Patch-ID# 117825-03 Keywords: security wbem administration lastchg password smc http viper library Synopsis: Trusted_Solaris_8_HW_12/02_x86: SMC patch Date: Aug/04/2004 Install Requirements: Reboot after installation Solaris Release: Trusted_Solaris_8_HW_12/02_x86 SunOS Release: Trusted_Solaris_8_HW_12/02_x86 Unbundled Product: Unbundled Release: Xref: This patch is available for SPARC as patch 117824 Topic: Trusted_Solaris_8_HW_12/02_x86: SMC patch Relevant Architectures: i386 BugId's fixed with this patch: 4766108 5070621 5074119 Changes incorporated in this version: 5074119 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/sadm/lib/smc/lib/preload/jsdk21.jar /usr/sadm/lib/wbem/solarisprovider.jar Problem Description: 5074119 Backport security fix 4947668 for smc to Trusted Solaris (from 117825-02) 5070621 Users unlocked by the admin are not required to set a password for min age days (from 117825-01) 4766108 TS8: password change through smc wipes out last change field Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Trusted Solaris. Any other special or non-generic installation instructions should be described below as special instructions. For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- NOTE 1: Reboot the system after all the patches are installed. The steps below assume the patch has been put into an ADMIN_LOW directory in /var/tmp and the patch file label is configured to ADMIN_LOW. Create a role which contains the Software Installation profile (typically admin role is assigned this profile) and whose label range includes the ADMIN_LOW label. All the steps in the patch installation should be executed at ADMIN_LOW. The patch should be owned by this role. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. To verify the profile is assigned to the role, type: "profiles -l | grep patchadd". The result should be: /usr/sbin/patchadd uid=0, privs=all, label=admin_low 2) cd into /var/tmp and install the patch file. # cd /var/tmp # patchadd /var/tmp/ where is the patch number. Special Backout Instructions: ----------------------------- NOTE 1: Reboot the system after all the patches are removed. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. To verify the profile is assigned to the role, type: "profiles -l | grep patchrm". The result should be: /usr/sbin/patchrm uid=0, privs=all, label=admin_low 2) Backout patch by typing: # patchrm where is the patch number. README -- Last modified date: Wednesday, August 4, 2004