Patch-ID# 101907-17 Keywords: security vold DOS libvolmgt leak driver floppy cdrom volmgt PCMCIA Synopsis: SunOS 5.4: usr/sbin/vold patch Date: Mar/08/2001 Solaris Release: 2.4 SunOS Release: 5.4 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 101908 Topic: SunOS 5.4: usr/sbin/vold patch Relevant Architectures: sparc BugId's fixed with this patch: 1167988 1171863 1174304 1176756 1176873 1177560 1177793 1179769 1182431 1188338 1189051 1193752 1195348 1195724 1207333 1222675 1228209 1261308 1265432 4028077 4041549 4058113 4194660 Changes incorporated in this version: 4058113 Patches accumulated and obsoleted by this patch: 102077-01 102098-01 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: usr/kernel/drv/vol usr/lib/libvolmgt.a usr/lib/libvolmgt.so.1 usr/lib/rmmount/action_filemgr.so.1 usr/lib/vold/db_mem.so.1 usr/lib/vold/db_nis.so.1 usr/lib/vold/dev_cdrom.so.1 usr/lib/vold/dev_floppy.so.1 usr/lib/vold/dev_pcmem.so.1 usr/lib/vold/dev_test.so.1 usr/lib/vold/label_cdrom.so.1 usr/lib/vold/label_dos.so.1 usr/lib/vold/label_sun.so.1 usr/lib/vold/label_test.so.1 usr/sbin/rmmount usr/sbin/vold Problem Description: 4058113 /var/adm/vold.log is world-writable (from 101907-16) 4194660 Permissions problem in /vol. (from 101907-15) 4028077 vold has a security hole (from 101907-14) 4041549 buffer overflow security hole for /bin/eject in 2.4 and 2.3 (from 101907-13) 1261308 vold filemgr actions have security problem 1265432 if /tmp/.removable exists as a non-dir filemgr cannot see removable media (from 101907-12) 1207333 vold/rmm fails to mount a hsfs cdrom (from 101907-11) 1228209 dev_unmount() in libvolmgt sometimes tries to unmount but fails (from 101907-10) 1222675 Changed to past time using date command, inserted floppy could not eject (from 101907-09) 1176756 after fdformat of floppy, cant newfs or mount directory with volmgt running (from 101907-08) 1174304 vold appends d0 to the cdrom name specified in a use line in /etc/vold.conf (from 101907-07) 1193752 volmgt needs to work around CD-ROM drives that don't allow CDROMREADTOCENTRY (from 101907-06) 1195724 problem with volmgt SUNWvolu package definition file 1195348 Problem with installing patch 101907-05 using vold (from 101907-05) 1188338 volmgt/vold needs to create a correct pcmemN based on PCMCIA socket number 1189051 vold does not mount PCMCIA memory card if it is inserted/removed too quickly (from 101907-04) 1167988 /cdrom not present after install 1177793 volmgt/vold needs to support PCMCIA memory cards 1182431 volmgt on DOS media uses first filename if no volume label (from 101907-03) 1176873 libvolmgt has a "file descriptor leak" 1177560 volume driver leaks memory 1179769 media_findname function returns NULL when valid floppy is inserted This patch causes the Volume Management user-level NFS daemon to not cache file/directory attributes. This is needed so that vold (the Volume Management daemon) can change/add/remove data in Volume Management's /vol namespace. This patch fixes 3 different problems: 1. the vol kernel device driver leaks memory in some cases, 2. some routines in libvolmgt leak file descriptors, and 3. the NFS server in vold, which services /vol, sometimes caches information when it shouldn't, causing either ENOENT or ESTALE when inappropriate (from 101907-02) 1171863 vold cannot handle 2DD(720KB) DOS-formatted floppy disks. This patch replaces 101907-01, which is a patch for bug id# 1171863. This fixes a problem reading NEC 2DD floppy discs (made on NEC DOS 2.0). (from 101907-01) 1171863 vold cannot handle 2DD(720KB) DOS-formatted floppy disks. This patch allows Solaris 2.4 to correctly handle DOS 5.25" floppies formatted on older DOS systems, such as NEC-DOS (which runs on the NEC-PC in Japan). (from 102077-01) 1176873 libvolmgt has a "file descriptor leak" This patch allows WABI (on Solaris 2.4) to install software that is contained on multiple floppy disks. Without this patch, Volume Management runs out of file descriptors, causing unpredictable errors to occur. (from 102098-01) 1177560 volume driver leaks memory This patch fixes a memory leak in volume management. This memory leak can occur when the volume driver ("vol") is "detached". This "detaching" can happen manually, by use of the "modunload" or "rem_drv" commands, or automatically, when the system unloads the vol driver The system would unload the driver if and only if (1) volume management was not running, and (2) the kernel needs more memory. In this case, the kernel starts unloading unused drivers. Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- After installing the patch, vold should be stopped using /etc/init.d/volmgt stop and then restarted using /etc/init.d/volmgt start command. README -- Last modified date: Thursday, March 8, 2001