These programs are distributed in the hope that they will be useful,
but without any warranty; without even the implied warranty of
merchantability or fitness for a particular purpose. You use
these programs at your own risk. The author disclaims responsibility for
any damages that might result from the use of these programs, even
if the damages result from negligence on the part of the author.

Please don't use these program to steal software. The intended use is 
for emergency situations where an application has to be moved from 
one computer to another (e.g. in the event of a hardware malfunction) 
and licence keys cannot be obtained quickly from the vendor or when
your NVRAM gets wiped out by some unfortunate accident.

Please send bug reports to Mark Henderson <mch@squirrel.com>

----------------------------------------------------------------------
I've included several programs which do different things. All other than
the nvram modifiers nvram.c (nvram_old.c) essentially spoof the 
operating system into believing the system has different hostid
than it really does.

Basically I'll break them down as follows:
1. hid.c, hid_solaris2.c, sethostid-simple-4.1, sethostid-simple-5.x, hid2.c
   These modify the kernel so that a different hostid is returned by
     gethostid and sysinfo.
   The first two (hid.c, hid_solaris2.c) just patch a few bytes into
     the kernel to achieve the desired effect.
   sethostid-simple-4.1 and sethostid-simple-5.x add a sethostid system
     call to the kernel which takes one parameter (the desired hostid).

   Limitations: 
        1. All processes on the system will report the same hostid.
        2. Clever programs can figure out that the kernel is reporting
           a "fake" hostid. There are a couple of ways of validating
           this. Two I know are: 
                Solaris 2.3 only - look at _idprom in the kernel
                Solaris 1.1 and 2.3 - use the openprom interface to 
                    get the idprom property. (see getobphostid.c)

2. hostid-by-egid-solaris2, hostid-by-egid-modload, hostid-by-egid, run
    These modify the kernel so that a different hostid is returned by
      gethostid and sysinfo if the process is a member of certain groups
      or has egid in this set of groups.
    This allows you to have multiple hostids on a single machine. For instance
      process A which is in group 900, might see hostid 0x23000000 and process
      B in group 901 might see hostid 0x80000000
    run.c is a simple program which executes a command with a group added
      to its membership list.

    Limitations: as with the above clever programs can try and defeat you.

3. newhostid, sidump.c, sysinfo.c, sidump_old.c, newhostid.old
    These spoof hostid using the LD_PRELOAD environment variable. Allows
    a system to appear to have multiple hostids. You don't even need to 
    have root access to do this.

    Limitations: 
        1. as with the above clever programs can try and defeat you.
        2. only works for dynamically linked executables.

4. nvram.c, nvram_old.c, nvram.info, nvram-sol2.c
    Instructions and software to modify the hostid in NVRAM for 
    sun4m, sun4c. Really allows you to modify your hostid. Also 
    some experimental support for sun4d.

    Limitations:
         - You need to be very careful with this. In particular, you
           can't just change your hostid to an arbitary value. Read 
           the instructions carefully.

One comment about clever programs. You can often defeat the extended
hostid checking they might do. In particular you can spoof the openprom
ioctl interface with these techniques by writing a wrapper around the
system ioctl.

Applicability:


                            4.1.x  4.1.x  5.3-5.5  Notes
                            sun3   sun4  sun4 x86  
getobphostid.c               X       X     X
hid.c                                X       
hid_solaris2.c                             X   X  probably not 5.5.1
hid2.c                                     X   X  this one works with 5.5.1
hid_solaris2x86.c                              X  
hostid-by-egid               X       X 
hostid-by-egid-modload       X       X
hostid-by-egid-solaris2                    X   X 
newhostid                    X       X     X   X
nvram.c,chenet.c             X       X            sun3x, sun4c, sun4m only
nvram-sol2.c                               X      solaris 2.4, sun4c, sun4m
nvram.info                   X       X     X      sun 3/80, sun4c/m/d
run                          X       X     X   X  for use with egid stuff
sethostid-simple-4.1         X       X
sethostid-simple-5.x                       X   X
sidump.c                     X       X
sysinfo.c                                  X   X
dloverlay.c                  X       X            hostid/date and more
spoof-solaris2                             X   X
spoof-solaris1               ?       X            ? = should be ok, untested
sysinit                                        X  only tested with 5.5 x86


---
Now for some detailed instructions.

----------------------------------------------------------------------

hid.c (Solaris 1.x only)
- change hostid reported by Solaris 1.x/SUN OS 4.1.x gethostid

1. compile hid.c
    e.g. cc -o hid hid.c
2. run hid with your desired hostid and it will output
   a script to stdout that will change the value reported by
   gethostid
    e.g. for hostid b0b1fb0b  (hex)
         ./hid b0b1fb0b >script.sh
         sh script.sh

    Unless your system security is terrible, you will have to run
    script.sh as root.

    or simply (as root)
        ./hid b0b1fb0b | sh

3. Rebooting will undo this change, if you want to make it permanent,
   you have two options
   a. just place the script output by hid in your /etc/rc.local
      file

   the script will look something like:

    #!/bin/sh
    # this script sets the hostid to b0b1bb0b
    adb -w -k /vmunix /dev/mem <<END
    _gethostid+4/W 112c2c6e
    _gethostid+8/W 9012230b
    END

    b. Modify hid so that the "/W" in the output is "?W" or just
       modify the file I call script.sh above. This writes 
       the changes to your /vmunix file instead of just to the in-core
       kernel image.

    Make a backup copy of your /vmunix before you try this.
    
    e.g.

    #!/bin/sh
    # modified output from "hid b0b1fb0b"
    # this script modifies /vmunix so that gethostid always reports b0b1fb0b
    adb -w -k /vmunix /dev/mem <<END
    _gethostid+4?W 112c2c6e
    _gethostid+8?W 9012230b
    END
   
    Note that you always input the hostid in hexadecimal, without a leading
    0x. hid doesn't do a sanity check on its parameter, so you need to
    be careful about the exact form of this parameter.

    There are some more technical details in the comment at the beginning
    of hid.c

----------------------------------------------------------------------

hid_solaris2.c (Solaris 2.3-2.5 - I don't know about other 2.x versions)
- change hostid reported by Solaris 2.3-2.5 gethostid and sysinfo
- as an alternative you can use hid2.c

1. Compile hid_solaris2.c to make the binary hid
    gcc -o hid hid_solaris2.c
    (or use another compiler)

2. run hid with your desired hostid and it will output
   a script to stdout that will change the value reported by
   gethostid
    e.g. for hostid b0b1fb0b  (hex)
         ./hid b0b1fb0b >script.sh
         sh script.sh

    Unless your system security is terrible, you will have to run
    script.sh as root.

    or simply (as root)
        ./hid b0b1fb0b | sh

3. Rebooting will undo the change. If you want to make it "permanent",
   i.e. have this new hostid every time your reboot, put the output
   from hid in one of the system startup files.

----------------------------------------------------------------------
hid2.c (Solaris 2.4, 2.5, 2.5.1) and the precompiled SPARC binary hid2 for 2.5
modifies hostid by writing into hw_serial in /dev/kmem

1. (Optional) Compile hid2.c into hid2 by gcc -o hid2 hid2.c -lelf
2. su to root
3. hid2 <desired hostid in hex>     
e.g.
   hid2 c0ffee00

e.g.
$ gcc -o hid2 hid2.c -lelf
$ su
Password: 
# ./hid2 c0ffee00
current hostid is 0x55555555
setting hostid to 0xc0ffee00
# hostid
c0ffee00
# lmhostid
lmhostid - Copyright (C) 1989-1994 Globetrotter Software, Inc.
The FLEXlm host ID of this machine is "c0ffee00"


----------------------------------------------------------------------

sidump.c (Solaris 2.3-5/1.x)

modify hostid reported by gethostid and sysinfo for Solaris 2.3 
   dynamically linked non-setuid/setgid binaries. You do not need
   to be root for this.

new for 0.8.8 - you can override the desired hostid on a per process
  basis by setting the environment variable HID to the desired hostid
  in hex - as usual - with no leading 0x
  e.g. export HID=fedc1234   (ksh)
       setenv HID "fedc1234" (csh)

Instructions:

Solaris 1.x
1. compile this program
    cc -o sidump sidump.c  (or use gcc)
2. run it with the desired hostid as the first parameter and save the output
    in a file with the extension .c 
    ./sidump b0b1fb0b >foo.c
3. make foo.o from foo.c
      gcc -fpic -c foo.c
      ld foo.o  -assert pure-text -o foo.so
   OR
      cc -PIC -c foo.c
      ld foo.o -assert pure-text -o foo.so
4. export LD_PRELOAD=$PWD/foo.so      (ksh)
   setenv LD_PRELOAD $PWD/foo.so      (csh)
5. run the desired program

here's a sample session
feral> cc -o sidump sidump.c
feral> ./sidump b0b1fb0b >foo.c
feral> cc -PIC -c foo.c
feral> ld -assert pure-text foo.o -o foo.so
feral> export LD_PRELOAD=$PWD/foo.so
feral> lmhostid
feral> lmhostid - Copyright (C) 1989, 1991 Highland Software, Inc.
The FLEXlm host ID of this machine is "b0b1fb0b"
feral> export HID=72000000
feral> lmhostid
lmhostid - Copyright (C) 1989, 1991 Highland Software, Inc.
The FLEXlm host ID of this machine is "72000000"

--------------
Solaris 2.x

1. compile this program
    gcc -DSOLARIS2 -o sidump sidump.c
2. run it with the desired hostid as the first parameter and save the output
    in a file with the extension .c 
    ./sidump b0b1fb0b >foo.c
3. make foo.o from foo.c
      gcc -fpic -c foo.c
      ld foo.o  -G -o foo.so
   OR
      /opt/SUNWspro/bin/cc -Kpic -c foo.c
      /usr/ccs/bin/ld foo.o  -G -o foo.so
4. export LD_PRELOAD=$PWD/foo.so      (ksh)
   setenv LD_PRELOAD $PWD/foo.so      (csh)
5. run the desired program

here's a sample session:

ratatosk> gcc -o sidump sidump.c
ratatosk> ./sidump b0b1fb0b >foo.c
ratatosk> gcc -fpic -c foo.c
ratatosk> ld foo.o  -G -o foo.so
ratatosk> export LD_PRELOAD=$PWD/foo.so
ratatosk> hostid
b0b1fb0b
ratatosk> lmhostid
lmhostid - Copyright (C) 1989, 1991 Highland Software, Inc.
The FLEXlm host ID of this machine is "b0b1fb0b"
ratatosk> export HID=72000000
ratatosk> lmhostid
lmhostid - Copyright (C) 1989, 1991 Highland Software, Inc.
The FLEXlm host ID of this machine is "72000000"

--
To undo this just unset LD_PRELOAD. This only effects processes
for which LD_PRELOAD points to the object you create.


----------------------------------------------------------------------

sysinfo.c (Solaris 2.3 & later)

modify hostid reported by gethostid and sysinfo for Solaris 2.3 
   dynamically linked non-setuid/setgid binaries. You do not need
   to be root for this.

the major advantage of sysinfo.c over sidump is that a single copy of the
shared library can be used on any machine of the same CPU type (SPARC or
Intel).  this is done without invoking the compiler and linker each time, as
newhostid does, while providing complete sysinfo() emulation, like sidump.

Instructions:

Solaris 2.x

1. make sysinfo.o from sysinfo.c
      gcc -O2 -fpic -c sysinfo.c
      cc -O -K pic -c sysinfo.c
      ld sysinfo.o -G -o sysinfo.so
2. export LD_PRELOAD=$PWD/sysinfo.so      (ksh)
   setenv LD_PRELOAD $PWD/sysinfo.so      (csh)
2. export SI_HW_SERIAL=1234567890      (ksh)
   setenv SI_HW_SERIAL 1234567890      (csh)
4. run the desired program

here's a sample session:

ratatosk> gcc -fpic -c sysinfo.c
ratatosk> ld sysinfo.o -G -o sysinfo.so -ldl -lc
ratatosk> export LD_PRELOAD=$PWD/sysinfo.so
ratatosk> export SI_HW_SERIAL=3237998146
ratatosk> hostid
c0ffee42
ratatosk> lmhostid
lmhostid - Copyright (C) 1989, 1991 Highland Software, Inc.
The FLEXlm host ID of this machine is "c0ffee42"

--
To undo this just unset LD_PRELOAD or SI_HW_SERIAL. This only affects processes
for which LD_PRELOAD points to the object you create and for which SI_HW_SERIAL
is set.


---------------------------------------------------------------------
newhostid - Solaris 2.3 and Solaris 1.1
Again only for dynamically linked non setuid/setgid binaries.
  Run a single command "with a different hostid"

Simply type
newhostid Base10Hostid command [args]

e.g.
for hostid 72000000 (Hex) type
newhostid 1912602624 command arg1 arg2 arg3 ...

An older version for Solaris 1.1 only is also provided in newhostid.old
the syntax for this one is slightly different, just
newhostid 72000000 command arg1 arg2 arg3 ...
to run command with hostid 72000000 (all in hex)

You may need to change the patch for gcc in the script.

---------------------------------------------------------------------
nvram.c
get/change hostid in NVRAM -- Solaris 1.1 and Sun4c or Sun4m only

This program is still experimental. Dangerous and tricky stuff.  If you
are unwilling to experiment and clean up after disasters don't use it.
USE AT YOUR OWN RISK.  If this program malfunctions or it is misused,
you can get your Sun into a state where it will not boot, even from
CDROM. In particular, you should avoid changing the most significant
byte of your hostid which identifies your system type on many Sun
models.

1. Read the complete instructions before you proceed. You should
   probably also read nvram.c

2. compile nvram
   cc -o nvram nvram.c

2a. If you aren't already root, become root

3. Run nvram without any parameters.
If it fails with some bizarre error message, then your architecture
is not supported. If you don't mind hacking the kernel you can probably
hack in support for your architecture.  If you send me mods I'll fold
them in to the distribution.  

It should suggest a few adb commands to execute to make a kernel 
modification.

4. Run nvram again without any parameters.  It just prints out the
hostid and hw ethernet address.  Check this against the arp tables on
another machine or against the information displayed on boot. If it is
not correct, do not proceed with the next step.

5. now you can try and modify the hostid by running
nvram with the desired hostid as the second parameter (without 0x)
e.g.
nvram b0b1fb0b

6. reboot (and cross your fingers).

---------------------------------------------------------------------

nvram-sol2.c
get/change hostid in NVRAM -- Solaris 2.4 only

(68/11)

This program is still experimental. Dangerous and tricky stuff.  If you
are unwilling to experiment and clean up after disasters don't use it.
USE AT YOUR OWN RISK.  If this program malfunctions or it is misused,
you can get your Sun into a state where it will not boot, even from
CDROM. In particular, you should avoid changing the most significant
byte of your hostid which identifies your system type on many Sun
models.

1. Read the complete instructions before you proceed. You should
   probably also read nvram-sol2.c

2. compile nvram
   /opt/SUNWspro/bin/cc -o nvram-sol2 nvram-sol2.c -lelf

2a. If you aren't already root, become root

2b. If you are running a sun4c machine skip to step 3.
If you are running a sun4m machine, go to a sun4c machine running
Solaris 2.4 or 2.5 as appropriate and grab the file /kernel/drv/eeprom
(solaris 2.4) or /platform/sun4c/kernel/drv/eeprom (solaris 2.5)
and put it in /kernel/drv/eeprom on the new machine. Alternatively
you can get the eeprom module by mounting your Solaris 2.4 distribution
media and grabbing the file
/cdrom_root_dir/export/exec/kvm/sparc.sun4c.Solaris_2.4/kernel/drv/eeprom
or for Solaris 2.5
/cdrom_root_dir/export/exec/kvm/sparc.Solaris_2.5/platform/sun4c/kernel/drv/eeprom

now go back to your sun4m machine and execute the following
mknod /dev/eeprom c 68 11
/usr/sbin/modload /kernel/drv/eeprom 

(obviously I can't distribute the Sun eeprom module, but it is included by
default on sun4c machine and not on sun4m machines. The driver included
with the sun4c installation of Solaris 2.4 is smart enough to deal with the 
differences between the two machines)

3. Run nvram-sol2 without any parameters.
If it fails with some bizarre error message, then your architecture or
OS is not supported. If you don't mind hacking the kernel you can
probably hack in support for your architecture.  If you send me mods
I'll fold them in to the distribution.

It should suggest a few adb commands to execute to make a kernel 
modification. 

It may also suggest that you need to load the eeprom module, in which case 
you should do so and repeat this step.

4. Run nvram-sol2 again without any parameters.  It just prints out the
hostid and hw ethernet address.  Check this against the arp tables on
another machine or against the information displayed on boot. If it is
not correct, do not proceed with the next step.

5. now you can try and modify the hostid by running
nvram with the desired hostid as the second parameter (without 0x)
e.g.
nvram-sol2 b0b1fb0b

6. reboot (and cross your fingers).

---------------------------------------------------------------------
hostid-by-egid

see hostid-by-egid/README. I've only tested this on a Sparc LX running
Solaris 1.1C
---------------------------------------------------------------------
hostid-by-egid-modload

This is similar to hostid-by-egid but you don't have to go off and 
completely recompile your kernel. It loads a new system call using 
modload. You can restore your system state with modunload.

see hostid-by-egid-modload/README. I've only tested this on a Sparc 
LX running Solaris 1.1C

---------------------------------------------------------------------
hostid-by-egid-solaris2

Version of hostid-by-egid-modload for Solaris 2.3/2.4
see hostid-by-egid-solaris2/README.

---------------------------------------------------------------------
spoof-solaris1, spoof-solaris2

spoof-solaris1 and spoof-solaris2 are modified versions of 
hostid-by-egid-modload and hostid-by-egid-solaris2 which also allow you to 
spoof the hostname. There are also instructions for spoofing the IP address 
(using ifconfig with Solaris 2, or a package called vip with Solaris 1.1)

see the README files

---------------------------------------------------------------------
sethostid-simple-4.1, sethostid-simple-5.x
see README files.
run is a convenience program which will run a command with a group id
in the range 900,...,909 added to its group list. For use with the
hostid-by-egid stuff. Works with both Solaris 1.1 and 2.3/4/5.

---------------------------------------------------------------------

nvram.info - this gives some information on modifying the NVRAM
from the Openprom monitor.

---------------------------------------------------------------------
run/run.c is useful with the hostid-by-egid* modules.
see run/README for details
---------------------------------------------------------------------
dloverlay.c 
  see the comments. Another hack to use LD_PRELOAD to override
  various system calls (includes hostid, date, hostname etc.)
  contributed by Brian S. Walden
---------------------------------------------------------------------
sysinit 
see sysinit/README


