Patch Name: PHCO_19500 Patch Description: s700_800 11.04 (VVOS) groupadd(1M) cumulative patch Creation Date: 99/08/13 Post Date: 99/09/16 Hardware Platforms - OS Releases: s700: 11.04 s800: 11.04 Products: N/A Filesets: OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP VirtualVaultOS.VVOS-AUX-IA,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP Automatic Reboot?: No Status: General Release Critical: No Category Tags: defect_repair general_release Path Name: /hp-ux_patches/s700_800/11.X/PHCO_19500 Symptoms: PHCO_19500: 1. Ported portion of base HP-UX patch PHCO_17440 to VVOS. Specifically, groupadd(1M), groupmod(1m), and groupdel(1M). 2. If a nonprivileged user with authorization runs groupadd, the command fails with the message: "Cannot raise the writeaudit privilege". 3. If a nonprivileged user with authorization runs groupadd, and the writeaudit privilege is in the potential set of the program file, the command files to add a group with the following message: "cp: cannot create /etc/group: Permission denied". Based on HP-UX patch PHCO_17440: 1. useradd(1M) overwrites existing dot files ($HOME/.* files) even if -m option is not specified. 2. useradd(1M) changes the permission of files pointed to by symbolic links in an existing home directory. 3. useradd(1M) may dump core if certain undocumented behaviour of qsort(3) changes in future releases. Based on HP-UX patch PHCO_15221: - useradd(1M) displays and represents the year field of the dates of the next century in three digits. Defect Description: PHCO_19500: 1. Ported portion of base HP-UX patch PHCO_17440 to VVOS. Resolution: Specifically, ported only groupadd(1M). The useradd(1M), usermod(1M), and userdel(1M) commands are not supported on VVOS. 2. The writeaudit potential privilege was missing from the groupadd FCDB entry. Resolution: Created patch FCDB with a corrected groupadd entry that includes writeaudit potential privilege. 3. The groupadd command invokes 'cp' using the system() call, which execs the program without privileges. Resolution: Perform the copy of the temporary file to the /etc/group file in source instead of invoking 'cp' command. Based on HP-UX patch PHCO_17440: 1. useradd(1M) overwrites the existing dot files ($HOME/.* files) in a home directory with those in the /etc/skel directory even if the -m option is not specified. Resolution: useradd(1M) will overwrite the existing $HOME/.* files only when the '-m' option is specified. 2. If the home directory specified in the useradd(1M) command line already exists and it contains symbolic links, useradd will change the permissions of the files pointed to by the symbolic links to the new user. Resolution: Command has been modified so that only the permissions of the symbolic link is changed and not the target of the symbolic link. 3. useradd(1M) may dump core if certain undocumented behaviour of qsort(3) changes in future releases. Resolution: useradd(1M) has been modified so that it does not rely on the undocumented behaviour of qsort(3) Based on HP-UX patch PHCO_15221: - useradd(1M) displays and represents the year field of the dates of the next century in three digits. SR: 5003437574 1653285346 5003443788 4701391466 Patch Files: OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: /usr/lib/nls/msg/C/ugm.cat /usr/newconfig/etc/default/useradd /usr/sbin/groupadd /usr/sbin/groupdel /usr/sbin/groupmod VirtualVaultOS.VVOS-AUX-IA,fr=B.11.04, fa=HP-UX_B.11.04_32/64,v=HP: /etc/auth/system/files.fcdb/05.patches/19500_PHCO.fcdb what(1) Output: OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: /usr/lib/nls/msg/C/ugm.cat: None OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: /usr/newconfig/etc/default/useradd: None OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: /usr/sbin/groupadd: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Aug 21 17:47:19 EDT 1999 $ $Revision: 82.1 $ $Revision: 82.5.1.2 $ $Source: cmd/ugm/ugm_cmn.c, hpuxcmds, vvos_rose, ros e0016 $ $Date: 99/08/27 12:22:06 $ $Revision : 1.8 PATCH_11.04 (PHCO_19500) $ OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: /usr/sbin/groupdel: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Aug 21 17:47:19 EDT 1999 $ $Revision: 82.1 $ $Revision: 82.5.1.2 $ $Source: cmd/ugm/ugm_cmn.c, hpuxcmds, vvos_rose, ros e0016 $ $Date: 99/08/27 12:22:06 $ $Revision : 1.8 PATCH_11.04 (PHCO_19500) $ OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: /usr/sbin/groupmod: $Revision: Hewlett-Packard ISSL Level vvos_rose42 $ $Header: Hewlett-Packard ISSL Release vvos_r ose $ $Date: Sat Aug 21 17:47:19 EDT 1999 $ $Revision: 82.1 $ $Revision: 82.5.1.2 $ $Source: cmd/ugm/ugm_cmn.c, hpuxcmds, vvos_rose, ros e0016 $ $Date: 99/08/27 12:22:06 $ $Revision : 1.8 PATCH_11.04 (PHCO_19500) $ VirtualVaultOS.VVOS-AUX-IA,fr=B.11.04, fa=HP-UX_B.11.04_32/64,v=HP: /etc/auth/system/files.fcdb/05.patches/19500_PHCO.fcdb: $Revision: Hewlett-Packard ISSL 1.1 etc/auth/system/ files.fcdb/05.patches/19500_PHCO.fcdb, files _etc, vvos_rose, rose0016 $ $Date: 99/08/27 13:25:33 $ cksum(1) Output: OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: 1980687929 2716 /usr/lib/nls/msg/C/ugm.cat OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: 912091837 67 /usr/newconfig/etc/default/useradd OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: 3587341122 36864 /usr/sbin/groupadd OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: 3587341122 36864 /usr/sbin/groupdel OS-Core.SYS-ADMIN,fr=B.11.04,fa=HP-UX_B.11.04_32/64,v=HP: 3587341122 36864 /usr/sbin/groupmod VirtualVaultOS.VVOS-AUX-IA,fr=B.11.04, fa=HP-UX_B.11.04_32/64,v=HP: 4000677427 417 /etc/auth/system/files.fcdb/05.patches/ 19500_PHCO.fcdb Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: PHCO_17440: s700: 11.00 s800: 11.00 Patch Package Size: 80 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHCO_19500 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHCO_19500.depot By default swinstall will archive the original software in /var/adm/sw/save/PHCO_19500. If you do not wish to retain a copy of the original software, use the patch_save_files option: swinstall -x autoreboot=true -x patch_match_target=true \ -x patch_save_files=false -s /tmp/PHCO_19500.depot WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHCO_19500.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHCO_19500.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHCO_19500.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None