Mount agent creates mount point directory tree with umask 077 when RecursiveMnt attribute is enabled
| Article:TECH178696 | | | Created: 2012-01-11 | | | Updated: 2012-01-11 | | | Article URL http://www.symantec.com/docs/TECH178696 |
Problem
The RecursiveMnt option for Mount resource, creates directories with 700 file perms (umask 077) even though umask is 022.
Mount resource configuration: Mount MNT_est-ax100-d_mqdata01 ( Critical = 0 MountPoint = "/.stateless/tmpfs/data/VCS/t/mqdata01" BlockDevice = "nfsserver:/vol/nfsv4_vol01/mqdata01" FSType = nfs4 MountOpt = "sec=sys" CreateMntPt = 2 MntPtPermission = 755 MntPtOwner = root RecursiveMnt = 1 ) The following message is seen in engine_A.log:
Mount:MNT_t_mqlog01:online:MountPoint </.stateless/tmpfs/data/VCS/t/mqlog01> successfully created
2011/10/21 13:09:15 VCS WARNING V-16-10031-5558 (test01) Mount:MNT_t_mqlog01:online:MountPoint </.stateless/tmpfs/data/VCS/t/mqlog01> created with default permission masks 077. It may not be accessible to all users
The actual mount point may appear to have the expected permissions as it reflects the permissions of the mounted file system, but it and its parent directories are created with umask 077 whereas root's default umask is 022 as per .profile.
[]# find -exec ls -ld {} \;|grep VCS
drwx------ 3 root root 60 Oct 21 13:09 ./VCS
drwx------ 4 root root 80 Oct 21 13:09 ./VCS/t
drwxr-xr-x 2 mqm mqm 4096 Oct 21 11:58 ./VCS/t/mqdata01
-rw-rw-r-- 1 mqm mqm 0 Oct 20 16:42 ./VCS/t/mqdata01/file
-rw-rw-r-- 1 mqm mqm 0 Oct 21 11:58 ./VCS/t/mqdata01/file2
drwxr-xr-x 2 mqm mqm 4096 Oct 20 16:00 ./VCS/t/mqlog01
/etc/profile:
if [ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ]; then
umask 002
else
umask 022
fi
Defining the umask to be 022 in the vcsenv file does not change this behavior.
Error
VCS WARNING V-16-10031-5558 (test01) Mount:MNT_est-ax100-t_mqlog01:online:MountPoint </.statelite/tmpfs/data/VCS/est-ax100-t/mqlog01> created with default permission masks 077. It may not be accessible to all users.
Environment
"Stateless Linux" systems running RedHat Enterprise Linux 5.6
VCS 5.1SP1RP2
/var file system mounted read-only
Cause
/var is read-only, preventing VCS from creating the /var/VRTSat directory structure and files.
Solution
strace was run on the 'hastart' command and it showed that the 'had' process was prevented from creating the /var/VRTSat directory. In addition, VCS needs to be able to create a lock file under /var/VRTSat.
Once /var was changed to be read/write, VCS was able to perform correctly with respect to /var/VRTSat and the Mount agent created the mount point directory tree with the correct permissions.
As per the following whitepaper for configuring VCS on Stateless Linux, /var has to be rw:
http://www.symantec.com/business/support/index?page=content&id=DOC4040
|
|
Article URL http://www.symantec.com/docs/TECH178696
Terms of use for this information are found in Legal Notices
Thank you.