Closed mballon closed 1 year ago
mballon
commented
2 years ago After further testing I ended up just excluding the db2 hosts from 6.2.X recommendations as the permissions were still changed at the top level homedir/instancepath causing issues. The whole recommendation may be moot at this point, although it’s still something to ponder.
uk-bolly
commented
1 year ago hi @mballon
Thank you for this feedback, testing like this is something we dont always have chance to account for so feedback is always welcome. We have included your suggestion into the latest PR for devel.
Thanks
uk-bolly
uk-bolly
commented
1 year ago Hi @mballon
This Issue has now been merged are you happy to close this?
Thanks uk-bolly
Feature Request or Enhancement
Summary of Request While doing testing in a lower environment it was discovered that IBM DB2 links “instance” home directories back to the install path which defaults to /opt/ibm/db2/$ver. When the tasks for recommendations 6.2.X run using rhel7cis_passwd dict it contains /db2instancename as home directory as the instance owner’s homedir is the instance path. That home directory (instance owner) contains links to /opt/ibm/db2/$ver which had its permissions changed causing db2 to crash and no longer function.
Describe alternatives you've considered At first I added an exclusion just for hosts where db2 was installed, although ultimately decided to change the code for these recommendations so they would not follow links. The decision to changed code vs excluding specific db2 app hosts was simply based off the idea if it breaks something with only 1% of hosts deployed it’s going to break something else.
Suggested Code “command: find -H” changed to “command: find -P” “file:” added option “follow: no” under recursive parm “acl:” added option “follow: no” under recursive parm