Patch Name: PHCO_27789

Patch Description: s700_800 11.00 id(1) cumulative patch

Creation Date: 02/08/28

Post Date:  02/09/09

Hardware Platforms - OS Releases:
	s700: 11.00
	s800: 11.00

Products: N/A

Filesets:
	OS-Core.CMIN-ENG-A-MAN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP
	OS-Core.CMDS-MIN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP

Automatic Reboot?: No

Status: General Release

Critical: No

Category Tags:
	defect_repair general_release

Path Name: /hp-ux_patches/s700_800/11.X/PHCO_27789

Symptoms:
	PHCO_27789:
	1. When id(1) is invoked with an illegal option ,
	   it displays an error message along with the
	   details of the invoking user.

	2. When id(1) is invoked with the real user id or
	   effective user id set to zero , it displays an
	   error message "setgroups: Not owner"

	3. id(1) with a <user> argument displays the
	   supplementary group information of invoking user
	   instead of the specified user.

Defect Description:
	PHCO_27789:
	1. When id(1) is invoked with an illegal option, it
	   flashes an error message, along with the details
	   of the invoking user displayed. This was because
	   of the non implementation of the Usage function.

	   Here are the steps to reproduce the problem:

	   $ id -k     <-- illegal option
	   id: illegal option -- k
	   uid=202(user1) gid=60(group1) groups=21(group2)

	Resolution:
	   The code has been modified to display the usage
	   and error messages for the illegal option and exit.

	2. When either of real user id or effective user id is 0,
	   id(1) tries to initialize the group access list. But
	   for this, effective user id must be 0 irrespective of
	   real user id.

	   Here are the steps to reproduce the problem:

	a.set the setuid bit of the file /usr/bin/id being the
	  superuser
	  # chmod 4555 /usr/bin/id

	b.Now execute the id command as a superuser and it
	   displays the error message.
	  # id
	setgroups: Not owner
	uid=0(root) gid=0(root) euid=2(bin) groups=60(ssgrp),21(vts)

	Resolution:
	   Instead of the real user id , the effective user id is
	   verified to be zero to resolve this defect.

	3. id(1) with <user> argument, displays the uid and gid
	   information for the user supplied as argument, but the
	   supplementary groups affiliations are those of the
	   invoking users. If the invoking user is not a superuser,
	   then id(1) used to get the supplementary group
	   affiliations of invoking user.

	   Here are the steps to reproduce the problem:

	   $ whoami
	   user1
	   $ id user2
	   uid=630(user2) gid=631(group2) groups=630(group1)

	   Here user1 is affiliated to group1, and not user2.

	Resolution:
	   The code has been modified to take care that id(1) gets
	   the supplementary group information of the supplied
	   argument <user> to resolve this defect. The reference
	   for super-user privilege for id <user> has been removed.

SR:
	8606187373 8606266531 8606267593 5003427062 8606237151

Patch Files:
	
	OS-Core.CMIN-ENG-A-MAN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,
		v=HP:
	/usr/share/man/man1.Z/id.1

	OS-Core.CMDS-MIN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP:
	/usr/lib/nls/msg/C/id.cat
	/usr/bin/id

what(1) Output:
	
	OS-Core.CMIN-ENG-A-MAN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,
		v=HP:
	/usr/share/man/man1.Z/id.1:
		None

	OS-Core.CMDS-MIN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP:
	/usr/lib/nls/msg/C/id.cat:
		None

	OS-Core.CMDS-MIN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP:
	/usr/bin/id:
		$Revision: 80.2.1.6 $
		PATCH_11_00: id.o 02/08/28

cksum(1) Output:
	
	OS-Core.CMIN-ENG-A-MAN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,
		v=HP:
	3253471388 2086 /usr/share/man/man1.Z/id.1

	OS-Core.CMDS-MIN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP:
	3963292531 485 /usr/lib/nls/msg/C/id.cat

	OS-Core.CMDS-MIN,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP:
	2679792598 20480 /usr/bin/id

Patch Conflicts: None

Patch Dependencies: None

Hardware Dependencies: None

Other Dependencies: None

Supersedes: None

Equivalent Patches: None

Patch Package Size: 50 KBytes

Installation Instructions:
	Please review all instructions and the Hewlett-Packard
	SupportLine User Guide or your Hewlett-Packard support terms
	and conditions for precautions, scope of license,
	restrictions, and, limitation of liability and warranties,
	before installing this patch.
	------------------------------------------------------------
	1. Back up your system before installing a patch.

	2. Login as root.

	3. Copy the patch to the /tmp directory.

	4. Move to the /tmp directory and unshar the patch:

		cd /tmp
		sh PHCO_27789

	5. Run swinstall to install the patch:

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -s /tmp/PHCO_27789.depot

	By default swinstall will archive the original software in 
	/var/adm/sw/save/PHCO_27789.  If you do not wish to retain a
	copy of the original software, include the patch_save_files
	option in the swinstall command above:

		-x patch_save_files=false

	WARNING: If patch_save_files is false when a patch is installed,
		 the patch cannot be deinstalled.  Please be careful
		 when using this feature.

	For future reference, the contents of the PHCO_27789.text file is 
	available in the product readme:

		swlist -l product -a readme -d @ /tmp/PHCO_27789.depot

	To put this patch on a magnetic tape and install from the
	tape drive, use the command:

		dd if=/tmp/PHCO_27789.depot of=/dev/rmt/0m bs=2k

Special Installation Instructions: None