Troubleshooting
Problem
IBM Security Guardium STAP agents load a kernel module called KTAP. The guard_tap.ini parameter KTAP_INSTALLED controls whether KTAP loads.
A bug in version 10.6 STAPs allows KTAP to load after upgrade even if KTAP_INSTALLED=0 is set.
Symptom
- Install STAP with default parameters, including KTAP_INSTALLED=1.
- Run lsmod |grep tap or an equivalent command. Notice the KTAP module is loaded.
- Configure guard_tap.ini with KTAP_INSTALLED=0.
- Check KTAP. The module is still loaded.
- Reboot the server.
- Check KTAP again. The module is not loaded after reboot. This behavior is expected.
- Upgrade STAP. (Note KTAP_INSTALLED=0 is still set.)
- Check KTAP. The module is loaded. This behavior is a bug.
Environment
This bug was found in v10.6 STAPs but might affect earlier versions.
Resolving The Problem
This issue was reported as APAR GA17125.
To work around the issue:
- Upgrade STAP.
- Ensure KTAP_INSTALLED=0 and KTAP_ENABLED=0 are still set in guard_tap.ini
- Reboot the server. KTAP is not loaded.
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Component":"STAP","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"10.6;11.0","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Product Synonym
IBM Guardium Data Protection
Was this topic helpful?
Document Information
Modified date:
25 February 2020
UID
ibm13458355