Patch-ID# 106258-07 Keywords: security libpam.so.1 protocol login pam_start pam_unix.so.1 umask Synopsis: SunOS 5.6_x86: /usr/bin/passwd and /usr/lib/libpam.so.1 patch Date: Nov/26/2002 Install Requirements: Reboot after installation Solaris Release: 2.6_x86 SunOS Release: 5.6_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 106257 Topic: SunOS 5.6_x86: /usr/bin/passwd and /usr/lib/libpam.so.1 patch NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. Relevant Architectures: i386 BugId's fixed with this patch: 1236638 4081309 4092227 4099458 4112403 4112707 4115618 4118458 4131997 4136479 4144819 4172457 4223215 4240863 4284795 4392250 4462175 Changes incorporated in this version: 4240863 Patches accumulated and obsoleted by this patch: 106272-09 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/nispasswd /usr/bin/passwd /usr/bin/yppasswd /usr/include/security/pam_appl.h /usr/lib/libpam.so.1 /usr/lib/security/pam_unix.so.1 Problem Description: 4240863 libpam - password mgmt does not work when sufficient is flag in /etc/pam.conf (from 106258-06) 4284795 when passwd is given the -r option, it ignores /etc/pam.conf (from 106258-05) 4092227 pam_conv appdata_ptr member is not passed thru to conv() function as documented (from 106258-04) 4136479 pam framework libraries should be "purify'ed" (from 106258-03) 4131997 pam_start() fails when the application has more than 255 open file descriptors (from 106258-02) 4081309 *login* no longer accepts white space separated env vars on input (from 106258-01) 4115618 passwd aging msgs cause "protocol error. connection closed" msg from in.rshd (from 106272-09) 4462175 *passwd* -g option does not work as advertised (from 106272-08) 4144819 passwd(1) should call getpassphrase() as login does (from 106272-07) 4112707 Password expiration (passwd -f) doesn't work correctly 4392250 "passwd -r nis -e user" causes rpc.yppasswdd down. (from 106272-06) 4223215 Can login without passwd prompt though PASSREQ=YES in /etc/default/login (from 106272-05) 4172457 passwd -e can change user shell without /etc/shells (from 106272-04) 4136479 pam framework libraries should be "purify"ed 4112403 nispasswd[#####]: NIS+ fatal error: 19 (from 106272-03) 4118458 Passwd_compat: nisplus on 2.6 needs two login tries to succeed (from 106272-02) 1236638 *passwd* shadow file occasionally gets deleted in large user environment (from 106272-01) 4099458 *csh* default umask overridden when entering csh after root uses passwd -f Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- Reboot system after patch installation. NOTE 1: To get the complete fix for bug 4081309 (login no longer accepts a white space separated env vars on input), we also recommend installation of the /usr/bin/login patch, 105666-02, or newer. README -- Last modified date: Tuesday, November 26, 2002