Patch-ID# 106257-07 Keywords: security libpam.so.1 protocol login pam_start pam_unix.so.1 umask Synopsis: SunOS 5.6: /usr/bin/passwd and /usr/lib/libpam.so.1 patch Date: Nov/26/2002 Install Requirements: Reboot after installation Solaris Release: 2.6 SunOS Release: 5.6 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 106258 Topic: SunOS 5.6: /usr/bin/passwd and /usr/lib/libpam.so.1 patch NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. Relevant Architectures: sparc BugId's fixed with this patch: 1236638 4081309 4092227 4099458 4112403 4112707 4115618 4118458 4131997 4136479 4144819 4172457 4223215 4240863 4284795 4392250 4462175 Changes incorporated in this version: 4240863 Patches accumulated and obsoleted by this patch: 106271-10 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/nispasswd /usr/bin/passwd /usr/bin/yppasswd /usr/include/security/pam_appl.h /usr/lib/libpam.so.1 /usr/lib/security/pam_unix.so.1 Problem Description: 4240863 libpam - password mgmt does not work when sufficient is flag in /etc/pam.conf (from 106257-06) 4284795 when passwd is given the -r option, it ignores /etc/pam.conf (from 106257-05) 4092227 pam_conv appdata_ptr member is not passed thru to conv() function as documented (from 106257-04) 4136479 pam framework libraries should be "purify'ed" (from 106257-03) 4131997 pam_start() fails when the application has more than 255 open file descriptors (from 106257-02) 4081309 *login* no longer accepts white space separated env vars on input (from 106257-01) 4115618 passwd aging msgs cause "protocol error. connection closed" msg from in.rshd (from 106271-10) 4284795 when passwd is given the -r option, it ignores /etc/pam.conf (from 106271-09) 4462175 *passwd* -g option does not work as advertised (from 106271-08) 4144819 passwd(1) should call getpassphrase() as login does (from 106271-07) 4392250 "passwd -r nis -e user" causes rpc.yppasswdd down. 4112707 Password expiration (passwd -f) doesn't work correctly (from 106271-06) 4223215 Can login without passwd prompt though PASSREQ=YES in /etc/default/login (from 106271-05) 4172457 passwd -e can change user shell without /etc/shells (from 106271-04) 4136479 pam framework libraries should be "purify'ed" 4112403 nispasswd[#####]: NIS+ fatal error: 19 (from 106271-03) 4118458 Passwd_compat: nisplus on 2.6 needs two login tries to succeed (from 106271-02) 1236638 *passwd* shadow file occasionally gets deleted in large user environment (from 106271-01) 4099458 *csh* default umask overridden when entering csh after root uses passwd -f Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- Reboot system after patch installation. NOTE 1: To get the complete fix for bug 4081309 (login no longer accepts a white space separated env vars on input), we also recommend installation of the /usr/bin/login patch, 105665-02, or newer. README -- Last modified date: Tuesday, November 26, 2002