Patch-ID# 101572-15 Keywords: security y2000 jobs queue diskless atq atrm crontab Synopsis: SunOS 5.3: /usr/bin/at and /usr/sbin/cron patch Date: Oct/12/99 Solaris Release: 2.3 SunOS Release: 5.3 Unbundled Product: Unbundled Release: Topic: SunOS 5.3: /usr/bin/at and /usr/sbin/cron patch BugId's fixed with this patch: 1119287 1154855 1160728 1194556 1201496 1206858 1210593 1258772 1265200 4063161 4099944 4106673 4173122 4176667 4177427 4184825 4204116 Changes incorporated in this version: 4204116 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/crontab /usr/sbin/cron Problem Description: 4204116 cron jobs don't send mail since fix for 4184825 (from 101572-14) 4184825 security hole in cron through improper use of creat (reworked) (from 101572-13) 4184825 security hole in cron through improper use of creat (reworked) (from 101572-12) 4184825 security hole in cron through improper use of creat 4177427 cron spins out of control when fork fails. (from 101572-11) 4176667 'at' command doesn't work properly when specifying 02/29/2000 (from 101572-10) 4173122 security hole in cron through improper use of temp files; backport of 4054223 (from 101572-09) 4106673 cron is not year 2000 compliant in 2.6 4099944 'at' does not accept feb 29 under 2.6 (from 101572-08) 1265200 *at* security problem 4063161 *at* from 512 byte long directory gives bus error. (from 101572-07) 1258772 atq prints 19100 something if system date is 2000 or greater 1194556 at needs to understand utc timezone and years > 2000 (from 101572-06) 1201496 batch jobs accumalate in the queue when they should be running (from 101572-05) 1206858 at jobs run for incorrect user if jobs are removed from queue (from 101572-04) 1210593 on1093 cron patch 101572 doesn't delete sysadm crontab file (from 101572-03) This patch revision includes fixes for bugids 1119287 and 1160728 as described in 101572-02. These fixes were accidentally excluded from the previous revision. (from 101572-02) 1119287 unability to run an at command from a BSD diskless from a Solaris 2.1 server 1160728 at(1) command can be used to view any file on the system This patch consists of a back-port of the entire Solaris 2.4 cron subsystem to Solaris 2.2/2.3, and as such, it fixes a number of problems. The patch was requested to allow diskless clients of a Solaris 2.2/2.3 server to run at commmands successfully, and to ensure that at jobs only look at files that they have at least read permission on. After applying this patch, when the system is booted, the cron startup chatter will most likely include something like the following: ! No such user as sysadm - cron entries not created Tue Aug 9 16:51:53 1994 This appears because there is a crontab file for the non-existent user sysadm; cron used to silently ignore such crontab files, but now it flags them. To get rid of this message, simply run the following command as root: #crontab -r sysadm (from 101572-01) 1154855 at jobs may execute on the wrong queue When an at job becomes ready to run, the queue it is assigned to may already be running the maximum number of concurrent jobs allowed on it (as specified in the /etc/cron.d/queuedefs file). When this happens, cron reschedules the job to run later. The problem is that cron can reschedule the job to run on the wrong queue - the one on which the most recently submitted at job will run, rather than the one that the job was originally submitted on. This patch fixes this problem. Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- None.