Patch-ID# 116935-02 Keywords: over-the-wire mac autofs redundant "gang mount" Synopsis: Trusted_Solaris_8_HW_7/03_x86: automountd patch Date: Jun/30/2004 Install Requirements: Reboot after installation Solaris Release: Trusted_Solaris_8_HW_7/03_x86 SunOS Release: Trusted_Solaris_8_HW_7/03_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 116934 Topic: Trusted_Solaris_8_HW_7/03_x86: automountd patch Relevant Architectures: i386 BugId's fixed with this patch: 4926203 5016234 5018531 5028607 5056435 Changes incorporated in this version: 5016234 5018531 5028607 5056435 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/lib/autofs/automountd /usr/lib/secpolicy/automount/automount.kpolicy-tsol.so Problem Description: 5016234 replicated automount servers don't work if one is up but not sharing 5018531 Setting ndd tsol_unlab_equal_only breaks replicated file systems 5028607 automountd still sends otw for replicated mounts 5056435 automountd coding error has tiny chance of confusing configuration debugging (from 116935-01) 4926203 Disallow auto-mounts triggered for dominating file systems Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Trusted Solaris. Any other special or non-generic installation instructions should be described below as special instructions. For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- NOTE 1: For these changes to take effect, automountd must be stopped and restarted. Restart the automounter daemon by rebooting the system or by performing the following with all privileges at ADMIN_LOW as uid 0 after the patch installation is complete: /etc/init.d/autofs stop /etc/init.d/autofs start & NOTE 2: To replicate automount at labels other than ADMIN_LOW, set the ndd switch tsol_unlab_equal_only to 1 only if the PRIV_NET_BROADCAST privilege is assigned to any relevant profiles which include automountd. As shipped, automountd is included in the boot profile and the File System Management profile. The steps below assume the patch has been put into an ADMIN_LOW directory in /var/tmp and the patch file label is configured to ADMIN_LOW. Create a role which contains the Software Installation profile (typically admin role is assigned this profile) and whose label range includes the ADMIN_LOW label. All the steps in the patch installation should be executed at ADMIN_LOW. The patch should be owned by this role. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. To verify the profile is assigned to the role, type: "profiles -l | grep patchadd". The result should be: /usr/sbin/patchadd uid=0, privs=all, label=admin_low 2) cd into /var/tmp and install the patch file. # cd /var/tmp # patchadd /var/tmp/ where is the patch number. Special Backout Instructions: ----------------------------- NOTE 1: Reboot the system after the patches are removed. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. To verify the profile is assigned to the role, type: "profiles -l | grep patchrm". The result should be: /usr/sbin/patchrm uid=0, privs=all, label=admin_low 2) Backout patch by typing: # patchrm where is the patch number. README -- Last modified date: Wednesday, June 30, 2004