A fix is available
APAR status
Closed as program error.
Error description
Errors while installing Unix OS agent using non-root user. Recreate Steps: 1. Installed, configured and started ITM 623 GA Unix OS agent on Solaris using non-root user. 2. While upgrading Unix OS agent to 623 FP2 using non-root user, upgrade failed with the following error: install.sh warning: The userid associated with the "ux" product code and "411" process id does not match the current user, continuing ... install.sh failure: KCI0245E A running process(s) was detected whose associated userid does not match the current userid. The install will be aborted. 3. After stopping the Unix OS agent first, the upgrade using non-root user failed with the following error, even when the correct root password is supplied: Root-owned files have been found. Before continuing with this installation, the owner of these files should be changed to "itmuser". This change will be done automatically if you type the root password below: KCIIN2363E ERROR - the password is incorrect. Do you want to try another password [ 1=Yes, 2=No ; default is "1" ] ? 1 KCIIN2363E ERROR - the password is incorrect. Do you want to try another password [ 1=Yes, 2=No ; default is "1" ] ? KCIIN2363E ERROR - the password is incorrect. Do you want to try another password [ 1=Yes, 2=No ; default is "1" ] ? 2 4. After fixing the file onwership first, the upgrade was successful. 5. When configuring the Unis OS agent using non-root user, at the end of the configuration, the following error is displayed: KCIIN2569E ERROR: You are not running as root, and rexec is not enabled on this machine, so your machine boot scripts cannot be updated automatically for you. Please re-run this configuration session as root, or please manually run /ash_623fp2_nonroot/bin/UpdateAutoRun.sh as root Agent configuration completed... Would you like to restart the component to allow new configuration to take effect? [1=Yes, 2=No] (Default is: 1): 1 Component can not be managed due to insufficient privileges
Local fix
Problem summary
1) Attempting to upgrade as a nonroot user on a Solaris system after "SetPerm -a" or "secureMain lock" have been executed and the OS agent is running fails with messages similar to the following: install.sh warning: The userid associated with the "ux" product code and "411" process id does not match the current user, continuing ... install.sh failure: KCI0245E A running process(s) was detected whose associated userid does not match the current userid. The install will be aborted. 2) Attempting to upgrade as a nonroot user on a UNIX system after "SetPerm -a" or "secureMain lock" have been executed and the OS agent is not running and the REXEC service is not running fails with messages similar to the following for any password entered, even the correct password: Root-owned files have been found. Before continuing with this installation, the owner of these files should be changed to "itmuser". This change will be done automatically if you type the root password below: KCIIN2363E ERROR - the password is incorrect. Do you want to try another password [ 1=Yes, 2=No ; default is "1" ] ? 1 3) After configuring the OS agent as a nonroot user on a UNIX system after "SetPerm -a" or "secureMain lock" have been executed displays a message similar to the following: KCIIN2569E ERROR: You are not running as root, and rexec is not enabled on this machine, so your machine boot scripts cannot be updated automatically for you. Please re-run this configuration session as root, or please manually run /opt/IBM/ITM/bin/UpdateAutoRun.sh as root Agent configuration completed... 4) After configuring the OS agent as a nonroot user on a UNIX system after "SetPerm -a" or "secureMain lock" have been executed and the OS agent is running displays a message similar to the following: Would you like to restart the component to allow new configuration to take effect? [1=Yes, 2=No] (Default is: 1): 1 Component can not be managed due to insufficient privileges 5) When running "cinfo -r" on a Solaris or Linux system with the UNIX Logs agent installed user after "SetPerm -a" or "secureMain lock" have been executed shows the process as started by root instead of the nonroot user. 6) When running "itmcmd manage" as a nonroot user and attempting to stop the OS agent after it has been started by the same nonroot user after "SetPerm -a" or "secureMain lock" have been executed displays a popup message similar to the following: Component can not be managed due to insufficient privileges
Problem conclusion
1) The code has been modified to always use the 'real' user instead of the 'effective' user when determining whether an agent can be stopped. 2) The code has been modified to attempt the SSH and RSH connection protocols in addition to the REXEC connection protocol for root subshell processing. This allows greater chance of success since one of the protocols is enabled to allow remote access to the endpoint. 3) The code has been modified to always use the 'real' user instead of the 'effective' user when displaying the status of running processes. The fix for this APAR is contained in the following maintenance packages: | fix pack | 6.2.3-TIV-ITM-FP0005 | fix pack | 6.3.0-TIV-ITM-FP0003
Temporary fix
Comments
APAR Information
APAR number
IV40170
Reported component name
OMEG DIST INSTA
Reported component ID
5608A41CI
Reported release
623
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-04-18
Closed date
2014-05-05
Last modified date
2014-05-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
OMEG DIST INSTA
Fixed component ID
5608A41CI
Applicable component levels
R623 PSY
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"623"}]
Document Information
Modified date:
30 December 2022