there were some errors reading the secure file on one of the appservers. is there a mapping in users.local on your appservers for the os user running the install ?
there is no entry for the local user running the installation. do I need to have an entry for local user in users.local file and then re running the installer will fix the issue ?
Also what cause failure in reading secure file ?
1 of 1 people found this helpful
yeah - unless the nsh client is configured to use a nsh proxy it's going to send the os user name to the rscd so there needs to be a mapping.
?being mapped to a user that can't read it.
1 of 1 people found this helpful
Thanks Bill for your valuable suggestion. You are simply awesome as usual.
This is what I did and issue is fixed.
made required entry for the user invoking the installation in users.local file
re run the compliance content installer
this is on the docs page btw:
The OS user running the installer must also be granted root privileges through the users.local file on the BMC Server Automation Application Server and needs write access to the Applications Servers and File Server storage location. For example, if you are logged onto the OS and you started the Compliance Content installer as Administrator, you need to have an entry such as the following in the users.local file on the Application Server(s) and File Server targeted by the installer:
Administrator rw,map=Administrator,hosts=<ip of system running content installer>
Or, if you are running the Compliance Installer as root:
root rw,map=root,hosts=<ip of system running content installer>
If the system that you are running the Compliance Content Installer from is configured to use a NSH proxy, you must ensure that the profile name used to authenticate in the Compliance Content Installer is configured in the local secure file as described in Setting up the Network Shell client to run in proxy mode.
I have a small question here
administrator/root users are the super user of OS and they have full access then why do we need explicitly mentioned that ?
because it's not talking to the local os. it's talking to the agent. so you need to have a mapping setup...it's not using /foo/bar as the path, it's using //server/foo/bar. doesn't matter if it's communicating to the agent on itself, or another server, rscd rules apply here so you need the mapping.
We have the same issue during compliance content installation and mapped the required user in user.local file but still same issue.
I would like to inform you that appserver installed in /BBSADATA/bmc/bladelogic/ (different path) and also trying to install content at same path.
Attached the log file and screen shot.
Please help to resolve the issue.
Env details :
App server OS : Linux
Appserver installed : different location (other mount point :- /BBSADATA/bmc/bladelogic/)
Version : 8.6.*
Compliance Content Installation Path :- /BBSADATA/bmc/Content/
log.txt 1.0 MB
Please help above issue.
ERROR: blcli_execute ContentImportExport importTemplates l /BBSADATA/bmc/Content/ContentInstalltmp/sox/SOX.zip /SOX Compliance Content/SOX/SOX Data Security Standard - AIX, /SOX Compliance Content/SOX/SOX Data Security Standard - HPUX, /SOX Compliance Content/SOX/SOX Data Security Standard - RedHat Linux, /SOX Compliance Content/SOX/SOX Data Security Standard - Solaris10, /SOX Compliance Content/SOX/SOX Data Security Standard - Solaris8-9, /SOX Compliance Content/SOX/SOX Data Security Standard - SUSE 9-10 Linux, /SOX Compliance Content/SOX/SOX Data Security Standard - Windows Server 2003 returned error code. Result is:
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/sox/SOX.zip (Permission denied)
Same for all the others:
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/cis/CIS.zip (Permission denied)
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/disa/DISA.zip (Permission denied)
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/hipaa/HIPAA.zip (Permission denied)
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/pci/PCI.zip (Permission denied)
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/pciv2/PCIv2.zip (Permission denied)
Root Cause: /BBSADATA/bmc/Content/ContentInstalltmp/pciv3/PCIv3.zip (Permission denied)
What is in your exports, users and users.local files?
Please find the attached screenshot for exports, users and users.local files & would like to highlight here that BSA is not installed in /opt/bmc/ path, its in /BBSADATA/bmc/bladelogic/ path.
We have done umask setting as per below KB but still having same issue and in our env umask was 0077 and replaced with 0022.