This document provides installation instructions, new feature descriptions, and release notes for Unixware 7.1.3 Update Pack 4. Update Pack 4 is the final Update Pack for UnixWare 7.1.3 and is a non-removable upgrade to UnixWare 7.1.4. In order to receive Update Packs for UnixWare 7.1.4, you will need a new SCO Update License for this new release. To obtain a new license, please contact your software supplier. Complete UnixWare documentation is available on the Documentation and Support Web Sites. Your UnixWare system serves the online documentation set, including manual pages, on http://hostname:8458 (where hostname is the network name or IP address of the UnixWare system, or localhost when using a browser on the system running DocView). |
There are two support "tracks" for UnixWare:
A Maintenance Pack (MP) is a collection of fixes for reported problems distributed as a single installable package. Maintenance Packs are made available periodically when such fixes are available, and can be downloaded and installed free of charge. Maintenance Packs are cumulative, so only the latest one needs to be installed. If installed individually, they must be installed in the order they are issued (i.e., MP1, MP2, etc.). A Maintenance Pack typically is accompanied by a single text file with installation instructions and release notes.
It is important to note that a Maintenance Pack cannot be installed onto a system that already has an Update Pack installed. This restriction ensures the integrity of the software installed on your system.
An Update Pack (UP) is a collection of features, enhancements, and problem fixes distributed as a single package or set, plus additional packages, in a CD ISO image. Update Packs are made available quarterly (for a licensing fee) to registered customers of the SCO Update Service. Update Packs are cumulative; you only need to install the current Update Pack to pick up all the features, enhancements, and fixes issued in all previously issued Update Packs and Maintenance Packs. If installed individually, they must be installed in the order they are issued (i.e., UP1, UP2, etc.).
The current UP can be installed on top of any previously issued Maintenance Pack (MP). Each Update Pack comes with full documentation, including installation and release notes (like the document you are reading now), that explain the target system requirements. No MP can be installed on a system that has one or more UPs already installed.
If you already have one or more Maintenance Packs installed, you can switch over to the UP track by installing the Update Pack that includes all the Maintenance Packs you have currently installed. For example, if you have Maintenance Pack 2 installed, you can switch over to the UP track by installing Update Pack 2 or later.
If you are an Update Pack customer and want to switch over to the MP track, you must first remove all Update Packs installed on your system (in the reverse order they were installed), and then install the latest Maintenance Pack. For example, if you loaded UP1 and then UP2 onto your system, and want to switch over to the MP track, remove UP2 and then UP1 from the system. Once all the Update Packs are removed, install the currently available Maintenance Pack.
NOTE: Update Pack 4, because it implements changing the system from a 7.1.3 system to a 7.1.4 system, cannot be removed. It is therefore critical that you back up your system before installing Update Pack 4 should you for any reason want to go restore the previously running configuration. See: Before Beginning: Backup Your System.
UnixWare Maintenance Packs and Update Packs are available from the UnixWare Supplements Web Page.
Update Pack 4 can be installed only on a Release 7.1.3 system. The system may have any combination of previously issued Maintenance Packs and Update Packs installed.
If you have any Maintenance Pack later than MP3 installed, you must remove it using pkgrm(1M) before installing Update Pack 4. Use the pkginfo(1) command or the scoadmin application installer to check your current software configuration.
Please Note: If you install an Update Pack on a system with one or more Maintenance Packs already installed, do not attempt to remove any of the Maintenance Packs from the system after installing the Update Pack. This will lead to unexpected system behavior.
Most individual packages distributed with Update Packs require the installation of the Update Pack Set in order for the software to work correctly.
Update Packs (and Maintenance Packs) are available for download from the UnixWare Supplements Web Page. A registered SCO Update Service license is required to install the Update Pack Set and other licensed packages distributed with the Update Pack CD. Once registered, you can install the Update Pack from the CD ISO image. The ISO image can be written to a CD-ROM using any Windows or Unix CD recording software, such as cdrtools on UnixWare. The ISO image file can also be mounted directly without being written to a CD, as shown in the procedures below. Customers can also receive Update Packs on CD-ROM directly from SCO. For more information, please see your software supplier or go to the SCO Update Ordering Web Page.
A registered SCO Update Service (SUS) Enabling license is required to install the Update Pack Set and other packages indicated in the section Update Pack Contents. If you attempt to install any of these packages on a system that does not have a registered SUS license, the installation will fail.
To check your current licenses, launch SCOadmin from the graphical desktop and select License Manager, or launch the License Manager from the command line (as root):
scoadmin license
The License Manager's main screen displays the currently installed licenses. One of these should mention the SCO Update Service. If you do have a SCO Update Service license installed, it must also be registered in order to allow you to install the Update Pack Set. If the Registered column for your SCO Update Service license or bundled license does not have a "Yes" or "N/A", you need to register that license before attempting to install the Update Pack Set.
An SUS Enabling license can be purchased as part of your License Edition (e.g., Base, Departmental, Enterprise, etc.), or purchased separately. Contact your software supplier if you do not have an SUS license or go to the SCO Update Ordering Web Page. For registration information, please see the SCO Update Service Registration web site.
The entire process of installing licenses on your system and registering your SCO Update Service license is described in the online documentation under Installation and Licensing>Getting Started Guide>CD Contents, Licensing, Installation Profiles, and Support. The Getting Started Guide is also available in a number of file formats from the UnixWare Doc Web Page.
Update Pack 4 consists of a single Update Pack Set named uw713up4, as well as a number of additional updated packages.
The table below lists the package and set names as they are found on the Update Pack CD ISO image and optional Update Pack CD. Packages on the CD are in datastream format (files ending in .image) and in file system format (a directory with the same name as the package). The Installation Procedures section show you how to install both types of package formats.
The Update Pack Set requires a license; most other packages and sets do not. Those packages and sets that do require a license are indicated in the table below by an asterisk (*) before the package or set name.
Package/Set | Description |
---|---|
*uw713up4.image Set | The Update Pack 4 Set installs these packages:
|
adpu320 package | New Adaptec Ultra320 Family PCI SCSI HBA d3.0 |
adst70 package | Updated Adaptec Ultra160 Family PCI SCSI HBA d3.14 |
apache package | Updated Apache Web Server 1.3.29 |
basex package | Updated X11R6 Base X Runtime System |
*cups/image package | New Common UNIX Print System (CUPS) Client and Server 1.1.19-01 |
*cupsdev.image package | New CUPS Development Libraries 1.1.19 |
cupsdoc package | New CUPS Online Guides and Manual Pages 1.1.19 |
db package | New Berkeley DB v4.1 library for open source OpenLDAP software suite |
foomatic package | New Foomatic V3.0.0-01 -- Printer Filters and PPDs for CUPS |
gimpprint package | New Printer Drivers and PPD files for CUPS and foomatic 4.2.5 |
*glib.image package | New Library of utility functions for Gimp ToolKit 1.2.10 |
gs package | ESP Ghostscript 7.05.6 PostScript/PDF Interpreter with GNU Ghostscript 6.0 fonts |
*gtk.image package | New Gimp ToolKit 1.2.10 - runtime library for graphical user interfaces to X |
hpijs package | New HP Inkjet Printer Driver (hpijs) and PPD Files 1.5 |
ide package | Updated Generic IDE/ATAPI Driver |
iir package | New Intel Integrated Raid (IIR) HBA Driver Package 2.33 |
j2jre131 package | Updated Java 2 SE 1.3.1_10 Runtime Environment |
j2sdk131 package | Updated Java 2 SE 1.3.1_10 Software Development Kit |
j2plg131 package | Updated Java 2 SE 1.3.1_10 Java Plug-in (Netscape and Mozilla) |
j2pls131 package | Updated Java 2 SE 1.3.1_10 Demos and Debug |
*j2jre142.image package | Updated Java 2 SE 1.4.2_03 Runtime Environment |
*j2sdk142.image package | Updated Java 2 SE 1.4.2_03 Software Development Kit |
javaxcomm package | New Java support for RS-232 serial I/O and IEEE 1284 parallel I/O based on Sun COMM 2.0 and RXTX 1.4-8 |
jpeg package | New JPEG Image File Compression Library and Utilities |
libIDL.image package | New Library for creating CORBA Interface Definition Language (IDL) files 0.6.8 |
libpng package | New PNG (Portable Network Graphic) File Library 1.2.5 |
*mozilla.image package | New Mozilla Internet Browser 1.2.1b |
mpt package | New LSI Logic Fibre Channel HBA Driver 1.3.26 |
nd package | Updated Network Drivers |
nics package | Updated Netdriver Infrastructure and Configuration Subsystem |
*openldap package | New Open Source OpenLDAP software suite 2.1.22 |
openssh package | Updated Secure Shell remote access utility 3.7.1p2 (OpenSSH) |
openssl package | Updated Secure Sockets Layer / TLS cryptography toolkit 0.9.7c (OpenSSL) |
openssld package | Updated OpenSSL Documentation |
*perl.image package | New Perl Programming Language 5.8.0 |
pgsql package | New PostgreSQL Database Management System 7.4.2 |
ppp.image package | Updated Point-to-Point Protocol (PPP) |
qlc2200 package | Updated QLogic PCI Fibre Channel HBA Driver 3.12 |
qlc2300 package | Updated QLogic PCI Fibre Channel HBA Driver 3.04 |
samba package | New Samba 3.0 - A Windows SMB/CIFS fileserver for UNIX |
tiff package | New TIFF Image File Libraries and Utilities 3.5.7 |
*udienv.image package | Updated Uniform Driver Interface (UDI) 1.01 Runtime Environment |
uli package | Upgrade Wizard for Update Packs |
urwfonts package | Updated (URW)++ Free X11 Fonts 2.0 for Java |
*usb.image package | Updated Universal Serial Bus (USB) 2.0 Drivers |
uw7updoc package | Updated online topics |
uw7upman package | Updated manual pages |
xdrivers package | Updated X11R6 Graphics Drivers, Grafinfo Files and Configuration Scripts |
xfonts package | Updated X11R6 100dpi, 75dpi, Speedo, Type1, and Miscellaneous Fonts |
xserver package | Updated X11R6 X Server, Utilties, Font Server |
zlib package | Updated zlib - General Purpose Data Compression Library 1.2.1 |
Please see the section Known Problems and Workarounds before beginning installation of the Update Pack.
Before you install any software or documentation from the Update Pack, it is important that you back up your system. A current system backup makes it easy to recover any files overwritten during the installation of the Update Pack. While the Update Pack Set does make copies of all the files it updates, not all supplemental packages do so. See Recovering Files Overwritten by the Update Pack (below) and Backup and Restore (in the online documentation) for more information.
NOTE: Update Pack 4, because it implements changing the system from a 7.1.3 system to a 7.1.4 system, cannot be removed. It is therefore critical that you back up your system before installing Update Pack 4 should you for any reason want to go restore the previously running configuration.
The procedure below shows you how to install the Update Pack using the Upgrade Wizard, from either a mounted ISO CD image, or from a CD to which the ISO image has been written.
The instructions below assume you are using the Upgrade Wizard in graphical mode. If uli is executed on the console without X Window or another process running on vt01, the default back-end package installer is the morepkgs interface, where packages are presented in a single vertical list and selected and de-selected via the spacebar rather than Add and Remove buttons. To disable use of the morepkgs interface, the following environment variable can be set before uli is executed:
# ULI_USE_MOREPKGS=NO # export ULI_USE_MOREPKGS
NOTE:
You must install the Update Set before installing
most of the other packages available with the Update Pack.
This is done automatically by the Upgrade Wizard.
If you are applying the Update Pack to a newly installed or upgraded UnixWare
system, be sure to reboot the system after the installation or upgrade
is complete and before you apply the Update Pack.
Log into the system as root.
Do one of the following:
If you have a CD with the Update Pack image on it, insert the CD into the primary CD drive and go to the next step.
# marry -a /var/spool/pkg/uw713up4CDimage.iso /dev/marry/var/spool/pkg/uw713up4CDimage.iso # mount /dev/marry/var/spool/pkg/uw713up4CDimage.iso /install
Note that the return value of the marry command is used as the first argument of the mount command. You can also use the series of commands shown in the example below to reduce the amount of retyping required:
# device=`marry -a /var/spool/pkg/uw713up4CDimage.iso` # echo $device /dev/marry/var/spool/pkg/uw713up4CDimage.iso # mount $device /install
The first command assigns the return value of the marry command to the environment variable $device
.
Note that the marry command is enclosed by backquote characters (`) -- not single quotes.
(On many keyboards, the backquote character is found on the upper-left side of the keyboard.)
The return value can be checked for errors using the echo command as shown.
Install the uli (Upgrade Wizard) package from the CD. Use either the SCOadmin Application Installer from the graphical desktop, or the following command line:
# pkgadd -d device uli
where device is cdrom1 if you followed Step 2a; or, /install if you followed Step 2b.
Once the uli package is installed, launch the Upgrade Wizard. Do one of the following:
# uli
# uli -f device
where device is the name of the directory where you mounted the ISO image in Step 2b (/install in the example).
When the Upgrade Wizard starts, a screen displays a message that the Upgrade Wizard will install the Update Pack software. Select Next to continue.
The Upgrade Wizard displays the Software License Agreement. Select Accept to continue.
If you followed Step 4a and used the uli command with no options, skip to the next step.
Otherwise, if you followed Step 4b and used uli -f, a screen is displayed that lists the primary CD drive and the directory you specified, with the directory selected as the default installation device. Select Next to continue and install from the directory.
The Wizard checks the contents of the installation device for the Update Pack. Select Next to continue and begin installing the Update Pack.
The Upgrade Wizard automatically installs the Update Pack Set (see the Update Pack Contents), displaying installation messages in a new window.
When the Upgrade Wizard finishes installing the Update Pack Set, it displays the Package Selection List, a list of the additional packages on the CD that are not installed automatically by the Update Pack Set. If the Wizard detects previous versions of any of the Update Pack CD packages on your system, the updated version on the CD appears in the Chosen Packages list on the right. Use the Remove button to move packages that you don't want to install from the Chosen Packages list to the Available Packages list. Any packages that remain in the Available Packages list will not be installed.
NOTE: Some packages on the CD may not be presented in the Package Selection List. This happens when the Upgrade Wizard does not find a previous version of the package on your system. In order to install such a package using the Upgrade Wizard, you need to first install the package from the original UnixWare media used to install the system (along with any prerequisite packages). Or, use pkgadd(1M) to install the package instead.
After you are done installing software with the Upgrade Wizard, see the section Installing Additional Packages after the Update Pack Set and use pkgadd(1M) instead of the Upgrade Wizard to install the Update Pack version of any package not listed for selection by the Upgrade Wizard. If a package installation fails because a prerequisite package was not found, you will first need to install the prerequisite package from the Update Pack or the original installation media.
When you are finished choosing packages, select Next to continue.
A summary of your package selections and the space they require on your hard disk is displayed. Select Next to confirm your selections and continue. Select Previous to go back to the previous step and change the Package Selection List.
After you confirm your package selections, the Upgrade Wizard installs the packages you selected. It displays a progress bar as each package is installed. When the Wizard is done, select Finish to exit.
If you followed Step 1a, go to the next step.
Otherwise, if you followed Step 1b, unmount the CD image and delete the marry device:
# umount /install # marry -d /dev/marry/var/spool/pkg/uw713up4CDimage.iso
Reboot your system to rebuild the kernel. From the Desktop, use the SCOadmin Shutdown Manager. From the command line, enter the following:
# shutdown -i6 -g0 -y
When the system comes back up, you can log in and check the installation as shown in the section Checking Update Pack Installation.
If you decide that you want to add additional packages from the Update Pack CD, see the section Installing Additional Packages after the Update Pack Set.
After you have installed the Update Pack Set and rebooted your system, you can use either the Upgrade Wizard or the pkgadd(1M) command to install any packages that you did not select when you installed the Set.
If any desired package cannot be installed because a prerequisite package was not found, install the prerequisite package (either from the Update Pack or the original UnixWare installation media), and then attempt to install the desired package again.
Using the Upgrade Wizard will re-install the Update Set automatically before installing additional packages. Use the pkgadd command if you want to:
To use the Upgrade Wizard, follow the Installation Procedure, omitting Step 3.
To use the pkgadd command:
Log into the system as root.
Do one of the following:
If you have a CD with the Update Pack image on it, insert the CD into the primary CD drive and enter:
# mount /dev/cdrom/cdrom1 /install
Go to the next step.
# marry -a /var/spool/pkg/uw713up4CDimage.iso /dev/marry/var/spool/pkg/uw713up4CDimage.iso # mount /dev/marry/var/spool/pkg/uw713up4CDimage.iso /install
Note that the return value of the marry command is used as the first argument of the mount command. You can also use the series of commands shown in the example below to reduce the amount of retyping required:
# device=`marry -a /var/spool/pkg/uw713up4CDimage.iso` # echo $device /dev/marry/var/spool/pkg/uw713up4CDimage.iso # mount $device /install
The first command assigns the return value of the marry command to the environment variable $device
.
Note that the marry command is enclosed by backquote characters (`) -- not single quotes.
(On many keyboards, the backquote character is found on the upper-left side of the keyboard.)
The return value can be checked for errors using the echo command as shown.
List the contents of the CD:
# ls -l /install
Install the desired packages using one of these methods:
If the package is in a single file whose name ends in .image, enter:
pkgadd -d /install/name.image
where name.image is the name of the file on the CD. For example, the following command installs the Update Pack Set from the mounted CD image:
pkgadd -d /install/uw713up4.image
Each package image must be installed individually.
If the package is contained in a directory on the CD, enter:
# pkgadd -d /install package...
Replace package with the names of one or more filesystem format packages on the CD. This example installs the nd and nics packages from a mounted ISO image file:
# pkgadd -d /install nd nics
Shut down the system to rebuild the kernel. From the Desktop, use the SCOadmin Shutdown Manager. From the command line, enter the following:
# shutdown -i6 -g0 -y
When the system comes back up, you can log in and check the installation as shown in the section Checking Update Pack Installation.
Once installed, use the pkginfo(1) command to confirm that the Update Set has completely installed. The system should respond with output similar to that shown in the example below:
# pkginfo -lc set uw713up4 PKGINST: uw713up4 NAME: UnixWare 7 Release 7.1.3 Update Pack 4 ... STATUS: completely installed
If the STATUS
field indicates anything other than
completely installed
,
there was some problem during installation of the set.
Re-install the set and record any error messages displayed.
Then, check the Late News
and Support web sites to check for
additional installation notes.
To check the installation of other packages, use a command like the following:
pkginfo -l xdrivers j2re142
In addition, if you installed one or more of the Java packages, you can check which version is the default version of Java by entering this command:
java -version
The command will return with the appropriate release, depending on whether /usr/java is linked to /opt/java2-1.3.1 or /opt/java2-1.4.2. For example, to change the default Java from release 1.3.1 to release 1.4.2, enter the following commands, logged in as root:
# rm /usr/java # ln -s /opt/java2-1.4.2 /usr/java # rm /usr/java2 # ln -s /opt/java2-1.4.2 /usr/java2
If you update the links as in the example above to switch the active Java release, you should also remove and re-install the javaxcomm package, if it is on your system, so that it runs on the default Java version:
# pkgrm -n javaxcomm # pkgadd -q -d pathname javaxcomm
Where pathname is the full path to the javaxcomm package.
You will need to reinstall the Update Pack Set if any of the following situations arise:
You are instructed to do so when installing a package or set. This happens, for example, when one or more files that was updated by the Update Pack is changed in any way by the installation of the new software. Reinstalling the Update Pack is required to ensure the integrity of the software already installed on your system.
One or more files installed by the Update Pack needs to be refreshed for any number of reasons; for example, data corruption caused by faulty hardware or user error.
Reinstalling the entire Update Pack Set may be necessary, and can be done using the Upgrade Wizard (if you have the Update Pack CD or CD ISO image) or pkgadd (using either the CD ISO image or the Update Pack Set image). To reinstall the entire Update Pack Set, see the section Installing Additional Packages after the Update Pack Set, using the Update Pack CD ISO.
If you want or need to install only a subset of the packages in the Update Pack Set, you can use a pkgadd command line like the following to reduce required installation time:
pkgadd -d /var/spool/pkg/uw713up4.image update714
The example above installs only the update714 package from the Update Pack 4 Set, which resides in this example in the file uw713up4.image under /var/spool/pkg.
After installation, you may want to recover files that have been overwritten by the Update Pack Set or one of the supplemental packages. For example, if you have a custom version of sendmail(1M) on your system, this will be overwritten by the Update Set. To recover any file overwritten by the Update Set, enter the following command, as root:
# cd / # zcat /var/sadm/bkup/update714/bkup0/update.cpio.Z | cpio -icdumv pathname
where pathname is the full pathname of the file you want to recover, without the leading slash (/). For example, to recover the /usr/lib/sendmail binary, enter:
# cd / # zcat /var/sadm/bkup/update714/bkup0/update.cpio.Z | cpio -icdumv usr/lib/sendmail
See the file /var/sadm/bkup/uw713up4/filelist for the contents of the Update Pack Set backup archive (update.cpio.Z).
The supplemental packages provided with the Update Pack generally do not back up the file they install. Check for backup files under /var/sadm/bkup/packagename and /var/sadm/pkg/packagename/save, where packagename is the name of the package. If a package has overwritten a file and not made a backup copy, recover the file from your regular system backup media.
To find out what packages have installed or updated a particular file, enter the following:
# pkgchk -lp pathname
where pathname is the full pathname of the file, as in:
# pkgchk -lp /usr/lib/sendmail
NOTE: Update Pack 4, because it implements changing the system from a 7.1.3 system to a 7.1.4 system, cannot be removed. It is therefore critical that you back up your system before installing Update Pack 4 should you for any reason want to restore the previously running configuration. See: Before Beginning: Backup Your System.
Update Pack 4 contains all the new features from Update Pack 1, Update Pack 2, and Update Pack 3,as well as the additional new features listed in this section. See the UnixWare 7.1.4 Feature List for a complete list of new features since UnixWare 7.1.3.
Also see the sections Problems Fixed for a complete list of maintenance fixes, and Known Problems for limitations and workarounds.
The features listed in this section are installed with the Update Pack Set. See the Installation Procedures section for how to install the Update Pack Set.
Support for booting UnixWare systems using the Advanced Configuration and Power Interface (ACPI) BIOS tables is provided. This allows UnixWare to run on multiprocessor (MP) systems that do not have Intel Multi-Processor Specification (MPS) BIOS tables. Previously, UnixWare would not boot on a system that did not have MPS tables. Booting from ACPI tables is disabled by default. To enable booting from ACPI:
Make sure the osmp (multi-processing support) package is installed (even if you have a UP system). Enter:
pkginfo osmp
To see if osmp is installed. If not, install it from the UnixWare 7 Installation CD#1, by inserting the CD into the primary CD drive and entering:
pkgadd -d cdrom1 osmp
Add the following line to the file /stand/boot:
ACPI=Y
Note: Booting from ACPI and hyperthreading may be used together by
adding both ACPI=Y
and ENABLE_JT=Y
entries to the /stand/boot
file and rebooting the system.
See the boot(4) manual page.
Reboot the system to rebuild the kernel:
shutdown -i6 -g0 -y
If your hardware supports hyperthreading, enter the system BIOS utility as the system reboots to enable hyperthreading in your system BIOS. (See the hardware manufacturer's documentation for details.)
Note: on systems that support hyperthreading, the hyperthreading feature should be enabled in the system BIOS when booting from the ACPI tables, even if hyperthreading is not enabled under UnixWare. Otherwise, if you boot from the ACPI tables on a system that supports hyperthreading but does not have hyperthreading enabled in the BIOS, UnixWare utilities like psrinfo may report fewer processors available than the actual number of processors installed.
Save the BIOS configuration and boot UnixWare.
After the system boots, use the psrinfo(1M) command to check processor status.
Hyperthreading (Jackson Technology) support for UnixWare on Intel processors has been enhanced to work on uniprocessor (UP) systems. Previously, this technology worked only on multiprocessor (MP) systems. By default, hyperthreading is disabled. To enable hyperthreading:
Make sure the osmp (Multiprocessing Support) package is installed (even if you have a UP system). Enter:
pkginfo osmp
To see if osmp is installed. If not, install it from UnixWare 7 Installation CD#1, by inserting the CD into the primary CD drive and entering:
pkgadd -d cdrom1 osmp
Add the following line to the file /stand/boot:
ENABLE_JT=Y
Note: Hyperthreading and ACPI may be used together by
adding both ENABLE_JT=Y
and ACPI=Y
entries to the /stand/boot
file and rebooting the system.
See the boot(4) manual page.
Reboot the system to rebuild the kernel:
shutdown -i6 -g0 -y
As the system reboots, enter the system BIOS utility to enable hyperthreading in your system BIOS. (See the hardware manufacturer's documentation for details.) Save the BIOS configuration and boot UnixWare.
After the system boots, use the psrinfo(1M) command to check processor status.
The Network Time Protocol (NTP) has been updated to Version 4.1.1 from http://www.ntp.org. NTP is used to synchronize the time of a computer client or server to another server or reference time source. This release maintains compatibility with NTP 2.x and 3.x, while support for NTP 1.x has been removed. See the NTP documentation provided with version 4, under Networking > Administering TCP/IP and Internet Services, in the online documentation. In particular, see the NTP Version 4 Release Notes and the Quick Start.
The IPsec (secure IP) protocol suite and associated tools provides the ability to encrypt and authenticate IP packets transmitted between cooperating hosts or subnets.
When IPsec is configured for a given communication path between hosts or subnets, most of the IP header and the entire data portion of each packet sent over the network is encrypted by the sending host, and decrypted by the receiving host. This is in contrast to non-IPsec packets, which are not encrypted.
In addition to encrypting IP packets, IPsec can authenticate each packet using the information in the expanded header supported by this protocol. Authentication can also be provided using private keys and signed certificates.
In this way, each host can not only be assured that each packet has been encrypted for delivery, but also validate that the packet received has originated with the expected host and that no third party has tampered with or had access to the data in the packets during transmission.
One of the uses of IPsec is to implement a Virtual Private Network (VPN). In a VPN, a non-secure communication path (such as an internet connection) is used for the transmission of encrypted and authenticated packets between hosts that have been set up to use that path and only provide IPsec packets over the path.
A VPN is really a set of security associations established on each host that requires secure IP communications, along with a security policy established for each "subnet" in the VPN. Thus, a corporate VPN might be defined by a gateway router that allows a number of remote systems (or other gateways) to connect over public transmission facilities (phone lines, cable modem, wireless), and access the corporate network. A properly configured IPsec facility on the gateways and the various remote systems prevents the kind of security threats inherent in public transmission systems, such as spoofing, masquerading, denial of service, and others.
IPsec is disabled by default; this is because running IPsec without first configuring it properly for your site reduces overall network performance with no benefit. To configure and enable IPsec, see Networking > Administering TCP/IP and Internet services > Secure IP (IPsec) in the online documentation. The documentation includes procedures and configuration examples.
The Name Service Switch (NSS) provides a single point of control for lookup operations on system databases (such as /etc/passwd, /etc/group, etc.). This gives a system administrator the ability to configure these operations while the system is running, including the ability to extend the implementation through plug-in runtime modules.
For more information see the NSS Overview in the online documentation.
The version identifier returned by the uname(1) command, the uname(2) system call, and associated utilities after installation is updated from 7.1.3 to 7.1.4. For example:
# uname -v
Returns the following:
7.1.4
The features listed in this section are contained in separate packages from the Update Pack Set. To install them, either select them from the Upgrade Wizard when you install the Update Pack Set, or follow the instructions in the section Installing Additional Packages after the Update Pack Set.
A new sound driver (ich) that supports on-board PCI sound cards on Intel 845 chipsets has been added to the audio package. The chipsets supported are ICH1, ICH2, ICH3, and ICH4. The driver also provides support for the AC97 mixer.
The AC97 codec on the soundcard must support VRA (variable rate) for any application to play audio files at variable rates. If the codec doesn't support VRA, then most applications will fail to play any audio files. For example, using mpg123 with a soundcard that does not support VRA returns the following message:
No supported rate found !!
If your hardware supports the relevant chipsets, the ich driver is loaded and configured automatically when the audio package is added. You can also manually load the driver using:
modadmin -l ich
To test whether the driver is working properly, mpg123 player for native UnixWare can be intalled and be used for playing audio files. You can find mpg123 on the web at http://www.sco.com/skunkware. If you have installed the Linux Kernal Personality (LKP) on your system, you can also download the Linux version of Realplayer from the web (http://www.realplayer.com to play audio files. Both mpg123 and Realplayer running on LKP have been tested with the new driver.
Note that the ich driver does not provide audio support for the SCO Merge product at this time.
The db package contains version 4.1.25 of the Berkeley DB software, an embedded programmatic database toolkit. This package is provided primarily for, and is required by, the OpenLDAP software. It can be used in any application where a programmable embedded database is required. See the DB Documentation installed under /usr/docs by the db package.
PostgreSQL (pgsql) is a widely-used open source database system that offers the features and reliability usually associated with more costly proprietary database systems. PostgreSQL documentation is installed with the pgsql package and is available under Software Development in the online documentation. For a review of the advantages of deploying PostgreSQL, please see http://advocacy.postgresql.org/advantages/. General information and news about PostgreSQL is available from the PostgreSQL Web Site at http://www.postgresql.org.
The QLogic PCI FibreChannel (qlc2300) and the Adaptec Ultra320 Family PCI SCSI HBA (adpu320) Host Bus Adapter (HBA) drivers have been updated, as follows:
Fixes problems with board ID return value on some IBM systems with PCI-X slots.
Fixes problems experienced when disks are connected to both channels.
The qlc2300 and adpu320 drivers are available as separate package images in the Update Pack, as well as a floppy disk image suitable for use during a fresh install of UnixWare. The floppy image is available at: ftp://ftp.sco.com/pub/unixware7/drivers/storage.
The Network Drivers (nd) package has been updated with new versions of the following existing Network Interface Card (NIC) drivers:
Fixed problems seen in development environment only.
Fixed some incorrect function return values and a system panic in bcopy(3C) caused by the driver.
Fixed minor problems and added new card support. The complete list of network adapters supported by the new version of eeE8 follows:
645477-xxx PRO/10+ PCI PILA8500 649439-xxx PRO/10+ PCI PILA8520 701738-xxx Pro/100+ PCI Management Adapter PILA8461 668081-xxx Pro/100+ PCI PILA8460 689661-xxx 722762-xxx 721383-xxx Pro/100+ PCI Management Adapter PILA8460B 741462-xxx Pro/100+ PCI PILA8460BN 748566-xxx PRO/100 S Management PILA8460BUS 748564-xxx PRO/100 S Management PILA8464B 742252-xxx InBusiness(tm) 10/100 adapter SA101TX 351361-xxx PRO/100 PCI PILA8465 352509-xxx EtherExpress(tm) PRO/100B PCI adapter PILA8465B 661949-xxx 667280-xxx 678400-xxx 352433-xxx PRO/100B PCI T4 PILA8475B 691334-xxx PRO/100+ PCI Management Adapter PILA8900 A80897-xxx PRO/100 M Desktop PILA8460M 751767-xxx PRO/100 S Desktop PILA8460C3 ================== Server Adapters ============ 714303-xxx PRO/100+ Dual Port Server Adapter PILA8472 711269-xxx 748565-xxx PRO/100 S Server PILA8474B 748568-xxx Intel(c)PRO/100 S Server PILA8474BUS 710550-xxx PRO/100+ PCI Server Adapter PILA8470 729757-xxx PRO/100+ Server Adapter PILA8470B A56831-xxx PRO/100 S Dual Port Server Adapter PILA8472C3 752438-xxx PRO/100 S Server PILA8470C3 New NIC support in eeE8 2.6.8: ------------------------------ 82559 Fast Ethernet LOM with Alert on LAN PRO/100 S Mobile LAN on Motherboard PRO/100 VM Network Connection PRO/100 VE Network Connection HP NC3133 Fast Ethernet NIC HP NC3163 Fast Ethernet NIC HP NC3162 Fast Ethernet NIC HP NC3123 Fast Ethernet NIC HP NC3134 Fast Ethernet NIC HP NC3135 Fast Ethernet Upgrade Module HP NC3120 Fast Ethernet NIC HP NC3122 Fast Ethernet NIC HP NC1120 Ethernet NIC HP 10/100 TX PCI Intel WOL UTP Controller HP NC3160 Fast Ethernet NIC HP NC3121 Fast Ethernet NIC HP NC3131 Fast Ethernet NIC HP NC3132 Fast Ethernet NIC
Fixed minor problems and added new NIC support. The complete list of network adapters supported by the new version of bcme follows:
3Com 3C996/3C1000/3C94X Gigabit Ethernet 3Com 3C996-SX Gigabit Ethernet Broadcom BCM5700 NetXtreme Gigabit Ethernet Broadcom BCM5700S NetXtreme Gigabit Ethernet Broadcom BCM5701 NetXtreme Gigabit Ethernet Broadcom BCM5701S NetXtreme Gigabit Ethernet Broadcom BCM5702 NetXtreme Gigabit Ethernet Broadcom BCM5703 NetXtreme Gigabit Ethernet Broadcom BCM5703S NetXtreme Gigabit Ethernet Broadcom BCM5704 NetXtreme Gigabit Ethernet Broadcom BCM5704S NetXtreme Gigabit Ethernet Broadcom BCM5705 NetXtreme Gigabit Ethernet Broadcom BCM5782 NetXtreme Gigabit Ethernet for hp HP NC6770 Gigabit Ethernet HP NC7722 Gigabit Server Adapter HP NC7760 Gigabit Ethernet HP NC7761 Gigabit Server Ethernet HP NC7770 Gigabit Ethernet HP NC7771 Gigabit Ethernet HP NC7772 Gigabit Server Ethernet HP NC7780 Gigabit Ethernet HP NC7781 Gigabit Ethernet HP NC7782 Gigabit Ethernet HP NC7783 Gigabit Ethernet
The xdrivers package has been updated to include a new ATI Radeon Graphics Adapter Driver. This driver supports the following video cards:
ATI RADEON 7000 Graphics Adapter ATI RADEON 7200 Graphics Adapter ATI RADEON 7500 Graphics Adapter
The javaxcomm package contains version 2.0 of the Java Communications API for Java Serial I/O. This package enables Java applications to communicate over serial ports. See the Release Notes for javax.comm, and the RXTX open source web site at http://www.rxtx.org, for more information. Please note that this release of javax.comm does not support communication over parallel I/O ports.
The following Java 2 SE 1.3.1 packages have been updated to the indicated versions in response to Sun Microsystems, Inc., security alerts:
j2jre131 | Java 2 SE 1.3.1_10 Runtime Environment 1.3.1 |
j2sdk131 | Java 2 SE 1.3.1_10 Software Development Kit |
j2plg131 | Java 2 SE 1.3.1_10 Java Plug-in (Netscape and Mozilla) |
j2pls131 | Java 2 SE 1.3.1_10 Demos and Debug |
The alerts are:
Sun Alert ID | Description |
57436 | Verisign Class 3 and Class 2 PCA Root Certificate Expiration |
57221 | A Vulnerability in JRE May Allow an Untrusted Applet to Escalate Privileges |
The Java 2 Standard Edition 1.4.2 consists of the following packages:
j2jre142 | Java 2 SE 1.4.2_03 Runtime Environment 1.4.2 |
j2sdk142 | Java 2 SE 1.4.2_03 Software Development Kit |
This is the first Java release for UnixWare to incorporate the Sun HotSpot Java virtual machine. It has greatly improved performance and scalability over the previous Java 1.3.1 release.
The j2jre142 package requires the urwfonts package, and must be installed before installing j2sdk142.
On upgrade, Release 1.4.2 is installed by default and /usr/java is updated to point to the 1.4.2 version (/opt/java2-1.4.2). See the section Checking Update Pack Installation for how to check and change the active Java version.
Note that there is currently no Release 1.4.2 Mozilla Java plugin support; this is provided by the j2plg131 package.
A JDK 1.4.2 debugging package (formerly j2pls131) is not being released. The debugging information for the Sun "hotspot" VM's (now mostly in C++) is too large to be of any practical use (debugging size exceeds 400MB for each VM-client server). The Java demos formerly in j2pls131 have been moved into the j2sdk142 package.
This release of the Java 2SE corresponds to Sun's J2SE 1.4.2_03 patch level and includes the following Sun security fixes:
Sun Alert ID | Description |
57436 | Verisign Class 3 and Class 2 PCA Root Certificate Expiration |
unknown | Potential Denial of Service - SXun API for XML 1.0 Processing |
Additional information on the Java 2SE can be found at the following links:
The Mozilla web browser has been updated to version 1.2.1a to fix the following known security vulnerabilities in previous versions:
Mozilla Bug ID | Description |
221526 | Script.prototype.freeze/thaw could allow an attacker to run arbitrary code on your computer. |
213012 | By requesting a cookie with a path containing the escape sequence "%2E%2E", a malicious web site would be able to read cookies from different paths. |
158049 | Detecting variables in another domain is possible. |
220122 | A malicious website could gain access to a user's authentication credentials to a proxy server. |
92773 | It is possible to get and set variables in another domain. |
For more information please go to http://www.mozilla.org/projects/security/known-vulnerabilities.html.
The Lightweight Directory Access Protocol (LDAP) provides a set of commands and routines to create and manage a Directory Services database. This version of OpenLDAP (2.2.4) implements LDAPv3 as defined in RFC2251. The openldap package depends on the db package (Berkeley DB) for the database back-end. See the LDAP 2.2 Administrator's Guide and LDAP Manual Pages under Networking in the online documentation.
The ppp package has been updated to improve the reliability and scalability of the PPP server, pppd(1M).
The openssl package has been updated to 0.9.7c. OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a general purpose cryptography library. A user level command, openssl(1), is provided that performs a variety of cryptographic functions.
Documentation for OpenSSL is packaged separately in openssld. The following manual pages are installed under /usr/man, and can be viewed via man(1) or the DocView Man Pages button (http://hostname:8458):
asn1parse.1 ca.1 CA.pl.1 ciphers.1 crl.1 crl2pkcs7.1 dgst.1 dhparam.1 dsa.1 dsaparam.1 enc.1 gendsa.1 genrsa.1 nseq.1 openssl.1 passwd.1 | pkcs12.1 pkcs7.1 pkcs8.1 rand.1 req.1 rsa.1 rsautl.1 s_client.1 s_server.1 sess_id.1 smime.1 speed.1 spkac.1 verify.1 version.1 x509.1 | bio.3 blowfish.3 bn.3 bn_internal.3 buffer.3 crypto.3 d2i_DHparams.3 d2i_RSAPublicKey.3 des.3 dh.3 dsa.3 err.3 evp.3 hmac.3 lh_stats.3 lhash.3 | md5.3 mdc2.3 OPENSSL_VERSION_NUMBER.3 OpenSSL_add_all_algorithms.3 rand.3 rc4.3 ripemd.3 rsa.3 sha.3 ssl.3 threads.3 config.5 des_modes.7 |
For more information on OpenSSL see the OpenSSL Web Site.
The openssh package has been updated to version 3.7.1.p2 of OpenSSH. OpenSSH is a suite of network connectivity tools that encrypts all traffic to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. OpenSSH provides a variety of secure tunneling capabilities and authentication methods. SSH protocol versions 1.3, 1.5, and 2.0 are supported.
The OpenSSH suite includes:
Manual pages are provided for all of the above commands, as well as pages for the ssh_config(5) and sshd_config(5) SSH client and server configuration files. To display them, use the man(1) command or DocView on http://hostname:8458. For more information on OpenSSH, please go to the OpenSSH Web Site http://www.openssh.org/manual.html.
NOTE: You should install OpenSSL from the Update Pack before installing OpenSSH, even if you have a previous version of OpenSSL already installed.
Updated manual pages and online guides are provided by the uw7upman and uw7updoc packages, as well as some of the other packages included with the Update Pack. Both guides and manual pages can be viewed using any browser via the DocView Documentation Server. By default, DocView can be reached at http://hostname:8458, where hostname is the network node name of the UnixWare system, or localhost when using a browser on your UnixWare 7 system. The browser can be running on native UnixWare, on the Linux Kernel Personality (LKP), or on the OpenServer Kernel Personality (OKP). The manual pages can also be viewed using the man(1) command; this must be done from a UnixWare shell. (The man commands under LKP and OKP display the manual pages installed in those environments, not the UnixWare 7 pages.)
Newly added documentation will not be searchable using DocView's Search button until indexing is run. This is done, by default, at 3:10AM local time by a root crontab(1) entry. If this time is not appropriate for your site, you can edit the crontab entry to change the time indexing is run. In general, it is a good idea to run indexing when the system load is low, since indexing can consume considerable time and system resources, depending on the amount of text being indexed. You can also run indexing manually using the /usr/lib/docview/conf/rundig command after you finish installing documentation from the Update Pack.
Current UnixWare Documentation can also be viewed on the Internet at http://www.sco.com/support/docs/unixware.
CUPS has been updated to version 1.1.19_01 to correct problems displaying the names of USB printers in the graphical administrative interface. See CUPS and the Printing topic in the online documentation.
The foomatic package contains a generic filter and PPD files for various printer models. The filter and PPD files are integrated with the cups package (see CUPS), and cannot be used with the System V LP print system. Note that the CUPS package also provides its own PPD files.
This updated version of foomatic (3.0.0-01) includes the following:
For more information, see the Printing topic in the online documentation after you install cups and foomatic.
The gimpprint package contains a suite of high-quality printer drivers for use with the cups and foomatic packages; see the notes for CUPS. The gimpprint package includes:
The core driver (libgimpprint.so).
A CUPS driver primarily for Canon and Epson printers (along with some Lexmark and Hewlett-Packard models), and the corresponding PostScript Printer Definition (PPD) files. These PPD files appear as follows in the CUPS administrative web interface:
EPSON model CUPS+Gimp-print v4.2.5
Try these PPD files before trying the IJS-based drivers (below).
An IJS-based GhostScript driver (for use with foomatic) and corresponding PPD files. These PPD files appear as follows in the CUPS administrative web interface:
Epson model Foomatic/gimp-print-ijs
A utility to administer Epson printers, escputil.
Documentation for this driver is installed with the gimpprint package under Printing in the online documentation.
The Hewlett-Packard InkJet Driver (hpijs) is a printer driver for for more than 200 printer models, including, DeskJet, OfficeJet, Photosmart, Business InkJet and some LaserJet models. The hpijs package also contains PostScript Printer Definition (PPD) files for these printers, for use with the cups and foomatic packages. (See the notes for CUPS.) These PPDs appears as follows in the CUPS administrative web interface.
HP model Foomatic/hpijs (recommended) (en)
It is recommended that you use these PPD files even if there are other Foomatic PPDs for your printer model, for example:
HP model Foomatic/pcl3 (en)
The hpijs driver also provides PPD files for some non-HP printers. The list of these printers can be found at: http://www.linuxprinting.org/show_driver.cgi?driver=hpijs. Documentation for this driver is installed with the hpijs package under Printing in the online documentation.
Prior to this release, only one Universal Serial Bus (USB) printer connected to the system at one time was supported. In addition to supporting multiple USB printers, this release also provides fixes to some known problems. See Printing: USB Support for an overview of USB printer support. These updates are in the udienv and usb packages.
SCO Web Services is a set of application programming interfaces that use standard web technologies such as WSDL, SOAP, XML, and XML Schemas to enable your applications to interface with Web Services. The web services supported by SCOx enable applications to exchange data directly over the internet, without human intervention. Such applications can be anything from simple requests to complex business processes.
The web services and libraries are available on a separate CD image. Release notes and installation instructions can be found at the top level of the CD image, and on the UnixWare Supplements Web Page. Also see the SCO Web Services Web Site.
Please Note: You must install the Update Pack Set before you install the Web Services CD. Please read the Release Notes from the CD or Supplements Page before installing the Web Services CD.
Also note that there are some known issues with using the web services support for Java when Java 1.4.2 has been installed. Please see the SCO Java 2 Standard Edition v. 1.4.2_03 Release Notes for more details. Also note that when using web services support for C or C++, you should compile with the UDK C or C++ compiler, and not with the Open Source Tools gcc or g++ compilers.
The zlib package contains version 1.2.1 of the data compression library (/usr/lib/libz.so). The zlib Manual from http://www.zlib.net is available as a manual page; enter man zlib or use the Man Pages button in the online documentation. Note that the version 1.1.4 manual is still the current manual for zlib.
Samba provides filesharing capabilities using native Microsoft SMB and CIFS protocols for interoperability with Microsoft operating systems. Samba 3.0 is provided in a single-byte version for Western locales (samba); a multibyte version suitable for Asian locales will be made available in a future release.
Note the following when installing Samba:
If you are upgrading from a previous release of Samba on UnixWare, save a copy of your existing /usr/lib/samba/lib/smb.conf file before you begin installation, so you can restore any settings that might be affected by the upgrade.
By default, /tmp is automatically shared. This can be a security concern, since various system utilities keep temporary data in /tmp. To remove the /tmp share, log into SWAT (see above) and select the Shares icon. On the next screen, highlight the tmp share in the list box and select the Delete Share button.
Samba cannot run together with Advanced File and Print Sharing (AFPS; found on the Optional Services CD #3), nor with the NetBIOS protocol running. If Samba will not start, do the following to determine if AFPS or NetBIOS are running, and disable them if necessary:
Enter:
# cd /etc/rc2.d
S74netbios S99ms_srv
If these one or both of these files exist, enter the appropriate command or commands shown below:
# mv S74netbios s74netbios # mv S99ms_srv s99ms_srv
# shutdown -i6 -g0 -y
Start Samba:
# /etc/init.d/samba start
Samba documentation and manual pages are available under the DOS and Windows topic in the online documentation.
Samba is configured with the SWAT (Samba Web Administration Tool) utility using a web browser on http://hostname:901. To start SWAT:
As root, enter:
# /usr/lib/samba/sbin/swat
Point a web browser at http://localhost:901.
Log in to SWAT as root.
The main SWAT screen provides links to all the Samba documentation. Select the Status icon to start the Samba daemons.
To start, stop, and restart Samba from the command line, use the /etc/init.d/samba command, as in this example:
# /etc/init.d/samba start
To enable Samba at system startup, enter the following:
# /etc/init.d/samba enable
Samba will now start up automatically whenever the system boots. The disable parameter returns Samba to manual startup.
Localization settings are accessed from the SWAT Home Page by clicking on the Globals tab, and then selecting Advanced View. Set appropriate values for your locale for the client code page, the character encoding system, and the other options (each option has context-sensitive help). Please refer to the documentation for smb.conf for further details.
More Samba documentation and other resources are provided on the Samba Home Page.
Update Pack 3 contains all the new features from Update Pack 1 and Update Pack 2, as well as the additional new features listed in this section. See the Update Pack Feature List for a complete list.
Also see the sections Problems Fixed for the maintenance fixes included in the Update Pack, and Known Problems for limitations and workarounds.
The features listed in this section are installed with the Update Pack Set. See the Installation Procedures section for how to install the Update Pack Set.
A new boot(4) parameter has been added that allows newer video cards and chips (such as the nVidia GeForce onboard chip) to work with UnixWare. In these newer cards and chips, EGA environment tables are no longer provided and the video modes must be initialized by the kernel using VESA BIOS calls instead. If the USE_VESA_BIOS boot parameter is set on boot, then the kernel will initialize the video modes using VESA BIOS calls; if it is not set or set to "NO" (the default), then the EGA environment table is used. If you are installing UnixWare 7.1.3 for the first time, this parameter is not yet available at installation time. Install the system using another supported graphics card; then, after the system is installed, you can then edit boot(4) as described above to enable VESA BIOS initialization. See the Compatible Hardware Web Page at http://www.sco.com/chwp for graphics cards that work during a fresh install of UnixWare.
An entry has been added for India Standard Time (IST) to the list of time zones presented in both the SCOadmin International Settings Manager (scoadmin international) and the SCOadmin Time Manager (scoadmin system time). After setting the new time zone, reboot the system and set the current system date and time, if necessary, to the current local date and time using the Time Manager or the date(1) command.
A number of enhancements and fixes have been made to the Licensing subsystem. Most of these are listed in the Problems Fixed section. The following changes in the Licensing subsystem are significant to administrators and users:
The maximum number of simultaneous users, as determined by your current licenses, is now strictly enforced. Each connection (for example, via telnet, rlogin, ssh) counts as a "user", even if the same login is using multiple connections. If the number of allowable users (determined by the installed licenses) is exceeded, additional logins are denied until a current user logs off the system.
The new sco_pmd license policy manager daemon replaces the ifor_pmd, ifor_sld, and sco_cpd daemons from previous releases. See the sco_pmd(1M) manual page for details.
See the Installation and Licensing topic in the online documentation for more information about licensing.
The sendmail(1M) Mail Transfer Agent (MTA) has been updated to version 8.12.9, along with security fixes from version 8.12.10. As a result, the following message will be displayed when sendmail starts:
Warning: .cf file is out of date: sendmail 8.12.9 supports version 10, .cf file is version 9
Mail will still continue to work as before; however, none of the new versions added to sendmail after version 8.9 (including anti-spam filters) will not be implemented in the configuration file, /etc/sendmail/sendmail.cf. For a review of what has changed in sendmail since version 8.10, see .
For more information on using sendmail, see Mail and Messaging in the online documentation, and the Sendmail Web Site at http://www.sendmail.org.
The mkmsgs(1) command has been enhanced to accept message strings that span more than one line in the input file, and to accept message string input longer than 4095 characters. There is now no limit on the size of message string input.
Multi-line messages are encapsulated in the input file with "%<" and "%>" delimiters on a line by themselves, as in the following example:
%< first line of message second line of message ... %>
Only space, tab, and linefeed characters are allowed on the lines with the delimiters.
The security and reliability of the rndc(1M) program and the handling of secret keys used between rndc and DNS/BIND control channels has been improved.
The upper limit on the amount of swap space that can be allocated has been increased from 2GB (2 gigabytes) to 4GB. Use the swap command to increase the current swap space size. See the swap(1M) manual page and the sections Configuring systems for large physical memory and Adding swap space for more information.
USB 2.0 support has been enhanced to include limited support for a single USB printer connected to the system. Rather than delay the release of this important feature in order to undertake the task of certifying a large sample of the wide range of printers currently available, SCO has chosen to speed the availability of this much-requested feature to our customers by certifying a small number of printers for this first release of USB Printing. These printers are listed in the SCO Certified Hardware Web Page (CHWP) at http://www.sco.com/chwp. As we certify new examples we will add them to the CHWP.
As of the publication of this document, the certified list includes:
There is also a set of printers that we know are problematic. This list includes:
In addition, we have some generic guidelines which will enhance your experience if you attempt to attach a printer that is not yet certified.
USB printer support in UnixWare is not designed to replace parallel printer support for existing installations. In fact, we strongly suggest that if you currently have a printer connected to your UnixWare system via the parallel interface you should not move it to a USB interface. It is likely that to do so would result in different printer behavior than you currently experience.
If you want to attach a new printer to your UnixWare system and the printer provides both a parallel interface and a USB interface, we suggest that you use the parallel interface. Our testing suggests that many printers that support both interfaces provide a less than spec-compliant USB interface. Thus, using the parallel interface on these printers usually results in a better experience.
The Common UNIX Print System (see CUPS) is also being released along with USB Printing. We strongly suggest that you use CUPS as the print system when connecting USB printers. One side effect of this suggestion is that CUPS and System V LP cannot both be running at the same time on your UnixWare system. Although installing CUPS does not automatically replace LP as the default print spooler on your system, once you activate the CUPS print spooler the LP print spoller is disabled. In order for printers currently working under LP to work under CUPS, the printers must be manually added to the CUPS configuration. There is no provision to automatically transfer your System V LP printer configuration to your CUPS configuration. Further documentation on CUPS is available in the UnixWare online documentation under Printing (after you install the cupsdoc package) and at http://www.cups.org/documentation.php
CUPS provides a small set of printer drivers (also called PostScript Printer Definition files, or PPD files). If the printer descriptions supplied with CUPS do not meet your needs, we also provide the foomatic package of printer descriptions. Foomatic requires the ESP GhostScript printer drivers provided in the gs package, and supports dozens of printers. We have included all drivers except gimp-print and hpijs. If your printer model is only supported through these drivers (for example, the HP OfficeJet v40), it will not work with CUPS. These drivers will be made available in a future release.
Further documentation on the printers supported by foomatic is available at http://www.linuxprinting.org/printer_list.cgi. You can search this site for the proper driver name for your printer, and then look for the driver in the Make/Model selection list displayed by the CUPS graphical interface. You can also search for a driver and display the printers it supports. This site rates the quality as well as availability of printer drivers.
The support provided by foomatic for a given printer model also depends upon the cooperation which the Open Source community gets from various printer vendors. Vendors are ranked at http://www.linuxprinting.org/vendors.html. If the vendor for your printer is listed here in the "Useless" category, for example, it may not be possible to obtain an acceptable driver for your printer.
Please note that any fax and scanner capabilities provided by printers are not currently supported, even if the driver supports them.
To configure a USB printer using the active print subsystem from the command line, use the lpadmin(1M) command. Use the scoadmin printer graphical interface to add a USB printer to System V LP, or CUPS. If CUPS is the current print system, scoadmin printer launches the CUPS graphical interface on http://localhost:631. In the online documentation, see the CUPS Quick Start Guide and Adding a USB Printer to LP.
When defining the printer, use the USB device name. When a USB printer is connected to the system and turned on, two device nodes are created automatically for the printer. They can be listed by entering:
ls -tr /dev/usb_prnt* /dev/usblp*
The device node names are defined as follows:
The # appearing in the device name is the order the printer was recognized as attached. If you have only one printer, it will always be at /dev/usb_prnt0 regardless of how it is physically connected. If you have multiple USB printers connected (which is not currently supported), the digits at the end should not be regarded as stable: they will change as, for example, device timing varies and configuration changes are made.
Please Note: Only device names of the form /dev/usb_prnt# should be used in the scoadmin printer LP manager. See the procedures referenced above for how to add printers to LP and CUPS.
The first five digit number is the location of the host controller interface (HCI) to which the printer is connected. It's five digits represent the PCI bus number (two digits), the PCI device number (two digits), and the PCI function number (the final digit). For example:
/dev/usblp-00072-1.4.2
The above device name indicates that the HCI is located at PCI bus number 00, PCI device 07, PCI function 2. Note that this number is completely determined by the hardware vendor's PCI configuration.
The remainder of the device name after the second dash is a sequence of from one to six decimal numbers, each of which can be from one to three digits. The final number, which is required, indicates the port number on the device to which the printer is physically connected. Up to five hubs can be connected between the printer and the PC USB port, and the ports to which these devices are connected are indicated by the five optional three digit numbers in the device name, separated by periods.
For example, if a USB printer were connected directly to the first USB port on the system, the device name might look like this:
/dev/usblp-00072-1
A device name like /dev/usblp-00072-1.4.2 indicates the following device configuration:
PC USB Port 1 --- | Hub#1 Port 1 PC USB Port 2 | Hub#1 Port 2 | Hub#1 Port 3 | Hub#1 Port 4 --- | Hub#2 Port 1 ... | Hub#2 Port 2 --- USB Printer ...
where Hub#1 is connected into the system's first USB port, a second hub is plugged into Hub#1 Port 4, and the USB Printer is plugged into Hub#2 Port 2. This device name is completely unique and will not change as long as the physical configuration of the USB devices is not changed.
See the documentation for LP and CUPS (if installed) under the Printing topic in DocView for more information on printer management.
The UNIX95 version of the Korn shell, /u95/bin/ksh, has been updated to fix a number of problems:
The features listed in this section are contained in separate packages from the Update Pack Set. To install them, either select them from the Upgrade Wizard when you install the Update Pack Set, or follow the instructions in the section Installing Additional Packages after the Update Pack Set.
The gs package includes version 7.05.6 of the GhostScript PostScript and PDF file interpreter, used to display, convert, and print PostScript and PDF (Portable Document Format) files. The documentation accompanying GhostScript is installed with the gs package. See the gs(1) manual page and the Desktops topic in the online documentation.
The ide host bus adapter (HBA) driver has been updated to include a number of bug fixes, as well as the following new features:
Compliance with the ATA/ATAPI-6 standard (see http://www.t13.org).
Supported IDE hard disk capacity has increased from 128GB (gigabytes) to just below 1TB (terabyte), a total of 1,099,510,579,200 bytes (1 terabyte minus 1 megabyte). Full 48-bit addressing in the driver allows support for IDE hard disks up to 1PB (1 petabyte; 1,125,899,906,842,624 or 2^50 bytes) in size; however, the 32-bit addressing used by the kernel limits IDE hard disk support on UnixWare to just below 1TB (a terabyte is 2^40 bytes).
The ide driver is available as a separate package image in the Update Pack, as well as a floppy disk image suitable for use during a fresh install of UnixWare. The floppy image is available at: ftp://ftp.sco.com/pub/unixware7/drivers/storage.
The Broadcom bcme network card driver has been updated to version 6.0.16. This version fixes known kernel panics in the previous driver, which occurred when calling bcopy to copy a transmit buffer. The driver code has also been improved for better transmit performance. The updated driver is included in the nd package. For a list of network cards supported by the bcme driver, please see the Update Pack 2 Notes.
The Intel e1008g PRO/1000 networking card driver has been updated to version 7.2.15. This version includes new adapter support, fixes a panic when transmitted packets are excessively fragmented, fixes PHY initialization problems, and fixes problems that caused the driver to return inaccurate speed information. The updated e1008g driver is included in the nd package, and now supports the following Intel network cards:
700262-xxx PRO/1000 Gigabit Server Adapter PWLA8490 717037-xxx PRO/1000 Gigabit Server Adapter PWLA8490 713783-xxx PRO/1000 Gigabit Server Adapter PWLA8490G1 A38888-xxx PRO/1000 F Server Adapter PWLA8490SX 738640-xxx, PRO/1000 F Server Adapter PWLA8490-SX A06512-xxx PRO/1000 Gigabit Adapter PWLA8490SXG1P20 A19845-xxx PRO/1000 T Server Adapter PWLA8490T A33948-xxx PRO/1000 T Server Adapter PWLA8490TG1P20 A51580-014 PRO/1000 XT Server Adapter PWLA8490XT A73668-001 PRO/1000 XT Server Adapter PWLA8490XTL A68178-xxx PRO/1000 XT Lo Profile PCI Server Adapter PWLA8490XTL A50484-xxx PRO/1000 XF Server Adapter PWLA8490XF 739456-xxx IBM Netfinity Gigabit Ethernet SX Adapter 09N3599 721352-xxx IBM Netfinity Gigabit Ethernet SX Adapter 30L7076 A34085-xxx IBM Gigabit Ethernet SX Server Adapter 06P3718 A36407-xxx IBM Gigabit Ethernet Server Adapter 22P4618 A78408-xxx PRO/1000 MT Desktop Adapter PWLA8390MT PRO/1000 MT Low Profile Desktop PWLA8390MTBK20 A92165-xxx PRO/1000 MT Server Adapter PWLA8490MT A92111-xxx PRO/1000 MT Dual Port Server Adapter PWLA8492MT A91622-xxx PRO/1000 MF Server Adapter PWLA8490MF A91624-xxx PRO/1000 MF Server Adapter (LX) PWLA8490LX A91620-xxx PRO/1000 MF Dual Port Server Adapter PWLA8492MF PRO/1000 MT Mobile Connection A81081-xxx PRO/1000 MT Server Adapter PWLA8490MT A65396-xxx PRO/1000 MT Dual Port Server Adapter PWLA8492MT PRO/1000 MT Quad Port Server Adapter PWLA8494MT A81983-xxx PRO/1000 MF Server Adapter PWLA8490MF A78709-xxx PRO/1000 MF Dual Port Server Adapter PWLA8492MF PRO/1000 CT Network Connection PRO/1000 CT Mobile Connection PRO/1000 MB Server Connection PRO/1000 MB Dual Port Network Connection 82544GC Based Network Connection HP NC6132 Gigabit Module HP NC6133 Gigabit Module HP NC6134 Gigabit NIC HP NC6136 Gigabit Server Adapter HP NC6170 Dual PCI-X 1000-SX Server Adapter HP NC7131 Gigabit Server Adapter HP NC7132 Gigabit Upgrade Module HP NC7170 Dual PCI-X 1000-T Server Adapter
Updated manual pages and online guides are provided by the baseman and basedoc packages, as well as some of the other packages included with the Update Pack (e.g., cupsdoc, openssld, jpeg, tiff, libpng). Both guides and manual pages can be viewed using any browser via the DocView Documentation Server. By default, DocView can be reached at http://hostname:8458, where hostname is the network node name of the UnixWare system, or localhost when using a browser on your UnixWare 7 system. The browser can be running on native UnixWare, on the Linux Kernel Personality (LKP), or on the OpenServer Kernel Personality (OKP). The manual pages can also be viewed using the man(1) command; this must be done from a UnixWare shell. (The man commands under LKP and OKP display the manual pages installed in those environments, not the UnixWare 7 pages.)
Note that none of the Update Pack documentation packages rebuild DocView's Search index, so any documentation added will not be searchable using DocView's Search button until indexing is run. This is done, by default, at 3:10AM local time by a root crontab(1) entry. If this time is not appropriate for your site, you can edit the crontab entry to change the time indexing is run. In general, it is a good idea to run indexing when the system load is low, since indexing can consume considerable time and system resources, depending on the amount of text being indexed. Alternately, you can run indexing manually using the /usr/lib/docview/conf/rundig command after you finish installing documentation from the Update Pack.
Version 1.1.19 of the Common UNIX Printing System (CUPS) is available in three separate packages:
cups | Client and Server Software for CUPS |
cupsdev | CUPS Development Libraries |
cupsdoc | CUPS Online Guides and Manual Pages |
The current CUPS implementation supports all the documented features of CUPS, with the following exceptions:
CUPS also supports USB printing (see Printing: USB Support). We strongly suggest that you use CUPS as the print system when connecting USB printers. One side effect of this suggestion is that CUPS and System V LP cannot both be running at the same time on your UnixWare system. Although installing CUPS does not automatically replace LP as the default print spoller on your system, once you activate the CUPS print spooler the LP print spoller is disabled. In order for printers currently working under LP to work under CUPS, the printers must be manually added to the CUPS configuration. There is no provision to automatically transfer your System V LP printer configuration to your CUPS configuration. Further documentation on CUPS is available in the UnixWare online documentation under Printing (after you install the cupsdoc package) and at http://www.cups.org/documentation.php
If the printer descriptions supplied with CUPS do not meet your needs, we are also providing the foomatic package of printer descriptions. Foomatic requires the ESP GhostScript printer drivers provided in the gs package, and supports dozens of printers.
Further documentation on the printers supported by foomatic is available at http://www.linuxprinting.org/printer_list.cgi. You can search this site for the proper driver name for your printer, and then look for the driver in the Make/Model selection list displayed by the CUPS graphical interface. You can also search for a driver and display the printers it supports. This site rates the quality as well as availability of printer drivers.
The support provided by foomatic for a given printer model also depends upon the cooperation which the Open Source community gets from various printer vendors. Vendors are ranked at http://www.linuxprinting.org/vendors.html. If the vendor for your printer is listed here in the "Useless" category, for example, it may not be possible to obtain an acceptable driver for your printer.
You must install the Update Pack Set before you install cups, or CUPS will not work properly. The following packages are required by CUPS to provide the indicated functionality; they can be installed either before or after cups:
foomatic | printer filters and PPD files |
libpng | printing PNG image files |
jpeg | printing JPEG image Files |
gs | printing PostScript files |
openslp | remote printer management |
openssl | remote printer management |
perl | support for Perl scripts used by CUPS |
tiff | printing TIFF image files |
zlib | decompressing image files |
After you install cups, the System V LP System is still the default printing subsystem. Use the chprnsys(1M) command to switch between the System V LP and CUPS printing Systems, as in this example:
# chprnsys cups
The chprnsys command, among other things, reconfigures the system manual pages so that the pages appropriate to the currently active print subsystem are displayed by the man command and by DocView. The online CUPS guides can be viewed under the Printing topic in DocView, when CUPS is the active print subsystem. (Note that you must install cupsdoc to get all the CUPS manual pages and guides.)
CUPS can be administered using command line tools (see Printing for a list), or using the CUPS graphical interface on http://localhost:631. The scoadmin printer graphics interface will launch the administrative interface for the currently active print system. To get started, see the CUPS Quick Start Guide in the on line documentation.
Please Note: If you have a USB printer, connect it to your system and turn it on before you enable CUPS. If you connect a USB printer after you enable CUPS, restart CUPS by entering:/etc/init.d/cups restart
Once you install cups, the Update Pack installation is locked, until you remove the cups package. This is necessary to preserve the integrity of system software. See the section Known Problems.
The foomatic package contains a generic printer filter and PPD (PostScript Printer Definition) files for printers that understand printer languages other than PostScript (such as PCL). This enables printing of PostScript files to these printers, by translating the PostScript file to the language understood by the printer. The filter and PPD files are integrated with the cups package (see CUPS), and cannot be used with the System V LP print system. Note that the CUPS package also provides its own PPD files. For more information, see the Printing topic in the online documentation.
The jpeg package installs libjpeg and associated utilities from Version 6b of the Independent JPEG Group's open source JPEG image compression software. The libjpeg library allows applications to compress images and store them in JFIF format files, and decompress JFIF format files containing JPEG compressed images. For JPEG release notes, see the jpeg(7) manual page. The following utilities are also provided; see the associated manual pages listed below:
cjpeg(1) | sample application for converting PPM, PGM, BMP, Targa image formats to JPEG |
djpeg(1) | sample application for converting JPEG files to PPM, PGM, BMP, GIF, Targa image formats |
jpegtran(1) | utility for lossless transcoding between different JPEG processes |
rdjpgcom(1) | extracts textual comments from JFIF files |
wrjpgcom(1) | inserts textual comments in JFIF files |
See the JPEG Archive Site at ftp://ftp.uu.net/graphics/jpeg for more documentation on the JPEG software.
A new multithreaded version of the Perl Programming Language, version 5.8.0, is supplied and installed automatically when the cups package is selected for installation using the Upgrade Wizard. The perl package does not replace the version of Perl (perl5) installed from the UnixWare 7.1.3 media. Instead, it is installed separately under /opt. The file /usr/bin/perl is, however, made a link to the new 5.8.0 version of the perl interpreter.
The perl package can also be installed separately from cups. Most perl users will also want to install the perlmods package from the SCOx CD. This package fixes a CGI.pm security vulnerability (see Known Problems), and provides other updated and useful modules as well. The perlmods package can only be installed and used with the new perl package.
The libpng package installs Version 1.2.5 of libpng, an open source library that applications can use to manipulate PNG (Portable Network Graphics) raster image files. See libpng(3) for release notes, a usage overview, and further references. See libpng(3) and libpngpf(3) for function definitions. Further documentation and archives are available at http://www.libpng.org, or ftp://ftp.uu.net/graphics/png. This package requires that the zlib package is already installed.
The libtiff package contains a library for manipulating Tag Image File Format (TIFF) image files, along with TIFF-related utilities. This version of libtiff supports TIFF version 4.0, 5.0, and 6.0 files. The package installs its own manual pages:
See Section 3t. See the libtiff(3t) manual page for an introduction.
Also see the following command manual pages:
fax2ps (1) - convert a TIFF facsimile to compressed |
fax2tiff (1) - create a TIFF Class F fax file from raw fax data |
gif2tiff (1) - create a TIFF file from a GIF87 format image file |
pal2rgb (1) - convert a palette color TIFF image to a full color image |
ppm2tiff (1) - create a TIFF file from a PPM image file |
ras2tiff (1) - create a TIFF file from a Sun rasterfile |
rgb2ycbcr (1) - convert non-YCbCr TIFF images to a YCbCr TIFF image |
sgi2tiff (1) - create a TIFF file from an SGI image file |
thumbnail (1) - create a TIFF file with thumbnail images |
tiff2bw (1) - convert a color TIFF image to greyscale |
tiff2ps (1) - convert a TIFF image to PS |
tiff2rgba (1) - convert a TIFF image to RGBA color space |
tiffcmp (1) - compare two TIFF files |
tiffcp (1) - copy (and possibly convert) a TIFF file |
tiffdither (1) - convert a greyscale image to bilevel using dithering |
tiffdump (1) - print verbatim information about TIFF files |
tiffgt (1) - display an image stored in a TIFF file (Silicon Graphics version) |
tiffinfo (1) - print information about TIFF files |
tiffmedian (1) - apply the median cut algorithm to data in a TIFF file |
tiffsplit (1) - split a multi-image TIFF into single-image TIFF files |
tiffsv (1) - save an image from the framebuffer in a TIFF file (Silicon Graphics version) |
The SCOx Client API is a set of application programming interfaces that use standard web technologies such as WSDL, SOAP, XML, and XML Schemas to enable your applications to interface with SCObiz. SCObiz is a comprehensive web site development, deployment, and hosting service through which SCO's partners can provide web site hosting solutions to their customers. SCObiz provides an infrastructure that enables solution providers to quickly and easily create e-Commerce or information-oriented web sites. The web services supported by SCOx and SCObiz enable applications to exchange data directly over the internet, without human intervention. Such applications can be anything from simple requests to complex business processes.
The SCOx client libraries and web services are available on a separate CD image. Release notes and installation instructions can be found at the top level of the SCOx CD image, and on the UnixWare Supplements Web Page. Also see the SCOx and SCObiz Web Sites.
Please Note: You must install the Update Pack Set before you install the SCOx CD. Please read the SCOx Release Notes from the CD or Supplements Page before installing SCOx.
Update Pack 2 contained all the new features listed below, as well as the new features from Update Pack 1. See the section Problems Fixed for the maintenance fixes included in the current Update Pack, and the section Known Problems for limitations and workarounds.
The features listed in this section are installed with the Update Pack Set. See the Installation Procedures section for how to install the Update Pack Set.
Previously, the system calls shmget(2), msgget(2), and semget(2) returned 32-bit InterProcess Communication (IPC) IDs for shared resources under UnixWare. OpenServer and Xenix applications, however, expect IPC IDs that are positive, signed 16-bit numbers.
A new flag, IPC_SMALLID
, may be passed in to the IPC routines listed above.
If this flag is passed in, then, on success, the invoked function returns a 16-bit IPC ID.
Otherwise, a 32-bit IPC ID is returned.
The IPC_SMALLID
flag is introduced for use in cases in which a native
UnixWare application requires a small IPC ID in order to share the ID and
associated object with OpenServer or Xenix applications.
For example, the Xenix emulator included with the OpenServer Kernel Personality (OKP) product
uses IPC_SMALLID
for every IPC ID it requests, so Xenix
applications can use IPC as expected.
In addition to the IPC_SMALLID
flag, three new tunables are also available for cases where the entire system
must be tuned to return 16-bit IPC IDs to support OpenServer and Xenix applications.
These tunables are SHMSMALLID
, MSGSMALLID
, and SEMSMALLID
, and they affect
the return values of shmget(2), msgget(2), and semget(2), respectively.
Each has a default value of 0, and a range of values of 0 to 1.
Each tunable controls whether the corresponding IPC system call returns a 16-bit ID by default.
If the tunable is set to 0 (the default), then the corresponding routine always returns a
32-bit ID; if the tunable is set to 1, then the corresponding routine always returns a 16-bit ID.
The kernel has been modified to always return 16-bit IPC IDs to a running application that it recognizes as an OpenServer or Xenix executable, regardless of the setting of the above tuneables.
The dtlogin(X1) daemon has been enhanced to save the desktop chosen when a user logs in. The next time the same user logs in, the previously used desktop will be launched, unless the user chooses another from the Desktop menu on the Graphical Login screen.
Two new keywords that control this feature can be specified in the file /etc/default/login:
SAVEUSERGUI
DEFAULTWINDOWMANAGER
DEFAULTWINDOWMANAGER
is used.Once a user has logged into a graphical desktop, the dtlogin menu Options > Session will display the following choices:
[Last Desktop Session Selected] Common Desktop Environment (CDE) and UNIX Personality Panorama Session and UNIX Personality KDE2 and Linux Personality (LKP) Failsafe Session
(If you do not have LKP installed, the entry "KDE2 and Linux Personality (LKP)" will not be displayed.)
Your default window manager is either the system default window manager
(DEFAULTWINDOWMANAGER
) as specified in /etc/default/login or the window
manager you previously selected from the Options > Session menu.
You can change your personal default window manager by selecting a new
window manager from the Options > Session menu.
Your personal default window manager overrides the system default window
manager unless SAVEUSERGUI
is set to NO.
The SCOadmin Filesystems Manager has been moved from the main SCOadmin screen (started from the CDE or Panorama Desktop menus, or from the command line with the scoadmin command), to a new Storage folder. The Storage folder also contains the new Disk, Partition, and Slice Managers, described below.
The asy and asyc drivers (see the asyc(7) manual page) are now configured by default to support up to ten total serial ports. The ports are named following the conventions described in the section Hardware > Configuring Serial Ports > Serial device node naming conventions in the online documentation. The drivers now support 16654 UARTS on the motherboard, as well as Digi Classicboard and Connecttech Blue Heat PCI cards.
PCI devices honor the resmgr entries created or modified by dcu(1M). Note that only scanned (i.e. not PCI) devices may be used for kdb(1M) or console devices.
For more information on the ConnecTech and Digi boards mentioned above, see
the respective companies' web sites:
http://www.dgii.com/products/multiport%20serial%20cards/classicboard.jsp
http://www.connecttech.com/sub/Products/ProductList.asp
The DNS Manager (scoadmin dns) has been updated with the following fixes and enhancements:
The DNS Manager will launch only one server deamon. In previous releases, the DNS Manager would invoke another DNS server when the Manager was started or terminated.
Enhanced the Manager so that it does not remove configuration and zone data file information entered by other mechanisms (e.g., vi(1) or h2n(1M)). This was a problem in earlier releases.
Enhanced h2n(1M) so that it will work properly with files created or edited by the DNS Manager (e.g., uses the same conventions, such as zone data file names). In previous releases, you could not use both tools on the same set of files.
The Server pull down menu now adds options reliably to the current configuration. The DNS configuration file it produces is validated with the named-checkconf utility. It also cleans up appropriately when configuration options and statements are removed.
Add and Modify Zones commands for the Primary server type have been improved:
The System V LP printing subsystem has been enhanced to allow a maximum of 999 print jobs per printer, or class of printers. In previous releases, only 999 print jobs for the entire system were permitted.
By default, privileged processes (i.e., processes running as root) do not dump core files, to prevent
unprivileged access to sensitive data that may be contained in the core file.
(See the core(4) manual page for a description of core files.)
A new tunable parameter (COREFILE_SECURE
) has been introduced that, if set in the current environment of a
privileged process, allows the process to dump a core file when a program exception occurs.
Such core files should be protected from unprivileged access by ensuring the file permissions allow only owner access,
and that the file is owned by root.
You can do this using the following commands:
chmod 400 corefile chown root corefile
COREFILE_SECURE
can also be set for the entire system using the System Tuner.
Enter scoadmin system tuner at a shell prompt, or launch SCOadmin from the desktop and select
System > System Tuner.
Three new SCOadmin managers provide a graphical mass storage management interface:
These managers are grouped under a new Storage folder in the SCOadmin main window. Start SCOadmin from the CDE or Panorama desktop menus, or by entering scoadmin at a UNIX shell prompt. Managers can also be started from the command line using their names; for example, scoadmin disk starts the Disk Manager. Use the Help button on the main window of any Storage manager to display the online documentation, or look under the Mass Storage Devices Overview topic at the top level of DocView on http://hostname:8458.
The features listed in this section are contained in separate packages from the Update Pack Set. To install them, either select them from the Upgrade Wizard when you install the Update Pack Set, or follow the instructions in the section Installing Additional Packages after the Update Pack Set. See Update Pack Contents for the list of additional packages available.
The following HBA drivers are new or updated:
This updated version of the adst70 driver fixes a panic that occurred previously on transition to init(1M) state 1.
This new driver supports the following Adaptec Host Bus Adapters:
Adapter | Chip | Type |
AHA29320x, AHA39320x | AIC-7901A, AIC-7902A4 | Ultra320 SCSI |
This new driver supports the following Intel® Host Bus Adapters:
Adapter | Type |
SRCFC22C | Dual Channel 2 Gb/s Fibre Channel RAID w/Ultra160 SCSI |
SRCS14L | Four Port S-ATA RAID |
SRCMR | Modular RAID on Motherboard Ultra160 SCSI |
SRCU-31 | Single Channel Ultra160 SCSI RAID |
SRCU-31L | Single Channel Ultra160 SCSI RAID |
SRCU-32 | Dual Channel Ultra160 SCSI RAID |
Diskette images of these drivers suitable for use during a new installation of UnixWare are available at ftp://ftp.sco.com/pub/unixware7/drivers/storage.
Also see the Compatible Hardware Page for the latest supported hardware and drivers.
The nd package contains the following updated NIC drivers.
3Com 3C996/3C1000/3C94X Gigabit Ethernet Broadcom BCM5700 NetXtreme Gigabit Ethernet Broadcom BCM5701 NetXtreme Gigabit Ethernet Broadcom BCM5702 NetXtreme Gigabit Ethernet Broadcom BCM5703 NetXtreme Gigabit Ethernet Broadcom BCM5704 NetXtreme Gigabit Ethernet Broadcom BCM5704S NetXtreme Gigabit Ethernet Broadcom BCM5705 NetXtreme Gigabit Ethernet Broadcom BCM5782 NetXtreme Gigabit Ethernet for hp HP NC6770 Gigabit Ethernet HP NC7760 Gigabit Ethernet HP NC7761 Gigabit Server Ethernet HP NC7770 Gigabit Ethernet HP NC7771 Gigabit Ethernet HP NC7772 Gigabit Server Ethernet HP NC7780 Gigabit Ethernet HP NC7781 Gigabit Ethernet HP NC7782 Gigabit Ethernet HP NC7783 Gigabit Ethernet
PRO/1000 Gigabit Server Adapter PWLA8490 PRO/1000 Gigabit Server Adapter PWLA8490G1 PRO/1000 F Server Adapter PWLA8490SX PRO/1000 Gigabit Adapter PWLA8490SXG1P20 PRO/1000 T Server Adapter PWLA8490T PRO/1000 T Server Adapter PWLA8490TG1P20 PRO/1000 XT Server Adapter PWLA8490XT PRO/1000 XT Server Adapter PWLA8490XTL PRO/1000 XT Lo Profile Server Adapter PWLA8490XTL PRO/1000 XF Server Adapter PWLA8490XF IBM Netfinity Gigabit Ethernet SX Adapter 09N3599 IBM Netfinity Gigabit Ethernet SX Adapter 30L7076 IBM Gigabit Ethernet SX Server Adapter 06P3718 IBM Gigabit Ethernet Server Adapter 22P4618 PRO/1000 MT Desktop Adapter PWLA8390MT PRO/1000 MT Server Adapter PWLA8490MT PRO/1000 MT Dual Port Server Adapter PWLA8492MT PRO/1000 MF Server Adapter PWLA8490MF PRO/1000 MF Dual Port Server Adapter PWLA8492MF
PRO/100+ Management Adapter (PILA8900) PRO/100 Server (PILA8480) Pro/100B T4 (PILA8475B) PRO/100 S Server (PILA8474B) PRO/100 S Server (PILA8474BUS) PRO/100+ Dual Port Server Adapter (PILA8472) PRO/100+ Server Adapter (PILA8470) PRO/100+ Server Adapter (PILA8470B) PRO/100+ Dual Port Server Adapter (61PMCA00) PRO/100 (PILA8465) PRO/100B Adapter (PILA8465B) InBusiness 10/100 Adapter (SA101TX) PRO/100 S Management (PILA8464B) Pro/100+ Management Adapter (PILA8461) Pro/100+ (PILA8460) Pro/100+ Management Adapter (PILA8460B) Pro/100+ (PILA8460BN) PRO/100 S Management (PILA8460BUS) Pro/10+ (PILA8500) Pro/10+ (PILA8520)
See the Compatible Hardware Page for the latest supported hardware and drivers.
The xdrivers package provides a new nvidia graphics driver that supports the following graphics cards from NVIDIA Corporation:
NVIDIA RIVA TNT2/TNT2 Pro NVIDIA RIVA TNT2 Ultra NVIDIA Vanta/Vanta LT NVIDIA RIVA TNT2 Model 64/Model 64 Pro NVIDIA Aladdin TNT2 NVIDIA GeForce2 MX/MX 400 NVIDIA GeForce2 MX 100/200 NVIDIA Quadro2 MXR/EX
Also see the Compatible Hardware Page for the latest supported hardware and drivers.
The Mozilla internet browser, version 1.2.1, is included in a separate package as an alternative to Netscape Communicator 4.61 (delivered in the base Release 7.1.3 system). If you install Mozilla using the Upgrade Wizard when you install the Update Set, all prerequisite packages will be installed as well. If you install Mozilla using pkgadd(1M), you will need to install them in the order shown (after installing the Update Set) to enable Mozilla on UnixWare 7.1.3:
The j2re131 and j2plg131 packages are required for Java plug-in support only.
For example, if you download all the .image files from the download site to /var/spool/pkg, use the following commands to install these packages:
pkgadd -d /var/spool/pkg/basex.image all pkgadd -d /var/spool/pkg/xserver.image all pkgadd -d /var/spool/pkg/glib.image all pkgadd -d /var/spool/pkg/gtk.image all pkgadd -d /var/spool/pkg/libIDL.image all pkgadd -d /var/spool/pkg/mozilla.image all pkgadd -d /var/spool/pkg/j2jre131.image all pkgadd -d /var/spool/pkg/j2plg131.image all
If you are using a mounted CD or CD ISO image (see Step 1 and 2 of Installing the Update Pack from CD), mounted under /install, enter the following:
pkgadd -d /install basex pkgadd -d /install xserver pkgadd -d /install/glib.image all pkgadd -d /install/gtk.image all pkgadd -d /install/libIDL.image all pkgadd -d /install/mozilla.image all pkgadd -d /install j2jre131 pkgadd -d /install j2plg131
A mozilla(1) manual page is installed with the browser, and can be viewed with the man(1) command or with DocView on http://hostname:8458.
The following notes apply to using the Update Pack 2 version of Mozilla in locales other than en_US.
The mozilla released in the Update Pack 2 has been built for the US English locales. All menus and help material are in English.
Localization of the user interfaces are provided by individual contributors to the Mozilla Localization Project. These typically:
Language Packs currently available for Mozilla 1.2.1 are:
Asturian, Belarusian, Breton, Catalan, Simplified Chinese (China), Traditional Chinese (Hong Kong), Traditional Chinese (Taiwan), Czech, Danish, Dutch, English (United Kingdom), Esperanto, Estonian, French, Galician, German, Greek, Hungarian, Italian, Korean, Lithuanian, Mongolian, Norwegian Nynorsk, Telugu, Turkish, Romanian, Russian, Slovak, Slovenian, Sorbian, Spanish (Latin America), Spanish (Argentina), Spanish (Spain), Polish, Portuguese (Brazil) and Ukrainian.
To install individual Language Packs, do the following as root in Mozilla:
NOTE: Do not attempt to download Mozilla "Content Packs". These contain binaries and libraries compiled for locales on specific operating systems. There are currently no Content Packs for Mozilla running on UnixWare 7, and loading one of them may result in unexpected behavior.
Once a Language Pack is installed, it must be enabled in Mozilla. Select Edit > Preferences > Appearance > Language/Contents, and choose the Installed Language Pack desired. Then restart Mozilla for the new language pack to take effect.
When using Mozilla in a Japanese locale, Japanese characters may not be displayed as they are typed using the X input method (invoked by typing Shift+Space). The Japanese characters are instead displayed when Enter is pressed. This behavior is the default setting of the xim.input_style attribute in the Mozilla browser. To have characters displayed as they are typed in Japanese locales, add the following line to each user's java script preferences file (typically $HOME/.mozilla/default/*/prefs.js):
user_pref("xim.input_style", "over-the-spot");
The basedoc and baseman packages contain guide material and manual pages for the new features, enhancements, and fixes delivered with Update Pack 2. They assume that the packages of the same name from Release 7.1.3 are already installed. Online documentation is viewed using the DocView documentation server (docview), at http://hostname:8458, where hostname is the network node name of the UnixWare system (e.g., system1, system1.yourdomain.com, etc.) or localhost. The document you are reading now is found under New Features and Notes.
The OpenSSL package has been updated to 0.9.7 with a security fix that prevents a timing-based attack on cipher suites used in SSL and TLS. OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a general purpose cryptography library. A user level command, openssl(1), is provided that performs a variety of cryptographic functions.
Documentation for OpenSSL is packaged separately in openssld on the UnixWare 7.1.3 Updates and Upgrades CD #2. The following manual pages are installed under /usr/man, and can be viewed via man(1) or the DocView Man Pages button (http://hostname:8458):
asn1parse.1 ca.1 CA.pl.1 ciphers.1 crl.1 crl2pkcs7.1 dgst.1 dhparam.1 dsa.1 dsaparam.1 enc.1 gendsa.1 genrsa.1 nseq.1 openssl.1 passwd.1 | pkcs12.1 pkcs7.1 pkcs8.1 rand.1 req.1 rsa.1 rsautl.1 s_client.1 s_server.1 sess_id.1 smime.1 speed.1 spkac.1 verify.1 version.1 x509.1 | bio.3 blowfish.3 bn.3 bn_internal.3 buffer.3 crypto.3 d2i_DHparams.3 d2i_RSAPublicKey.3 des.3 dh.3 dsa.3 err.3 evp.3 hmac.3 lh_stats.3 lhash.3 | md5.3 mdc2.3 OPENSSL_VERSION_NUMBER.3 OpenSSL_add_all_algorithms.3 rand.3 rc4.3 ripemd.3 rsa.3 sha.3 ssl.3 threads.3 config.5 des_modes.7 |
For more information on OpenSSL see the OpenSSL Web Site.
The openssh 3.4p1 package has been updated to fix several minor problems with the location and file permissions of /etc/sshd.pid, and the location of /usr/X11R6.1/bin/xauth. OpenSSH is a suite of network connectivity tools that encrypts all traffic to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. OpenSSH provides a variety of secure tunneling capabilities and authentication methods. This version fixes a major security vulnerability present in versions 2.3.1 to 3.3, and is built with privilege separation and compression turned on. SSH protocol versions 1.3, 1.5, and 2.0 are supported.
The OpenSSH suite includes:
Manual pages are provided for all of the above commands, as well as pages for the ssh_config(5) and sshd_config(5) SSH client and server configuration files. To display them, use the man(1) command or DocView on http://hostname:8458. For more information on OpenSSH, please go to the OpenSSH Web Site http://www.openssh.org/manual.html.
NOTE: You should install OpenSSL from the Update Pack before installing OpenSSH, even if you have a previous version of OpenSSL already installed.
Ethernet packets are required by RFC894 and RFC1042 to be a minimum of 46 bytes. Smaller packets are required to be padded with zeros to the 46 byte minimum, but the standards do not specify what part of the system (e.g., the kernel, the driver, etc.) should do the padding. As a result of this ambiguity in the standard, some drivers will pad Ethernet packets themselves (sometimes called "auto-padding") with random data obtained from a buffer. The information contained in the buffer is used as padding in the Ethernet frame, and therefore is available to any program that is monitoring network packets.
UnixWare closes this vulnerability by padding the Ethernet buffer with zeros at the DLPI level, before the driver (or any other entity) has an opportunity to pad the buffer with non-zero data.
The system is updated with this enhancement by the nics package.
The zlib data compression library package (/usr/lib/libz.so) has been updated to eliminate a security vulnerability due to a buffer overflow condition in the gzprintf function. The zlib Manual from the zlib Home Page is available as a manual page; enter man zlib or use the Man Pages button in DocView on http://hostname:8458.
Samba provides filesharing capabilities using native Microsoft SMB and CIFS protocols for interoperability with Microsoft operating systems. Samba 2.2.8a is provided in two versions: a single-byte version for Western locales (samba) and a multibyte version suitable for Asian locales (sambamb). The important difference between the two versions is the sorting algorithm used for file ordering which determines whether the file sorting is compatible with wide-character or ascii character code environments.
Note the following when installing Samba:
If you are upgrading from a previous release of Samba on UnixWare, save a copy of your existing /usr/lib/samba/lib/smb.conf file before you begin installation, so you can restore any settings that might be affected by the upgrade.
If Samba fails to start, make sure the directory /usr/lib/samba/private exists, that it has 755 permission, and is owned by user root and group bin; then, start Samba, as shown:
# cd /usr/lib/samba # mkdir private # chgrp bin private # chown root private # /etc/init.d/samba start
By default, /tmp is automatically shared. This can be a security concern, since various system utilities keep temporary data in /tmp. To remove the /tmp share, log into SWAT (see above) and select the Shares icon. On the next screen, highlight the tmp share in the list box and select the Delete Share button.
Samba cannot run together with Advanced File and Print Sharing (AFPS; found on the Optional Services CD #3), nor with the NetBIOS protocol running. If Samba will not start, do the following to determine if AFPS or NetBIOS are running, and disable them if necessary:
Enter:
# cd /etc/rc2.d
S74netbios S99ms_srv
If these one or both of these files exist, enter the appropriate command or commands shown below:
# mv S74netbios s74netbios # mv S99ms_srv s99ms_srv
# shutdown -i6 -g0 -y
Start Samba:
# /etc/init.d/samba start
Samba is configured with the SWAT (Samba Web Administration Tool) utility using a web browser on http://hostname:901; links to all the Samba documentation are provided from there. To start SWAT:
As root, enter:
# /usr/lib/samba/sbin/swat
Point a web browser at http://localhost:901.
Log in to SWAT as root.
The main SWAT screen provides links to all the Samba documentation. Select the Status icon to start the Samba daemons.
To start, stop, and restart Samba from the command line, use the /etc/init.d/samba command, as in this example:
# /etc/init.d/samba start
To enable Samba at system startup, enter the following:
# /etc/init.d/samba enable
Samba will now start up automatically whenever the system boots. The disable parameter returns Samba to manual startup.
Localization settings in both the single-byte and multibyte versions are accessed from the SWAT Home Page by clicking on the Globals tab, and then selecting Advanced View. Set appropriate values for your locale for the client code page, the character encoding system, and the other options (each option has context-sensitive help). Please refer to the documentation for smb.conf for futher details.
Note: the smbfs file system and associated commands (smbmnt, smbmount, smbumount) are not supported on Release 7.1.3. Other client tools, such as smbspool, are supported.
More Samba documentation and other resources are provided on the Samba Home Page.
Update Pack 1 was delivered with the following features. See the section Problems Fixed for the maintenance fixes included in the current Update Pack, and the section Known Problems for limitations and workarounds.
The DocView documentation server displays the UnixWare documentation set on port 8458, and is enabled by default for network access. Point any browser on your network at http://hostname:8458, where hostname is the network node name of the UnixWare system, or localhost if you are logged into the system running DocView.
Two enhancements have been made to DocView:
A crontab file entry that generates the DocView index automatically when changes are made to the installed documentation has been added to the root crontab file. The crontab entry runs indexing every day at 0310 hours (3:10 AM local time), and is enabled by default. This process can take a significant amount of time depending on the amount of documentation being indexed and available system resources. The crontab entry is enabled and disabled using the following commands:
# /usr/lib/docview/conf/set.rundig.cron --add # /usr/lib/docview/conf/set.rundig.cron --remove
To change the time that the script is run, log in as root and enter:
# EDITOR=/bin/vi crontab -e
The command above edits the root crontab file using the vi(1) editor. The crontab entry that starts DocView indexing looks like this:
10 3 * * * /usr/lib/docview/conf/rundig.crontab > /dev/null 2>&1
Change the time as needed, following the file format shown on the crontab(1) manual page. Save your changes to the file, and exit the editor.
A new printing interface has been added that allows you to pick a group of topics to be printed as a book.
Selecting the Print Book button at the top of the DocView screen opens a copy of the DocView Site Map, from which you can select topics by turning on the check boxes next to the listed topics. At the top of the Print Service screen, select whether you want to generate a PostScript or PDF file. Specify a title for the book, and the heading level to be used in the table of contents.
Select the Submit button to collect the selected topics and format them for printing. The cover and custom table of contents are generated and added to the beginning of the document, and the results are paginated appropriately.
When DocView is finished preparing the file, it displays a screen telling you the size of the file and the number of pages in the document. Select the Proceed with download button to start downloading the file to your browser (this requires appropriate plug-in support in the browser), or save it to a file on your local system.
The resulting files can be viewed with any PostScript or PDF viewer; this includes xpdf and gs (GhostScript) under UnixWare or the Linux Kernel Personality (LKP), and Adobe Acrobat on Windows) or any PDF-enabled browser. PostScript files can be printed to any UnixWare PostSript printer via lp, as in this example:
$ lp -T PS -d printer file
Note that the assembled PDF or PostScript file is limited to about 1.5MB of HTML text, or about 600 pages. If your selections exceed this limit, an error message is displayed. Select your browser's Back button to go back to the Print Service screen and turn off some of your selections.
Also note that the Print Book interface works only with non-multibyte text; multibyte text, such as that found in Asian-language files, can be printed using the browser's Print interface (if the proper language support is installed on your system and in your the browser). Display the document either by navigating to it through the DocView menus, or using the DocView Site Map button (which is organized the same as the Print Book interface). Then, print the document using the browser's Print command (File > Print in Netscape and Mozilla).
The emergency_disk(1M) command supports creating an emergency recovery boot CD, as an alternative to using boot floppies. In previous releases, a set of emergency recovery floppy disks was required to boot the system. This meant that your system had to have a 3.5-inch floppy disk drive in order to be restored from emergency recovery media. This is a problem for newer systems that do not support IDE floppy drives. Now, emergency_disk can create a boot CD using CD-R or CD-RW media on an IDE, SCSI, or USB recordable CD drive, so that boot floppies are no longer required. See the emergency_disk(1M) manual page for more information.
Note that the cdrtools package (found on the UnixWare 7.1.3 Optional Services CD #3) is required to create an emergency recovery boot CD, and that only CD-R, CD-RW, and DVD+RW drives that work with cdrtools are supported for emergency recovery.
To test a particular drive to see if it will work with emergency_disk, enter the cdrecord commands shown below. The first command returns the arguments you need in the second command. The second invocation of cdrecord should return the string shown as part of its output:
# /bin/cdrecord -scanbus # /bin/cdrecord -inq dev=scsibus,target,lun ... Device seems to be: Generic mmc CD-RW. ...
The following CD drives are known to work with emergency recovery:
Problems have been observed with the IOMEGA ZIPCD USB drive and the OPTORITE CD-RW CW4802 IDE drive.
To prevent a timeout problem when burning a CD using an IDE CD-RW drive, the following value in /etc/conf/pack.d/ide/space.c is changed by the installation of the Update Pack from:
int atapi_timeout=10;
to:
int atapi_timeout=1000;
If you use cdrtools to burn CDs on an IDE hard drive but do not install the Update Pack, you can edit /etc/conf/pack.d/ide/space.c to make the above change, rebuild the kernel (idbuild -B), and then reboot (shutdown -i6 -g0 -y).
When restoring the system using emergency recovery boot media (CD or floppy), a new option to
write the master boot record (MBR) of the primary hard disk is displayed.
This option writes the UnixWare MBR to the boot sector of the primary hard disk.
This option is useful if the disk is known to have a valid operating system (OS) on it,
yet the error No OS found
, No operating system
,
or a similar message is displayed when you attempt to boot from the disk.
Writing the MBR may permit the disk to boot without further recovery.
Note: any other OS boot loader in the boot sector (such as grub, lilo,
or System Commander) will be overwritten by this option.
The following Host Bus Adapter (HBA) drivers are new or updated:
A new LSI Logic PCI to SCSI and Fibre Channel host adapter driver for LSI Logic Ultra320 and Fibre Channel chipsets. For supported devices and other information, see mpt(7).
Updated QLogic PCI FC host adapter driver to fix problems reported when removing disks from an IBM ESS Storage Area Network (SAN) Cabinet. For supported devices and other information, see qlc2200(7).
These drivers are not installed by the Upgrade Wizard (uli), unless (in the case of qlc2200), a previous version exists on the system. To install them, use the pkgadd command as shown in the section Installing Additional Packages after the Update Pack Set.
Also see the Compatible Hardware Page for the latest supported HBAs and drivers.
The nd package on the Update Pack CD contains updated versions of the following network interface card (NIC) drivers, which now support the indicated network cards:
PRO/100+ Management Adapter (PILA8900) PRO/100 Server (PILA8480) Pro/100B T4 (PILA8475B) PRO/100 S Server (PILA8474B) PRO/100 S Server (PILA8474BUS) PRO/100+ Dual Port Server Adapter (PILA8472) PRO/100+ Server Adapter (PILA8470) PRO/100+ Server Adapter (PILA8470B) PRO/100+ Dual Port Server Adapter (61PMCA00) PRO/100 (PILA8465) PRO/100B Adapter (PILA8465B) InBusiness 10/100 Adapter (SA101TX) PRO/100 S Management (PILA8464B) Pro/100+ Management Adapter (PILA8461) Pro/100+ (PILA8460) Pro/100+ Management Adapter (PILA8460B) Pro/100+ (PILA8460BN) PRO/100 S Management (PILA8460BUS) Pro/10+ (PILA8500) Pro/10+ (PILA8520)
PRO/1000 Gigabit Server Adapter PWLA8490 PRO/1000 Gigabit Server Adapter PWLA8490G1 PRO/1000 F Server Adapter PWLA8490SX PRO/1000 Gigabit Adapter PWLA8490SXG1P20 PRO/1000 T Server Adapter PWLA8490T PRO/1000 T Server Adapter PWLA8490TG1P20 PRO/1000 XT Server Adapter PWLA8490XT PRO/1000 XT Server Adapter PWLA8490XTL PRO/1000 XT Lo Profile Server Adapter PWLA8490XTL PRO/1000 XF Server Adapter PWLA8490XF IBM Netfinity Gigabit Ethernet SX Adapter 09N3599 IBM Netfinity Gigabit Ethernet SX Adapter 30L7076 IBM Gigabit Ethernet SX Server Adapter 06P3718 IBM Gigabit Ethernet Server Adapter 22P4618 PRO/1000 MT Desktop Adapter PWLA8390MT PRO/1000 MT Server Adapter PWLA8490MT PRO/1000 MT Dual Port Server Adapter PWLA8492MT PRO/1000 MF Server Adapter PWLA8490MF PRO/1000 MF Dual Port Server Adapter PWLA8492MF
You can select the nd package when you use the Upgrade Wizard to install the Update Pack CD. To add the nd package separately, see the instructions in the section Installing Additional Packages after the Update Pack Set.
The UnixWare 7.1.3 nd package can also be installed on Release 7.1.1 and Release 7.1.2 (also known as OpenUNIX 8.0.0) to update the network drivers or to take advantage of the enhanced tcpdump functionality (see tcpdump Enhancements).
Please note the following when installing the Release 7.1.3 nd package on Release 7.1.1:
You will also need to install ptf7689b
(
view text file |
download) on Release 7.1.1 before installing the updated nd package; otherwise
the latest tcpdump fails on Release 7.1.1 with the message
dynamic linker: tcpdump: binder error: symbol not found: strlcpy
.
During installation on Release 7.1.1, the error UX:grep: ERROR: cannot open
/etc/inst/nd/mdi/shrkudi/Master: No such file or directory
is displayed.
This error affects the UDI shrk driver only, which is not supported on
Release 7.1.1.
Use the MDI version of the shrk driver instead.
See the Compatible Hardware Page for the latest supported network cards and drivers.
Poor system and network performance has been observed on some systems when one or more of the Network Interface Cards (NICs) attached to the system is unplugged from the network. This was due to repeated failure indications being sent to the dlpid(1M) daemon.
In Release 7.1.3, a change was made to dplid to correct this problem. dlpid was changed to check the time between successive hardware failure indications. If the time difference is less than 10 seconds, dlpid sleeps for a 10 second interval before trying the device again.
dlpid has been further extended to sleep for a configurable duration between successive hardware failure indications, to allow the NIC to reset and come out of the failure mode, in cases where the default 10-second wait is not enough time for the NIC to reset. A new dlpid option, -r, is added to wait for the specified time. By default it is set to 10 seconds. If the pre-7.1.3 behavior is required (i.e., no wait between successive hardware failure indications), then dlpid can be started with the -r option set to 0.
Various enhancements were made to the pppd(1M) daemon to enhance the reliability and scalability of Point-to-Point Protocol (PPP) connections. Most of these improvements were made to driver code, and so are not visible at the user level. Some are listed in the section Problems Fixed.
A System V lp(1) filter has been added to allow printing of PostScript files (such as those created by Netscape) to be printed on PCL Printers (such as Hewlett-Packard). To enable this feature:
Check to see if GhostScript is already installed, by entering:
pkginfo gs
If it is not installed, install the gs package from the Update Pack as shown in the section Installing Additional Packages after the Update Pack Set.
Define a PCL printer using the scoadmin printer interface.
Enter a command like the following to print a PostScript file on the printer.
lp -TPS -d pcl_printer file.ps
Where pcl_printer is the name of the printer and file.ps
is the name of the PostScript file.
This command (without the file name) can be specified in your browser's
preferences to print files automatically to this printer.
Version 3.7.1 of tcpdump(1M) is provided, along with its supporting library, libpcap(3) (version 0.7). The tcpdump utility allows you to view and save TCP headers passing through a particular network interface. Boolean expressions can be used to select only those headers that match the criteria given by the expression.
This version of tcpdump has many enhancements over the version (3.4a5) provided in UnixWare 7.1.3. Most notably, the new version does not require a dedicated network card for tcpdump. Multiple instances of tcpdump can be started to monitor the same card. See the tcpdump(1M) and pcap(3) manual pages. Also see the tcpdump web site for libpcap tutorials, as well as tcpdump and libpcap source code.
A number of changes to the MDI and DLPI interfaces were made to support the new version of tcpdump.
Two new MDI ioctl commands are added for MDI2.2 drivers, to turn promiscuous mode
on and off: MACIOC_PROMISCON
and MACIOC_PROMISCOFF
.
MACIOC_PROMISCON
is compatible with MACIOC_PROMISC
in MDI2.1.
The following DLPI2.0 features are also implemented:
DL_PROMISCON_REQ
and DL_PROMISCOFF_REQ
primitives.To support the above changes, updated header files dlpimod.h and mdi.h are provided in the nics package, as well as the updated support for running tcpdump on a non-dedicated network card. tcpdump, libpcap, and related header files are provided by the nd package. If the nd package is installed without the updated nics package, the updated tcpdump, etc., are installed, but must be used with a dedicated network controller as in previous releases.
The updated nd package can also be installed on Release 7.1.1 and Release 7.1.2 (Open UNIX 8.0.0) if the latest version of tcpdump is desired. The nics package is not supported and will not install on these earlier releases, however, so tcpdump on Release 7.1.1 and 7.1.2 will continue to require a dedicated network card.
The following minor modifications have been made in order to maintain conformance to the UNIX95 standard:
The dd command was modified to accept and ignore a double dash (--) as an end of options indicator. Note that dd has no options that begin with a dash (-), so "--" can only appear as the leading argument and consequently has no real purpose.
The sort command has been modified to remove its previous (mistaken) UNIX95 behavior.
Previously, when using sort -c with the POSIX2
environment
variable set, sort only indicated whether the input was sorted through its exit value.
Now, sort -c will always return a diagnostic if the input is out of order (regardless of whether
POSIX2
is set or not).
Previously, the two supported Korn shells (/bin/ksh and /u95/bin/sh) did not recognize an integer literal with a leading 0 as being octal, nor a leading 0x or 0X as hexadecimal in arithmetic constructs. This does not match the intent of the POSIX.2 and Open Group shell specification. So, for example, the following output was seen in previous versions of the Korn shell:
$ echo $((10+1)) 11 $ echo $((010+1)) 11 $ echo $((0x10+1)) /u95/bin/sh: 0x10+1: arithmetic syntax error
A change has been made to accept octal and hexadecimal specifiers as explained above when the
POSIX2
environment variable is set:
$ export POSIX2=on $ echo $((10+1)) 11 $ echo $((010+1)) 9 $ echo $((0x10+1)) 17
Note that because integer constants like 010 have a silent change in behavior,
this change requires POSIX2
to be set in the environment.
Minor namespace changes were made to the following header files:
arpa/inet.h netdb.h netinet/in.h netinet/in6_f.h netinet/in_f.h fmtmsg.h grp.h libgen.h pwd.h stdarg.h strings.h unistd.h utmp.h utmpx.h wchar.h sys/fcntl.h sys/stat.h sys/statvfs.h sys/convsa.h sys/stropts.h sys/mman.h sys/socket.h sys/un.h sys/regset.h sys/siginfo.h sys/ucontext.h sys/fp.h
Update Pack 4 (uw713up4) contains all the fixes from Maintenance Pack 1 (uw713mp1), Maintenance Pack 2 (uw713mp2), Maintenance Pack 3 (uw713mp2), Update Pack 1 (uw713up1), Update Pack 2 (uw713up2), and Update Pack 3 (uw713up3), plus additional fixes. See the lists below. The identifiers at the end of each description are SCO escalation and problem report numbers.
uw713mp1 contained the following fixes:
Prevents system panics previously caused when fusers examines
an exiting process.
fz526462
Prevents hangs seen on Compaq ML350 and ML370 Systems when
hyperthreading (Jackson Technology) is enabled, i.e., when
the boot parameter ENABLE_JT
is set to YES
.
fz526444
Fixed problems with the CDE desktop help viewer.
fz526501
Provides missing scoadmin filesystem files that were not installed
when upgrading from UnixWare 7.1.1 or Open UNIX 8.0.0.
fz526550
Provides updated /usr/include files that were not installed
when upgrading from UnixWare 7.1.1 or Open UNIX 8.0.0.
fz526552
Provides a new makewhatis(1M) command that was not installed
when upgrading from UnixWare 7.1.1 or Open UNIX 8.0.0.
fz526526
Fixed crash(1M) to recognize changes to the callout structure.
fz518517
Fixes issues target disk driver error recovery.
fz520729
uw713up1 contains all the fixes listed above for uw713mp1, plus the following additional fixes. Fixes listed with (MP2) at the beginning of the description are also included in Maintgenance Pack 2 (MP2); see Problems fixed in Maintenance Pack 2.
(MP2)
Closing file descriptors 0, 1 and/or 2 before exec'ing a setuid
program can make this program open files under these file descriptors, which
have special meanings for libc (stdin/stdout/stderr
). Reading or
writing to root-owned files can be made possible, since
stdin/stdout/stderr==opened_file
.
erg712059/fz526562/CSSA-2002-SCO.43
(MP2)
A rogue talk client is able to cause the talk demon to overrun
a buffer, and could be able to compromise a machine running talkd.
erg712055/fz521053/CSSA-2002-SCO.42
(MP2)
Buffer overflow in XPR portion of libnsl library.
erg712182/fz526861/CSSA-2003-SCO.7
(MP2)
A command line buffer overflow in ps command can be exploited.
erg712109/fz525292/CSSA-2003-SCO.1
(MP2)
The implementation of xdr_array can be tricked into
writing beyond the buffers it allocated when deserializing the
XDR stream.
erg501642/fz525725/CSSA-2003-SCO.7
(MP2) Fixed a security vulnerability in the sendmail binary that can be
exploited by remote users to gain root access.
fz527484/erg712247/CSSA-2003-SCO.5
(MP2) When using ftp to transfer a file with a pipe as the first
character in its name (for example, |xyz
), ftp executes the file
on client machine.
erg712227/fz527425/CSSA-2003-SCO.3
(MP2) Panic in PPP driver - pppwsrv() - due to a race condition.
erg501673/fz526330
(MP2) Panic in PPP's pcid driver.
erg501650/fz525867
(MP2) Communication problem between pcid and ppp driver.
erg501678/fz526352
(MP2) The ttymon process sometimes stops listening to a port after
PPP disconnect.
erg501634/fz525626
(MP2) When receiving data from a TCP socket it may lock up
indefinitely with data buffered up in the kernel but
never returned to the process.
erg501604/fz520887
(MP2) Connection server fails with the following error:
10/24/02 17:14:51; 27209; cs: ioctl() set signal error; errno=22
erg712153/fz526540
(MP2) Improved network printing performance.
erg712041/fz520932
(MP2) If an ftp client host was reset (as in cycling the power) during
the data transmission to the server, the ftp-data connection never
times out on the server. If the client tries to use again the
same port after reboot for an ftp transmission, the server responds
with EADDRINUSE
.
erg501703/fz526973
(MP2) After removing a network interface, pkgchk nics
complains about missing files.
erg712152/fz526505
(MP2) Repeated logins on virtual terminals (/dev/vt02 ... /dev/vt08)
result in file descriptor leakage in ttymon.
erg501636/fz525650
(MP2) When excessive short-lived rlogin sessions are being created,
/var/adm/wtmp and /var/adm/wtmpx get out of sync and must be
rewritten. While these files are being rewritten, no one can
rlogin to the system. If these files grow quite large, this
can take up to 20-30 minutes. Also under heavy load the
short-lived rlogin sessions may leave in utmp the entries
from sessions that have actually completed.
fz526496/erg712151
(MP2) Can't write to /dev/_tcp/num tty device (rlogin connection).
erg712250/fz526110
(MP2) Occasionally bind() returns EADDRINUSE
for no apparent reason.
erg712209/fz527217
(MP2) Fixed tape driver bug relating to SAN attached tape drives.
erg712195/fz526396
(MP2) Fixed an NFS panic which can occur following certain types of
transmission errors.
fz526648
(MP2) Cleaned up code which handles dispatching of tcp timers.
fz526796
(MP2) Panic in tcp_close.
fz527439/erg712230
The function write(2) erroneously returns EISCONN
on a raw socket.
erg501681 fz526404
Fixed an NFS hang which can occur when mounting an NFS file system.
fz526665
Unplugged network cable causes terrible interactive console performance.
fz520663
System panic while running LSV inet stress tests (GetService).
fz526345
The utility cs(1Mbnu) fails to include the phone number.
erg501670, fz526315
PPP stability and scalability improvements.
fz527328
(MP2) Multi-threaded application may hang in an unkillable sleep, during exec.
erg712172 fz526750
(MP2) Fix for sdiadd -n panic on systems with a pre-DDI8 Host Bus Adapter (HBA).
The problem was that sdi_hot_add() was not converting the older style SCSI address
into the newer extended SCSI addressing scheme properly. The original
fix set the address to -1's instead of 0's for the wildcard case.
pdi_hot will set the SCSI address to all -1's to tell SDI
that we want to scan the entire SCSI bus starting from absolute address
0/0/0/0 (controller/bus/target/lun).
erg712223 fz527360
(MP2) Added minor command modifications required by The Open Group for UNIX95 certification.
For details, see UNIX95 Conformance.
fz526395/fz526629/fz527377
(MP2) The emergency_disk(1M) boot media hangs on system with more than 4 GB RAM.
fz527578
(MP2) Added undocumented option noquota to the vxfs mount command to fix the problem where the output of mount -p when used in /etc/vfstab, is rejected by mount with the message:
UX:vxfs mount: ERROR: illegal -o suboption -- noquotaerg712190 fz526894
(MP2) The kernel can panic in mod_dev_load if a DDI8 driver does not get
configured properly.
fz526791
(MP2) Repeated logins on virtual terminals (/dev/vt02 ... /dev/vt08)
result in file descriptor leakage in ttymon.
erg501636 fz525650
System hangs due to multiple, racing calls to stropen.
erg501706 fz527158
lint(1) previously warned about _nanf() and nanf() in math.h.
Adding a /*LINTED*/
line in front of each suppresses this noise.
fz527588
The utility cs(1Mbnu) exits unexpectedly due to fork(2) failure.
erg501710 fz527253
The emergency_rec(1M) command doesn't ignore commented entries in /usr/lib/drf/tapeconfig.
fz527399
The command pwck(1M) should print the line being processed, when errors are encountered.
erg712157 fz518020
Fix locking of CD-ROM tray.
fz527497
The command sar -d returns busy values > 100%
fz521100 erg501658
Fixed bugs which caused the licensing daemons (ifor_pmd, ifor_sld,
and sco_cpd) and the idmknodd daemon to be killed on transitions
to init state 1 and never restarted.
fz526649, fz526656
The mousemgr process could not be run in init state 1.
fz527032
Updated /sbin/usb to only run when usbd is configured.
fz527495
Fixed potential problem evaluating constant expressions in full_optimization asm(1) functions.
fz527501
Panic in the routine v86bios0().
fz526652
Include support tool sysinfo(1M) in shipping product.
fz519999
Intel's fix for p6update panics on prototype Pentium 4 Xeon system.
fz521607
Kernel panic in kmem_alloc, from tcpopen.
fz521356
New tunable COREFILE_SECURE
. Privileged, setuid or setgid processes
are prohibited from dumping core. A new tunable COREFILE_SECURE
,
if tuned to 0, will allow such processes to core dump.
fz526524/erg712163
System hangs sporadically after calling execv directly after fork1 in multithreaded applications.
fz526597
Netscape postscript printing in kole (Korean) environment is broken.
fz520071
If the Skunkware ghostscript package is installed, the PostScript files (such as those printed by Netscape) can be automatically converted for printing on the PCL printers (such as HP LaserJet). An example of command to enter in the Netscape print dialog:
lp -T PS
Correctly display version of dump command with -V option.
fz518607
Fix for missing charset attribute for Japanese documentation in DocView.
fz526356
Assembly peep-hole optimizer (optim) fix for three operand integer
multiplication by one which was not caught by the global optimizer
on C++ code.
fz526555
C++ compiler fix: Unless in strict ANSI mode, allow an undefined
inline function to be referenced if the point of reference is never
used.
fz526499 fz526480
Debugging information for a "long long" local variable assigned to
register pair %ebx/%esi
was incorrectly stated as %ebx/%esp
.
C and C++ compilers fixed.
(MP2) Fix for panic on certain OpenServer binaries.
erg550013/fz514721
(MP2) chown() arguments of -1 do not work for OpenServer binaries
fz526683
uw713mp2 contains all the fixes listed above for Maintenance Pack 1, the fixes marked (MP2) delivered with Update Pack 1, plus the following fixes:
uudecode does not validate the filename; it should not
write to pipes or symbolic links.
CSSA-2002-SCO.44
KMA corruption in tcp.
fz521356/erg712086
Status requests are not being automatically generated for a
network printer if it is very busy resulting in job ids not being
freed.
erg501666/fz526164
Hangs and delays in streams caused by streams routines
unnecessarily allocating large physically contiguous buffers.
fz527550/erg712266
Fixed system call restart code for OpenServer applications.
Also modified code for the connect system call so that
connect is properly restartable for OpenServer applications.
fz527264
System hangs during boot up on older (Pentium III and earlier)
IBM hardware.
fz527522
Allow use of an ELF interpreter which contains a PT_NOTES
section,
as some older OpenServer libraries do.
fz527571
Enable 16-bit IPC IDs for OpenServer and Xenix compatibility.
fz527373
Implement support of MAP_NOEOF
mmap flag for OpenServer
applications running on UnixWare.
fz527536
Fixed an unrecoverable "internal error" experienced by the debug
command when reading some core files from threaded applications.
Fixed the recently added -m command line option to specify an
alternate runtime library path when analyzing core files from
other systems.
erg501675/fz526224/fz526635/fz526681
The vtoc driver has been fixed to support disks whose
physical sector size is an integral multiple of 512.
erg501717/fz527726
System may refuse to take console input after 248 days, thereby
appearing to hang, due to invalid time stamps in the cmux driver.
fz527517/erg501720
The command useradd(1M) allows $ in usernames (SAMBA requirement)
fz526483
The ksh95 built in pwd command can output pathnames starting with //.
fz199364
PSE memory remains unavailable after dynamically adding memory.
erg712235/fz527455
System hangs in vxfs filesystem. Processes blocked waiting on a call
to vx_iget.
erg712184/fz526355
Restore the pre-7.1.3 lookuppn syntax so that third-party
provided filesystems continue to work. The extra root vnode
argument has been removed from lookuppn. A new lookuppnx function
has been created with this extra argument.
fz527503
uw713up2 contains all the fixes listed above for Maintenance Pack 1, Update Pack 1, and Maintenance Pack 2, plus the following additional fixes.
Hangs and delays in streams caused by streams routines
unnecessarily allocating large physically contiguous buffers.
fz527550 erg712266
If two arp -d's are called in quick succession, one of the entries
may not be deleted.
erg711628/fz516107
When DNS is not configured, mailadmin (scoadmin mail) will not allow
you to change any settings.
erg712296/fz527783
System panic due to a race condition in tcp timers code.
erg501722/fz527554
Fixed scoadmin DNS Manager' abnormal terminations; fixed corruption of
DNS/BIND's configuration and zone data files caused by scoadmin DNS
Manager; fixed ndc/rndc utility and interactions with DNS/BIND.
fz518460 fz518604 fz521436
If the name of remote system for a remote printer is not found in
/etc/lp/Systems, lpsched does not complain at startup and later on
coredumps when a status or cancel request is sent to that printer.
fz527931
Remote print requests remain indefinitely in queue if remote system
is down. They do not timeout even if timeout parameter is specified
in /etc/lp/Systems for the corresponding remote system.
fz527934
WARNING: Since by default the timeout is set to 10 minutes, print setups with large network delays may suddenly experience timed-out jobs. For such systems, system administrators should either increase the timeout value or set timeout to "never" to restore old behavior.
System can refuse to take console input after 248 days, thereby
appearing to hang, due to invalid time stamps in the
cmux driver.
fz527517 erg501720
Short-lived floating point temp value may be left on the floating
point stack when used within the second or third operand of a
conditional operator. This may result in a floating point
stack overflow.
fz527712
Potential floating point stack overflow detected in /usr/sbin/vxassist.
fz527712
Shell metacharacters that are part of the options to the C++
compiler are properly preserved (escaped) for reuse during
recompilation done as part of C++ auto template instantiation.
fz527527
Fixed an unrecoverable "internal error" experienced by the debug
command when reading some core files from threaded applications.
Fixed the recently added '-m' command line option to specify an
alternate runtime library path when analyzing core files from
other systems.
erg501675 fz526224 fz526635 fz526681
The vtoc driver has been fixed to support disks whose
physical sector size is an integral multiple of 512.
erg501717 fz527726
Fixed division by zero error in /usr/ccs/lib/optim encountered in calculating potential benefits of locals in a register for what appears to be a series of heavily nested loops.
Fix to ps -o time so that when the accumulated CPU time exceeds
24 hours, the number of days is no longer off by one.
fz527776/erg712295
Change the "enum boolean" tag in /usr/include/sys/types.h to
"enum __boolean", removing the type/tag "boolean" from the user name
space.
fz527818
Add support for Digi ClassicBoard/PCI and Connect Blue Heat
serial cards.
fz527694
System hangs in vxfs filesystem. Processes blocked waiting on a call
to vx_iget.
erg712184 fz526355
Restore the pre UnixWare 7.1.3 lookuppn syntax so that third-party
provided filesystems continue to work. The extra "root vnode"
argument has been removed from lookuppn. A new lookuppnx function
has been created with this extra argument.
fz527503
Status requests are not being automatically generated for a
network printer if is very busy resulting in job ids not being
freed.
erg501666 fz526164
Display per-processor callouts as well as global callouts from
the callout command.
fz527802
Enhanced the Printing subsytem to have a maximum of 999 printjobs per
printer or class of printers rather 999 printjobs for the whole system.
erg501712/fz526370
Lpsched performs poorly when a large number of jobs (200+) are
submitted at once.
erg501718/fz527462
The sdipath -o repair command can hang when run against active paths.
erg712254/fz527498
PSE memory remains unavailable after dynamically adding memory.
erg712235 fz527455
Periodic Local timeouts can migrate to global callout lists. If a
driver uses a dtimeout interface to schedule a periodic callout
on a particular cpu, the callout migrates to the global list after
the first firing. This then allows allows callout to be scheduled
on any cpu.
fz527675
scoadmin now includes a graphical disk manager
fz527823
xAPIC support for IBM xSeries x440 servers - allows
multiple CECs to be used and more than 8 logical CPUs
fz526749 fz527522
Fix the ksh problem where an empty assignment (for example,
ksh -c 'x=; echo ${x/y/z}') would cause a memory fault.
fz527943
Change umask to 022 so that /etc/ssh.pid is not world writable.
fz526605
Correct /usr/sbin/sshd binary to use /usr/X/bin/xauth instead of
/usr/X11R6/bin/xauth.
fz526871
Added STO_386_COPY support to RTLD and the linker to aid in the
evolution of the IA32 psABI.
fz527833
Add support for the BSD and Linux asprintf() and vasprintf() routines.
These two routines are additional *sprintf() variations. Here, you pass
the address of a "char *" into which is placed a malloc()d buffer of
sufficient length to hold the entire sprintf() result. The caller is
responsible for free()ing the buffer when done.
fz527834
Correct /usr/include/sys/nattr.h definition of NATTR_CSUM_MASK.
fz527534
uw713up3 contains all the fixes listed above for Maintenance Pack 1, Update Pack 1, Maintenance Pack 2, and Update Pack 2, plus the following additional fixes.
Fixed exploitable buffer overflows in metamail.
erg712265 fz527543
Drop TCP packets when both SYN & FIN are set.
erg712274 fz527623
sendmail char sign extension buffer overflow. Upgraded to
Sendmail 8.12.9.
erg712276 fz527629
DocView no longer permits certain URLs from reading
publicly-readable system files.
fz528126 erg712368
sendmail remotely exploitable buffer overflow in prescan.
erg712433 fz528320 CSSA-2003-SCO.23
Kernel panics with a bad read pointer in a STREAMS message block,
caused by mishandling of the message block in the STREAMS utility
msgpullup and in the IP protocol handling routine ip_input.
erg712321 fz527939
Some STREAMS ioctl coomands involving multiple message exchanges with
the driver may timeout prematurely and return EAGAIN erroneously.
erg712396 fz528199
Code generation error in ppp library.
fz528222
flock() hangs when the NFS server is Microsoft SFU (3.0)
erg712347 fz528048
Data corruption during TCP connection setup. A race condition
could erroneously acknowledge enqueued data that has not been
sent causing receiver to get partial data.
erg712389 fz528172
C/C++ inlining of a small function may attempt to use a FP constant as
if it were and integer value in memory.
fz528225
Optimzation bug fix. Optim may erroneously remove a structure return
temp space from the stack.
fz528221:1
C++ compiler internal error if shift operator amount is a 64 bit
data type.
fz528230
Warning diagnostic for cc -Xc about intermixed statements and
declarations could be issued inappropriately.
fz527343
The qsort() routine was reworked to increase performance,
especially when presented with lots of "equal" data items.
fz527984 fz528071
The C compiler's preprocessing inappropriately took a '_'
as starting a fresh token when in the middle of a "ppnumber"
token. In practice, this only had an effect on code which
created identifier tokens through pasting.
fz528049
The bsearch() routine was improved to handle zero-valued
"size" and "number of items" parameters.
fz528073
cc -Xt no longer warns about "return;" for functions whose return
type is other than void.
fz528120
A bug was repaired in which an inlined function call, having been
passed a null pointer, would trigger an internal C compiler error
when this parameter was the target of a strcpy() or strncpy() call.
fz528141
The obsolete ustat() routine has been moved from the unshared
portion of the C library to the shared libc.so.1. The backward
compatibility library libcudk70.a has an unshared ustat() added.
fz528274
The strip and mcs utilities no longer attempt to make use of the
rename() system call to move the updated temporary file over the
file being operated on.
fz528164
When pkgadd fails early on, before any package has been selected,
it gives the following message: UX:mailx: WARNING: No message !?!
This message was confusing to users and is now not displayed.
fz527750
When hyperthreading is enabled on a uniprocessor system without
MPS BIOS tables, the system will attempt to use a standard
two cpu multiprocessor configuration to enable hyperthreading.
fz527457
Hyperthreading is disabled (erroneously) on some systems.
erg712350 fz528053
System hang. Hard hang unable to enter kdb or dump the system.
erg712346 fz528045
ksh93 autoload functions invoked within command substitution fail
to execute.
erg712312 fz527879
/etc/conf/bin/idconfupdate now creates its .idlock file in /etc/conf
instead of /var/tmp. This avoids idtools problems when /var/tmp is
not mounted.
fz528107:1 fz528129:1
/etc/magic expanded to recognize Java class files and SVR4 pkgadd datastream image files.
fz160445, fz527896
Large block sized i/o requests failing with Pre-DDI8 HBA drivers.
fz527917:1 erg712316
When reporting information for multiple files, /usr/bin/file may
reference previously freed memory.
fz219396
Panic in specfs, NULL pointer dereference (s_cp).
erg712337 fz528010
/usr/ucb/lastcomm core dumps.
fz528025
syslogd fails to respond to SIGHUP.
erg712414 fz528159
/etc/magic has been expanded to provide recognition of of more
file types.
fz144358 fz528024
/u95/bin/ksh users' `w` idle time resets every 10 min.
erg712362 fz528070
Added dacread,macread privileges to /usr/lib/fs/vxfs/quota.
fz528196
Fixed failures mounting/creating vxfs snapshots which indicated that the
filesystem is either already mounted, busy, or the allowable number of
mount point exceeded when none of these failure conditions were true.
erg712361 / fz528100:1
Fixed kernel stack overflows with lxuwfs, replacing relatively large
stack variables with allocated areas. Matching change made to lxdevfs.
fz527910 / fz528131
/sbin/dfspace now does not list LKP and OKP mount points.
fz519343:1
Updated kcrash with bug fixes.
fz528295
Fixed scoadmin Slice Manager character mode display for
cylinders and attributes views.
fz528041
Updated mkmsgs.
fz527996, fz528200
Updated swap command to handle swap files up to 4GB.
fz202265
Updated time zone data for India (IST).
fz526471
ksh95 built in pwd can output pathnames starting with //.
fz199364
When installing UnixWare on some machines with the nVidia GeForce4
video chipset, the screen goes black and the machines freezes after
the initial kernel is loaded and before the language selection
screen. Separate boot floppies are required to install such a system.
The fix delivered in UP3 ensures systems installed in such a manner
continue to work.
erg712344 fz528030
USB chipsets using the optional EHCI 64-bit addressing modes
no longer get "Descriptor Read Failure load failed during
enumeration" on USB startup.
fz528043
The USB drive from Melco/Yedata no longer fails on USB startup with
"Inquiry Read failed, unbinding".
fz528046
DocView Print Book feature now handles documents that
were not properly assembled for printing.
fz527824
Support logical volumes up to 1 TB. mkfs_vxfs failed on logical
volumes > 512GB and fdisk reported invalid cylinders in "1 TB boundary"
cases.
fz520676 erg712311
The queue command within crash prints garbage at the end of the line.
fz528406
The date command core dumps. Attempting to update the time via SCOadmin
will display an error message, although the time does get updated.
erg712397 fz528056
The userdel command core dumps.
fz528409
uw713up4 contains all the fixes listed above for Maintenance Pack 1, Update Pack 1, Maintenance Pack 2, Update Pack 2, and Update Pack 3, plus the following additional fixes. Note that some of the fixes below were also include in Maintenance Pack 3; all Maintenance Pack 3 fixes are included in Update Pack 4.
SECURITY - CRLF (Carriage Return, Line Feed) injection vulnerability
in lynx.
fz712379 fz528144
Security fix for OpenSSL version 0.9.7b. See
http://cvs.openssl.org/chngview?cn=11213.
fz528383
Fixed /proc security bug.
fz712482 fz528474
Fixed LKP chroot security vulnerability in intpexec
fz528642 erg712519
Repaired a bug in the ftp daemon that would cause it to report
"426 Data connection: Error 0" after a successful transfer.
fz528430 fz528034
Fixed problem where rcp of /proc causes denial of service.
fz712112 fz525927
Fixed a bug in traceroute that would cause it to core dump.
fz528289
An optimization to predict the MAC header size is now a tuneable.
A value of 0 allows the OS to discover the optimal header size.
A value less than 0 disables the optimization and a value above 0
enforces the value specified in the tuneable. This is specifically
useful for applications like IBM SNA Gateway which provides a media
frame header size different than calculated by the OS.
fz527969
There are three new tuneables provided: tcp_rexmit_min to
control the minimum retransmission timeout value, tcp_rttdflt
to specify a default initial RTT value and the tcp_maxrxt_min
to allow configuration of cumulative minimum retransmission value.
fz527766
C/C++ inlining of a function or type "char *" into an expression
that expects an integer type expression may result in an internal
compiler error.
fz528442
DT_RUN_PATH formats accepted with the -R option of the CC (C++) command
have been expanded to include $ORIGIN and relative paths.
fz528471
The Java first-class executables feature has been upgraded to
support Java 1.4.2.
fz528476
The 'fs' memory checking tool within the UDK C++ compilation system
has been fixed to handle the C++ standard library <memory> header.
fz528482
Optimization bug fix. /usr/ccs/lib/optim does not properly track
source memory usage for the third operand of a three operand SHLDL
instruction.
fz528620
The C++ compiler would emit incorrect code to handle object cleanup
during exception handling throw processing, when the object was of
a multidimensional array of classes type.
fz528674
C/C++ compilers may encounter an internal compiler error when handling
a cast of a volatile type to a void type.
fz528689
Fixed problem where programs linked with libthread that call
fork1() from the original thread produce children that are not
properly protected from signals in critical library code.
fz528522
Changed libc's internal %f and fcvt() formatting to give a
slightly more accurate result when more digits are requested
than are handled internally.
fz528370
Corrected some exported libc symbols that should have been
weak to be so.
fz528448
Fill-in some missing iconv (command and library routine) codeset
conversion to permit direct conversion to/from UTF-8 and the
following codesets: PC437, PC850, PC860, PC863, PC865, 8859/1,
eucJP, and sjis. The same effect was available before this by
using a "unicode" (UCS2) intermediate codeset target.
fz528539
Repair a qsort() bug in which an incorrect internal swap routine
can be used.
fz528569
Changed the Motif (libXm and libWXm) libraries to be built using
the system's strcasecmp() and register expression routines.
fz528651
Repaired a bug in libthread such that a null pointer can be
dereferenced in cond_broadcast() after a fork1().
fz528714
Changed libthread's timer mechanism so it recognizes hard system
clock resets.
fz712390 fz527957
Fixed RTLD exit() processing to prevent a segmentation fault observed when
a loaded-at-startup shared libary dlopen()s some other library and then uses its _fini() routine
to dlclose() this other library.
Previously, the RTLD exit() processing resulted in the dlclose() causing a
segmentation fault as it attempts to modify memory through a null pointer.
fz528933
Fixed panic in realitexpire.
fz712352 fz528064
The rtpm command incorrectly reports it is out of memory and
exits; the time reported by rtpm gets out of sync with the
system clock.
fz712441 fz528135 erg712393 fz528133
Shared memory that is in use by a process experiencing a fork
failure might not be released.
fz712399 fz528204
System hang; infinite loop in deadflck.
fz712154 fz526541
Ksh sleep call is waiting forever due to missed SIGALRM.
fz712386 fz528169
The multibyte to wide-character conversion code for EUC was broken.
fz712507 fz528536
cs daemon allows 2 child processes to talk to the same device.
fz501731 fz527737
System call entry handler for linux binaries will panic if a real
device is attached to the same vector or if a spurious interrupt is
received on that vector.
fz712348 fz528051
Corrected permissions on various
/etc/inst/locale/*/menus/LKP/lxrpms.msgs files. These permissions
were correct for systems which had a fresh Unixware 7.1.3 ISL
installation. The permissions were incorrect for customers who
had upgraded from to UnixWare 7.1.3 from a prior UnixWare/Open
UNIX release.
fz520137
MAXRUN is a new cron tuneable parameter in /etc/default/cron.
It defaults to 25 and defines the number of simultaneous
cron jobs in the system.
fz712469 fz528435
Fix libDtHelp buffer overflow problem.
erg712445 fz528372
Fix bug in mousemgr which causes graphical login to fail to
restart after logout when using a serial mouse.
fz528706
Ensure that /etc/conf/bin/idcpunix invokes rm -rf from a directory
with a known path to avoid certain failures which can occur when
invoking /etc/conf/bin/idcpunix (and therefore rm -rf) from a
directory with no known path. Also, add the directory
/etc/conf.unix.old/mod.d to the loadable module search path after
moving the current loadable module directory there.
fz527874 fz527875
The compress command dies with a SIGSEGV, and fails to compress
the file.
fz712220 fz527292
Fixed problem where embedded EHCI on IBM 8430/13x took inordinate
amount of time to reset.
fz501727 fz527381
Packaging change to samba and sambamb packages.
fz526999
sysi86 doesn't validate selector when clearing a descriptor.
fz521540
Updated Scoadmin Video Configuration Manager to stay set to VESA if
configured to VESA and not switch to an autodetected video adapter
configuration.
fz528393
/etc/magic was updated to handle the OSR5 tar format.
fz528854:1
Auto-enabling of memory above 4GB.
When the OS detects memory above 4GB, it automatically enables PAE mode in order
to access the memory above 4GB.
Previously, this had to be done manually, by setting
ENABLE_4GB_MEM=yes
in /stand/boot followed by a reboot.
fz528501:3
The following fixes are not included in the Update Pack Set; they are installed with the indicated package provided on the Update Pack CD. See Update Pack CD Contents.
adst70 - Provide updated adst70 HBA driver to prevent a panic going into init 1.
fz527526
basex - Avoid potential duplicate data being flushed from buffers
when the child process, used for initial house keeping, in the
pseudo tty client open transport function exits.
fz527709
nd - Updated Intel PRO/100 driver (eeE8) to version 2.5.4. Bug fixes and
new card support.
fz527508 fz527922
nd - Updated Intel PRO/1000 driver (e1008g) to version 7.0.11. Bug fixes
and new card support.
fz527502 fz527911
nd - Correct typos in Intel PRO/1000 (e1008g) Drvmap file affecting
hotplug support for certain NICS.
fz527792
nics - Short Ethernet frames are now padded with octets of zero to prevent
information leakage.
erg712090 fz521367
openssh - SECURITY
Provide rlogin/telnet login replacements to correct flawed kill routine.
fz526587
openssl - SECURITY
Upgraded OpenSSL version to fix timing attack vulnerability.
fz527507
samba and sambamb - SECURITY
Upgraded Samba version to fix security holes where anonymous or remote
users could gain root access.
fz527530 fz527681
xdrivers - Matrox G100/G200/G400 Series Graphics driver (mtx) doesn't close pcix
driver causing xserver package to hang during installation.
fz527729
xdrivers - Provide support for Nvidia TNT2, GeForce2 and Quadro2 Graphics adapters.
fz527795
zlib - SECURITY
Fix a zlib (gzprintf) format string overflow vulnerability by rebuilding
the zlib library to use snprintf().
fz527490
The following fixes are not included in the Update Pack Set; they are installed with the indicated package provided on the Update Pack CD. See Update Pack CD Contents.
basex, j2jre131, xfonts - The /usr/lib/X11/fonts/TrueType/watanabe-mincho.ttf Japanese font
has been removed from these packages, and is removed from the system when you install these packages on top
of a previous version.
fz528440
nd - Updated Intel PRO/1000 driver (e1008g) to version 7.2.10. Bug fixes
and new card support.
fz528257
nd - Updated Broadcom NetXtreme Gigabit Ethernet driver (bcme) to version
6.0.16. Corrects panic in bcopy+13 with bcme v6.0.3.
fz527953 fz528305
netmgmt - The SNMP trap_rece utility trap_rece quits prematurely with the
error message Couldn't assign requested address
.
erg712289 fz527728
nics - A new dlpi driver tuneable in /etc/conf/pack.d/dlpi/space.c allows the administrator to turn off
MAC header size prediction, which causes problems on IBM SNA Gateway systems.
See Known Problems.
527969
nics - Changed ndcfg for PCI device recognition to fix a bug which
prevented some serial port boards from being recognized.
erg712319 fz527935
The following fixes are not included in the Update Pack Set; they are installed with the indicated package provided on the Update Pack CD. See Update Pack CD Contents.
apache - Updated to 1.3.29 to pick up latest fixes.
nd - Fixed 'nd' package menu option #2 install. Install failed to work
properly when installing on either UnixWare 7.1.1 or Open UNIX 8.0.0.
fz527574
nd - Updated AMD PCnet driver (pnt) to version 3.0.1. Fixes a panic that
appeared in bcopy().
fz527095
nd - Updated 3Com EtherLink DDI8 driver (e3bc) to version 1.1.1. Fixes a
bad ASSERT panic in the DEBUG kernel on startup. Only occurs in
DEBUG kernel.
fz528447
nd - Updated Intel PRO/100 driver (eeE8) to version 2.6.8. Bug fixes
and new support.
fz528724
nd - Updated Intel PRO/1000 driver (e1008g) to version 7.2.15. Bug fixes
and new support.
fz528381
nd - Updated Broadcom NetXtreme Gigabit Ethernet driver (bcme) to version
7.0.7. Bug fixes and new card support.
fz528589
nd - Updated tcpdump(1M) command to fix the following security vulnerabilities:
erg712544 fz528784
nics - netconfig fails to configure network card properly in certain
situations with multiple NICS.
erg712451 fz528400
xdrivers - Provide support for ATI Radeon 7000, 7200 and 7500 Graphics adapters.
fz528394
Please take note of the following known problems and workarounds when installing UnixWare 7.1.3 Update Pack 4 or UnixWare 7.1.4:
xAPIC support was designed for IBM x440 systems. On some platforms, such as the IBM xSeries 360 (x360), the OS detects it should use xAPIC but the platform does not properly support it. If this happens, the symptoms are device timeouts (either a disk driver or HBA) very early during the boot process. The system will display a message stating that an HBA or disk command has timed out, and the system will become unresponsive (hang). If you are using a Multi-Processing (MP) system with Pentium 4 (Xeon) processors and this occurs do the following:
Reset the system.
When the system displays the UnixWare logo during the boot sequence, interrupt the boot by pressing any key.
At the boot prompt enter:
USE_XAPIC=N boot
The system should now boot normally.
Once the system is running, edit /stand/boot and add the following entry to the file:
USE_XAPIC=N
This will ensure that you do not need to interrupt the boot process again.
A new dlpi driver tuneable in /etc/conf/pack.d/dlpi/space.c allows the administrator to turn off MAC header size prediction, which causes problems on IBM SNA Gateway systems:
int mac_header_size = 0;
This variable can be set as follows:
0 (default) | the kernel discovers the optimal MAC header size |
less than 0 | disable MAC header size prediction optimization |
greater than 0 | use the MAC header size specified in the space.c file |
To disable MAC header size prediction, edit /etc/conf/pack.d/dlpi/space.c and change the value of
mac_header_size
to -1
.
Then enter the following commands to rebuild the kernel and reboot:
# idbuild -M dlpi # shutdown -i6 -g0 -y
The mac_header_size
tuneable is installed with the nics package.
527969
If you are installing UnixWare 7.1.4 for the first time on an IBM xSeries Server with devices in an attached IBM RXE-100 Remote I/O Expansion Enclosure, you must enter a boot paramater for the devices in the RXE-100 to be recognized. As the UnixWare installation program boots, it displays the Unixware logo. When you see the logo, press the Spacebar to interrupt the program. When the [boot] prompt appears, enter the following two commands:
[boot] psm=mps [boot] boot
Your system will then continue to boot. Continue the installation normally.
Notices like the following may appear in /var/adm/syslog and /var/adm/log/osmlog after installation of the Update Pack:
Jan 30 11:47:40 systemname sco_pmd[884]: license [nnnnnnnnn/167/1.0] missing dependent product [xxx/8.0]
These messages are a consequence of the license upgrade process and can be safely ignored. Enter the following commands, as root, to remove the offending license from the license database and refresh the Policy Manager Daemon (sco_pmd):
/etc/brand -r nnnnnnnnn /etc/sco_pmd -r
Where nnnnnnnnn is copied from the notices in the system logs, as shown in the example above. Once the brand command is run as shown and sco_pmd is restarted, these notices will no longer be generated in the system logs.
You may see the following error during installation of the OpenSSH (openssh) package:
##Executing postinstall script. dynamic linker: /usr/sbin/sshd: could not open libcrypto.so.0.9.7 Killed /etc/init.d/opensshd: Error 137 starting /usr/sbin/sshd....Bailing.
Or, you may see the following errors when running OpenSSH commands after installation:
dynamic linker: /usr/bin/ssh-keygen: binder error: symbol not found: OPENSSL_add_all_algorithms_noconf; referenced from: /usr/bin/ssh-keygen Killed dynamic linker: /usr/bin/ssh-keygen: binder error: symbol not found: OPENSSL_add_all_algorithms_noconf; referenced from: /usr/bin/ssh-keygen Killed dynamic linker: /usr/bin/ssh-keygen: binder error: symbol not found: OPENSSL_add_all_algorithms_noconf; referenced from: /usr/bin/ssh-keygen Killed OpenSSL version mismatch. Built against 90703f, you have 90607f /etc/init.d/opensshd: Error 255 starting /usr/sbin/sshd... bailing.
These messages indicates that the OpenSSL (openssl) package is either not installed, or the installed
version of OpenSSL is an earlier version than the one required by OpenSSH.
To fix this, install the latest openssl package (from the same media on which you found
openssh) and then re-install openssh.
527982 528971
Although the Upgrade Wizard will display a warning about insufficient disk space when selecting packages, it may fail to automatically select all packages for update without displaying a warning. If the summary of packages automatically selected to be installed is incomplete due to insufficient disk space, use the work-around below to abort the Upgrade Wizard:
# ps -af | grep uli root 3672 2721 TS 80 0 13:23:58 pts/15 0:00 /usr/lib/uli/framework/w izardFW /usr/lib/uli/wizard/ULIWZD # kill -9 3672 # rm -f /tmp/uli.lck
The kill command takes as its argument the Process ID (PID) of the uli process returned by the ps command, as shown.
After terminating the uli process, and freeing space on your hard disk, restart the Upgrade Wizard.
When launching the Upgrde Wizard using the uli command from a desktop window, the Upgrade Wizard
may exit unexpectedly if you press the space bar a few times while it is loading.
To work around this, re-run the Upgrade Wizard.
527905
If you use the Upgrade Wizard (uli) to install, and you see the message
Incorrect media detected
, you are using the incorrect version of the Upgrade Wizard
for the media you are trying to install.
Exit the Upgrade Wizard, and load the uli package from the Update Pack media you are
attempting to install, following the directions in the section
Installation Procedures.
If the Upgrade Wizard loses window focus after the Update Set is installed and it's not possible to select packages or activate window buttons using the mouse, either press the <Ctrl> key while clicking the mouse button, or re-start the window manager from the root window menu (click the right mouse button to see the menu).
During installation of the Update Pack on a system that was upgraded from a release prior to Release 7.1.3, warnings such as the following may be displayed:
UX:pkginstall: WARNING: /etc/conf/pack.d/msr/Driver.o <shared file is volatile> UX:pkginstall: WARNING: /etc/conf/pack.d/pcid/Driver.o <shared file is volatile> UX:pkginstall: WARNING: /etc/conf/pack.d/ppp/Driver.o <shared file is volatile> UX:pkginstall: WARNING: /etc/conf/pack.d/pppml/Driver.o <shared file is volatile> ...
The Warnings displayed on your system will depend on the originally installed release.
These Warnings are expected and can be safely ignored.
527406
After installation, you may see the following messages in /var/sadm/install/logs/uw713u4.out:
UX:removef: ERROR: attribute verification of </usr/lib/locale/de/LC_MESSAGES/ifor.cat> failed pathname does not exist UX:removef: ERROR: attribute verification of </usr/lib/locale/es/LC_MESSAGES/ifor.cat> failed pathname does not exist UX:removef: ERROR: attribute verification of </usr/lib/locale/fr/LC_MESSAGES/ifor.cat> failed pathname does not exist UX:removef: ERROR: attribute verification of </usr/lib/locale/ja/LC_MESSAGES/ifor.cat> failed pathname does not exist
You may also see the following warnings in /var/sadm/install/logs/uw713u4.log:
UX:pkginstall: WARNING: /etc/conf/mdevice.d/mps <shared file is volatile> UX:pkginstall: WARNING: /usr/sbin/ifor_pmd <no longer a regular file>
These messages are expected and may be safely ignored.
528812
If you use the CDE desktop, the default Classic Mozilla theme may result in a color scheme that is unreadable when your graphics card is set to use 256 colors. To work around this, do one of the following:
Increase the number of colors used by the card to more than 256. Do this using the scoadmin video configuration manager.
Change the Mozilla theme to the modern theme. Open Mozilla, and select Edit > Preferences > Appearance > Themes from the menu. Choose the modern them, and select OK. A screen pops up, informing you that you need to restart Mozilla for the change to take effect. Click OK, and then restart Mozilla.
The default home page listed in the Edit > Preferences > Navigator window is http://www.caldera.com, even though the link points to The SCO Group, Inc., Web Site at http://www.sco.com. This is a legacy of previous releases of the system, and can be updated if desired.
The startup script for the OpenLDAP slapd daemon is missing, so slapd will not start on boot. To start slapd, enter the following command, as root:
/usr/libexec/slapd -u root -h 'ldap:/// ldaps:///' 2>/dev/null
You can also create a file named /etc/rc2.d/S99slapd, with the above contents, and slapd will start automatically on reboots. For further information on slapd, see the slapd(8C) manual page and the OpenLDAP documentation under Networking in the online documentation on http://localhost:8458.
Problems have been observed with the DocView (http://hostname:8458) PRINT BOOK facility:
Some files do not print when selected from the PRINT BOOK list, or the incorrect content is printed instead. This occurs in C and non-C locales.
Multibyte files cannot be printed (this includes, for example, Japanese-language documentation from the jabasedoc package on the Localized Documentation CD in the UnixWare Media Kit) from the PRINT BOOK list. This is because the underlying engine in DocView for printing HTML (HTMLDOC) does not support multibyte files.
Some documents are not being printed in foreign languages when locale is properly selected and the foreign-language documentation is installed.
The workaround in all these cases is to display the files individually from the DocView SITE MAP interface (which is identical to the PRINT BOOK list), and use your browser's Print command to print the files.
For example, if you use the PRINT BOOK interface to print a New Features file
and it does not work, click on the SITE MAP button on the DocView menu (http://hostname:8458) and
select the name of the link that you wanted to print (the SITE MAP and PRINT BOOK lists are identical).
Once the document is loaded into the browser, print it using your browser's
Print command (File > Print in Netscape) to print to a local printer or
to a file.
The formats available depend on your local browser's setup.
527817
If you are installing the OpenServer Kernel Personality (OKP) product on top of the Upgrade Pack, do not add the OKP License to the License Manager before beginning installation of OKP. Instead, add the license during installation of OKP, as described in the OKP Release Notes. If you do add an OKP License to the License Manager before the OKP product is installed, the License Manager may report the following when you install the license:
Licensing of <Unknown Product with id 181> is successfully completed
Thereafter, the main License Manager screen may list the OKP license incorrectly, as follows:
Unknown Product with id 181
If this occurs, you should remove the OKP license
(License > Remove in the License Manager menu) and then add it again (License > Add).
The License Manager will then display the license correctly.
528252
Removing the vxva package (VERITAS ODM Visual Administrator) from the system causes the scoadmin account graphical account manager to fail with these messages:
Unable to retrieve locales Unable to get initial list of users
The problem is caused by symbolic links left behind by the removal of the vxva package. To fix the problem, remove the links by entering the following commands (as root):
rm /usr/lib/locale/C/LC_MESSAGES/Vxva_inst /usr/lib/locale/C/LC_MESSAGES/Vxva_msgs
The PostgreSQL installation creates a postgres user if one does not already exist on the system. The postgres user is automatically configured with root's password. The script /etc/init.d/postgresql can be used to automatically start the PostgreSQL postmaster binary running as this user. The postgres user's password can be modified using the passwd(1) program.
The samba package (Samba 3.0) does not contain a sample /usr/lib/samba/lib/smb.conf; Samba will not start without one. If you already have an earlier version of Samba installed, your existing smb.conf file will not be altered, and Samba should start normally. If you are installing Samba for the first time, copy the file provided in Appendix A below to /usr/lib/samba/lib/smb.conf, and to /usr/lib/samba/lib/smb.conf.sample as a backup copy. You can then edit smb.conf for your configuration.
Another alternative is to launch the Samba Web Administration Tool (SWAT) utility (/usr/lib/samba/sbin/swat) and use the web interface to create an initial smb.conf.
Note: if you use SWAT to configure Samba, SWAT overwrites /usr/lib/samba/lib/smb.conf with a version it creates from your specifications in the web interface. This will lose any customizations you make to a manually edited version. It is therefore important to keep a back-up copy of any manual edits you make to smb.conf.
When starting smbd or smbclient, warnings like the example below are displayed: for smbd in /var/adm/syslog, and for smbclient to standard out.
[2004/02/23 10:52:17, 0] lib/charcnv.c:(134) Conversion from UTF8 to CP850 not supported
These warnings can be safely ignored; both smbd and smbclient should startup after these messages are displayed.
CGI.pm is a Perl module (contained in the perl5 package available from the base UnixWare media) that provides function calls for form definition. There is a vulnerability present in forms created with the start_form() and start_multipart_form() functions defined in CGI.pm. If the action for the form is left unspecified in a call to either function, the form action can be manipulated by a malicious user (using an appropriate URL) to launch a cross site scripting attack against the host system.
If you use the CGI.pm module in any Perl programs, it is recommended that you install the
perl and perlmods packages, available
on the SCO Web Services Enabling CD.
The perlmods package contains an updated CGI.pm module that closes this vulnerability.
528214
The squid manual page installed by the squid package contains a number of errors:
The Squid proxy server control script is located at /etc/init.d/squid.
The Squid software is located under /usr/lib/squid.
To start up Squid, the Domain Name Service (DNS) daemon in.named(1M) must already be running, and Squid must be able to reach at least one of the specified DNS servers; otherwise, it will not start. Follow this procedure to configure and begin using Squid:
Edit the file /usr/lib/squid/etc/squid.conf, and make the following changes:
visible_hostname
keyword, and insert a line like the following:
visible_hostname nodename
where nodename is the name you want returned by the server to clients in messages.
Enable access for your clients.
This is done with a combination of the http_access
and acl
keywords (search for
http_access
keyword; the acl section is just above it in the file).
To simply allow all hosts to access squid, enter a single http_access
statement:
http_access allow all
Most sites will want better security, and allow only known sites to access the proxy. The following two statements allow only hosts on the "10.0.0" subnet to access the server:
acl local 10.0.0.0/255.255.255.0 http_access allow local
Note that the ordering of http_access
entries in the squid.conf file is important.
You may need to put entries for local clients at the top of the list of http_access
entries
in order for them to work.
See the comments in the file /usr/lib/squid/etc/squid.conf as well as the Squid documentation installed along with the squid package, in the online documentation under Internet and Intranet, for more information on configuring Squid.
Enter, as root:
/usr/lib/squid/bin/squid -z
to initialize the Squid caches.
Start Squid:
/etc/init.d/squid start
On each client (including the local system), set the browser's preferences to go to the proxy server instead of connecting directly to the internet. In Netscape or Mozilla, this is done by opening the browser Preferences (Edit > Preferences) and selecting Advanced > Proxies. Select Manual Configuration, and click on View. In the following window, set at least the http: and ftp: entries to point to the nodename or IP address of the UnixWare system running the Squid proxy server; then, set the port for both entries to 3128, the default port on which the UnixWare Squid server listens for requests. Save your changes to the browser's Preferences.
The browser will now access the internet through the Squid proxy. Check the files under /usr/lib/squid/logs if you encounter problems.
# This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not many any basic syntactic errors. # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = MYGROUP # server string is the equivalent of the NT Description field server string = Samba Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = lpstat load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = sysv # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /usr/lib/samba/var/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server ; password server = NT-Server-Name # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents ; encrypt passwords = yes ; smb passwd file = /etc/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux sytsem password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only # the encrypted SMB passwords. They allow the Unix password # to be kept in sync with the SMB password. ; unix password sync = Yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names ; username map = /etc/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /etc/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply ; local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job ; domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election ; preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = NT-Domain-Controller-SMBName # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # All NetBIOS names must be resolved to IP Addresses # 'Name Resolve Order' allows the named resolution mechanism to be specified # the default order is "host lmhosts wins bcast". "host" means use the unix # system gethostbyname() function call that will use either /etc/hosts OR # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf # and the /etc/resolv.conf file. "host" therefore is system configuration # dependant. This parameter is most often of use to prevent DNS lookups # in order to resolve NetBIOS names to IP Addresses. Use with care! # The example below excludes use of name resolution for machines that are NOT # on the local network segment # - OR - are not deliberately to be known via lmhosts or via WINS. ; name resolve order = wins lmhosts bcast # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = no # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /home/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %u option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765
© Copyright 2004 The SCO Group, Inc. All rights reserved.