APAR status
Closed as fixed if next.
Error description
Installing/upgrading 'lz' agent using install.sh with -k <group> option, gives an ESM (Enterprise Security Management) violation. And running "secureMain -g root lock" after the agent install does not resolve ESM violation either. [root@<servername> lx8266]# ls -l total 12 drwxr-xr-x 6 root root 4096 Feb 25 15:09 gs drwxr-xr-x 7 root root 4096 Feb 25 15:09 lz drwxrwxrwx 4 root root 4096 Feb 25 15:09 osfcp [root@<servername> lx8266]# cd osfcp [root@<servername> osfcp]# ls -l total 8 drwxrwxrwx 2 root root 4096 Feb 25 15:09 bin drwxrwxrwx 2 root root 4096 Feb 25 15:09 lib The directory <CandleHome>/<Architecture>/osfcp contains some files related to the Custom Factory Provided feature, not yet active in release 6.30 FP4, that are not managed by secureMain. Affected Platforms / Versions: Linux OS Agent 6.30 FP4. This issue has been fixed in 6.30 FP5.
Local fix
Install/upgrade 'lz' agent using install.sh WITHOUT -k <group> option, the ESM exception will not occur. [root@<servername> lx8266]# ls -l total 12 drwxr-xr-x 6 root root 4096 Feb 25 09:57 gs drwxr-xr-x 7 root root 4096 Feb 25 09:57 lz drwxrwxr-x 4 root root 4096 Feb 25 09:57 osfcp [root@<servername> lx8266]# cd osfcp [root@<servername> osfcp]# ls -l total 8 drwxrwxr-x 2 root root 4096 Feb 25 09:57 bin drwxrwxr-x 2 root root 4096 Feb 25 09:57 lib
Problem summary
Problem Description: Some files and directories have 777 permissions in the secured install tree of the Monitoring Agent for Linux OS Problem/Problem Summary: The 6.30 FP4 Monitoring Agent for Linux OS directory structure under <CandleHome>/<Architecture>/osfcp remains with worldwide writeable permissions after the execution of command secureMain -g <group> to lock the install tree down.
Problem conclusion
Temporary fix
None currently. 6.30 FP5 Monitoring Agent for Linux OS will install osfcp files into: <CandleHome>/<Architecture>/lz/bin and <CandleHome>/<Architecture>/lz/lib These subdirectories are properly managed by the secureMain command.
Comments
APAR Information
APAR number
IV70421
Reported component name
ITM AGENT LINUX
Reported component ID
5724C04LN
Reported release
630
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-03-02
Closed date
2015-03-13
Last modified date
2015-03-13
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
R630 PSY
UP
R610 PSN
UP
R620 PSN
UP
R621 PSN
UP
R622 PSN
UP
R623 PSN
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"630"}]
Document Information
Modified date:
30 December 2022