Mount agent creates mount point directory tree with umask 077 when RecursiveMnt attribute is enabled

Article:TECH178696  |  Created: 2012-01-11  |  Updated: 2012-01-11  |  Article URL http://www.symantec.com/docs/TECH178696
Article Type
Technical Solution

Product(s)

Environment

Issue



The RecursiveMnt option for Mount resource, creates directories with 700 file perms (umask 077) even though umask is 022.

Mount resource configuration:

Mount MNT_est-ax100-d_mqdata01 (
		Critical = 0
		MountPoint = "/.stateless/tmpfs/data/VCS/t/mqdata01"
		BlockDevice = "nfsserver:/vol/nfsv4_vol01/mqdata01"
		FSType = nfs4
		MountOpt = "sec=sys"
		CreateMntPt = 2
		MntPtPermission = 755
		MntPtOwner = root
		RecursiveMnt = 1
		)

The following message is seen in engine_A.log:

 Mount:MNT_t_mqlog01:online:MountPoint </.stateless/tmpfs/data/VCS/t/mqlog01> successfully created
2011/10/21 13:09:15 VCS WARNING V-16-10031-5558 (test01) Mount:MNT_t_mqlog01:online:MountPoint </.stateless/tmpfs/data/VCS/t/mqlog01> created with default permission masks 077. It may not be accessible to all users

The actual mount point may appear to have the expected permissions as it reflects the permissions of the mounted file system, but it and its parent directories are created with umask 077 whereas root's default umask is 022 as per .profile.

[]# find -exec ls -ld {} \;|grep VCS
drwx------ 3 root root 60 Oct 21 13:09 ./VCS
drwx------ 4 root root 80 Oct 21 13:09 ./VCS/t
drwxr-xr-x 2 mqm mqm 4096 Oct 21 11:58 ./VCS/t/mqdata01
-rw-rw-r-- 1 mqm mqm 0 Oct 20 16:42 ./VCS/t/mqdata01/file
-rw-rw-r-- 1 mqm mqm 0 Oct 21 11:58 ./VCS/t/mqdata01/file2
drwxr-xr-x 2 mqm mqm 4096 Oct 20 16:00 ./VCS/t/mqlog01

/etc/profile:
if [ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ]; then
        umask 002
else
        umask 022
fi

Defining the umask to be 022 in the vcsenv file does not change this behavior.

 


Error



VCS WARNING V-16-10031-5558 (test01) Mount:MNT_est-ax100-t_mqlog01:online:MountPoint </.statelite/tmpfs/data/VCS/est-ax100-t/mqlog01> created with default permission masks 077. It may not be accessible to all users.


Environment



"Stateless Linux" systems running RedHat Enterprise Linux 5.6

VCS 5.1SP1RP2

/var file system mounted read-only


Cause



/var is read-only, preventing VCS from creating the /var/VRTSat directory structure and files.


Solution



strace was run on the 'hastart' command and it showed that the 'had' process was prevented from creating the /var/VRTSat directory.  In addition, VCS needs to be able to create a lock file under /var/VRTSat.

Once /var was changed to be read/write, VCS was able to perform correctly with respect to /var/VRTSat and the Mount agent created the mount point directory tree with the correct permissions.

As per the following whitepaper for configuring VCS on Stateless Linux, /var has to be rw:

 http://www.symantec.com/business/support/index?page=content&id=DOC4040

 

 





Article URL http://www.symantec.com/docs/TECH178696


Terms of use for this information are found in Legal Notices