DCE for DIGITAL UNIX Release Notes July 1998 This document describes new and changed features of DCE for DIGITAL UNIX Version 3.0 as well as corrections to known problems, known problems and limitations and corrections to documentation. DIGITAL recommends that you read this document before installing and using DCE software. Product and Version: DCE for DIGITAL UNIX Version 3.0 Operating System and Version: DIGITAL UNIX Version 4.0 or greater Digital Equipment Corporation Maynard, Massaschusetts July 1998 Digital Equipment Corporation makes no representations that the use of its products in the manner described in this publication will not infringe on existing or future patent rights, nor do the descriptions contained in this publication imply the granting of licenses to make, use, or sell equipment or software in accordance with the description. Possession, use, or copying of the software described in this publication is authorized only pursuant to a valid written license from DIGITAL or an authorized sublicensor. c Digital Equipment Corporation 1998. All rights reserved. The following are trademarks of Digital Equipment Corporation: DIGITAL, DIGITAL UNIX, and the DIGITAL logo. The following are third-party trademarks: UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. All other trademarks and registered trademarks are the property of their respective holders. Table of Contents 1. NEW AND CHANGED FEATURES 1.1 Overview of OSF DCE Release 1.2.2 Features 1.2 Changes to Remote Procedure Call (RPC) 1.3 Changes to Cell Directory Service 1.4 Changes to Security Services 1.5 Changes to the Distributed Time Service (DTS) 1.6 Changes to Distributed File Service 1.7 Changes to Cell Configuration 1.8 Addition of Lightweight Directory Access Protocol (LDAP) 1.9 Changes to Documentation 2. CORRECTIONS TO KNOWN PROBLEMS 2.1 RPC 2.2 CDS 2.3 SECURITY 2.4 DTS 2.5 DFS 2.6 Installation and Configuration 3. UNSUPPORTED FEATURES 3.1 DASCOM DCE Cell Manager 3.2 DCE Toolkit 4. IMPORTANT NOTES 4.1 Upgrading to Version 3.0 without Reconfiguring the Version 2.n Database 4.2 Reconfiguring a CDS Replica 4.3 DFS Notes 4.4 Using the Kerberos Versions of telnet, rlogin and rsh 5. KNOWN PROBLEMS AND RESTRICTIONS 5.1 Known Problem with Split Server Configuration 5.2 Known Problems with Configuring a Security Server Replica 5.3 Known Problems with the passwd_export Command 5.4 Known Problems with Kerberos 5 and the Kerberos 5 Compliant Utilities 5.5 Known Problems with CDS 5.6 Known Problems with the Example Programs 5.7 Public Key Storage Server Does Not Support Security Replicas 5.8 Thread Stack Overflow Not Reported 5.9 Use STDERR Instead of STDOUT with dcesetup 5.10 Known Limitation with X500 5.11 Known Problems and Restrictions in DFS 5.12 Known Problems in SIA 5.13 Known Problems in DECthreads with DIGITAL UNIX, Version 4.0b 6. CORRECTIONS TO DOCUMENTATION 1. NEW AND CHANGED FEATURES This section describes new and changed features for DCE for DIGITAL UNIX, Version 3.0. 1.1 Overview of OSF DCE Release 1.2.2 Features DCE for DIGITAL UNIX Version 3.0 is layered on the latest release of the Distributed Computing Environment (DCE), Release 1.2.2, (R1.2.2) from the Open Group which includes the following key features: Support for the public-key security model R1.2.2 allows login using Kerberos/public-key security models. The DCE security server no longer needs to store long-term keys, preventing a possible security breach if the security server is compromised. Instead it provides an interface to existing user systems for access control based on user names and passwords which provides users greater flexibility and reliability at login. R1.2.2 also incorporates a new certification API that provides a framework for performing Public Key authorization. This API enables developers to employ their own policy and storage modules for authorization information. Users may be allowed to login using a crypto- card or other personal security model. This prevents DCE from dictating a single-use model for security practices. Support for MIT Kerberos Version 5 R1.2.2 offers support for Version 5 of the Massachusetts Institute of Technology (MIT) Kerberos authentication and key distribution service. The kit also includes the Kerberos versions of the following standard UNIX utilities: rsh and rlogin. Availability of global groups A new feature of Release 1.2.2 allows principals from a foreign cell to be added to groups in the local authorized cell, with the existing security credentials. Performance improvements for large cells Changes to the DCE Security Server have resulted in considerable performance improvements for servicing large cells (those with more than 50,000 principals). NOTE: OSF DCE R1.2.2 contains enhancements to Distributed File System (DFS) that are not included in Version 3.0 of DCE for DIGITAL UNIX. These features will be incorporated into a future DCE release. 1.2 Changes to Remote Procedure Call (RPC) This section describes new and changed features of Remote Procedure Call (RPC) for the DCE for DIGITAL UNIX Version 3.0 release. Changes to Timeout Properties for TCP/IP Connections _ improvements have been made to timeout properties for TCP connections. Previously, the RPC API calls rpc_mgmt_set_com_timeout() and rpc_mgmt_set_server_com_timeout() recognized only two timeout values for TCP connections; rpc_c_binding_min_timeout (0) and rpc_c_binding_infinite_timeout (10). However, these calls recognized values 0 through 10 for UDP connections. Now, values from 0 through 10 will affect the timeout properties of each call regardless of the network protocol selected. The value 10 corresponds to the (kernel tunable) TCP default timeout of approximately 2 hours. Values less than 10 indicate some relative time to wait before giving up with a communications timeout failure, with 0 signifying the minimum timeout period. DIGITAL UNIX TruCluster Support _ DCE for DIGITAL UNIX Version 3.0 can be made more highly available by configuring its core services using a warm-standby or cold-standby approach in a DIGITAL TruCluster Available Server Environment (ASE). Documentation for this feature is provided on the DCE for DIGITAL UNIX Web page (http://www.digital.com/dce). Addition of localrpc Protocol Sequence _ DCE for DIGITAL UNIX Version 3.0 supports a new protocol sequence (protseq) in addition to TCP, UDP, DECnet, and OSI (ncacn_ip_tcp, ncadg_ip_udp, ncacn_dnet_nsp, and ncacn_osi_dna protocol sequence strings, respectively). The new protocol is implemented with UNIX Domain sockets and can only be used by clients and servers that are on the same node. The name of this new protocol sequence is ncacn_localrpc. Refer to the DCE for DIGITAL UNIX Product Guide for more information about this new feature. 1.3 Changes to Cell Directory Service No new features have been added for the Cell Directory Service (CDS) in the DCE for DIGITAL UNIX Version 3.0 release. Refer to the Section 2 for information on corrections to known CDS problems. 1.4 Changes to Security Services The DCE for Digital UNIX Version 3.0 release adds the following new security features: Support for MIT Kerberos 5 --- enables MIT Kerberos Version 5 authentication and key distribution service as provided by OSF DCE Release 1.2.2. This new R1.2.2 feature also installs Kerberos-compliant versions of the rsh, rlogin, and telnet utilities to prevent the risk of password interception in a distributed network. Refer to the DCE for DIGITAL UNIX Installation and Configuration Guide for more information. Addition of the RANDD random number generator - a performance enhancement to security that generates random numbers in advance of security operations that require the use of a random number to encode client/server communications. Refer to the man page for this daemon for more information. Addition of the Public Key Security _ in support of the public key security model, DCE for DIGITAL UNIX adds the Private Key Storage Server (PKSS) component as provided by OSF DCE Release 1.2.2. Because private keys can be too long for memorization, a private key storage server can be enabled during installation to store users' software-generated private keys. 1.5 Changes to the Distributed Time Service (DTS) This section describes new and changed features of Distributed Time Service (DTS) for the DCE for DIGITAL UNIX Version 3.0 release. Change to default startup behavior of dtsd _ previously, dtsd listened for DECdts (DECnet time service) synchronization messages on DLI (data link interface) by default. Now, dtsd does not listen on DLI by default. To allow dtsd to listen on DLI, use the new -m switch on the command line when starting the dtsd process. 1.6 Changes to Distributed File Service Distributed File Service has not been revised for DCE for DIGITAL UNIX Version 3.0. Therefore, DFS functionality for Version 3.0 continues to reflect Release 1.1 of OSF DCE. 1.7 Changes to Cell Configuration This section describes new and changed features of DCE cell configuration for the DCE for DIGITAL UNIX Version 3.0 release. RPC Only Option Added to DCE Configuration Choice Menu _ the Configuration Choice menu includes a new option called "Configure this system for RPC only." Selecting this option during initial cell configuration enables you to configure the current system to run only the dced daemon. User applications running on systems configured for RPC only are restricted to using RPC with explicit bindings. Changes to Cell Configuration _ the cell configuration dialog of dcesetup utility has been changed to request the user to specify cell support for LDAP, Kerberos utilities, and public-key security. For more information about configuring these options for each cell, refer to the last section of the Release Notes entitled "Corrections to Documentation" and to the DCE for DIGITAL UNIX Installation and Configuration Guide. Additions to the Modify DCE Cell Configuration Menu _ the following new options have been added to the Modify DCE Cell Configuration menu to support cell configuration changes for DCE for DIGITAL UNIX Version 3.0: o Enable/Disable Kerberos 5 Used to enable or disable the user of MIT Kerberos 5 authentication and key distribution services and the use of the Kerberos compliant versions of the rsh, rlogin, and telnet utilities. O Configure LDAP Name Service Used to configure this system to use the Lightweight Directory Access Protocol (LDAP) providing access to the X.500 directory service without incurring the overhead of the full Directory Access Protocol (DAP). O Add/Remove LDAP Client Services Used to add or remove LDAP client services from this system. O Enable/Disable LDAP/GDA Used to enable or disable the use of LDAP by the Global Directory Agent in looking up information on foreign cells. O Add/Remove PKSS Used to add or remove a Private Key Storage Server from this system. A PKSS is required to store private user authorization information in support of public-key security for the cell. 1.8 Addition of Lightweight Directory Access Protocol (LDAP) Version 3.0 of DCE for DIGITAL UNIX adds support for the Lightweight Directory Access Protocol (LDAP). LDAP provides access to the X.500 directory service without incurring the overhead of the full Directory Access Protocol (DAP). The simplicity of LDAP, along with the powerful capabilities it inherits from DAP, has made it a defacto standard for Internet directory services. DCE gains LDAP support for both NSI and GDA. With the addition of LDAP, an application is now capable of conducting the same operations in NSI as previously, but can also perform these operations through the LDAP directory service. GDA can now look up foreign cell information by communicating through LDAP to either an LDAP-aware X.500 directory service or a standalone LDAP directory service, in addition to DNS and DAP. In this release, LDAP is provided as an optional directory service that is independent of CDS. A DCE administrator must install and configure an LDAP directory server before a DCE cell can use it. Then the system administrator can choose LDAP support during DCE cell configuration. After LDAP support is configured, applications can request directory services from either CDS or LDAP. For more information about LDAP, refer to the DCE for DIGITAL UNIX Product Guide. 1.9 Changes to Documentation DIGITAL DCE for DIGITAL UNIX Version 3.0 provides the following online technical documentation for viewing using a Web browser: DCE for DIGITAL UNIX Installation and Configuration Guide _ Describes how to install DCE and configure and manage your DCE cell. DCE for DIGITAL UNIX Product Guide _ Provides supplemental documentation for DCE for DIGITAL UNIX value-added features. DCE for DIGITAL UNIX Product Reference _ Provides supplemental reference information for DCE for DIGITAL UNIX value-added features. DCE for DIGITAL UNIX DFS Configuration Guide _ Describes how to configure the optional DCE Distributed File Service (DFS). The following OSF DCE Release 1.2.2 technical documentation is provided online for viewing by a Web browser: Introduction to OSF DCE _ Contains a high-level overview of DCE technology including its architecture, components, and potential use. OSF DCE Administration Guide - Introduction _ Describes the issues and conventions concerning DCE as a whole system and provides guidance for planning and configuring a DCE system. OSF DCE Administration Guide - Core Components _ Provides specific instructions on how core components should be installed and configured. OSF DCE Application Development Guide - Introduction and Style Guide _ Serves as a starting point for application developers to learn how to develop DCE applications. OSF DCE Application Development Guide - Core Components _ Provides information on how to develop DCE applications using core DCE components such as RPC and security. OSF DCE Application Development Guide - Directory Services _ Contains information for developers building applications that use DCE Directory Services. OSF DCE Application Development Reference _ Provides reference information for DCE application programming interfaces. OSF DCE Command Reference _ Describes commands available to system administrators. For information on how to order printed technical documentation, refer to the Read Before Installing DCE for DIGITAL UNIX Version 3.0 letter. 2. CORRECTIONS TO KNOWN PROBLEMS 2.1 RPC Previously, when an authenticated RPC was made over a datagram protocol and the thread was unexpectedly canceled, deadlock could occur. A correction has been made to ensure that mutexes are unlocked. Previously, applications using idl in C++ mode experienced problems in client/server communication when different protocols were accepted on the client and server side. This problem has been corrected. Previously, certain RPC calls were not allowed during a context rundown function. This problem has been corrected. A small number of memory leaks were repaired. Previously, the rpc_mgmt_is_server_listening() function did not work properly for servers registering multiple interfaces. This problem has been corrected. A correction was made to ensure that accurate time stamps are used when setting internal timers. Previously, passing a null parameter to the uuid routines could cause a segmentation fault. This problem has been corrected. The authn_inq_supported function has been corrected to handle an unsupported authn service. 2.2 CDS Corrected a problem that occasionally caused a socket in the CDS advertiser to be filled with too much information, resulting in unpredictable system behavior. Previously, when the cdscp dump clerk cache command was used from an account without superuser privilege, a misleading error message appeared. This problem has been corrected. When a replica pointer was removed from a directory cache entry, the replica pointer was marked as absent instead of being removed from the cache. When the cdscp dump clerk cache command was invoked, the entries marked as absent appeared. This problem has been corrected. The CDS_CELL and CDS_REPLICAS attribute names were changed to CDSCELL and CDSREPLICAS, respectively, as a result of the addition of support for the LDAP protocol. The dcecp clearinghouse repair command always returned the error message "Clearinghouse exists but is not available" even after a repair was successfully completed. This problem has been corrected. 2.3 SECURITY A problem has been corrected that previously caused the pe_site bindings file to contain no security replica endpoints. Corrected a problem with the Registry Editor (rgy_edit) that caused it to hang when interrupted with a CTRL/C while executing in command line mode. The audit component has been enhanced to more smoothly handle thread cancellation. Corrected a potential deadlock in secd by moderating the locking policy. Corrected the representation of the year 2000 in the chpass security utility. 2.4 DTS The dtscp command now allows the use of the question mark (?) as an alias for selecting help. Previously, dtsd could cause memory leaks if a time provider or a security server was unavailable. This problem has been corrected. Previously, a peer server failure could cause dtsd to fail. This problem has been corrected. The check_unsupported_ifs() function was added to enable applications to search for interfaces identified in the environment variable RPC_UNSUPPORTED_NETIFS which should be avoided when initializing DLI. Corrected the representation of the year 2000 that is received from the acts, hopf, rcr, and traconex time providers. Also validated the proper calculation of the leap day for that year. 2.5 DFS NOTE: Distributed File Service has not been revised for DCE for DIGITAL UNIX Version 3.0. Therefore, DFS functionality for Version 3.0 continues to reflect Release 1.1 of OSF DCE. To use the DFS component of DCE for DIGITAL UNIX Version 3.0 running on DIGITAL UNIX Versions 4.0, 4.0a, 4.0b, or 4.0c, you must install the latest patch kit for your version of DIGITAL UNIX. This restriction is due to a DIGITAL UNIX change to socketvar.h that adversely impacts DFS performance. Because DCE DFS for DIGITAL UNIX Version 3.0 incorporates the socketvar.h change, you must obtain the latest patch kit unless you are running DIGITAL UNIX V4.0d. Several memory leaks in the dfsbind routine have been fixed. 2.6 Installation and Configuration The DCE for DIGITAL UNIX Version 2.1 installation procedure would overwrite the libdxdutil shared library on systems with X.500 already installed. This problem has been corrected. Previously the dcesetup cell configuration utility prevented systems that were configured as DCE clients to be reconfigured as DCE servers. This problem has been corrected. The shutdown behavior of the CDS Advertiser has been changed to allow it to be shutdown automatically instead of waiting a fixed amount of time. This change enables shutdown to complete independently of machine speed and system load. Corrected a problem in the dcesetup program that caused it to hang because it required authentication at a point when authentication could not be established. The behavior of logging has been changed to append log information to dcesetup.log instead of recreating the log file each time the dcesetup program runs. 3. UNSUPPORTED FEATURES 3.1 DASCOM DCE Cell Manager The DASCOM DCE Cell Manager is a comprehensive set of tools that allows you to centrally manage all DCE administration facilities in a distributed network. The tools can be used individually or as a comprehensive suite. DCE Cell Manager is available at the following location after DCE is installed: /opt/dcelocal/nosupport/DASCOM_kit/ A trial license for the DASCOM DCE Cell Manager tool set is available with this release. Contact DASCOM Customer Support to request a license key. You can reach the DASCOM Customer Support staff by telephone at 512-458-4037, via email at support@chistech.com, by FAX (1.408.460.0255), or on the World Wide Web at http://www.dascom.com. The license is valid for 30 days from the time you receive your license key. For more information about DASCOM DCE Cell Manager software, visit the product Web site at: http://www.dascom.com/chisprod/dcecell.html 3.2 DCE Toolkit The DCE Toolkit is a combination of sample code, utility routines, and design methodology for both DIGITAL UNIX and Windows NT environments. It provides basic server and client modules for DCE-based applications. The DCE Toolkit is a collection of items that have been used by DIGITAL software consultants to build robust DCE distributed applications quickly. DCE Toolkit is available at the following location on the CD-ROM: /opt/dcelocal/nosupport/DCE_toolkit/ The code examples distributed in this kit have been tested on various DCE systems including OSF/1, DIGITAL UNIX, OpenVMS, Microsoft Windows 3.1, Microsoft Windows NT, AIX, and Sun Solaris. For more information about the DCE Toolkit software, refer to the installation, configuration and programming documentation supplied as part of this kit. For more information about the DCE toolkit, visit the DIGITAL DCE World Wide Web site at http://www.digital.com/dce. 4. IMPORTANT NOTES 4.1 Upgrading to Version 3.0 without Reconfiguring the Version 2.n Database Users can upgrade a DCE for DIGITAL UNIX Version 2.n server system to DCE for DIGITAL UNIX Version 3.0 and retain the Version 2.n database without reconfiguring. However, running DCE in this manner will cause it to generate a warning message similar to the following whenever the user restarts DCE : 1998-05-07-09:29:58.697-04:00I446.824 cdsclerk(13411) WARNING cds clerk clerk_bind.c 793 0x140043050 CDS server principal hosts/xochi/self is not a member of group subsys/dce/cds-server. To eliminate these warning messages, perform the following steps: 1. Startup DCE. 2. Log in as cell_admin (dce_login cell_admin) 3. Execute the following command: dcecp -c group add subsys/dce/cds-server -member hosts/HOSTNAME/self where HOSTNAME is the name of the server system. Performing these steps will add the hosts/HOSTNAME/self principal to the subsys/dce/cds-server group. Subsequently, when DCE starts up, the startup procedure will not generate warning messages. 4.2 Reconfiguring a CDS Replica If you unconfigure a CDS replica and then need to reconfigure a CDS replica on the same client, you must use dcesetup and perform the following steps in the order shown below: On the client: dcesetup stop dcesetup clean On the master server: dcesetup stop dcesetup clean dcesetup start Back on the client: dcesetup start 4.3 DFS Notes Limitations on DIGITAL UNIX Version 4.0 ACL Support Using access control lists (ACLs) in a file system, you can define a default ACL for a directory that will be inherited by child objects created in the directory. This is called ACL inheritance. When an object (for instance, a file) is created in a directory that does not have a default ACL, the creator-specified mode and the umask of the creating process should determine access restrictions to the object. When an object is created and a default ACL exists for the parent directory, file access should be determined by the creator-specified mode and the default ACL. In the current release, the umask is being used in both cases. This causes incorrect access restrictions for the default ACL case. DIGITAL UNIX Version 4.0 Supports ACLs on File System Data DCE DFS Version 3.0 supports access checks on files and directories with ACLs. However, the ability to view or modify the ACLs using either DCE or the DCE DFS path name of the file or directory currently is not supported. To view or modify the ACL on a file or directory, use the local path name for the file and the DIGITAL UNIX system commands setacl and getacl. Authenticated Remote Login Currently Unsupported The NFS/DFS Gateway included in DCE DFS for DIGITAL UNIX Version 3.0 does not allow remote user authentication. The dfs_login, dfs_logout, and dfsgwd components are not yet fully functional. However, NFS users can gain authenticated access to the DCE DFS namespace by using the dfsgw utility running on the gateway host. See dfsgw(8) for details. DFS Warnings The following informational message appears after a DCE DFS server is configured or rebooted: DFS: THE FX SERVER nn.nn.nn.nn IN CELL cellname_CELL IS TEMPORARILY IN TSR MODE where nn.nn.nn.nn is the Internet address of the DCE DFS server and cellname_CELL is the name of the cell. After a few minutes, the DCE DFS server exits from Token State Recovery (TSR) mode and resumes normal functioning. df Command The df command returns a constant value when run against the DCE DFS file system: Filesystem 512-blocks Used Avail Capacity Mounted on DCE File System 18000000 0 1800000 0% /... While files are allocated within the DCE DFS namespace, the current architecture does not provide a reasonable estimate of the capacity or use within the namespace. Note that using the -k flag with the df command will cause the numbers to appear in kilobytes. DCE RPC Data Privacy Is Not Currently Supported DCE RPC data privacy is not supported in this version of DCE DFS. Single-Site Semantics Not Fully Implemented for Memory-Mapped Files DCE DFS Version 3.0 does not fully implement single-site semantics for memory-mapped files. If a file that is opened for write is memory- mapped on Client A and Client B reads the same file, Client B may not see the most recent writes to memory made by Client A. Restriction on Creating and Accessing Special Devices Using DCE DFS DCE DFS Version 3.0 does not support the creation and access of special devices. If you attempt to create a special device, the mknod system call returns an error status and sets errno to EINVAL. If you attempt to access an existing special device, the creat or open system call returns an error status and sets errno to ENONENT. Support of Files Larger Than 2 GB DCE DFS Version 3.0 supports access to files larger than 2 GB (up to the limits of the DFS server's underlying file system) both in homogeneous DIGITAL UNIX environments and in heterogeneous environments that include DCE DFS servers or clients that also support files larger than 2 GB. The DCE DFS for DIGITAL UNIX server allows 32-bit clean clients to access the first 2 GB of files larger than 2 GB. To a 32-bit client, files longer than 231-1 bytes appear to have a length of exactly 231-1. 4.4 Using the Kerberos Versions of telnet, rlogin and rsh During installation, if you select the option for Kerberos Version 5 support, DCE verifies installation of the Kerberos compliant utilities by modifying the /etc/initd.conf file to allow the telnetd, rlogind and rshd processes to use Kerberos enabled daemons. The rlogin, rsh and telnet client executables are not automatically installed. Instead, it is the responsibility of the system administrator to install them. When the installation of the software is complete, the inetd daemon must be restarted in order for the changes to the configuration file to take effect. All systems in the cell that are to use the Kerberos enabled tools will need to modify the registry and the Kerberos Version 5 configuration. Use the kcfg executable to make these changes. To modify the Kerberos installation such that Kerberos version 4 will interoperate with Kerberos version 5, the administrator should execute the following command: kcfg -k This command modifies the /krb5/krb.conf entries into two separate files, /krb5/krb.conf and /krb5/krb.realms and must be executed on each system in the cell. The registry must contain a principal entry that describes the host machine of the kdc server. This principal is of the form host/. This principal and the associated key table entry can be created using the following command: kcfg -p This command verifies the host entry exists and if not will create it. To use the Kerberos compliant utilities, a user must have a DCE account and execute the following steps: Invoke dce_login. Execute the command kinit -f to mark the tickets as forwardable. To use telnet, the user must set autologin. To do so, use an initialization file '.telnetrc' with 'set autologin'. The /krb5/krb.realms file must contain an entry describing each machine that will participate in the DCE realm or cell. The general format of the file is where cell name is designated without the "/./" root portion. The kcfg configuration utility creates the entry for the local machine. Other entries must be added by the DCE system administrator. For more information on how to use the Kerberos compliant utilities, refer to the DCE for DIGITAL UNIX Installation and Configuration Guide. 5. KNOWN PROBLEMS AND RESTRICTIONS 5.1 Known Problem with Split Server Configuration Split server configuration using a node running DCE for DIGITAL UNIX Version 3.0 as the Security Server and a node running Transarc or HP DCE V1.3b ECO #2 as the CDS Server is not supported in this release. A DCE Release 1.2.2 system running IBM AIX R1.2.2 cannot be configured in a split cell environment as the Security server if DCE for DIGITAL UNIX Version 3.0 is configured to run the CDS server. This problem will be corrected in a future product release. 5.2 Known Problems with Configuring a Security Server Replica In a mixed version Security server/replica environment, the Security server must be configured at the earliest DCE software revision in use. For example, you cannot configure a Security replica on a DCE for DIGITAL UNIX Version 2.x system, if the Security server is running on a DCE for DIGITAL UNIX Version 3.0 system. The Security server must be running the same or lower version of DCE as that running on the Security replica system. A security replica cannot be configured on a DCE for DIGITAL UNIX Version 3.0 system when the Security server runs on an IBM AIX R1.2.2 system. Conversely, a security replica cannot be configured on an IBM AIX DCE R1.2.2 system when the Security server runs on a DCE for DIGITAL UNIX Version 3.0 machine. This problem will be corrected in a later release. 5.3 Known Problems with the passwd_export Command When the execution of the passwd_export command is interrupted, this process leaves the /etc/passwd and the /etc/group in an unusable state. 5.4 Known Problems with Kerberos 5 and Kerberos 5 Compliant Utilities The MIT Kerberos 5 compliant version of telnet does not run on a DCE system where SIA is enabled. This problem will be corrected in a future product release. The DCE for DIGITAL UNIX Version 3.0 implementation of Kerberos 5 does not interoperate with generic Kerberos. Therefore, if a generic version of Kerberos is installed on your system, it should be removed before installing DCE Version 3.0. This problem will be corrected in a future product release. 5.5 Known Problems with CDS The command dcecp -c clearinghouse disable /.:/xxxxx renders the CDS server "Unable to Communicate". As a workaround you can recreate the clearinghouse and then issue a dcecp -c clearinghouse delete command. 5.6 Known Problems with the Example Programs The following DCE example programs will not compile in Version 3.0: PWD_MGMT, ACCOUNT, ACCOUNTC, CARD, and STACK. There is no README file associated with the DTS examples. 5.7 Public Key Storage Server Does Not Support Security Replicas The Public Key Storage Server (PKSS) was not designed to support Security Replicas as stated in the non-goals section of the PKSS RFC (RFC 94.0) from The Open Group. The dcesetup program does not allow you to configure a PKSS in a client and/or security replica environment. 5.8 Thread Stack Overflow Not Reported Calling the sec_login_valid_from_keytable routine from a thread (as is commonly done in a server's refresh identity thread) may result in a silent thread stack overflow, a SEGV, and a memory fault (core dump). This problem can be avoided by using the pthread_attr_setstacksize routine to increase the thread's stack size. This problem was seen on DIGITAL UNIX Version 4.0a (Rev. 464) where the default thread stack size (as returned by pthread_attr_getstacksize) was 21102 bytes. Increasing the stack size to 24000 bytes still resulted in stack overflow, but the increased stack size made it possible for the threads package to output an appropriate error message. Increasing the stack size to 65536 bytes corrected the stack overflow problem in our test case. NOTE: This problem could not be reproduced on DIGITAL UNIX Version 4.0b (Rev. 564) where the default thread stack size also is 21102 bytes. 5.9 Use STDERR Instead of STDOUT with dcesetup The dcesetup utility uses output from dcecp commands to verify that certain interfaces are running. When Serviceability via the routing file is turned on, dcesetup can successfully bring up all the daemons only if STDERR is specified instead of STDOUT. 5.10 Known Limitation with X500 On systems running DIGITAL UNIX Version 4.0 or higher, you can add X500 entries, however, you cannot run an X500 server. Currently, an X500 server runs on DIGITAL UNIX Version 3.0 or earlier. 5.11 Known Problems and Restrictions in DFS DCE DFS Does Not Properly Return ENOSPC DCE DFS does not properly return ENOSPC. The DCE DFS client code allows an application writing to a UNIX File System (UFS) exported by DCE DFS to pass data at 100 percent capacity. The application can write up to 111 percent capacity without generating an error. However, the file write will be incomplete. Possible System Hang or Panic on shutdown or reboot Entering the shutdown or reboot commands after either of the DCE DFS daemons dfsd or fxd is running can cause the system to hang or panic. To work around a hang: Press the hard RESET button to return to console mode. Reboot the system. Possible System Crash on a Machine on which DFS Has Been Configured into the Kernel On a machine on which DFS has been configured into the kernel but DFS has not been initialized (that is, dfssetup has not been run), the system could crash. Here are two suggested workarounds: Rebuild a kernel without the DCE Distributed File Services option. As root, patch the on-disk copy of the existing kernel file as follows (the example assumes your kernel file is named vmunix): # dbx /vmunix (dbx) px dcedfs 0x1 (dbx) patch dcedfs = 0 0 (dbx) px dcedfs 0x0 (dbx) quit Certain Commands May Not Restore DCE DFS Mount Points The cp -[rR], tar, cpio, pax, restore, and vrestore commands may not correctly restore DCE DFS mount points if the local file system is used for recovery. To avoid this problem, restore the mount points in the DCE DFS namespace (for example, /:/path). 5.12 Known Problems in SIA DCE SIA on DIGITAL UNIX does not properly charge usage against the product license. With DCE SIA enabled, the available license count is decremented when a non-root user logs in, but is not incremented when the user logs out. On a machine without an unlimited user license, the available license count will eventually be consumed. This problem will be fixed in a future release of the DIGITAL UNIX operating system. Currently, the following workarounds are available: o Disable DCE SIA before the problem occurs. O Reboot the machine whenever the license count is exceeded. O Perform all logins as root, with a subsequent su to the desired user. O Obtain an unlimited user license. When DCE SIA is enabled on DIGITAL UNIX Version 4.0b, the kdbx sum command hangs: $ echo sum | kdbx -k /vmunix A similar problem has been seen on DIGITAL UNIX Version 4.0a (464) where this command results in a threads exception in kdbx. This problem is caused by a mishandling of synchronous signals by the DECthreads package. Patch kit 6 for DIGITAL UNIX 4.0b (or equivalent) repairs this and related problems, and is a prerequisite for running DCE on DIGITAL UNIX 4.0b. When DCE SIA is used to obtain a local user's group membership list, the list of group uids obtained from the DCE Registry is not processed against the group override file. 5.13 Known Problems in DECthreads with DIGITAL UNIX, Version 4.0b DIGITAL UNIX 4.0b has a known problem with the handling of synchronous signals by the DECthreads package. For the signals traditionally representing synchronous errors in a program (such as SIGPIPE, SIGSYS, SIGSEGV, SIGBUS, SIGFPE, SIGEMT, SIGIOT, SIGILL), DECthreads catches the signal and converts it into an equivalent exception. DIGITAL UNIX 4.0b attempts to print an abort message for an unhanded exception. If an unhandled exception occurs in a libc library I/O routine, the thread causing the exception may hang in abort() because of a deadlock over an I/O mutex. Because running DCE in a DIGITAL UNIX 4.0b environment may cause errors related to the synchronous signal mishandling in DECthreads, you must install Patch kit 6 or equivalent on DIGITAL UNIX 4.0b if you plan to run DCE. If you also plan to run DCE DFS, you must also install the DFS slowfix patch. To determine what patches have been installed on a DIGITAL UNIX system look in the file called "/var/adm/patch/log/event.log". 6. CORRECTIONS TO DOCUMENTATION With the exception of the DCE for DIGITAL UNIX DFS Configuration Guide, all DCE for DIGITAL UNIX technical documentation was updated and corrected for the Version 3.0 release. The following documentation problems have been noted in the DCE man pages: Some manpages incorrectly state that the startup scripts are located in /etc/rc.d. The correct location for the startup scripts is /sbin/rc3.d The manpage for rpc_mgmt_ep_elt_inq_begin does not display correctly.