Patch-ID# 105703-29 Keywords: security logins dtlogin memory leak system calls sdt_shell Synopsis: CDE 1.2: dtlogin patch Date: Feb/14/2005 Install Requirements: See Special Install Instructions Reboot immediately after patch is installed Solaris Release: 2.6 SunOS Release: 5.6 Unbundled Product: CDE Unbundled Release: 1.2 Xref: This patch available for x86 as patch 105704 Topic: CDE 1.2: dtlogin patch Relevant Architectures: sparc BugId's fixed with this patch: 4072784 4080371 4091713 4093361 4093449 4094335 4143011 4143597 4148983 4149575 4150575 4154520 4178402 4178408 4178415 4178431 4179987 4184874 4185947 4189472 4190072 4190214 4205939 4213502 4225029 4225037 4233316 4236871 4237848 4239275 4240836 4245814 4248888 4250335 4259869 4262368 4263325 4267545 4273928 4274081 4275495 4276326 4293300 4346072 4840141 5022437 Changes incorporated in this version: 5022437 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/dt/bin/Xsession /usr/dt/bin/dtchooser /usr/dt/bin/dtgreet /usr/dt/bin/dtlogin /usr/dt/bin/sdt_shell /usr/dt/config/Xinitrc.ow /usr/dt/config/Xsession.ow /usr/dt/config/Xsetup /usr/dt/config/Xstartup /usr/dt/config/images/Solaris.im8 /usr/dt/config/images/Solaris.im8g.Z Problem Description: 5022437 dtlogin crash on bogus XDMCP request (from 105703-28) 4840141 /usr/dt/bin/Xsession makes invalid assumptions for hostname.domain (from 105703-27) 4245814 Unnecessary system calls in sdt_shell (from 105703-26) 4233316 dtlogin has memory leak (from 105703-25) 4274081 Non-root logins become and remain effective owner of /usr/openwin/bin/ (from 105703-24) 4179987 dtlogin has umask incorrect using mask 002 instead of 022 that user set (from 105703-23) 4346072 dtlogin hangs and crashes under high system load (from 105703-22) 4072784 change "sdtdbcache" to "dtdbcache" (from 105703-21) 4262368 Simultaneous specification of remote host may not work (from 105703-20) 4276326 Dtlogin patch 107180-12 won't allow connections to indirect CDE_login_host 4293300 Password prompt is not displayed after user name is entered (from 105703-19) 4185947 On PGX32 with depth 8+24, Solaris logo has colormap corruption (from 105703-18) 4275495 When remote login fails in ChooseHostFromList, users cannot go anywhere 4267545 SUNRAY: dtlogin - remote login -> "Choose host From List" 4273928 Xserver for remote connection not killed on closedown (from 105703-17) 4263325 dtlogin still has problems with SIGCLD when PAM is used (from 105703-16) 4259869 Dtlogin does not present login screen after return from remote login (from 105703-15) 4237848 Action 'Return to Local Host' sometimes does not work fine in dtllogin (from 105703-14) 4250335 3/3, cde/login - dtlogin misses SIGHUPs and won't bring up all of the configured (from 105703-13) 4248888 Dtlogin sometimes ignores all child death signals 4080371 dtlogin tmpfile vulnerability (refix) (from 105703-12) 4240836 Dtlogin sometimes ignores all child death signals 4239275 Primary dtlogin process can be killed when SIGUP/SIGUSR1 collide (from 105703-11) 4236871 In large configuration, all Corona units do not come up with BYPASS_LOGIN (from 105703-10) 4225029 dtlogin fails to protect for the receipt of SIGHUP at start-up 4225037 dtlogin sends unnecessary SIGHUPs to dtgreet processes 4213502 X server can not open display, after coming back from remote window (from 105703-09) 4205939 dtlogin sometimes fails to restart X servers (from 105703-08) 4149575 tt_open() in helpviewer does not work under a system with 2 ip ports 4143597 dtlogin only supports three X servers on a system 4154520 INTEL: dtlogin fails to detect Xsun on fast machines 4178402 Xsession.ow doesn't check for /etc/dt/config/Xsession 4178408 Xinitrc.ow pauses for 15 seconds before starting desktop apps. 4178415 Xsession runs fbconsole program on non-console X sessions 4178431 dtlogin runs fbconsole program on non-console X Sessions 4184874 SIGHUP to dtlogin(1) kills essential system services 4189472 dtlogin(1) may fail to start Xservers when reconfigured 4190072 Error in SIGUP processing in dtlogin 4190214 dtlogin close down does not work correctly (from 105703-07) 4148983 Cannot start command line login (from 105703-06) 4080371 dtlogin tmpfile vulnerability (from 105703-05) 4150575 dtlogin fails to set user authorization correctly when there are more than 64 virtual interfaces 4094335 dtlogin cannot return to normal behavior after dtchooser (from 105703-04) 4143011 Contents of /var/dt/Xerrors displays garbage instead of useful info (from 105703-03) 4093361 environment variables don't get set through pam_putenv() (from 105703-02) 4091713 CDE-PAM interaction on sol 2.6. (from 105703-01) 4093449 dtlogin core dumps due to memory freed twice in manage(). Patch Installation Instructions: -------------------------------- Generic 'installpatch' and 'backoutpatch' scripts are provided within each patch package with instructions appended to this section. Other specific or unique installation instructions may also be necessary and should be described below. Special Install Instructions: ----------------------------- NOTE 1: If the system that this patch is being applied to is a SunRay server, then a reboot is required after the patch is installed. NOTE 2: To get the fix for any bug which affects /usr/dt/bin/dtlogin, all dtlogin processes, including the parent dtlogin process, must be stopped and restarted. On a SunRay server, the recommended procedure is to reboot the server. For all other workstations or servers, execute the following command as root: /usr/dt/config/dtlogin.rc stop sleep 60 /usr/dt/config/dtlogin.rc start README -- Last modified date: Monday, February 14, 2005