System Administration Bugs

Non-Root Applications Using All Available Swap Space Can Hang a System Or/And Cause Critical System Daemons to Die (1189666)

Non-root applications sometimes use all available swap space, which can result in a hung system or cause critical system daemons to die.

Workaround: Because the VM subsystem reserves a small amount of swap space that is in the form of physical memory for root processes, it enables system administrators to log in and kill offending user processes that have used all available swap space. Therefore, system hangs are prevented and critical system daemons can keep running.

Because non-root processes cannot reserve swap space against this pool, some non-root processes may no longer be available with ENOMEM whenever you type the df or swap -s command and a message is displayed indicating that a small amount of swap space is still available.

Auditing of the Network (nt) audit Class Can Cause System Failure (4172702)

When auditing is enabled, selecting for the network audit events (nt class) can cause the system to fail.

Workaround: Do not enable auditing for the network audit events (nt class) or all audit events (all class) for any user or for the default of all users. The Solaris 7 operating environment has neither of these classes enabled. Individual user audit is controlled in the /etc/security/audit_user file that has the form username:classes:classes. Do not enter the class at all or in either of the classes fields.

For example, do not modify an /etc/security/audit_user file with entries like

root:lo,nt:no 	
bill:all:no

Default auditing is controlled in the /etc/security/audit_control file by the flags entry that has the form flags:classes. Again, do not enter either the class all or nt in the classes field. For example, do not modify an /etc/security/audit_control file with flags entries like dir:/var/audit

 flags:nt
minfree:20
naflags:lo

This problem is addressed by the Solaris 7 10683210683 patch.