ESX Server 3.0.1, Patch ESX-1004823: VCB Command-Line Utilities Might Contain Passwords (1004823)
VMware Consolidated Backup command-line utilities accept the user password through the -p command-line option. Users logged into the service console can gain access to the username and password used by VCB command-line utilities when such commands are running.
This patch resolves this issue by providing an alternative way of passing the password used by VCB command-line utilities.
a. The password is specified in /etc/backuptools.conf (PASSWORD=xxxxx), and -p is not used in the command line.
b. No password is specified in /etc/backuptools.conf and the -p option is not used in the command line. The user will be prompted for entering the password.
Download and verify the patch bundle as follows:
- Download patch ESX-1004823 from http://www.vmware.com/download/vi/vi3_patches.html .
- Log in to the ESX Server service console as root.
- Create a local depot directory.
# mkdir -p /var/updates
Note: VMware recommends that you use the updates directory.
- Change your working directory to /var/updates.
# cd /var/updates
- Download the tar file into the /var/updates directory.
- Verify the integrity of the downloaded tar file:
# md5sum ESX-1004823.tgz
The md5 checksum output should match the following:
- Extract the compressed tar archive:
# tar -xvzf ESX-1004823.tgz
- Change to the newly created directory, /var/updates/ESX-1004823:
# cd ESX-1004823
After you download and extract the archive, and if you are in the directory that you previously created, use the following command to install the update:
# esxupdate update
To run esxupdate from a different directory, you must specify the bundle path in the command:
# esxupdate -r file://<directory>/ESX-1004823 update
For example, if the host is called depot:
# esxupdate -r file:///depot/var/updates/ESX-1004823 update
During the update process, logs appear on the terminal. You can specify the verbosity of esxupdate logs by using the -v option as shown, below.
# esxupdate -v 10 file://<directory>/ESX-1004823 update
For more information on how to use esxupdate, see the Patch Management for ESX Server 3 tech note at http://www.vmware.com/pdf/esx3_esxupdate.pdf .