Manualshelf

HP-UX Security Containment Extensions B.11.31.02 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Security Containment Software
1234567
— The HP-UX cumulative ARPA Transport patch: PHNE_41004
— The HP-UX STREAMS cumulative patch: PHNE_40428
HP-UX Security Containment Extensions B.11.31.02 is currently available in English only.
Known Problems Fixed in HP-UX Security Containment Extensions
B.11.31.02
This release fixed the following problems:
HP-UX Security Containment version B.11.31 can produce undesired inbound connection
behavior.
Using ssh to connect to a remote compartment may create a timeout if there is no sshd
daemon running in that compartment. This behavior is different from using ssh to connect
to a remote system where there is no sshd daemon running on that remote system.
Defect number: QXCR1000878742
HP-UX Security Containment version B.11.31 can produce a query error when using the
vhardlinks command.
The vhardlinks command sometimes returns the following message:
vhardlinks: Failed to query the compartment rules: Invalid argument
Defect number: QXCR1000916780
HP-UX Security Containment version B.11.31 can produce a memory allocation error when
using the vhardlinks command.
If you run the vhardlinks command on a mount-point that has a large number of hard
links, vhardlinks exits with the following error message:
vhardlinks: Memory allocation failure: Not enough space
Defect number: QXCR1000912970
NOTE: The ContainmentPlus product includes enhancements and fixes for other known
problems. See “Features” (page 5) for more information on the ContainmentPlus product.
Known Problems in HP-UX Security Containment Extensions B.11.31.02
HP-UX Security Containment Extensions B.11.31.02 contains the following known problem:
The HP Auto Port Aggregation (APA) virtual LAN device (lan900) becomes unusable
after reboot if it is configured as LAN MONITOR mode on a compartment.
Workaround:
When APA is used in LAN MONITOR mode, the following rules must be met:
— The primary interface, lan0, must be assigned to the proper compartment.
— The secondary interface, lan1, is either not assigned to any compartment or is assigned
to the same compartment as lan0.
The aggregate interface, lan900, is either not assigned to any compartment or is assigned
to the same compartment as lan0. HP recommends that you leave lan900 unassigned
in case APA changes the naming scheme.
NOTE: In this example, lan0 and lan1 are aggregated into lan900.
For more information on APA, see apa(7).
Known Problems Fixed in HP-UX Security Containment Extensions B.11.31.02 7