On Redhat 6, wrong user may be logged for some GUI operations / BoKS daemons

 

Issue description

 

There are 2 issues described in this article, both affecting Redhat 6:

1) If BoKS is started by hand on Redhat 6, certain operations performed in the administration GUI are falsely logged as
being performed by the user that started BoKS rather than the user that logged in for the GUI session.

2) If BoKS is Booted by a user on Redhat 6, logs from some BoKS daemons are reported with the name of that user
and not root.

These issues are caused by the system getlogin() function being changed in RedHat 6 to return the name of the user
originally logged in when starting the process. The corresponding uid is saved in /proc//loginuid.

 

Resolution / Workaround

 

Apply hotfix HFBM-0052, available for download from the HelpSystems Community Portal.

This hotfix makes boks_init (which starts all other BoKS daemons) reset the value in
/proc//loginuid.

This will make the getlogin() behave as in earlier versions of RedHat, so the user in
audit logs made by GUI operations is now logged as the user who logged in to the GUI,
and BoKS daemons are logged with the root user.
 
To solve issue 1), this hotfix only needs to be applied on the Master/failover Master.

To solve issue 2), this hotfix must be applied on all machines.

Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: November 15, 2019