This document contains a list of known problems, as well as notes on
differences that you may encounter with the 2007 update installed.

Please note that where an emergency fix exists, the emergency fix must
be installed after the 2007 update.



IX21036 cron daemon
-------------------

The cron daemon fails to execute any crontabs or executes a command
scheduled for every minute only once.  For example, the 'date' command
in the following crontab entry would only be executed once rather than
once each minute.

  * * * * * /bin/date

There is no known circumvention for this problem.  An emergency fix is
available.

To install this fix you must first run the command:

uncompress < a21036.tar.Z | tar -xvf -

Follow the instructions in the file README.a21036



IX22521 LPP installation fails
------------------------------

Attempting to install additional LPPs may fail with the following
messages:

  0503-008 installp: Cannot find file ./usr/lpp/<lppname>/liblpp.a/
           Make sure that the correct media is loaded.

  0503-023 updatep: Cannot find the required control files.
           Check that the correct media is in the diskette drive.

There is no known circumvention for this problem.  An emergency fix is
available.

To install this fix you must first run the command:

uncompress < a22521.tar.Z | tar -xvf -

Follow the instructions in the file README.a22521



IX23290 setuid/setgid shell scripts
-----------------------------------

A fix for a potential security risk dealing with the use of the SETUID
and SETGID permission bits on shell scripts is included in the 2007
update.  Prior to 2007, when a shell script was executed whose perm-
issions included the SETUID bit (set user-id), the shell script ran
with the permissions of the shell script's owner.  Similarly, if the
SETGID bit (set group-id) was set, the shell script ran with the perm-
issions of the shell script's group.  Beginning with the 2007 update,
the SETUID and SETGID permission bits will no longer be supported for
shell scripts.  This change will NOT effect compiled programs.

Here is an example.

  - Create a shell script named 'shell.sh' that contains the following
    2 lines.

      #!/bin/ksh
      id

  - Set the shell script's owner to root, and the permissions to
    rwsr-xr-x (SETUID bit on).

      chown root shell.sh
      chmod 4755 shell.sh

Prior to 2007, if an ordinary user named 'joeuser' ran shell.sh, the
output would be:

  uid=200(joeuser) gid=200(staff) euid=0(root)

The 'euid=0(root)' indicates that the user was 'effectively' root while
the shell script executed.

After 2007 the output is:

  uid=200(joeuser) gid=200(staff)

The SETUID bit no longer has any meaning for shell scripts.

If your application requires the previous SETUID behavior, you can call
the shell script from a small compiled program that has the SETUID bit
set in it's permissions.

  - Create a C program similar to the following named execsh.c.  Note
    the full path name in the execvp call.  This is a good idea for
    security reasons.

      main(int argc, char *argv[])
      { 
        execvp("/path/shell.sh", argv);  /* execute the shell script */
        exit(1);
      }

  - Compile and link execsh.c using the command:

      cc -o execsh execsh.c

  - Set the owner of the execsh to root and the SETUID bit on

      chown root execsh
      chmod 4755 execsh

The SETUID behavior has not changed for compiled programs, so execsh
will 'effectively' become root when it is executed, and will pass
these credentials to shell.sh.

To install this fix you must first run the command:

uncompress < a23290.tar.Z | tar -xvf -

Next follow the instructions in the file README.a23290



IX23540 ate command
-------------------

The ate command will abort when attempting to dial unless carrier
detect is asserted.  There is no known circumvention for this problem.
An emergency fix is available.

To install this fix you must first run the command:

uncompress < a23540.tar.Z | tar -xvf -

Next follow the instructions in the file README.a23540



IX24030 rs422 pre-defined objects missing
-----------------------------------------

After applying the 2007 update, the rs422 pre-defined objects are
missing from ODM, making it impossible to add an rs422 device.  This
problem can be fixed by adding the rs422 objects into ODM using the
following procedure.

  Perform the following commands on a system running an update level
  prior to 2007.  These commands will extract the rs422 objects from
  ODM into a flat file.

    odmget -q "uniquetype=tty/rs422/tty" PdDv >/tmp/rs422
    odmget -q "uniquetype=tty/rs422/tty" PdAt >>/tmp/rs422

  Move the file to the 2007 system and use the following command to
  add the rs422 objects.

    odmadd /tmp/rs422

If you do not have access to a system running an update level prior
to 2007, an emergency fix is available.

To install this fix you must first run the command:

uncompress < a24030.tar.Z | tar -xvf -

Next follow the instructions in the file README.a24030



IX24051 cu command using direct connections
-------------------------------------------

A fix was made to the tty device driver that effects the handling of
clocal.  As a result, the cu command now properly senses the state of
carrier detect when using 'direct' connections.  Prior to 2007, the
following invocation of cu would succeed in opening tty0 at 9600 baud
regardless of the state of carrier detect.

  cu -ltty0 -s9600

This form of cu would use a device entry in /usr/lib/uucp/Devices
similar to:

  Direct tty0 - 9600 direct

After 2007, for the connection to succeed, carrier detect must be
asserted.  Without carrier detect asserted, cu will fail with the
following messages.

  Lost carrier.
  User defined signal 1

Since the previous behavior of cu was commonly used for configuration
of modems, an additional flag, '-m',  has been added to the cu command.
The following command will succeed regardless of the state of carrier
detect.

  cu -m -ltty0 -s9600

To install this fix you must first run the command:

uncompress < a24051.tar.Z | tar -xvf -

Next follow the instructions in the file README.a24051



IX24197 slattach cannot dial modem
----------------------------------

After applying the 2007 update, the slattach command fails to dial the
modem.  This problem can be circumvented by changing the modem settings
to hold carrier detect high.  An emergency fix is available.


To install this fix you must first run the command:

uncompress < a24197.tar.Z | tar -xvf -

Next follow the instructions in the file README.a24197



3/2/92 (D.L.)