller and for other future devices. Adds recognition for possible future devices. Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet adapters.
• • • • • • • • • • • • • • • • • Corrects a condition that causes bootstrap address collisions after console heap_expand uses more memory and extends into address range used by the kernel. Updates the tu driver to support Ethernet Multicast addresses larger than 512, which is necessary to support a large number of IPv6 addresses Updates the alt driver to V2.0.
Patch 27035.00 OSFHWBIN540 • • • • • • • • • • • • • • • • • • • • • • Prevents the state machine performing Bad Block Replacement on a disk for which BBR is disabled. Fixes a rare panic during boot on GS1280/ES80/ES47. Fixes a "lock_fault" panic that can happen during system startup and shutdown. Corrects the handling of certain disk “not ready” conditions to prevent long I/O stall times. Provides performance enhancements based on the vm_overflow feature added in V5.1B-3.
• • • • • • • • • • • • • • • • • • • • • • • • • 158 Fixes the cause of the "pmap_pagemove" panic that occurs with some third party drivers. Fixes a problem in which the changer code causes a kernel memory fault. Fixes an issue with the KZPCC backplane RAID adapter device driver (I2O) that causes its logical disk drives to be identified as SCSI devices. Makes adapter error messages more descriptive. Corrects a memory leak.
• • • • • • • • • • • • • • • • • • • • • • • • • Corrects the cause of a kernel memory fault panic in the KZPEA driver. Fixes a simple lock fault in wakeup_async_waiter. Fixes a problem with the environmental monitoring daemon on partitioned AlphaServer GS80/GS160/GS320 systems. Provides new EMX driver hardware attributes. Improves selection timeout handling in RAID services. Fixes a simple lock fault in cdisk_bbr_comp. Fixes an issue related to aha_chim driver blocking in interrupt context.
• • • • • • • Adds an event to indicate that the soft or hard error count has changed on the device identified in the event. Corrects a potential deadlock in the hardware configuration subsystem. Fixes a problem where, when using hwmgr to delete a component, a "DELETE_COMMIT: Cannot fetch name." message may be displayed on the console. This problem can be seen frequently in a cluster environment when the component being deleted does not exist on the system.
• • • • • • • • • • • • • • • • • • • • • • • Fixes a condition that causes a system hang when using open3D over the AGP bus on an AlphaServer GS1280. Fixes a problem that can cause an ES45 to hang if the Xserver is restarted or the system is rebooted without a power cycle when using the Radeon AGP graphics device. Fixes a problem with USB hubs (or any other bus device) that occurs when they are removed from a running system. Fixes a performance problem that occurs when doing wiring on gh_chunks memory.
• • • • • • • • • • • • • • • • • • • • • 162 Corrects the cause of a delete_pv_entry panic when kernel virtual address space has high usage. Fixes a problem in which Smart Array 5300 logical volumes are counted as RAID controllers. Address an issue in which AdvFS domain panics occur during HSZ and HSG failovers. Improves I/O performance by reducing kernel locking overhead. Fixes a small memory leak in Power Management code.
• • • • • • • • • • • • • • • • • • • Resolves a problem in which some DE50x network interface cards, under specific circumstances, may not send gratuitous arp packets. Fixes the re_ioctl() cases DIODCMD and DIODCDB where cmd transfer size has been changed to avoid kernel memory fault. Changes the fwupgrade command to allow the specified firmware update image to be located on a BOOTP server in a connected network.
• • • • • • • • • • • • • • • • • • • 164 Fixes a problem in the KZPCA itpsa driver that occurs when a SCSI target presents multiple LUNs. Prevents problems in the USB subsystem, including memory leaks, data inconsistencies, and USB device configuration problems. Installs Version 1.11 of the ciss driver. Fixes problems in the USB driver layer, inc.luding minor performance degradations and device failures.
• • • • • • • • • • • • • • • • • • • • • • Fixes a problem in the PCI bus code that can prevent some functions on a multifunction PCI card from being configured. Fixes a problem with the USB keyboard driver that affects keyboard operation when the X server is not running. Specifically, the autorepeat function it may appear jumpy, or keys may appear to press themselves after they are released. Fixes a problem relating to gh_chunks allocation on some configurations.
• • • • • • • • • • • • • • • • • • • • • • 166 Provides support for the Philips USB controller, which is shipped on some AlphaServer GS1280 systems. Without this patch, the Philips USB controller may fail to detect and configure devices below it. Fixes various problems in the ee driver for DE60x Ethernet adapters. Corrects a problem in which /sbin/ddr_config does not accept values for ReadyTimeSeconds larger than 255. The new limit is 86400 seconds (24 hours). Fixes problems with NUMA disk statistics.
• • • • • • • • • • • • • • • • • • • • • Corrects a HSZ70 controller failover failure that generates the message "Logical unit not ready, cause not reportable." Changes the way reservation-conflict errors are handled in a cluster. Prevents a potential panic that generates the message “memory_test=partial” or “memory_test=none.” Corrects a problem in which certain older tape drives (such as the TZK50 and TSV07) would produce only errors when they were accessed.
• • • • • • • • • • • • • • • • • • • • • • • • 168 Changes the way that memory is marked as bad on the AlphaServer GS1280 in order to prevent a recursive crash on reboots. (A crash is expected as a result of a double-bit-memory error machine check.) Fixes the errant binary.errlog entry "Status = CMP but resid not NULL Possible Software Problem - Impossible Cond Detected" from the peripheral disk, tape, and changer drivers. Updates the ee driver to V1.0.
• • • • • • • • • • • • • • • • • • • • • • • • • Adds read/write ability to XP control ports. Corrects a problem with a sensor error that can indicate a false over-temperature condition on DS10/DS10L and TS10 systems. Fixes a kernel memory fault panic problem with the KZPCC RAID adapter. Fixes a panic that can occur during asynchronous event notification by a mass storage driver.
• • • • • • • • • • • • • • • • • • • • • • • • • • • 170 Corrects a problem in which multiple access to changer devices (for example, via Legato/Networker) could lead to a kernel memory fault in the changer driver. Fixes problems with DS15 environmental monitoring. Fixes mass storage disk subsystem handling of specific important events reported by the HSG80 and HSG60 array controllers.
• • • • • • • • • • • Fixes the cause of a KMF panic that occurs when closing a removable device with no paths. Provides better error handling for new tape devices. Fixes an issue in the error recovery procedure of CISS adapters. Corrects a problem in which changer applications hang when opening media changer device. Improves the performance of various hwmgr commands on large AlphaServer ES80 and GS1280 systems.
Patch 27038.00 OSFINCLUDE540 • • • • • • • • • • • • • Corrects a problem introduced in Tru64 UNIX V5.1B-2 that causes a syntax error when compiling programs using the header file /usr/include/netdb.h and defining _XOPEN_SOURCE_EXTENDED. Corrects the assert macro definition in /usr/include/assert.h. Offers the sticky connection feature for a cluster alias. Modifies the getaddinfo to compile properly with the POSIX_SOURCE compiler flag.
• • • • • • • Corrects the decoding of NFSv3 sattr structure in tcpdump. Corrects a problem that occurs during a DNS server configuration using the SysMan DNS server application in which the user is not informed if the named daemon fails to start. Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS. Modifies the prpasswdd and rpc.
• • • • • • • and see the passwd command warning "Password not changed: failed to write protected password entry." Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS. Adds the retry option to snmp_request. Updates Mobile IPv6 code to be compliant with the latest RFC. Enables tcpdump to display encapsulated IPv6 packets sent over the IPv6-in-IPv6 tunnel.
Patch 27046.00 OSFLAT540 • Makes start-up scripts in /sbin/init.d world readable. Patch 27047.00 OSFLDBBASE540 • Provides Version V69 of the ladebug debugger to cause it to properly return from a fork call when CATCHFORKS is set. Patch 27048.00 OSFLDBDOC540 • Provides Version V69 of the ladebug debugger to cause it to properly return from a fork call when CATCHFORKS is set. Patch 27049.
• • • • • • • • • • • • • Fixes a problem in the libnuma function nacreate() and the system header
• • • • • • • • • • • • • • • • • • Fixes an issue seen in CLSM that causes a diskgroup import to fail when clsm collision proposals are seen in messages file. Fixes a LSM diskgroup deport problem. Prevents a "Too Many Volumes" error when attempting to add a volume and the maximum volumes allowed has not been reached. Fixes an issue with the initialization of large disks. Fixes an issue seen when using KZPAC/SWXCR disks in LSM. Corrects several label strings in the SysMan LSM application.
• • • • • • • • • • • • • • • • • • • • 178 Corrects an error return code for volinfo. If a specified volume is not in the configuration database, the error code returned from volinfo will reflect this error. Corrects an issue of a cluster node hanging during a boot while another member recovers the cluster root file systems. Allow volsave and volrestore to save nconfig/nlog policies for disk groups and restore them appropriately. Corrects awk errors for invalid quit statements.
• • • • • • • • • • • • Modifies LSM to ensure that AdvFS volume links are not required to be named the same as the device they point to. Corrects a problem in which the dsfmgr command does not notify LSM of certain disk changes With this fix, the procure for replacing a failed boot disk under LSM control should work as described in Section 6.4.6 of the Logical Storage Manager manual without generating the error message “lsm:voldisk: ERROR: Device dskxf: define failed.
• • • • • • • • • • • • • • Fixes a klog inconsistency during node boot in which it is possible that no nodes in the cluster respond to a klog sync request and the booting node simply clears the disk group klog. Decreases CLSM boot times in large cluster configurations. Fixes problems in the vol_new_disk ioctl when errors are encountered when loading a disk in the kernel. Fixes the cause of a panic in LSM voldrl_commit_delete that occurs during a transaction abort.
Patch 27053.00 OSFLSMX11540 • Fixes a problem in the LSMSA GUI where the application throws a Null Pointer Exception while trying to display volume and fileset information on systems having ASU file-on-file mounts. Patch 27054.00 OSFMANOP540 • • • • • Updates the uucp(1), gethostbyaddr(3), getnameinfo(3), sys_attrs_io(5), kdbx(8), named(8), and volwatch(1) reference pages.
• • • • • • • • • • • • • • • • • • • • • 182 Updates the dd(1), ksh(1), vi(1), aio_return(3), sshd2_config(4), emx(7), dxshutdown(8), newfs(8), prpasswdd(8), sshd2(8), and ypset(8) reference pages. Revises the sysconfig(8) reference page to document the cluster interconnect. Revises the tcpdump(8) reference page for the VLAN functionality. Revises the ifconfig(8), lan_config(8), niffconfig(8), ping(8) vlanconfig(8), and vlan(7) reference pages for the VLAN functionality.
• • • • • • • • • • • • • • • • • • • • • • Revises the voliod(8) reference page to document a change to the voliod -f set 0 command. Revises the evminfo(1) reference page to document the addition of the auth option to the -verify option, which allows users to check for syntax errors in the EVM authorization file. Revises the kdbx(8) reference page to document the addition of the -A flag to route. Revises the netstat(1), sys_attrs_inet(5), sys_attrs_net(5) and route(8) reference pages.
• • • • Revises the csh(1), sh(1b), ip6rtrd.conf(4), ntp.conf(4), sys_attrs_ipv6(5), sys_attrs_vfs(5), nifftmt(7), dump(8), freezefs(8), fwtmp(8), ip6rtrd(8), restore(8), and xntpd(8) reference pages. Revises the sys_attrs_lsm(5) and disklabel(8) reference pages. Revises the mt(1), netstat(1), sys_attrs_ee(5), sys_attrs_inet(5), sys_attrs_vm(5), collect(8) envconfig(8), fuser(8), ifconfig(8), and kdbx(8) reference pages. Revises the btcreate(8) and psradm(8) reference pages. Patch 27060.
Patch 27062.00 OSFNFS540 • • • • • • • • • • • • • • • • • • • • • Adds a name and IP address cache to NFS mountd to limit problems seen with DNS timeouts. Corrects a problem with pcnfsd that occurs when it is running in a cluster and sends the member's IP address instead of the cluster alias. Fixes the warning message in the daemon.log file when automount starts. Provides an option that allows users to specify port number for mountd. Fixes rpc.lockd to send UNIX authentication.
Patch 27064.00 OSFOBSOLETE540 • Updates Tru64 UNIX version information in accordance with HP rebranding efforts. Patch 27065.00 • • Updates Tru64 UNIX version information in accordance with HP rebranding efforts. Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. OSFOEMBASE540 Patch 27068.00 OSFPGMR540 • • • • • • • • Fixes a sendmail registration issue with PSM.
— — — — — — — — • • • • • • • • • • • • Color LaserJet 4650 Color LaserJet 9500 LaserJet 4200 LaserJet 4250 LaserJet 4300 LaserJet 4350 LaserJet 9040 LaserJet 9050 Fixes a problem with lpstat -o in handling hyphens in printer names. If there is a hyphen in printer name, lpstat -o was interpreting it as a job-id instead of printer name.
Patch 27070.00 OSFRCS540 • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Patch 27071.00 OSFRIS540 • Corrects a joind failover problem and an extracted RIS area issue. Patch 27072.00 OSFSCCS540 • • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised.
• • • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS. Fixes performance tool failures on Sierra Clusters Parallel File Systems. Corrects an inaccurate error message in spike optimizer. Patch 27075.00 OSFSER540 • • • • • • • • • • Fixes a panic on a system with an Oxygen VX1 graphics card when the X server is killed while it is starting up.
• • • • • • • • • Provides the collect utility with the ability to report local and remote I/O access statistics for cluster storage devices in a TruCluster Server environment. Corrects a problem of compromised AdvFS data integrity which occurs when a new AdvFS domain or fileset is added while collect is running. Updates the collect utility to Version 2.0.5. Provides new collect features, including AdvFS monitoring and CPU and memory metrics on a per RAD basis. Fixes floating-point exception in collect.
• • • Corrects a problem with collect when it is used with the -l option to seek to the last record of a data file whose size is less than 312 bytes. Corrects a problem with collect incorrectly reporting RAD and memory statistics on systems where the RADs are not serially numbered. Corrects a problem of collect stopping after 48 hours, when running in historical mode. Patch 27079.00 OSFSYSMAN540 • • • • • • • • • • • • • • • • • • Fixes a smsd core dump problem in a cluster.
• • • • • • • • • • • • • • • • • • 192 Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access. Corrects the cause of a core dump that occurs when the usermod command is used with the -x pc_synchronize option. Corrects a problem that causes the userdel command to core dump when the shell field is empty in the passwd file.
• • • • • • • • • • • • • • • • • • • • Corrects a problem that occurs when DHCP is selected for a network interface card, the netconfig command places invalid data in the /etc/hosts file. Fixes a problem encountered when bttape TCL scripts are executed by nonprivileged users. Adds $quote directive to the message catalog. Corrects a confusing error message seen when ASU is installed and a user runs useradd on a non-PDC server.
• • • • • • • • • Corrects a problem in which when a node in a cluster is rebooted, the SysMan Station daemons running on each of the other nodes core dumps and a core file can be seen on the root (/) directory. Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP rather than only from NIS.
• • • • • • • • • • • • • Addresses a problem with the usermod command when it is used to perform operations on NIS local plus or minus users. Modifies the dop command and SysMan dop to correct various problem. Addresses a problem with the usermod command when it is used to move a user's home directory to a subdirectory of the old home directory, causing the deletion of the old home directory (and thereby, the newly created home directory).
Patch 27080.00 OSFTCLBASE540 • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Patch 27083.00 OSFTRUETYPE540 • • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.
Patch 27085.00 OSFX11540 • • • • • • • • • • • • • • • • • Corrects a problem that occurs when attempting to open a Java applet on a V1.7 Mozilla browser displayed from a Redhat Linux RHEL 3 (update 6) to a Tru64 UNIX V5.1B-3 graphics console. The browser closes and dtwm spins at 99% CPU usage. Resolves security vulnerabilities in X PixMap routines used in the Motif library. Modifies the online help description for Togglekeys in accessx.
Patch 27086.00 OSFXADMIN540 • • • • • • • • • • • • • 198 Corrects a potential security vulnerability in the XDM (X Display Manager) software. This potential vulnerability, which may be locally and remotely exploitable, could result in a denial of service (DOS), unauthorized privileged access, or both. Corrects a problem in which host icons overlap in the dxhosts application.
Patch 27089.00 OSFXDEMOS540 • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Patch 27094.00 OSFXLIBA540 • • • • • • • Corrects a problem that occurs when attempting to open a Java applet on a V1.7 Mozilla browser displayed from a Redhat Linux RHEL 3 (update 6) to a Tru64 UNIX V5.1B-3 graphics console. The browser closes and dtwm spins at 99% CPU usage.
Patch 27100.00 OSFXSYSMAN540 • • • • • • • • • • • • • • • • • 200 Fixes a problem in dxaccounts in which the Modify option dumps core under certain circumstances. Fixes several problems with dxaccounts on a system with ASU installed. Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.
• • • • • • • Fixes a problem where, under certain circumstances, the Display Window application (dxdw) displays garbled characters in the transcript area of the application. Modifies dxaccounts to allow it to change the local user password in Enhanced Security environment. Corrects a problem in which the locking and unlocking of multiple selected users did not happen under C2 security. Fixes the cause of a core dump that occurs during copy/paste operations of Local/NIS template.
• • • • • • Fixes a problem with ldapcd that prevents LDAP users from being authenticated, even when they are providing the correct password. Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS. Fixes problems caused when the UID/GID of an Active Directory user is zero.
• • • • • • • Corrects a misspelling in the ssh-hostbased-setup utility message "is not running a compatible sshd, skipping." Corrects a problem in which scp does not check whether the source and destination were the same file, thereby causing the file to be truncated to zero bytes. Corrects a condition in which if a user connects to a cluster, performs two SSH localhost, and then tries to start an X application, an error message of X connection is broken is displayed.
4 TruCluster Server Patches This chapter provides information about the patches included in Version 5.1B-5 for the TruCluster Server software. It is organized as follows: • “New Release Notes” lists release notes that are specific to the TruCluster Server software patches in this kit and TruCluster Server issues in general. • “Prior Release Notes” section lists release notes listed from the initial Version 5.1B release through Version 5.1B-5.
tar: lib/nls/msg/en_US.88591/ladebug.cat : No such file or directory *** Warning *** The above errors were detected during the cluster upgrade. If you believe that the errors are not critical to system operation, you can choose to continue. If you are unsure, you should check the cluster upgrade log and refer to clu_upgrade(8) before continuing with the upgrade.
During the install stage, clu_upgrade cannot tell whether the roll is going forward or backward. This ambiguity incorrectly allows the clu_upgrade undo preinstall stage to be run before clu_upgrade undo install. Refer to the Patch Kit Installation Instructions for additional information on undoing a rolling patch. 4.2.
4.2.9 Relocating AutoFS During a Rolling Upgrade on a Cluster This note applies only to performing rolling upgrades on cluster systems that use AutoFS. During a cluster rolling upgrade, each cluster member is singly halted and rebooted several times. The Patch Kit Installation Instructions direct you to manually relocate applications under the control of Cluster Application Availability (CAA) prior to halting a member on which CAA applications run.
4.2.10 Messages Displayed During Rolling Upgrade Can Be Ignored You can ignore the following messages if you see them displayed during a rolling upgrade: • kill:1048674: no such process This message may be displayed after the roll stage. For example: # clu_upgrade roll This is the cluster upgrade program. The 'roll' stage has completed successfully. This member must be rebooted in order to run with the newly installed software.
Please install the latest TruCluster Server patches on your system. You can obtain the most recent patch kit from: http://www.support.compaq.com/patches/ *** Error *** The system is not configured properly for cluster creation. Please fix the previously reported problems, and then rerun the 'clu_create' command. If you see these messages, enter the following command: # ls -tlr /usr/.smdb./*PAT*.
The following sections describe the steps you can take to prevent the problem or correct it after it occurs. 4.2.13.1 Preventing the problem You can prevent this problem by performing the following steps before beginning the rolling upgrade: 1. Disable the prpasswdd daemon from running on the cluster: # rcmgr -c set PRPASSWDD_ARGS \ "`rcmgr get PRPASSWDD_ARGS` -disable" 2. Stop the prpasswdd daemon on every node in the cluster: # /sbin/init.d/prpasswd stop 3. 4.
a. Use edauth to add a harmless field to an account, the exact commands depend on your editor. For example, pick an account that does not have a vacation set and add u_vacation_end: # edauth s/:u_lock@:/u_vacation_end#0:u_lock@:/ w q b. Check to see that the u_vacation_end#0 field was added to the account: # edauth -g 5. c. Use edauth to remove the u_vacation_end#0 field from the account. If the edauth commands fail, do not stop. Continue with the following instructions.
• Use the edauth command to add a harmless field to an account, the exact commands depend on your editor. For example, pick an account that does not have a vacation set and enter the following: # edauth s/:u_lock@:/u_vacation_end#0:u_lock@:/ w q • Check to see that the u_vacation_end#0 field was added to the account: # edauth -g • Use the edauth command to remove the u_vacation_end#0 field from the account. Warning! If the edauth command fails, do not proceed further. Contact HP support. 12.
Domain or filesystem name = /mnt Server Status : Not Served If this occurs, we recommend that you immediately do the following: 1. Use the following command to unmount the filesystem: # cfsmgr -u -p [mountpoint] 2. If other mounted filesets exist in the same domain, unmount them (they should also be in the "Not Served" state): # cfsmgr -u -d [domain] For steps on checking an AdvFS domain, see the AdvFS Administration Guide, Section 6.3.1, steps 3-7. 3.
Note that all filesets with clones that are served by the node on which the attribute is set will also see this change. It may be advisable (though not required) to have those filesets whose clone files have fewer extents be served by a different node during the time the tunable attribute is set. 4.2.
If a member has a version number different from that of the other members, shut down the member and reboot it from vmunix, the custom kernel. If multiple members have the different version numbers, reboot them one at a time from vmunix. 4.2.18 Data Protector Issues and Restrictions The following sections describe issues and restrictions for Version 5.1 of the HP OpenView Storage Data Protector backup and recovery product when configuring it on a Tru64 UNIX cluster. 4.2.18.
Each patch provides fixes to subsets of the operating system. Subset names (listed in italic font in the following list) consist of three parts; for example, for subset TCRBASE540, the TCR indicates that the subset is part of the TruCluster Server product, the BASE indicates a category, and the 540 indicates that the subset belongs to the Version 5.1B operating system. 4.3.
• • Updates volstat utility and kernel to report cluster-wide LSM statistics. Add support in cluster alias to handle socket unlisten. PATCH 28002.00 TCRMAN540 • Provides the latest reference pages for sys_attrs_cfs(5), sys_attrs_clubase(5), and sys_attrs_rdg(5). • Updates clu_alias.config(4) and exports.aliases(4) reference pages. • Updates sys_attrs_icsnet(5) reference page to reflect icsnet_mtu attribute. • Updates the following reference pages: clua_services(4), cfsd.
• • • • • • • • • • • • • • • • • • • • • • Fixes a problem of v_numoutput not decremented for aio dio error paths. Removes the cause of a panic that may occur in CFS at boot time if a remote node goes down. Corrects several ICS signal-forwarding issues. Fixes a race between the close system call for a block device file and the recovery process for the file system. Clarifies a usage message seen with the cfsstat command.
• • • • • • • • • • • • • • • • • • • • • • • • • • • 220 Fixes display errors in cfsstat command when using the icschanbps option. Fixes a deadlock issue between cluster nodes because of cfs_async_io_thread running on them. Corrects an erroneous error message displayed by drdmgr. Fixes a cnx_qdisk_thread hang problem. Fixes a memory leak in CFS. Fixes disk I/O hang in DRD. Fixes a hang with disklabel that occurs if a local open fails for the same disk simultaneously.
• • Introduces a mechanism to improve reliability for synchronizing cluster alias ID sets among cluster members. Fixes the cause of the following CNX panic in cluster reconfiguration: cnx_change_cluster_tx_state: illegal transaction state • • • • • • • • • • • • • • • • • • Fixes an ICS panic issue that occurs early in the boot process.
• • • • • • • • • • • • • • • • • • • • • 222 Corrects a potential data inconsistency that may occur when a domain is nearly full. Client write requests shipped synchronously to the server will no longer have subsets of pages written asynchronously due to a race with virtual memory. Improves the scaling of IP reassembly code on large SMP machines. NFS servers are especially susceptible when a large number of clients attempt to write at the same time.
• • • • • • • • • • • • • • • • • • • • • • Fixes multiple disable or enable problems with cluamgr. Fixes a tok_wait hang problem on Sierra Clusters. Adds the ability to change the default interconnect interface name. Corrects several problems in the cluster install and upgrade utilities. Fixes a problem in which an RDG (Reliable DataGram) kernel thread can starve other timeshare threads on a uniprocessor cluster member. In particular, system services such as networking threads can be affected.
— An issue in which new ICS server daemons and handles are created one at a time each time the low water mark for each is reached, thereby causing a nanny daemon to be called more frequently than it needs to. — An issue in which no mechanism exists for the user to adjust the high and low water marks for ICS free handles, which can result in poor performance during rapidly increasing loads.
• • • • • • • • • • • • • • • • • • • • • • • Eliminates a performance problem when a node acting as CFS server of an NFS client file system is write-appending to an external NFS server. Prevents a panic when an AutoFS file system is auto-unmounted. Corrects the cause of a cluster member panic with kernel memory fault when running nmap or nessus targeting at the cluster alias.
• • • • • • • • • • • • • • • • Increases performance by reducing the lock miss rate in the ics_mct_llnode_info_lock. Addresses the panic “Assert Failed: (cp-c_flags & CDIRECTIO) = 0” in the cluster file system. Corrects a problem where a CFS lookup for a mount could leave stale state behind that could adversely affect subsequent NFS operations.
• • • • • • • • • • • • • • • • • • • • • • Fixes the potential of multiple assert_wait and timeout panics due to kernel EVM threads not properly preempting. Fixes a problem in the Memory Channel driver. Corrects a condition that occurs during a rolling upgrade in which the clu_ifaccess script removes the tag file for /etc/ifaccess and sends out a warning message. Forces a reboot to resolve communications problems in a two node cluster rather than hang. Corrects lock acquires after mpsleep.
• • • • • • • • • • • • • Addresses a problem on LAN clusters related to improper keep-alive timeouts that can be identified when the following console message is displayed during normal operations (that is, no know failures and no nodes are rebooting): — WARNING: ics_socket_event: error 60 on channel 0, assume node # is down • Fixes a problem that occurs when the interconnect is configured using NetRAIN, cluster_rebuild_delay is set significantly below the default value, and members are rebooting or
• • • • • • • • • • • • • • • • • • • • • • • • • • • Fixes kmf in drd_kgs_bid_stop_server_io_drained when a node leaves during a drd kgs transaction. Corrects a problem in which drd continually tries to perform a munsa unreject on the drive when a device is deleted while it is in the munsa reject state. Corrects a problem in which multiple path failures cause drd to return ENODEV even when a server is available in the cluster. Fixes several error handling in drd for device error conditions.
• • • • • • • • • • • • • • • • • • • • • 230 Fixes problems seen in the TruCluster RDG component. Fixes a race condition in a routine that allocates memory for Memory Channel logical rail and physical rail use. It prevents a KMF during boot, occasionally seen on some AlphaServer GS1280 systems. Fixes a race condition which leads to a panic that occurs when a device is deleted on a busy system. Adds the ability to log enabled DRD events to circular memory buffer.
• • • • • • • • • • • • • • • • • • • • • • • • Removes a delay in the TruCluster component DRD (Device Request Dispatcher) event threads during system booting. Corrects a kernel memory fault in drd_local_device_close. Fixes a kernel memory fault issue on LAN-based clusters that do not have a Memory Channel adapter installed on the systems. Fixes problem of non-root users not being able to execute the caa_stat command. Provides enhancements to CAA commands and the caad daemon.
• • • • • • • • • • • • • • • • • • • 232 Fixes a problem in which a CAA resource and its dependents become inaccessible when the resource fails to start on the node where it is failed over to and there are no more nodes to consider for failover. Fixes Oracle socket connection problem. Fixes incorrect error handling that could result in memory leak. Provides event definitions for traps in cluster MIB files to support Openview NMS. Modifies ics_tcp to check response buffer for NULL before freeing it.
Patch 27002.00 TCRMAN540 • • • Provides a new command, clu_ping, to determine the status of the interconnects in a stretched cluster environment. Updates the caa_relocate(8) and cluamgr(8) reference pages. Revises the clua_services(4) and sys_attrs_clua(5) TruCluster reference pages. 4.
5 Worldwide Language Support Patches This chapter provides information about the release notes and patches included in Version 5.1B-5 for the Worldwide Language Support (WLS) subset for the Tru64 UNIX operating system. This chapter is organized as follows: • “New Release Notes” section lists release notes that are specific to this kit.
Patch 28102.00 IOSJPBASE540 • Provides modified localization messages for Japanese and Chinese locales. The modified localization messages are reflections of the English version that have been updated after the V5.1B-4 release. Patch 28214.00 IOSWWBASE540 • Corrects a problem with iconv converter that generates wrong character codes for a Unicode surrogate pair. • Includes ICONV_OLD_SURROGATE environment variable for backward compatibility.
• • • • • • Updates several Japanese message catalog files to catch up with corresponding English message catalog files that have been updated. Fixes a problem in which unnecessary quotation marks are included in the Japanese messages for Japanese dictionary's converters, jsy2vjetxt, jsy2wxtxt, vje2jsytxt, and wx2jsytxt. Updates the Japanese version of more.cat to keep it in line with the English version.
• • Updates the Japanese version of message and uil files to keep up with the English version. Updates some Japanese message catalog files to keep up with corresponding English message catalog files which have been updated after the V5.1B-2 release. Patch 27131.00 IOSJPXADMIN540 • Provides updated Japanese message files for the SysMan suitlets and others. Patch 27134.
Patch 27214.00 IOSWWBASE540 • Fixes a display width mismatch problem in the zh_CN.GB18030 locale. Patch 27215.00 IOSWWBIN540 • Fixes a problem with the Asian tty that can cause a kernel crash and a hang-up problem during a certain type of the login/logout stress test. Patch 27248.00 IOSWWSYSMAN540 • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Patch 27251.
6 CSPs Included in This Kit This chapter lists the customer-specific patches (CSPs) for Tru64 UNIX and TruCluster Server that are superseded by patches in this kit. To find out which CSPs are on your system, use the dupatch utility's patch tracking feature, as described in the Patch Kit Installation Instructions.
6.1 New Superseded Tru64 UNIX CSPs The numbers in the following tables represent Tru64 UNIX CSPs that are superseded in this kit. Table 6-1 Superseded CSPs 01936.01 to 02355.00 Patch C 01936.01 Patch C 01937.00 Patch C 01944.04 Patch C 01945.02 Patch C 01947.00 Patch C 01949.00 Patch C 01956.00 Patch C 01960.00 Patch C 01977.00 Patch C 01988.00 Patch C 01990.00 Patch C 02002.00 Patch C 02016.01 Patch C 02017.00 Patch C 02023.00 Patch C 02023.01 Patch C 02026.00 Patch C 02028.00 Patch C 02029.
6.2 Tru64 UNIX CSPs Superseded in Previous Kits The numbers in the following tables represent Tru64 UNIX CSPs that were included in previous kits. Table 6-2 Superseded CSPs 00021.00 to 00283.00 Patch C 00021.00 Patch C 00027.00 Patch C 00028.00 Patch C 00029.00 Patch C 00030.00 Patch C 00031.02 Patch C 00034.00 Patch C 00037.00 Patch C 00039.00 Patch C 00041.00 Patch C 00042.00 Patch C 00044.00 Patch C 00051.00 Patch C 00052.00 Patch C 00062.00 Patch C 00063.00 Patch C 00066.00 Patch C 00067.
Table 6-3 Superseded CSPs 00283.01 to 00543.00 Patch C 00283.01 Patch C 00287.00 Patch C 00287.01 Patch C 00288.00 Patch C 00290.00 Patch C 00290.01 Patch C 00291.00 Patch C 00292.00 Patch C 00295.00 Patch C 00296.00 Patch C 00297.00 Patch C 00298.00 Patch C 00299.00 Patch C 00300.00 Patch C 00300.02 Patch C 00300.03 Patch C 00300.04 Patch C 00302.00 Patch C 00302.01 Patch C 00302.02 Patch C 00302.03 Patch C 00303.00 Patch C 00307.00 Patch C 00308.00 Patch C 00308.01 Patch C 00309.03 Patch C 00311.
Table 6-4 Superseded CSPs 00545.00 to 00855.01 Patch C 00545.00 Patch C 00548.00 Patch C 00549.00 Patch C 00552.00 Patch C 00553.00 Patch C 00555.00 Patch C 00556.00 Patch C 00556.01 Patch C 00561.00 Patch C 00562.00 Patch C 00563.00 Patch C 00563.01 Patch C 00564.00 Patch C 00564.01 Patch C 00564.02 Patch C 00567.00 Patch C 00570.00 Patch C 00575.00 Patch C 00583.00 Patch C 00586.00 Patch C 00594.00 Patch C 00599.00 Patch C 00600.00 Patch C 00602.00 Patch C 00603.00 Patch C 00607.00 Patch C 00608.
Table 6-5 Superseded CSPs 00856.00 to 01107.00 Patch C 00856.00 Patch C 00856.01 Patch C 00858.00 Patch C 00859.00 Patch C 00861.00 Patch C 00863.00 Patch C 00865.00 Patch C 00867.00 Patch C 00867.02 Patch C 00868.00 Patch C 00869.00 Patch C 00872.05 Patch C 00875.03 Patch C 00876.01 Patch C 00878.03 Patch C 00880.00 Patch C 00881.00 Patch C 00882.00 Patch C 00883.00 Patch C 00884.00 Patch C 00884.01 Patch C 00885.00 Patch C 00885.01 Patch C 00886.00 Patch C 00887.00 Patch C 00888.00 Patch C 00889.
Table 6-6 Superseded CSPs 00538.01 to 01361.02 Patch C 00538.01 Patch C 00833.00 Patch C 00933.02 Patch C 00999.00 Patch C 01018.00 Patch C 01020.00 Patch C 01028.00 Patch C 01035.00 Patch C 01039.00 Patch C 01046.00 Patch C 01053.00 Patch C 01080.00 Patch C 01087.00 Patch C 01094.00 Patch C 01094.01 Patch C 01101.00 Patch C 01101.01 Patch C 01114.01 Patch C 01114.02 Patch C 01114.03 Patch C 01121.01 Patch C 01130.01 Patch C 01132.00 Patch C 01133.00 Patch C 01134.00 Patch C 01137.00 Patch C 01138.
Table 6-7 Superseded CSPs 01362.00 to Patch C 01934.00 Patch C 01362.00 Patch C 01362.02 Patch C 01363.04 Patch C 01375.00 Patch C 01376.00 Patch C 01379.00 Patch C 01380.00 Patch C 01380.01 Patch C 01382.00 Patch C 01383.00 Patch C 01384.00 Patch C 01385.00 Patch C 01387.00 Patch C 01388.00 Patch C 01388.02 Patch C 01389.00 Patch C 01389.06 Patch C 01389.07 Patch C 01389.10 Patch C 01389.11 Patch C 01389.12 Patch C 01389.15 Patch C 01389.16 Patch C 01392.00 Patch C 01393.00 Patch C 01395.00 Patch C 01397.
Table 6-7 Superseded CSPs 01362.00 to Patch C 01934.00 (continued) Patch C 01445.00 Patch C 01448.00 Patch C 01449.00 Patch C 01450.00 Patch C 01450.01 Patch C 01451.00 Patch C 01454.00 Patch C 01455.00 Patch C 01455.01 Patch C 01456.00 Patch C 01456.01 Patch C 01546.00 Patch C 01551.00 Patch C 01552.00 Patch C 01552.01 Patch C 01563.00 Patch C 01564.00 Patch C 01565.00 Patch C 01569.00 Patch C 01570.00 Patch C 01581.00 Patch C 01582.00 Patch C 01721.00 Patch C 01722.00 Patch C 01727.00 Patch C 01728.
Table 6-9 TruCluster CSPs Superseded in Previous V5.1B Kits Patch C 00005.00 Patch C 00008.00 Patch C 00009.00 Patch C 00010.00 Patch C 00014.00 Patch C 00014.01 Patch C 00017.00 Patch C 00017.01 Patch C 00017.02 Patch C 00020.00 Patch C 00020.01 Patch C 00022.00 Patch C 00024.00 Patch C 00027.00 Patch C 00027.01 Patch C 00029.00 Patch C 00029.01 Patch C 00030.02 Patch C 00031.00 Patch C 00032.00 Patch C 00033.00 Patch C 00034.00 Patch C 00036.00 Patch C 00037.00 Patch C 00037.01 Patch C 00039.
Table 6-9 TruCluster CSPs Superseded in Previous V5.1B Kits (continued) Patch C 00068.00 Patch C 00069.00 Patch C 00069.01 Patch C 00071.00 Patch C 00072.00 Patch C 00073.00 Patch C 00076.00 Patch C 00078.00 Patch C 00079.00 Patch C 00081.00 Patch C 00082.00 Patch C 00083.00 Patch C 00083.01 Patch C 00181.00 Patch C 00181.01 Patch C 00182.00 Patch C 00188.00 Patch C 00190.00 Patch C 00193.00 Patch C 00193.01 Patch C 00193.02 Patch C 00194.00 Patch C 00194.01 Patch C 00197.01 Patch C 00199.01 Patch C 00200.
A Setting Up an Enhanced Distance Cluster An Enhanced Distance Cluster allows a cluster to be extended between two sites up to 100 km apart to assist recovery in the event of a disaster. An Enhanced Distance Cluster provides basic high availability services in the event of the loss of a single component.
• The cluster root (/), /usr, and /var file systems must be located within the same site. • All SAN-attached storage must be shared and directly accessible — not over the cluster inter-site connection but via the SAN — from all nodes at both sites. • The storage must be configured with remote data replication software (such as XP Continuous Access). Data replication is required in order to provide the ability to boot the site that does not contain the cluster file systems following a disaster event.
Figure A-1 Enhanced Distance Cluster Configuration A.2 Enhanced Distance Cluster Restrictions Although an Enhanced Distance Cluster provides basic high availability between remote sites at greater distances, there are additional restrictions necessary to reduce the volume of data and its latency. Issues and restrictions are as follows: • The use of the Logical Storage Manager (LSM) to mirror user data or system disk/data in an Enhanced Distance Cluster configuration is prohibited.
A.3 Enhanced Distance Cluster Recommendations Although Enhanced Distance Cluster configurations provide access from both sites to all shared data storage in the system, the volume of traffic to off-site storage, either through the storage or cluster inter-site connections, should be minimized to maintain performance levels. Therefore, you should be aware of the following recommendations are applicable. Not following these recommendations can have detrimental effect on system performance and availability.
B Prior Patch Installation Changes Beginning with Version 5.1B-2, we changed the way Tru64 UNIX patch kits are installed and removed, and Version 5.1B-3 introduced additional changes. The following sections describe these changes. See the Patch Kit Installation Instructions manual for complete information about installing, removing, and managing Tru64 UNIX patch kits. B.1 Changes Made in Version 5.1B-3 If you did not install Version 5.
• Fewer patches displayed Because of the way these new patch kits are designed, you will see many fewer patches listed by dupatch during the installation process. For example, a partial listing you see will be similar to the following: - Tru64_UNIX_V5.1B / Security Related Patches: * Patch 27001.00 - SP04 OSFACCT540 * Patch 27002.00 - SP04 OSFADVFS540 (SSRT2275) * Patch 27003.
C Component Licensing This appendix provides the licenses for software components included in this kit. C.1 HP Tru64 UNIX Version 5.1B-5 Consolidated Patch Kit ATTENTION: USE OF THE SOFTWARE IS SUBJECT TO THE HP Tru64 UNIX Version 5.1B-5 Consolidated Patch Kit SOFTWARE LICENSE AGREEMENT BELOW. YOU MUST REVIEW THE AGREEMENT AND EITHER ACCEPT OR NOT ACCEPT THE AGREEMENT. IF YOU DO NOT ACCEPT THE AGREEMENT, YOU MAY NOT USE THE SOFTWARE.
terms set forth herein. 2. LICENSE GRANT a) Provided that Customer has a valid software license to use HP Tru64 UNIX Version 5.1B-5 (as described below), HP grants Customer a world-wide, non-exclusive license to Use the object code version of the Software so long as it is used solely in conformance with: 1) the terms set forth herein; and 2) HP's third party suppliers' terms that accompany the Software.
copying or adaptation is an essential step in the authorized Use of the Software on a backup Device, provided that copies and adaptations are used in no other manner and provided further that the Use on the backup Device is discontinued when the original or replacement Device becomes operable. c) Customer must reproduce all copyright notices and other proprietary legends in or on the original Software on all permitted copies or adaptations.
government prime contract or subcontract, Customer agrees that Software has been developed entirely at private expense. Customer agrees that Software, and any derivatives or modifications, is adequately marked when the Restricted Rights Legend below is affixed to the Software or to its storage media and is perceptible directly or with the aid of a machine or device.
unenforceable, the validity or enforceability of the remainder of the terms or provisions herein will remain in full force and effect. Provisions herein which by their nature extend beyond the termination of any license of Software will remain in effect until fulfilled. e) These HP Software License Terms supersede any previous communications, representations or agreements between the parties, whether oral or written, regarding transactions hereunder.
or otherwise in an unclean environment. Disclaimer. TO THE EXTENT ALLOWED BY LOCAL LAW, THE ABOVE WARRANTIES ARE EXCLUSIVE AND NO OTHER WARRANTY OR CONDITION, WHETHER WRITTEN OR ORAL, IS EXPRESSED OR IMPLIED. HP SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT, TITLE, ACCURACY OF INFORMATIONAL CONTENT, AND FITNESS FOR A PARTICULAR PURPOSE. HP DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SOFTWARE WILL MEET YOUR REQUIREMENTS.
INDICATE YOUR ACCEPTANCE OF THE AGREEMENT. IF YOU PRESS THE CHARACTER "n" AND DO NOT ACCEPT THE AGREEMENT, THEN YOU ARE NOT GRANTED A LICENSE TO THE SOFTWARE, YOU ARE NOT AUTHORIZED TO USE THE SOFTWARE, AND YOU MAY NOT DOWNLOAD THE SOFTWARE. C.2 Apache License Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions.
communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution.
as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions.
same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.
C.2.1.2 modules\mappers\mod_imap.c component "macmartinized" polygon code copyright 1992 by Eric Haines, erich@eye.com C.2.1.3 server\util_md5.c NCSA HTTPd Server Software Development Group National Center for Supercomputing Applications University of Illinois at Urbana-Champaign 605 E. Springfield, Champaign, IL 61820 httpd@ncsa.uiuc.edu Copyright (C) 1995, Board of Trustees of the University of Illinois md5.c: NCSA HTTPd code which uses the md5c.
of an authorized representative of Bellcore. BELLCORE MAKES NO REPRESENTATIONS ABOUT THE ACCURACY OR SUITABILITY OF THIS MATERIAL FOR ANY PURPOSE. IT IS PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. C.2.1.4 srclib\apr\include\apr_md5.h component This is work is derived from material Copyright RSA Data Security, Inc. The RSA copyright statement and Licence for that original material is included below.
Security, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing the derived work. RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind. These notices must be retained in any copies of any part of this documentation and/or software. C.2.1.
License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD4 Message-Digest Algorithm" in all material mentioning or referencing this software or this function. License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD4 Message-Digest Algorithm" in all material mentioning or referencing the derived work. RSA Data Security, Inc.
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
C.2.1.12 PCRE Component PCRE is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. Written by: Philip Hazel ph10@cam.ac.uk University of Cambridge Computing Service, Cambridge, England. Phone: +44 1223 334714. Copyright (c) 1997-2001 University of Cambridge Permission is granted to anyone to use this software for any purpose on any computer system, and to redistribute it freely, subject to the following restrictions: 1.
including but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall Zeus Technology Ltd. be liable for any direct, indirect, incidental, special, exemplary, or consequential damaged (including, but not limited to, procurement of substitute good or services; loss of use, data, or profits; or business interruption) however caused and on theory of liability.
* * * * * * * * * * * * * * * * * * * * details, please contact Office of Technology Transfer Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA 15213-3890 (412) 268-4387, fax: (412) 268-7395 tech-transfer@andrew.cmu.edu 4. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by Computing Services at Carnegie Mellon University (http://www.cmu.edu/computing/).
1.3. "Covered Code" means the Original Code or Modifications or the combination of the Original Code and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted in the software development community for the electronic transfer of data. 1.5. "Executable" means Covered Code in any form other than Source Code. 1.6.
For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. Source Code License. 2.1. The Initial Developer Grant.
the Covered Code. (d) Notwithstanding Section 2.
party making the claim in sufficient detail that a recipient will know whom to contact. If Contributor obtains such knowledge after the Modification is made available as described in Section 3.2, Contributor shall promptly modify the LEGAL file in all copies Contributor makes available thereafter and shall take other steps (such as notifying appropriate mailing lists or newsgroups) reasonably calculated to inform those who received the Covered Code that new knowledge has been obtained. (b) Contributor APIs.
License. If You distribute the Executable version under a different license You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or any Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.7. Larger Works.
Developer, Original Code or Contributor in the notice described in Exhibit A shall not of themselves be deemed to be modifications of this License.) 7. DISCLAIMER OF WARRANTY. COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING.
by license or settlement) prior to the initiation of patent infringement litigation, then the reasonable value of the licenses granted by such Participant under Sections 2.1 or 2.2 shall be taken into account in determining the amount or value of any payment or license. 8.4. In the event of termination under Sections 8.1 or 8.
License. 12. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. 13. MULTIPLE-LICENSED CODE.
C.5 OpenLDAP License Copyright 1998-2004 The OpenLDAP Foundation All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. A copy of this license is available in the file LICENSE in the top-level directory of the distribution or, alternatively, at < http://www.OpenLDAP.org/license.html. OpenLDAP is a registered trademark of the OpenLDAP Foundation.
Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. C.
notice, this list of conditions and the following disclaimer. (ii) Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. (iii) Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 6.
Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship.
that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of th
the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License.
Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price.
covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1.
with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3.
the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7.
later version", you have the either of that version or of Software Foundation. If the this License, you may choose Foundation. option of following the terms and conditions any later version published by the Free Program does not specify a version number of any version ever published by the Free Software 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission.
C.9 TCL License This software is copyrighted by the California, Sun Microsystems, Inc., other parties. The following terms with the software unless explicitly Regents of the University of Scriptics Corporation, and apply to all files associated disclaimed in individual files.
"Package" refers to the collection of files distributed by the Copyright Holder, and derivatives of that collection of files created through textual modification. "Standard Version" refers to such a Package if it has not been modified, or has been modified in accordance with the wishes of the Copyright Holder as specified below. "Copyright Holder" is whoever is named in the copyright or copyrights for the package. "You" is you, if you're thinking about copying or distributing this Package.
image, then distribution of such an image shall neither be construed as a distribution of this Package nor shall it fall under the restrictions of Paragraphs 3 and 4, provided that you do not represent such an executable image as a Standard Version of this Package. 7.