SCO OpenServer Release 6.0.0 Maintenance Pack 1 Release and Installation Notes SCO OpenServer(tm) Release 6.0.0 Maintenance Pack 1 (MP1) contains important fixes for your SCO OpenServer Release 6.0.0 system and should be applied at your next maintenance period. Once installed, it is strongly recommended that you do not remove the operating system updates installed with the Maintenance Pack. These Release and Installation Notes contain critical information that you need to know before and after installing MP1. Please read them entirely, and also check the SCO OpenServer Release 6.0.0 Late News web site, before beginning to install MP1. Late News can be found at: http://www.sco.com/support/docs/openserver. This document contains the following sections: Before Installing the Maintenance Pack Installing the Maintenance Pack Installing the Maintenance Pack from Downloaded Media Images Installing the Maintenance Pack from CD-ROM Installing the Maintenance Pack from the Network Adding Software After Installing the Maintenance Pack Removing the Maintenance Pack Highlights of the Maintenance Pack Maintenance Pack Notes and Limitations Before Installing the Maintenance Pack -------------------------------------- Before installing MP1, note the following: * MP1 can only be installed on SCO OpenServer Release 6.0.0 systems. * Perform a full backup of your system and verify the integrity of the backup. It is always important to have a full system backup available before beginning any system update procedure. * MP1 contains updates to both base system components (installed with the RS600A Release Supplement), as well as separately installable updates to optional components: SCO OpenServer Release 6.0.0 Maintenance Pack 1 SCO OpenServer 600 Release Supplement RS600A rs600a - SCO OpenServer Operating System rs600a - SCO UNIX SVR5 Kernel rs600a - SCO TCP/IP rs600a - SCO NFS rs600a - SCO Network Interface Card Drivers rs600a - SCO UNIX Development System rs600a - SCO Online Documentation Utilities and Framework Mozilla Web Browser Apache Tomcat Servlet Container Java 2 Standard Edition SCOx language support While the components in RS600A are not separately selectable for installation, the updates for a particular component (such as the SCO UNIX Development System) will not be installed unless that component is already installed from the Release 6.0.0 media. So, for example, if you plan to install the Development System, you should install it from the Release 6.0.0 media before installing the Maintenance Pack. The other optional components (Mozilla, Tomcat, Java, and SCOx language support) can be installed whether the previous version is already installed or not. Installing the Maintenance Pack ------------------------------- You can acquire and install MP1: * by downloading the MP media images from either the SCO web site or FTP site . * from the SCO OpenServer Release 6.0.0 Supplement CD . If there are multiple systems on your TCP/IP network that require Maintenance Pack 1, you can load and install the MP on a software server and use it as a centralized distribution point. See ``Installing the Maintenance Pack from the Network'' for more information. Installing the Maintenance Pack from Downloaded Media Images To install the SCO OpenServer Release 6.0.0 MP1 from media images that you manually download: 1. Log in as root. 2. Download the Maintenance Pack from either the SCO web site or using FTP: * to use the web, go to the SCO OpenServer Release 6.0.0 Maintenance Pack web page: http://www.sco.com/support/update/download/release.php?rid=77 * to use FTP, go to the SCO Support Download Area: ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp1/ ------------------------------------------------------------------------ NOTE: Maintenance Pack 1 consists of a tar archive containing a number of media image files with names of the form VOL.000.000, VOL.000.001, and so forth. Because all maintenance packs use this same filename scheme, you should create a master directory with a unique subdirectory to store each maintenance pack. The master directory could be /usr/mp, /usr/spool/patches, or whatever suits your system layout. The master hierarchy should be writable by root only. ------------------------------------------------------------------------ 3. Download the 600mp1_vol.tar file and use this command to extract the media image files: tar xvf 600mp1_vol.tar 4. Start the Software Manager by double-clicking on its icon on the desktop, or by entering the following at the command-line prompt: scoadmin software 5. From the Software menu, select Install New. 6. When prompted for the host (machine), select the current host and then click on Continue. 7. Select Media Images as the Media Device, then click on Continue. (You may need to scroll down before you see the Media Images option.) 8. Enter the absolute pathname for the directory that contains the Maintenance Pack 1 media images. For example: /usr/spool/patches/600mp1 Select OK. 9. In the Install Selection window, make sure that the Maintenance Pack is selected (it will be highlighted and/or have an asterisk). Selecting Install now applies the entire Maintenance Pack to your system. You can also choose individual components from the Maintenance Pack by selecting the Expand button and choosing the software from the expanded list. The following software can be selected for individual install: SCO OpenServer 600 Release Supplement RS600A Mozilla Web Browser Java 2 Standard Edition (J2SE) Apache Tomcat Servlet Container SCOx language support Note that the Release Supplement is not required to install the other components; the Apache Tomcat Servlet Container requires that the Java 2 Standard Edition is installed. Select Install once you have selected all the software you want to install. 10. If you previously installed any of the components that are modified by the Maintenance Pack, you are notified that these components will be upgraded. Select Continue. Additionally, you are warned if certain packages in the Maintenance Pack will not be installed because the software they modify is not installed on your system. Select Continue. ------------------------------------------------------------------------ WARNING: The Software Manager displays one or more warnings if the Maintenance Pack contains fixes for software features that are not currently installed on your system. If you do not plan to install the affected package, you can ignore such messages and click on Continue. However, if you do plan to install this package later, you should stop the install process, install the package in question from the installation media, and restart the Maintenance Pack installation. This ensures the fixes are applied properly (and avoids potential problems). If any Maintenance Pack fixes were not installed because the corresponding feature was not present, the Software Manager shows the Maintenance Pack as only partially installed. This is normal. ------------------------------------------------------------------------ 11. When the installation is complete, click on OK. The Software Manager lists Maintenance Pack 1 among the installed software. 12. Exit the Software Manager by selecting the Host menu, then Exit. 13. Reboot the machine: shutdown -i6 -g0 -y Installing the Maintenance Pack from CD-ROM To install SCO OpenServer Release 6.0.0 Maintenance Pack 1 from the SCO OpenServer Release 6.0.0 Supplement CD: 1. Log in as root. 2. Insert the SCO OpenServer Release 6.0.0 Supplement CD into the drive. 3. Start the Software Manager by double-clicking on its icon on the desktop, or by entering the following at the command-line prompt: scoadmin software 4. From the Software menu, select Install New. 5. When prompted for the host (machine), select the current host and then click on Continue. 6. Select the appropriate CD-ROM drive as the Media Device, then click on Continue. 7. In the Install Selection window, make sure that the Maintenance Pack is selected (it will be highlighted and/or have an asterisk). Selecting Install now applies the entire Maintenance Pack to your system. You can also choose individual components from the Maintenance Pack by selecting the Expand button and choosing the software from the expanded list. The following software can be selected for individual install: SCO OpenServer 600 Release Supplement RS600A Mozilla Web Browser Java 2 Standard Edition (J2SE) Apache Tomcat Servlet Container SCOx language support Note that the Release Supplement RS600A is not required to install the other components; the Apache Tomcat Servlet Container requires that the Java 2 Standard Edition is installed. Select Install once you have selected all the software you want to install. 8. If you previously installed any of the components that are modified by the Maintenance Pack, you are notified that these components will be upgraded. Select Continue. ------------------------------------------------------------------------ WARNING: The Software Manager displays one or more warnings if the Maintenance Pack contains fixes for software features that are not currently installed on your system. If you do not plan to install the affected package, you can ignore such messages and click on Continue. However, if you do plan to install this package later, you should stop the install process, install the package in question from the installation media, and restart the Maintenance Pack installation. This ensures the fixes are applied properly (and avoids potential problems). If any Maintenance Pack fixes were not installed because the corresponding feature was not present, the Software Manager shows the Maintenance Pack as only partially installed. This is normal. ------------------------------------------------------------------------ 9. When the installation is complete, click on OK. The Software Manager lists Maintenance Pack 1 among the installed software. 10. Exit the Software Manager by selecting the Host menu, then Exit. 11. Reboot the machine: shutdown -i6 -g0 -y Installing the Maintenance Pack from the Network You can install MP1 from one SCO OpenServer system onto another across a TCP/IP network. On the server side, to enable: 1. In the simplest case, install MP1 on the system that you want to use as the software server using one of the installation procedures described under ``Installing the Maintenance Pack'' . 2. Use the Account Manager (scoadmin account) to create a login account named swadmin. When a client system attempts to remotely install software from the server system, this password must be supplied by the client to authenticate the connection. If this account already exists and the password has been forgotten, use the Account Manager to define a new password. On the client side, to install the Maintenance Pack from the server: 1. Start the Software Manager and select Install New. 2. In the Begin Installation window, you are prompted for the source location of the Maintenance Pack. Select From Another Host. 3. Type in the network node name of the software server and the password for the swadmin account on the software server. 4. Proceed with the installation as shown in the previous section, beginning with Step 7 . For more information, including how to load the Maintenance Pack on a server without installing it, see ``Installing and managing software over the network'' in the online documentation under ``Installation and Licensing''. Adding Software After Installing the Maintenance Pack To add software from the Maintenance Pack that you did not originally choose for installation: 1. Log in as root. 2. Start the Software Manager by double-clicking its icon on the desktop, or by entering the following at the command-line prompt: scoadmin software 3. Select the Maintenance Pack in the list of installed software. 4. Select View->Expand from the command menu. 5. Select the software that you want to install from the list. 6. Select Software->Install New from the command menu. If you previously installed any of the selected components, you are notified that these components will be upgraded. Select Continue. 7. When the installation is complete, click on OK. The Software Manager lists the newly added component among the installed software. 8. Exit the Software Manager by selecting the Host menu, then Exit. 9. Reboot the machine: shutdown -i6 -g0 -y Removing the Maintenance Pack You can remove all of Maintenance Pack 1 from the system, or select one or more of its components for removal: SCO OpenServer 600 Release Supplement RS600A Mozilla Web Browser Java 2 Standard Edition (J2SE) Apache Tomcat Servlet Container SCOx language support ------------------------------------------------------------------------ WARNING: Removal of the Release Supplement RS600A is supported, but is not recommended, as the Release Supplement contains important updates to the system. Removing any of the optional components (or selecting the entire Maintenance Pack for removal) completely removes the optional components from the system. You can selectively install these again from either MP1 or from the Release 6.0.0 media after removing MP1. ------------------------------------------------------------------------ To remove one or more Maintenance Pack components: 1. Log in as root. 2. Start the Software Manager by double-clicking its icon on the desktop, or by entering the following at the command-line prompt: scoadmin software 3. Select the Maintenance Pack in the list of installed software. 4. If you want to remove only part of MP1, choose View->Expand fully from the menu, and select the software you want to remove from the expanded list. 5. From the Software menu, select Remove Software. In the confirmation window, verify that you selected the correct software, then click on Remove. 6. A window displays, showing you a list of software that will stop functioning after the Maintenance Pack is removed. Select Continue. 7. When the Removal complete window appears, click on OK and exit the Software Manager by selecting Exit from the Host menu. 8. Reboot the machine: shutdown -i6 -g0 -y Highlights of the Maintenance Pack ---------------------------------- SCO OpenServer Release 6.0.0 Maintenance Pack 1 contains the following updates and fixes (the references in parentheses following each description are internal tracking numbers): Hardware Support * Multiple Core Support -- Multiple core processors have two or more processor cores in each physical package. (The number of internal processors may also be used in the processor name; for example, "dual core" processors.) This architecture continues the trend started with hyperthreading, adding enhanced parallelism and improved performance. One critical difference between hyperthreading and multiple core processors is that multiple processor cores are detected automatically and utilized if available; hyperthreaded processors, on the other hand, are not utilized unless the administrator specifically requests their use. The use of multiple processor cores is enabled by default; it can be disabled with the boot parameter MULTICORE=N entered at the boot loader prompt or added to the /stand/boot file. If the use of multiple processor cores is explicitly disabled with the MULTICORE=N boot parameter, then the use of hyperthreaded processors is also disabled. Having multiple core support enabled has no effect on systems that do not have multiple core processors. Note that hyperthreaded processor support is disabled by default. Support for hyperthreaded processors can be enabled with any of the following boot parameters: ENABLE_HT=Y ENABLE_JT=Y HYPERTHREAD=Y See the boot(HW) manual page. No additional CPU licenses are required to use either multiple processor cores or hyperthreaded processors. (fz532712) * setclk command failures fixed -- The setclk command was failing because of missing device nodes. This has been fixed. (fz532605) * Network card failover fixed -- The problem of not being able to revert to the primary network interface card (NIC) after a failover occurred is fixed. When the primary NIC fails and the software switches to using a defined failover NIC, the option to Revert to primary is now presented in netcfg(ADM) when the primary NIC again becomes available. (fz532629) * udev driver updated -- A flaw in the udev driver that caused errant behavior with respect to device number generation has been fixed. (fz532577) * Driver Updates -- Updates for Host Bus Adapters and other device drivers are delivered separately from the Maintenance Pack. You can find the latest new and updated device drivers for Release 6.0.0 at: http://www.sco.com/support/update/download/product.php?pfid=12&prid=20. Backup and Restore * emergency_rec command fixed -- Two problems with the emergency_rec command have been fixed. The -e option now backs up the entire disk, as described on the emergency_rec(ADM) manual page. Tape creation failures observed when the system is configured with a /tmp directory of type memfs have also been fixed. (fz532582, fz532630) Files and Directories * non-LFS-aware commands no longer work on large files -- MP1 fixes an error that allowed some file system related commands (such as /bin/chown and /bin/rm) that are not large file system (LFS) capable to effect changes in large files (files over 1GB in size). This error has been fixed, and these non-LFS-aware commands now return an error (E_OVERFLOW) when attempting to access a large file. It is important that users and applications that access large files have /u95/bin first in their PATH so that the LFS-aware commands located there are invoked. (fz532639) Internet and Intranet * Mozilla updated to version 1.7.10 -- This update to Mozilla from Mozilla.org addresses the 9 security issues indicated at http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla: MFSA 2005-56 Code execution through shared function objects MFSA 2005-55 XHTML node spoofing MFSA 2005-54 Javascript prompt origin spoofing MFSA 2005-52 Same origin violation: frame calling top.focus() MFSA 2005-51 The return of frame-injection spoofing MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo() MFSA 2005-48 Same-origin violation with InstallTrigger callback MFSA 2005-46 XBL scripts ran even when Javascript disabled MFSA 2005-45 Content-generated event vulnerabilities This updates the browser to the same code base as Mozilla Firefox 1.0.6 and Thunderbird 1.0.6. (fz532746, fz532631) * Problems running Mozilla and Firefox together fixed -- Problems starting up either Mozilla or Firefox when the other was already running have been fixed. (fz532645) * Missing Java functionality provided -- Java serial I/O support and SCOx web services support that was present in the most recent versions of SCO OpenServer 5 and UnixWare 7 was left out of Release 6.0.0 by mistake. MP1 corrects this as follows: o Java serial I/O support is contained in package javaxcomm, within a revised version of the Java 2 Standard Edition 1.4.2 parcel. It is automatically found within the standard Java extensions classpath. o Java web services support is contained in package javasoap, within the same revised Java parcel, and is also contained within a revised version of the Apache Tomcat Servlet Container 4.1.31 optional services product. It is automatically found within the standard extensions Java classpath. o C and C++ web services support is contained in a newly supplied package gsoap within the new SCOxlang optional services product. It is found at /usr/lib/gsoap/. o Perl and PHP web services support was in 6.0.0, and is folded into those distributions. o Demos for using web services in all five languages are contained in a newly supplied package scoxldemo within the same new SCOxlang optional services product. These are installed into /usr/lib/scox/language_demos/. The "mk" scripts within each subdirectory will indicate how to build and execute web services-enabled applications for all five languages. (fz532362) Networking * Unsharing NFS resources errors fixed -- The unshare and unshareall commands no longer return errors when unsharing NFS resources. (fz532719) * Firewall rules can be flushed only by owner -- A bug that allowed any user to change or flush the firewall rules (see the ipf(ADMN) manual page) has been fixed. Only the owner has read and write permissions on ipfilter device nodes. (fz532560) * NFS deadlock with specfs file systems fixed -- A deadlock that occurred when traversing specfs type file systems (such as /dev) mounted over NFS has been fixed. Such operations no longer hang. (fz532662) * routed daemon updated -- Problems observed using routed with /etc/inet/gateways have been fixed. (fz532052) Security * Support for Access Control Lists (ACLs) added -- ACLs are enabled by editing the file /etc/conf/sdevice.d/dac and changing the N to a Y in the file. Save the change, and enter the following two commands to rebuild the kernel and reboot the system: # /etc/conf/cf.d/link_unix # shutdown -i6 -g0 -y See the following manual pages for more information on ACLs: getacl(C), setacl(C), acl(S), facl(S), aclipc(S), aclsort(S). (fz532597) * lockpid and mpstat updated to restrict access -- The set-gid (set group ID) bit was removed from the lockpid command. The set-gid bit was removed from the mpstat command, and the group was changed to mem. (fz532359) System Management * psradm command fixed to no longer corrupt /etc/wtmp -- The psradm(ADM) command was corrupting /etc/wtmp and /etc/wtmpx. This would cause commands like who to return errors. This problem has been fixed in MP1. (fz532744) * configure command -x option now works in pipelines -- The configure -x command has been fixed to no longer execute its own internal pager; this made piping the output to another command fail. (fz532516) * telnet and rlogin fixed to allow eight-bit characters -- The telnet and rlogin commands have been updated to allow eight-bit characters on input. This bug was preventing special symbols (such as pound and euro) from being entered when a Release 6.0.0 machine was either the client or server in a telnet or rlogin session. (fz532366) * File limit in xemul updated -- The XENIX Emulator xemul(C) no longer has a limit of 60 open files; it can open as many as the kernel is tuned to allow (the default is 2048). (fz532564) * Problems recognizing memory with multiple licenses fixed -- Problems recognizing extra memory on systems with multiple licenses applied (for example, an Upgrade license plus an 8GB Memory license) have been fixed. (fz532691) * DOS commands no longer fail on second try -- The DOS file system related commands (doscp, dosrm, dosdir, doscat, dosmkdir) were failing on second and subsequent executions by any user, with errors like the following: /tmp/00448dos: Permission denied doscp: can't seize /dev/install This happened because of a temporary file left behind by the first execution of the command. This problem has been fixed. (fz532710, fz532716) Development System * cc error for bool variables fixed -- The cc compiler could generate one or both of the following errors when compiling code using pointers to boolean values: UX:acomp: ERROR: "compiler_err.c", line 12: internal compiler error: can't deal with op STAR ... UX:as: ERROR: /var/tmp/ctm2AAAa005X_:56:invalid operand combination: xorb This problem is fixed in MP1. (fz532751) * C++ bit-field struct initializer list error fixed -- A fix for the C++ compiler is included in MP1 which corrects a bug in which broken code was generated for initialization of bitfield members of struct/union/class objects." (fz532625) * Set installation problems fixed -- Package set postinstall scripts are now executed using the correct set of system commands. (fz532526) Maintenance Pack Notes and Limitations -------------------------------------- The following notes and limitations apply to SCO OpenServer Release 6.0.0 Maintenance Pack 1: * Warning after installing MP1 -- After installing the RS600A Release Supplement from MP1, the following message is displayed on the console (and recorded in /var/adm/messages and /var/adm/syslog): WARNING: The SCO Licensing Policy Manager Daemon (sco_pmd) has terminated and been restarted. This usually indicates a serious system problem and you are encouraged to contact your SCO service provider for help. This message is expected when the Release Supplement is installed and can be safely ignored. The Release Supplement contains updates to the Policy Manager Daemon (PMD); the PMD is stopped and restarted by the Supplement to configure the updates. * Privileges on xemul reset during removal of RS600A -- After removal of RS600A, the xemul binary no longer has the appropriate privileges to run. They can be restored with the following command: /sbin/filepriv -f "dacread,setuid" /usr/bin/xemul ------------------------------------------------------------------------ (c) Copyright 2005 The SCO Group, Inc. All rights reserved.