Readme File for IBM® Spectrum
Symphony 7.2.0.2 Interim Fix 503885
Readme File for: IBM Spectrum Symphony
Product Release: 7.2.0.2
Update Name: Interim Fix 503885
Fix ID: sym-7.2.0.2_x86_64_build503885
Publication Date: October 31, 2018
When you start
a host in an IBM Spectrum Symphony cluster with the "egosh ego start"
command, the egosh binary is assigned the SUID of the root user and started as
root. For users who don’t require root permission, this root access is a
potential security issue.
This enhancement
introduces the “egocontrol ego start”
command to start a host in the cluster. The SUID of the root user can be set on
the egocontrol binary, this enables the egosh binary
to be started as a non-root user.
Contents
1.
List of fixes
2.
Download location
3.
Product and components affected
4.
Installation and configuration
5.
Uninstallation
6.
List of files
7.
Copyright and trademark information
1.
List
of fixes
APAR: P102755
2.
Download
location
Download interim fix 503885 from the
following location: https://www.ibm.com/eserver/support/fixes/
3.
Product
and components affected
Component name, Platform, Fix ID:
PMC, Linux x86_64, sym-7.2.0.2_x86_64_build503885
4.
Installation
and configuration
a. Log on to each host in your cluster which will
run the “egosh ego start” command to start a host and decompress the sym-7.2.0.2_x86_64_build503885.tar.gz file to the top-level installation directory.
For example, enter:
>
tar zxfo sym-7.2.0.2_x86_64_build503885.tar.gz -C
$EGO_TOP/
The
egocontrol binary will be installed to
the $EGO_TOP/3.6/linux-x86_64/bin folder.
b.
As the root user, grant permissions to the egocontrol binary as follows:
> chown root egocontrol
> chmod 700 egocontrol
> chmod u+s egocontrol
> setfacl -m u:CLUSTERADMIN:x egocontrol
5.
Uninstallation
To uninstall this interim fix in
your cluster, log on to each host where you installed this update and delete the egocontrol
binary at $EGO_TOP/3.6/linux-x86_64/bin.
6.
List
of files
3.6/linux-x86_64/bin/egocontrol
7.
Copyright
and trademark information
© Copyright IBM
Corporation 2018
U.S. Government
Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP
Schedule Contract with IBM Corp.
IBM®, the IBM
logo, and ibm.com® are trademarks of International Business Machines Corp.,
registered in many jurisdictions worldwide. Other product and service names
might be trademarks of IBM or other companies. A current list of IBM trademarks
is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.