the issue can be described as the following example. 

USERNAME@UNIXSERVER:/export/home/USERNAME $ secons -kt 1 |grep mywhoami
CA ControlMinder secons v12.81.0.3476 - Console utility
Copyright (c) 2013 CA. All rights reserved.
   6 000030      0    440548356  146800642 /tmp/mywhoami (MAIL BACK SPEC )
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -li /tmp/mywhoami
 440548356 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:15 /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ /tmp/mywhoami              
USERNAME
ACEE Contents
  User's Name             : root
  ACEE's Handle           : 23
  Group Connections Table:
    Group Name              Connection Mode
            ====================    =================================
    adm                     Regular 
    bin                     Regular 
    daemon                  Regular 
    eacadmin                Regular 
    eacaudit                Regular 
    lp                      Regular 
    mail                    Regular 
    nuucp                   Regular 
    other                   Regular 
    root                    Regular 
    sys                     Regular 
    sysadmin                Regular 
    tty                     Regular 
    uucp                    Regular 
Categories              : <None>
Profile Group           : <None>
Security Label          : <None>
User's Audit Mode       : Failure LoginSuccess LoginFailure 
User's Security Level   : 0
Source Terminal         : <Unknown>
Process Count for ACEE  : 1
User's Mode             : Admin Auditor 
ACEE's Creation Time    : Tue Jun 28 08:16:02 2022

Warning: User name differs in CA ControlMinder and UNIX.
USERNAME@UNIXSERVER:/export/home/USERNAME $ cat /tmp/mywhoami 
#!/bin/ksh
/opt/seos/bin/sewhoami -a
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -li /tmp/mywhoami
 440548356 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:15 /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ secons -kt 1 |grep mywhoami
CA ControlMinder secons v12.81.0.3476 - Console utility
Copyright (c) 2013 CA. All rights reserved.
   6 000030      0    440548356  146800642 /tmp/mywhoami (MAIL BACK SPEC )
USERNAME@UNIXSERVER:/export/home/USERNAME $ /opt/seos/bin/selang -s -c "sr specialpgm /tmp/mywhoami"
(localhost)
Data for SPECIALPGM '/tmp/mywhoami'
-----------------------------------------------------------
Owner             : USERNAME          (USER   ) 
Create time       : 28-Jun-2022 08:13
Update time       : 28-Jun-2022 08:13
Updated by        : USERNAME          (USER   ) 
CA ControlMinder UID : root
Program Type      : None
Native UID        : *

USERNAME@UNIXSERVER:/export/home/USERNAME $ mv /tmp/mywhoami /tmp/mywhoami_new
USERNAME@UNIXSERVER:/export/home/USERNAME $ mv /tmp/mywhoami_new /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -li /tmp/mywhoami
 440548356 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:15 /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ cp /tmp/mywhoami /tmp/mywhoami_new
USERNAME@UNIXSERVER:/export/home/USERNAME $ cp -p /tmp/mywhoami_new /tmp/mywhoami    
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -li /tmp/mywhoami
 440548356 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:18 /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -l /tmp/mywhoami*
-rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:18 /tmp/mywhoami
-rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:18 /tmp/mywhoami_new
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -li /tmp/mywhoami*
 440548356 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:18 /tmp/mywhoami
 450547253 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:18 /tmp/mywhoami_new
USERNAME@UNIXSERVER:/export/home/USERNAME $ rm /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ mv /tmp/mywhoami_new /tmp/mywhoami     
USERNAME@UNIXSERVER:/export/home/USERNAME $ ls -li /tmp/mywhoami*             
 450547253 -rwxr-x---   1 USERNAME     lbi           37 Jun 28 08:18 /tmp/mywhoami
USERNAME@UNIXSERVER:/export/home/USERNAME $ /tmp/mywhoami 
USERNAME
ACEE Contents
  User's Name             : USERNAME
  ACEE's Handle           : 22
  Group Connections Table:
    Group Name              Connection Mode
            ====================    =================================
    ami_unix                Regular 
    eacadmin                Regular 
    eacaudit                Regular 
    hqp                     Regular 
    lbi                     Regular 
    stafhp                  Regular 
    sysadmin                Regular 
Categories              : <None>
Profile Group           : <None>
Security Label          : <None>
User's Audit Mode       : Failure LoginFailure 
User's Security Level   : 0
Source Terminal         : 10.10.10.10
Process Count for ACEE  : 2
User's Mode             : Admin Auditor PwManager 
ACEE's Creation Time    : Tue Jun 28 08:12:09 2022

USERNAME@UNIXSERVER:/export/home/USERNAME $ 

the finding is , once the file's inode info is changed, the specialpgm ACL that created for that special file also becomes invalid, and beside of recreating the specialpgm on the same file name by deleting and adding it again, the other way to make etrust specialpgm to work again is to restart etrust. 

this is kind of better be discribed as "untrusted" specialpgm, however, to make the specialpgm class object working again, can't find a "retrust" command available currently. this is considered as a feature that should be implemented in a way similiar to

cr program /type/a/program/here trust

which can update the inode info in the kernel table kt 1 so the specialpgm can function properly without requiring etrust to be restarted.

Release : 14.x

Component : PAM SERVER CONTROL ENDPOINT UNIX/LINUX

Using any build after 14.10.40.117  (included in patch acpatch-DE539160-14.10.40.117-_LINUX_X64) you can now update the indode using an editresource command

PAMSC> er SPECIALPGM /XXX/XXX

or

selang -c "er SPECIALPGM /XXX/XXX"

You should include this as part of any upgrade procedures for programs which require a SPECIALPGM rule.