Patch Name: PHCO_18647 Patch Description: s700_800 10.26 audit records wrong for some commands Creation Date: 99/07/14 Post Date: 99/07/19 Hardware Platforms - OS Releases: s700: 10.26 s800: 10.26 Products: N/A Filesets: BLS.BLS-CORE BLS.BLS-ENG-A-MAN CMW.CMW-CORE OS-Core.CORE-ENG-A-MAN OS-Core.UX-CORE Automatic Reboot?: No Status: General Release Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHCO_18647 Symptoms: PHCO_18647: Commands chown, chpriv, chlevel and chilevel are not generating audit records in case of failure. Defect Description: PHCO_18647: Auditing of failure is not enabled for commands chown, chpriv, chlevel and chilevel. Resolution: Modified chsecattr() libsecurity library function to enable auditing of failures for commands: chown, chpriv, chlevel and chilevel. Added audit section for chpriv, chlevel and chilevel man pages. Modified audit section for chgrp and chmod man pages because they are not auditing failures. Added what strings to the commands chown, chpriv, chlevel and chilevel. SR: 1653305029 Patch Files: /usr/bin/chown /sbin/chown /sbin/chlevel /sbin/chilevel /sbin/chacl /tcb/bin/chpriv /usr/share/man/man1.Z/chown.1 /usr/share/man/man1.Z/chmod.1 /usr/share/man/man1m.Z/chpriv.1m /usr/share/man/man1m.Z/chlevel.1m /usr/share/man/man1m.Z/chilevel.1m what(1) Output: /usr/bin/chown: 1999/06/23 Hewlett-Packard HP-UX 10.26 TOS [ ic5cr - DAV17 ] 99/05/21 cmd/chown.c, hpux, hpux_10.26, ic5cr Revisi on 1.4 PATCH_10.26 (PHCO_18647) $Revision: 78.1 $ /sbin/chown: 99/06/23 lib/libc/core/gen/ctime.c, hpux, hpux_10.26 , ic5cr Revision 1.2 PATCH_10.26 (PHCO_17823 ) UNMODIFIED 1999/06/23 Hewlett-Packard HP-UX 10.26 TOS [ ic5cr - DAV17 ] 99/05/21 cmd/chown.c, hpux, hpux_10.26, ic5cr Revisi on 1.4 PATCH_10.26 (PHCO_18647) $Revision: 78.1 $ 99/05/21 lib/libsecurity/chsecattr.c, hpux, hpux_10. 26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_185 02) 99/05/21 lib/libsecurity/map_ids.c, hpux, hpux_10.26 , ic5cr Revision 1.12 PATCH_10.26 (PHCO_1850 2) 99/06/23 lib/libsecurity/mandlib.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_17760 ) $ 99/05/21 lib/libsecurity/authcap.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_18502 ) ic5ae_DAV17 lib/libc/archive_pa1/libc.a_01 Jun 23 1999 21:17:17 /sbin/chlevel: 99/06/23 lib/libc/core/gen/ctime.c, hpux, hpux_10.26 , ic5cr Revision 1.2 PATCH_10.26 (PHCO_17823 ) UNMODIFIED 1999/06/23 Hewlett-Packard HP-UX 10.26 TOS [ ic5cr - DAV17 ] 99/05/21 seccmd/policy/chpolicy.c, hpux, hpux_10.26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_18647) 99/06/23 lib/libsecurity/mandlib.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_17760 ) $ 99/03/09 lib/libsecurity/psecerror.c, hpux, hpux_10. 26, ic5cr Revision 1.4 PATCH_10.26 (PHCO_178 56) 99/05/21 lib/libsecurity/chsecattr.c, hpux, hpux_10. 26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_185 02) 99/05/21 lib/libsecurity/map_ids.c, hpux, hpux_10.26 , ic5cr Revision 1.12 PATCH_10.26 (PHCO_1850 2) 99/05/21 lib/libsecurity/authcap.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_18502 ) ic5ae_DAV17 lib/libc/archive_pa1/libc.a_01 Jun 23 1999 21:17:17 /sbin/chilevel: 99/06/23 lib/libc/core/gen/ctime.c, hpux, hpux_10.26 , ic5cr Revision 1.2 PATCH_10.26 (PHCO_17823 ) UNMODIFIED 1999/06/23 Hewlett-Packard HP-UX 10.26 TOS [ ic5cr - DAV17 ] 99/05/21 seccmd/policy/chpolicy.c, hpux, hpux_10.26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_18647) 99/06/23 lib/libsecurity/mandlib.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_17760 ) $ 99/03/09 lib/libsecurity/psecerror.c, hpux, hpux_10. 26, ic5cr Revision 1.4 PATCH_10.26 (PHCO_178 56) 99/05/21 lib/libsecurity/chsecattr.c, hpux, hpux_10. 26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_185 02) 99/05/21 lib/libsecurity/map_ids.c, hpux, hpux_10.26 , ic5cr Revision 1.12 PATCH_10.26 (PHCO_1850 2) 99/05/21 lib/libsecurity/authcap.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_18502 ) ic5ae_DAV17 lib/libc/archive_pa1/libc.a_01 Jun 23 1999 21:17:17 /sbin/chacl: 99/06/23 lib/libc/core/gen/ctime.c, hpux, hpux_10.26 , ic5cr Revision 1.2 PATCH_10.26 (PHCO_17823 ) UNMODIFIED 1999/06/23 Hewlett-Packard HP-UX 10.26 TOS [ ic5cr - DAV17 ] 99/05/21 seccmd/policy/chpolicy.c, hpux, hpux_10.26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_18647) 99/03/09 lib/libsecurity/psecerror.c, hpux, hpux_10. 26, ic5cr Revision 1.4 PATCH_10.26 (PHCO_178 56) 99/05/21 lib/libsecurity/chsecattr.c, hpux, hpux_10. 26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_185 02) 99/05/21 lib/libsecurity/map_ids.c, hpux, hpux_10.26 , ic5cr Revision 1.12 PATCH_10.26 (PHCO_1850 2) 99/06/23 lib/libsecurity/mandlib.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_17760 ) $ 99/05/21 lib/libsecurity/authcap.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_18502 ) ic5ae_DAV17 lib/libc/archive_pa1/libc.a_01 Jun 23 1999 21:17:17 /tcb/bin/chpriv: 99/06/23 lib/libc/core/gen/ctime.c, hpux, hpux_10.26 , ic5cr Revision 1.2 PATCH_10.26 (PHCO_17823 ) UNMODIFIED 1999/06/23 Hewlett-Packard HP-UX 10.26 TOS [ ic5cr - DAV17 ] 99/05/21 seccmd/policy/chpriv.c, hpux, hpux_10.26, i c5cr Revision 1.3 PATCH_10.26 (PHCO_18647) 99/03/09 lib/libsecurity/psecerror.c, hpux, hpux_10. 26, ic5cr Revision 1.4 PATCH_10.26 (PHCO_178 56) 99/05/21 lib/libsecurity/chsecattr.c, hpux, hpux_10. 26, ic5cr Revision 1.3 PATCH_10.26 (PHCO_185 02) 99/05/21 lib/libsecurity/map_ids.c, hpux, hpux_10.26 , ic5cr Revision 1.12 PATCH_10.26 (PHCO_1850 2) 99/06/23 lib/libsecurity/mandlib.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_17760 ) $ 99/05/21 lib/libsecurity/authcap.c, hpux, hpux_10.26 , ic5cr Revision 1.5 PATCH_10.26 (PHCO_18502 ) ic5ae_DAV17 lib/libc/archive_pa1/libc.a_01 Jun 23 1999 21:17:17 /usr/share/man/man1.Z/chown.1: None /usr/share/man/man1.Z/chmod.1: None /usr/share/man/man1m.Z/chpriv.1m: None /usr/share/man/man1m.Z/chlevel.1m: None /usr/share/man/man1m.Z/chilevel.1m: None cksum(1) Output: 1884844676 24576 /usr/bin/chown 1372967266 405504 /sbin/chown 2117348789 360448 /sbin/chlevel 1072791335 364544 /sbin/chilevel 2776697163 360448 /sbin/chacl 3027324896 360448 /tcb/bin/chpriv 52589399 6555 /usr/share/man/man1.Z/chown.1 3947797426 7201 /usr/share/man/man1.Z/chmod.1 163361528 3055 /usr/share/man/man1m.Z/chpriv.1m 1294695479 3832 /usr/share/man/man1m.Z/chlevel.1m 1795500223 3013 /usr/share/man/man1m.Z/chilevel.1m Patch Conflicts: None Patch Dependencies: s700: 10.26: PHCO_18502 s800: 10.26: PHCO_18502 Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: None Patch Package Size: 1920 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHCO_18647 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHCO_18647.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHCO_18647. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHCO_18647.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHCO_18647.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None