Vendor Name                             Hewlett-Packard Company


Product Name                            ONC/NFS

Text:

        "This README File contains an overview of the new/changed
        product features that were not documented in the manual.  For
        detailed information about other features, refer to the
        product's manual.  This file does not contain information about
        software changes made as a result of a Service Request; that
        information may be found in the Software Release Bulletin (SRB)
        for Release 10.0."


A. Changes to the product functionality (not documented)

         Scalable NFS 
         ============
        
         NEW FEATURE
         --------
        
         10.0 ONC/NFS provide a scalable NFS product for MP systems.
        
        
        
         RPC header file changes.
         ========================
        
         NEW FEATURE
         -----------
        
        
         The RPC header files, /usr/include/rpc, have been changed to support
         ANSI C and C++ compilations.
        
        
        
         automount
         =========
        
         NEW FEATURES
         ------------
        
        
         Automounter is now required to have a netgroup entry that
         matches the netgroup entry on the NFS server in order to 
         mount the exported file system.
        
        
        
         stdhosts
         ========
        
         NEW FEATURES
         --------
        
         stdhosts will print the follow warning message to stderr if
         the first entry on a line in /etc/hosts does not have the
         correct syntax for an IP address.  The lines that are printed
         are:
        
         stdhosts: Warning: malformed line ignored:
         <  the line in question. >
        
         This line should be corrected so that it begins with a valid
         syntax IP address or a comment (#) character.
        
        
        
         rpc.yppasswdd
         =============
        
         NEW FEATURES
         ------------
        
         rpc.yppasswdd will now cd into /var/yp and issue a make command
         instead of the ypmake command.
        
        
        
         nis.client (control script)
         ==========
        
         NEW FEATURES
         ------------
        
         nis.client will no longer unset the domainname if a ypserv
         process can not be found that supports the configured domain.
        
        
        
        
         
         ypbind
         ======
        
         NEW FEATURES
         --------
        
         ypbind will no longer allow a customer to issue a ypset unless the
         -ypset option is used on the command line.
        
         The following security features have been added:  The file /etc/secureservers,
         if it exists, contains a list of IP addresses that the binder will accept
         communications from.  The -s option on the command line requires that
         the NIS server will be using a reserved port.
        
         /var/yp/binding files.  These files contain binding information to the
         ypserv process that is serving the clients domain.  This is a performance
         enhancement to lessen the number of RPC calls between application and NIS.
         
         Changes will be documented in ypserv(1M).
        
        
        
         ypserv
         ======
        
         NEW FEATURES
         ------------
        
         The ypserv on the master will not re-open a map until a push request for
         that map is generated.  (i.e. A ypmake NOPUSH=1 passwd, will not cause
         the ypserv on the master to re-open the passwd maps.  A ypmake passwd
         will)
        
         The follow security feature has been added:  The file /etc/securenets,
         if it exists, contains a list of IP addresses the the server will accept
         communications from.  If a map contains the SECURE key, see makedbm, only
         requests from reserved ports will be allowed access to the map.
        
         Changes will be documented in ypserv(1M)
        
        
        
         ypxfrd
         ======
        
         NEW Daemon
         ----------
        
         Provides faster transfer of maps between Slave and Master.
         This daemon also uses the /etc/securenets file, for security.
         See ypserv.
         
         Will be documented in ypserv(1M)
        
        
         ypxfr
         =====
        
         NEW FEATURE
        
         Will attempt to contact the ypxfrd before ypxfr on the master.  Will
         generate a warning if ypxfrd is not available, however the transfer
         will take place using ypxfr.
        
         message: "(info) master, domain, map ypxfrd getdbm failed (reason = status)
                    using ypxfr"
        
        
        
         rpc.ypupdated
         =============
        
         NEW Daemon
         ----------
        
         Provide a secure mechanism, via secure RPC, for updating a NIS map's
         source file on the NIS master and regenerating the appropriate map(s).
        
         rpc.ypupdated will invoke make in /var/yp instead of ypmake.
        
         Will be documented in ypupdated(1M)
        
        
        
         keyserv
         =======
        
         NEW Daemon
         ----------
        
         Stores the private encryption keys of all users logged into the system.
         This Daemon is part of the secure RPC enhancement.
        
         Will be documented in keyserv(1M)
        
        
        
         keyenvoy
         ========
        
         NEW executable
         --------------
        
         Used by Secure RPC/keylogin/keylogout  to communicate with the keyserv 
         daemon.
        
         Will be documented in keyenvoy(1M)
        
        
        
         keylogin
         ========
        
         NEW executable
         --------------
        
         Used to register the users private key with keyserv.
        
         Will be documented in keylogin(1)
        
        
        
         keylogout
         =========
        
         NEW executable
         --------------
        
         Used to unregister the users private key with keyserv.
        
         Will be documented in keylogout(1)
        
        
        
         newkey
         ======
        
         NEW executable
         --------------
        
         Used to generate a DES public/private key pair.  Will cause NIS maps to
         be updated.
        
         newkey will invoke cd in /var/yp and issue a make instead of ypmake.
        
         Will be documented in newkey(1M)
        
        
        
         chkey
         =====
        
         New executable
         --------------
        
         Used to change a DES public/private key pair.  Will cause NIS maps to be
         updated and uses Secure RPC.
        
         Will be documented in chkey(1M)
        
        
        
         ypinit
         ======
        
         NEW FEATURES
         ------------
        
         Will generate the mail.aliases, mail.byaddr, netid.byname,
         publickey.byname, and auto.master maps by default.
        
         Will now cd into /var/yp and issue the make command instead
         of ypmake.
        
         Changes will be documented in ypinit(1M)
        
        
        
         ypmake
         ======
        
        
        
         NEW FEATURES
         ------------
        
         ypmake can now generate the mail.aliases, mail.byaddr, netid.byname,
         publickey.byname, auto.master, ethers.byaddr  and ethers.byname maps.
        
         Changed rpc.byna map to be rpc.byname for file systems that support
         long names.
        
         Changes will be documented in ypmake(1M)
        
         ypmake will still exist but all programmatic map generation will
         occur via make instead of ypmake.  See ypinit, yppasswdd and
         ypupdated.
        
        
         makedbm
         =======
        
         NEW FEATURES
         ------------
        
         makedbm has added two new command line options.  -s places the secure
         key into the map.  This restricts access to the map by allowing only
         requests from reserved ports to be processed by ypserv.  The -b
         option places the interdomain key into the map.  This key is only
         used by the host.byname and host.byaddr maps.  This key will allow
         ypserv to use DNS if no match for the request is found in the map.
        
         changes will be documented in makedbm(1M)
        
        
        
         yp_update (domain, map, op, key, keylen, data, datalen)
         =========
        
         NEW libc FEATURE
         ----------------
        
         Client call used to communicate with the rpc.ypupdated daemon on the master.
         The information in data is written to the map's source file.
        
         Will be documented in ypupdate (3N)
        
        
        
         yp_softbind(domain, x)
        
         NEW libc FEATURE
         ----------------
         
         Client call that will try to bind to the specified "domain", "x" number
         of times.  The yp_bind() function call will try forever to bind to the
         specified "domain".  This new function allows the user to give up after
         "x" attempts.  There will be no mention of this function in the manpages.
        
        
        
         NIS Configuration
         =================
        
         NEW FEATURE
         -----------
        
         NIS configuration has been modified to start the ypxfrd process on all
         NIS masters and slaves, the rpc.ypupdated on all Masters and the keyserv
         process on all machines.
        
         NIS configuration has also been modified to allow the user to customize
         what action a client should take if a NIS server is not found.  The user
         can force the client to wait for a server, or allow the client to boot
         without NIS.
        
        
        
         RPCGEN
         ======
        
         Features
         --------
         RPCGEN is the protocol compiler for RPC client/server application.
         RPCGEN for HP-UX 10.0 is a equivalent of RPCGEN of Sun's RPC 4.2. New
         RPCGEN is capable of generating more complicated server stub compatible
         with inetd(1m) and in addition, is capable of generating RPC dispatch
         table that is usually used by complex server program. See new manpage
         of rpcgen(1) for detail.
         
         Also fixed minor problem in RPCGEN output files that caused an error
         in ANSI C compiler.
        
         Summary of Change
         -----------------
         Several new command line options has been added to RPCGEN (-D, -I, -K,
         -L, -T,-t ). Other command line options are still left unchanged and
         are fully compatible with old RPCGEN. See New manpage of rpcgen(1)
         for detail.
        
         Impact
         ------
         New RPCGEN is fully compatible with old version if no new command line
         option are used. With use of new command line option, user can generate
         more complicated server stub and/or creating more useful data structure.
        
         Delta information for S700 and S800
         -----------------------------------
         RPCGEN works the same on both S700 and S800.
        
         Obsolescence
         ------------
         NLS feature is now unsupported.
        
        
         RPC
         ===
        
         New Feature
         -----------
         Added a function from ONC 4.2, clnt_create_vers().  This expands the
         library of rpc calls for rpc applications.  The new routine is
         documented in rpc_clnt_create(3C) manpage.
        
        
         Secure RPC
         ==========
        
         New Feature:  Summary of Change
         -------------------------------
         The Secure RPC mechanism adds encryption of credentials and 
         credentials validation to the standard RPC authentication system. 
         Previously, authentication capabilities were restricted to Unix 
         authentication or none. 
         
         Secure RPC is accessible for RPC application programmers. 
         The library routines for secure remote procedure calls are:
                authdes_create()
                authdes_getudred()
                get_myaddress()
                getnetname()
                host2netname()
                key_decryptsession()
                key_encryptsession()
                key_gendes()
                key_setsecret()
                netname2host()
                netname2user()
                user2netname()
         These routines are documented on the secure_rpc(3c) manpage.
                
         Secure RPC has a dependency upon NIS to distribute public and 
         private keys across the network. These keys are used as 
         credentials that are required in Secure RPC transactions. 
         
         Impact
         ------
         The addition of Secure RPC does not have any impact upon existing
         RPC applications.  Secure NFS, based upon Secure RPC, is not 
         included in this release.
         
         Delta information for S700 and S800
         -----------------------------------
         Secure RPC works the same on both S700 and S800.
        
        
         NFS and NIS Startup and Configuration
         =================
        
         The startup scripts /etc/netnfsrc and /etc/netnfsrc2 have been
         replaced by /sbin/init.d/nfs.core, /sbin/init.d/nfs.client,
         /sbin/init.d/nfs.server, /sbin/init.d/nis.client, and
         /sbin/init.d/nis.server.  These startup scripts can be repeatedly
         started on the system with no known side effects.  They can also be
         used to stop the daemons and restart them without rebooting.
         
         In the past variables were in the /etc/netnfsrc and /etc/netnfsrc2
         files.  Now the variables are in /etc/rc.config.d/nfsconf for NFS
         configuration parameters, and in /etc/rc.config.d/namsvrs for NIS
         configuration parameters.  
         
         Administrators are no longer allowed to modify startup scripts directly.
         All configuration parameters should be modified in the files in
         /etc/rc.config.d .
         
        
         Dynamic READ/WRITE Sizing and Dynamic Retransmission.
         ======================================================
         New feature.
        
         When accessing a mount point if NFS has do retransmit a packet, it
         will downsize to a 512 byte packet, and keep doubling until it gets
         back to the original size of the reads and writes for the mount point.
         
         When transmitting data, NFS will try to keep the rough average and
         deviation of the time it takes to transmit a packet to the server of
         the mount point.  When retransmission is necessary it will use this
         average and deviation as the base point for setting the retransmission
         timer.  Use the nfsstat -m feature to display the current timer
         values, and rough average and deviation.
        
        
         NFS COMMANDS
         ============
        
         nfsstat 
         -------
        
         Added new parameter -m to nfsstat.
        
             -m   Display statistics for each NFS mounted file system.  This
                  includes the server name and address, mount flags, current
                  read and write sizes, the retransmission count, and the
                  timers used for dynamic retransmission.  The srtt value
                  contains the smoothed round trip time, the dev value
                  contains the estimated deviation, and the cur value is the
                  current backed-off retransmission value.
        
        
         /etc/exports
         ------------
        
         There is no limitation on the line length in the /etc/exports file.
        

B. Documentation Errata/Changes in procedures 

        N/A
        
C. "Read before installing" information/Release Notes

        N/A
        
D. Other considerations not described in the sections above.

         The ypserv -d options has a defect that can cause an
         application to hang on a host lookup, if DNS is not
         configured properly and the host name is not in the NIS
         map(s) host.byname/host.byaddr.

         The rpc.yppasswdd will not update the gecos or shell fields.
         This will only occur if SUN clients attempt to update the
         gecos or shell fields, using passwd, chfn, chsh, yppasswd,
         ypchfn, ypchsh.

         The login and passwd commands have not been modified to
         support the DES public/private key pairs.  You must use
         keylogin in order to store the users private key in the
         keyserv process.










