APAR status
Closed as fixed if next.
Error description
If the audit trail file is owned by root with group informix, the onshowaudit utility does not process the file and displays a warning message as follows: =>onshowaudit -I -f demo_on.32 -l ONSHOWAUDIT Secure Audit Utility INFORMIX-SQL Version 11.50.FC5WM1 Cannot open file demo_on.32
Local fix
Change the owner of the audit trail file to informix:informix.
Problem summary
**************************************************************** * USERS AFFECTED: * * Users trying to read audit log files owned by root. * **************************************************************** * PROBLEM DESCRIPTION: * * Since onshowaudit is SUID root/SGID informix there was a * * restriction put is so that onshowaudit could not be used to * * read privileged files - e.g. /etc/shadow. * * The root privilege is a vestige of OS auditing which is no * * longer supported. * * Changed onshowaudit to revoke the SUID/SGID privileges and * * run as the user that started it. * * Because of this, restriction on files is no longer * * necessary, you can process any file you can read. * **************************************************************** * RECOMMENDATION: * * Install the patch. * * The ultimate fix will be to remove the SUID/SGID privilege * * from onshowaudit. * ****************************************************************
Problem conclusion
Temporary fix
Comments
For download information, go to: http://www.ibm.com/support/fixcentral
APAR Information
APAR number
IC71378
Reported component name
IBM IDS ENTRP E
Reported component ID
5724L2304
Reported release
B15
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-09-21
Closed date
2011-01-20
Last modified date
2011-01-20
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
RB15 PSN
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSGU8G","label":"Informix Servers"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"B15","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Document Information
Modified date:
20 January 2011