BIG-IP 10.2.1 HF3 がリリース

BIG-IP v10.2.1 がリリースされていました。以下のように挙動が変更されたそうです。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
Behavioral Change: When Appliance Mode is licensed, the following changes occur:

    Any user that previously had access to the bash shell will now only have access to tmsh
    Only the following directories are accessible via scp:
        /config
        /shared/images
        /var/core
        /var/local/scf
        /var/local/ucs
        /var/local/wam
        /var/log
        /var/tmp
    The tmsh 'edit' command now invokes the nano editor instead of the vi editor

その他の修正は以下の通りです。

ID Description
225190 The root account home directory (/root) permissions have been modified so as to be only user readable, writable and executable.
225236 File permissions have been tightened for numerous files and directories.
225237 Options in the smb.conf file have been corrected.
225249 File permissions for cron tables and directories have been tightened.
225251 By default, new files are now only user readable and writeable.
225252 World-writable non-public directories are now better secured using the sticky-bit.
225257 The syscheck and oprofile users have the home directory properly set to '/'.
227176 The following non-interactive user accounts have been removed: "halt", "reboot", "sync" and "shutdown".
227179 The "htpasswd" utility has been removed from the system.
227180 Ownership and permissions for the web server configuration files have been fixed.
336355 The "tomcat" user no longer has access to a shell.
338154 The file permissions for syslog-ng.conf have been modified to be user and group readable only.
340033 CTRL+C now exits imish correctly when accessed through tmsh.
353934 File and directory permissions for /shared/ssh/root now have the proper umask settings.
355374 A condition where importing a UCS file containing an ASM configuration with user-defined sets could fail, leaving the configuration corrupt, has been fixed.