Patch-ID# 104968-02 Keywords: security chkey newkey buffer overflow NIS+ domain server Synopsis: SunOS 5.5.1: chkey and newkey patch Date: Jan/20/98 Solaris Release: 2.5.1 SunOS Release: 5.5.1 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 104969 Topic: SunOS 5.5.1: chkey and newkey patch NOTE: If you are installing this patch to fix the "non-root NIS+ server not living in domain it serves" problem, you will also need to install the libnsl/NIS+ commands patch (103612-36 or higher). You will also need to install the kernel patch (103640-17 or higher) if you are installing this patch on a NIS+ server that is either a Secure NFS client or server. Refer to the "Special Instructions" section of this document for instructions on how to setup the non-root NIS+ server to live in the domain it serves. BugId's fixed with this patch: 1168376 4053189 Changes incorporated in this version: 1168376 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/chkey /usr/bin/keylogin /usr/sbin/newkey Problem Description: 1168376 NIS+ servers should be allowed to be in the domain they serve. (from 104968-01) 4053189 chkey and newkey has buffer overflow Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- NOTE: If you are installing this patch to fix the "non-root NIS+ server not living in domain it serves" problem, you will also need to install the libnsl/NIS+ commands patch (103612-36 or higher). You will also need to install the kernel patch (103640-17 or higher) if you are installing this patch on a NIS+ server that is either a Secure NFS client or server. Instructions on how to set up the non-root NIS+ server to live in the domain it serves: Setting up an existing non-root NIS+ server: 1. Install the libnsl/NIS+ commands patch (103612-36 or higher) on the non-root NIS+ server. Also install the kernel patch (103640-17 or higher) if this server is either a Secure NFS client or server. 2. Change the /etc/defaultdomain on the server to the domain it serves. 3. Reboot the server. Setting up a new non-root NIS+ server: 1. Set up the server as described in the NIS+ docs. 2. Install the libnsl/NIS+ commands patch (103612-36 or higher) on this new NIS+ server. Also install the kernel patch (103640-17 or higher) if this server is either a Secure NFS client or server. 3. Change the /etc/defaultdomain on the server to the domain it serves. 4. Reboot the server.