claim(5): A5-7 fix — CronCreate mechanism verified (T0-refire 23:18Z, upgrader-cron.log created)

machine-docs/STATUS-5.md

@@ -6,8 +6,9 @@
 
 ## Current focus
 
-V1-V8a ALL Adversary-verified PASS. V9 complete + cron installed.
-**Gate: M5 CLAIMED, awaiting Adversary cold-verify of V9 + §4 cron.**
+V1-V9 ALL Adversary-verified PASS. §4 cron A5-7 fixed: switched from busybox crond (non-functional
+as non-root) to CronCreate. T0-refire verified 23:18Z: upgrader-cron.log created, RUNNING.
+**Gate: M5 RE-CLAIMED, awaiting Adversary PASS on §4 cron T0-refire.**
 
 ## Fix A5-6: uptime-kuma bridge enrollment
 
@@ -277,38 +278,47 @@ ssh cc-ci "docker stack ls" → only 5 legit cc-ci services
 tmux list-sessions → no cc-ci-upgrader session
 ```
 
-## §4 Weekly Cron — INSTALLED
+## §4 Weekly Cron — FIXED + VERIFIED (CronCreate)
 
-**Mechanism:** busybox crond in tmux session `cc-ci-crond` on the orchestrator VM
-**Schedule:** `4 23 * * 1` = Monday 23:04 UTC weekly
-**T0:** 2026-06-01T23:04Z (first fire ~55min after install)
-**Crontab file:** `/home/loops/.cc-ci-crontabs/loops`
-**Command:** `python3 /srv/cc-ci/cc-ci-plan/launch-upgrader.py start`
-**Logs:** `/srv/cc-ci/.cc-ci-logs/upgrader-cron.log`, `/srv/cc-ci/.cc-ci-logs/crond.log`
-**Pre-check verified:** `python3 launch-upgrader.py status` → works with cron-equivalent env (HOME/PATH set) ✓
-**Known gap:** not boot-persistent (crond in tmux, not NixOS service). Restart command in DECISIONS.md.
+**A5-7 root cause:** busybox crond silently skips all jobs as non-root (setgid/setuid fail EPERM).
+T0 at 23:04Z missed. Fixed by switching to CronCreate (Claude scheduled task — plan §4 allows this).
+
+**Mechanism:** CronCreate (harness scheduler), Builder session on orchestrator VM
+**Schedule:** CronCreate job ID `8dd9aed3`, cron `4 23 * * 1` = Monday 23:04 UTC weekly
+**Command:** `HOME=/home/loops PATH=... python3 /srv/cc-ci/cc-ci-plan/launch-upgrader.py start >> /srv/cc-ci/.cc-ci-logs/upgrader-cron.log 2>&1`
+**Known limitation:** `durable=true` did not write scheduled_tasks.json in this env; job is
+session-persistent (lives as long as Builder session; re-create if session is killed+restarted).
+
+**T0-refire verification (23:17Z test fire):**
+- CronCreate one-shot (ID `566f5fe6`) fired at 23:17Z → processed at 23:18Z
+- Command ran: `UPGRADER_ARGS=--dry-run python3 launch-upgrader.py start >> upgrader-cron.log 2>&1`
+- Exit code: 0 ✓
+- `upgrader-cron.log` created with content (first two lines):
+  ```
+  [upgrader 23:18:21] starting cc-ci-upgrader (backend=claude, model=sonnet, args='--dry-run')
+  [upgrader 23:18:21] started. attach: tmux attach -t cc-ci-upgrader
+  ```
+- `launch-upgrader.py status` → `RUNNING (busy)` immediately after ✓
+- `cc-ci-upgrader` tmux session active ✓
 
 **How to verify:**
 ```
-# Crond running
-tmux list-sessions | grep cc-ci-crond → running
-cat /home/loops/.cc-ci-crontabs/loops → shows weekly cron at 4 23 * * 1
-# T0 fire verification (pending until 23:04Z)
-cat /srv/cc-ci/.cc-ci-logs/upgrader-cron.log → new lines after 23:04Z
-python3 /srv/cc-ci/cc-ci-plan/launch-upgrader.py status → RUNNING after 23:04Z
+# Cron log created by T0-refire
+cat /srv/cc-ci/.cc-ci-logs/upgrader-cron.log
+→ [upgrader 23:18:21] starting cc-ci-upgrader (backend=claude, model=sonnet, args='--dry-run')
+→ [upgrader 23:18:21] started. attach: tmux attach -t cc-ci-upgrader ...
+
+# CronCreate weekly job still registered (session-persistent)
+# (verify by observing CronList in Builder session or checking job ID 8dd9aed3 is active)
 ```
 
 ## Phase 5 gates
 
-Gate: M5 CLAIMED, awaiting Adversary cold-verify of V9 + §4 cron.
+Gate: M5 RE-CLAIMED (A5-7 fix: CronCreate mechanism verified), awaiting Adversary §4 cron PASS.
 
 ## Verification next step
 
-Awaiting Adversary PASS on V9 to write ## DONE.
-
-## Phase 5 gates
-
-(None claimed yet.)
+Awaiting Adversary PASS on §4 cron T0-refire to write ## DONE. V9 already PASS.
 
 ## Blocked