Patch-ID# 101798-01 Keywords: hung, diskless clients Synopsis: Trusted Solaris 1.1: Diskless clients hang due to invalid label in contool Date: Nov/07/94 Solaris Release: Trusted Solaris 1.1 SunOS Release: Unbundled Product: Unbundled Release: Relevant Architectures: sun4 sun4c sun4m BugId's fixed with this patch: 1160296 Changes incorporated in this version: Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: README sun4m/OBJ/cons.o sun4c/OBJ/cons.o sun4/OBJ/cons.o Problem Description: After user logs out from a diskless client and leaves the diskless client idle overnight, when user logs in next morning, the following tools do not display: the contool and mailtool. (Sometimes the clock does not display.) One can still ping and rlogin to the client from the server. After about half an hour, the client screen repeatedly gets the message "NFS server not responding" and at this point, the client hangs. The client does not respond to ping and one cannot rlogin to the client. Patch Installation Instructions: NOTE: This patch does not apply to SunOS 4.1.1, 4.1.2, 4.1.3, or to SunOS CMW 1.0 systems. CAUTION: Do all the steps in single-user mode. NOTE: For more about reconfiguring the kernel, refer to the System and Network Administration Manual for SunOS 4.1, Chapter 9, "Reconfiguring the System Kernel." 1. These instructions assume you have copied the patch files to a temporary directory, such as /tmp. Because customers obtain patches from different sources, these instructions do not attempt to cover all possibilities. To give one example, if this patch is on a tar tape inserted in st0, you would do this: # cd /tmp # tar xvf /dev/rst0 2. Check the labels on each of the object files to ensure that they are at SYSTEM_LOW[SYSTEM_LOW]. If not, use getlabel to change the label. For example, # cd /tmp/sun4[c|m]/OBJ # getlabel cons.o And, if necessary: # setlabel SYSTEM_LOW[SYSTEM_LOW] cons.o 3. Halt the diskless client server: # /etc/halt 4. Go to the OBJ directory for the server's architecture: # cd /usr/kvm/sys/`arch -k`/OBJ 5. Save the existing version of cons.o. For example: # cp cons.o cons.o.orig 6. Copy the new object module into the OBJ directory from the temporary directory using the object with the correct architecture. For example: # cp /tmp/sun4m/OBJ/cons.o . 7. Build and install the new kernel, carefully following substeps 7a through 7d: 7a. Choose a name for your configuration of the system; for example, PATCHED. 7b. Create the configuration file by making a copy of GENERIC or of an already-customized configuration file and change the mode. # cp GENERIC PATCHED; chmod +w PATCHED 7c. Run config on the new file: # /etc/config PATCHED (The directory ../PATCHED will be made if it doesn't exist, and a "make depend" will be done unless you specify a "-n" flag.) 7d. Make the new system: # cd ../PATCHED # make 8. Save the original kernel, install the new one in /vmunix, and try it out: # mv /vmunix /vmunix.orig # cp vmunix /vmunix # /etc/halt ok boot If it works, go to step 9. 9. If the system does not work, halt the server, reboot from the original kernel, restore the original kernel, and then rebuild the new kernel: # /etc/halt ok boot vmunix.orig -s # mv /vmunix.orig /vmunix ok boot Start again with step 1 above to rebuild the kernel. 10. Return the server to single-user mode, and remake the trusted networking token database: # /etc/halt ok boot -s # mkdb /etc/security/TNETDB 4096 80 11. Synchronize the server's tcb_dynamic database: # sync_ctab /etc/security/tcb_dynamic -o /etc/security/TNETDB 12. Configure the diskless clients. For diskless clients with the same architecture as the server, go to step 13. When any diskless clients do not have the same architecture as the server, do step 14. 13. For each client with the same kernel architecture as the server, copy the new /vmunix into the /export/root/ directory following substeps 13a through 13e. 13a. Go to the client's root directory: # cd /export/root/ 13b. Back up the current vmunix file: # cp vmunix vmunix.orig 13c. Copy the server's /vmunix to the current directory: # cp /vmunix vmunix 13d. Reinitialize the client's trusted networking token database: # mkdb /export/root//etc/security/TNETDB 4096 80 13e. Synchronize the client's tcb_dynamic database: # sync_ctab /etc/security/tcb_dynamic -c -o /etc/security/TNETDB 14. For any diskless clients that do not have the same architecture as the server, before you build the new kernel for each architecture, make a copy of the cons.o object file and copy the patched file into the appropriate OBJ directory for that architecture, under: /export/exec/kvm/sun[4,4c,4m].trusted_solaris.1.1/sys/sun[4,4c,4m]/OBJ as described in substeps 14a through 14g. 14a. Go to the appropriate OBJ directory and make a copy of the object file. For example, for a sun4c: # cd /export/exec/kvm/sun4c.trusted_solaris.1.1/sys/sun4c/OBJ # cp cons.o cons.o.orig 14b. Copy the patched cons.o object file from the temporary directory into the appropriate OBJ directory. For example: # cp /tmp/sun4c/OBJ/cons.o . 14c. Follow Method 2 on page 244 of the SunOS 4.1 System and Network Administration Manual, in the section titled "Procedure for Reconfiguring the Kernel," to create a new kernel for the appropriate architecture. 14d. Copy the new kernel to all clients with the same architecture. 14e. Reinitialize each client's trusted networking token database: # mkdb /export/root//etc/security/TNETDB 4096 80 14f. Synchronize each client's tcb_dynamic database: # sync_ctab /etc/security/tcb_dynamic -c -o /etc/security/TNETDB 14g. Repeat steps 14a through 14f for each architecture.